{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
U.S. prosecutors unseal charges related to an alleged North Korean cybercrime spree. More new faces thinking about cyber at the Department of Homeland Security. A flaw in a popular video software is now fixed. And a Nigerian man was sentenced to a decade in prison for an email scam. This is CyberScoop for Wednesday, Feb. 17.

US accuses North Korean hackers of new crimes

Prosecutors unsealed an indictment on Wednesday charging three North Korean computer programmers with a criminal conspiracy tied to some of the nation’s most prominent alleged hacking campaigns, including the 2014 Sony attack, the 2016 Bangladesh bank heist and the 2017 WannaCry outbreak. In all, the conspiracy was meant to steal and extort more than $1.3 billion from financial institutions and companies, the U.S. Department of Justice said. Tim Starks is on the case.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Maurer set to advise Mayorkas at DHS on cyber

The Biden administration keeps picking up big think-tank names, with the Department of Homeland Security snagging Tim Maurer, director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace. He'll be a senior political appointee in the role of senior counselor for cybersecurity Secretary Alejandro Mayorkas. That's a role other prominent people have held in the department at one point or another — the likes of Chris Krebs, Jeanette Manfra and Bruce McConnell. Maurer's specialty at Carnegie has been cybersecurity in the international and financial service spheres. Tim had the scoop.

More personnel moves at DHS, too

Nitin Natarajan is joining the department as deputy director of the Cybersecurity and Infrastructure Security Agency. He comes over from his job as director at Avantus Federal in the homeland security and federal civilian markets. He previously served as director of critical infrastructure policy at the White House's National Security Council. Here's his full resume.

When private calls aren’t private

An error in an Agora.io video calling software development kit (SDK) could have allowed hackers to spy on private video and audio calls through services including eHarmony or Talkspace, according to McAfee research published Wednesday. The flaw is accounted for in a mid-December update from the company, but If an attacker had found out about the issue, they could have seen that sensitive call information used to initiate calls was being sent over plain text, according to McAfee. Attackers could have sniffed network traffic to obtain information about calls of interest and then secretly join the call with no signal to targeted users, researchers found. Shannon Vavra breaks it down.

Gone phishing

A Nigerian national, Obinwanne Okeke, has been sentenced to 10 years in prison for allegedly coordinating an international spearphishing campaign that has cost victims approximately $11 million in losses. The scheme, which lasted from 2015 to 2019, targeted Unatrac Holding Limited, a British firm that acted as the export sales office for Caterpillar, with fake invoices and wire transfer requests. The scammers allegedly wormed their way into the company by first targeting the CFO with a spearphishing email. Shannon Vavra has more.

Examining election security’s supply chain

A new Center for Internet Security report aims to simplify the process for election technology vendors securing the supply chains they use in developing the products they sell to state and local officials. The guide takes on added relevance in the wake of the so-called SolarWinds hack, a suspected Russian espionage operation that breached the software supply chains of numerous federal agencies, corporations and state governments. There is no evidence the SolarWinds hack affected any U.S. election systems, the acting head of the Cybersecurity and Infrastructure Security Agency said Feb. 3, but the sheer amount of hardware and software used in the voting process leaves it vulnerable to similar compromises, said Aaron Wilson, a senior director for election security at CIS and one of the report’s authors. StateScoop’s Benjamin Freed looks closer.

No need for a snow day when ransomware is around

A community college in North Carolina already limited by the pandemic’s remote-learning conditions is being further challenged after a ransomware attack last week disabled systems needed for online learning and forced its employees off campus. Central Piedmont Community College, an institution with about 50,000 students in Charlotte, North Carolina, tweeted on Tuesday that Kandi Deitemeyer, the college’s president, had posted an update to the college’s website about the “incredibly difficult time” students were facing, particularly after the ransomware attack discovered last Wednesday. Colin Wood explains at StateScoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}