{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
The CISO at the Kuwait Oil Company delves into a notorious malware strain. The chief risk officer at Goldman Sachs talks intelligence. And the trial of the accused LinkedIn hacker is set to begin. This is CyberScoop for Wednesday, February 26.

Kuwait cyber executive talks resilience in the face of Trisis

The Trisis malware that triggered the 2017 shutdown of a Saudi petrochemical plant had ripple effects for energy companies across the region. Next door in Kuwait, the fact that the attackers had targeted the safety systems that protect human life resonated deeply. “In our sector ... the safety of our employees is a priority for us,” Reem Al-Shammari, the chief information security officer at Kuwait Oil Company, said Tuesday at the RSA Conference. After the emergence of Trisis, Al-Shammari said, Kuwait’s oil companies placed more emphasis on incorporating cybersecurity checks into regular audits of safety systems used at plants. Al-Shammari also touted the ability of Kuwait’s oil companies to share threat information with one another, something that became all the more important after Trisis emerged. “If the threat actors are sharing their knowledge and they are uniting ... why not us?" Sean Lyngaas has been following Trisis.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

How North Korea re-purposes malware

Patrick Wardle, a former NSA researcher-turned Mac hacker, used a demonstration at the RSA Conference to explain how suspected North Korean hackers recycle malicious software to break into Apple machines. The so-called Lazarus Group used a hacking tool in 2016 and 2018 that tricks victims into installing a "loader." That loader is based on code that was detailed by Cylance, and in a GitHub post, an indication to Wardle that a gang from Pyongyang "either Googled this or saw the presentation about it." Wired explained in more detail.

Financial security heavyweight backs NSA's big move

When the NSA alerted Microsoft to a server vulnerability that could result in the compromise of confidential information from Windows machines, it was a signal that the spy agency isn't only focused on hoarding bugs it could exploit in the future. The move generated praise through the information security community, a refrain echoed Tuesday by Phil Venables, the chief risk officer at Goldman Sachs. "Kudos to our friends in the NSA for tipping us off to that, rather than taking the alternative," he said during a keynote speech at the RSA cybersecurity conference in San Francisco. Shannon Vavra covered the news when it happened in January.

Get ready for another crazy hacking trial

Jury selection in the trial of Yevgeniy Nikulin, a hacker accused of stealing more than 100 million usernames and passwords from LinkedIn and other companies, is scheduled to begin on March 9. Its a court battle that's more than four years in the making, after Nikulin fought extradition to the U.S., and then argued he wasn't fit to stand trial. Now, attorneys are arguing about which kinds of evidence to include at trial. The presiding judge prohibited the prosecution and defense from discussing Nikulin's finances and lifestyle during their opening statements, meaning the jury won't hear about the Russian man's appetite for expensive sports cars and cash. At least not right away. Here's our prior coverage.

Hygiene always matters, San Jose’s CIO says

Our CyberTalks event Monday in San Francisco featured some high-level conversations about how the federal agencies handle their cybersecurity business, but there also were panels geared toward state and municipal governments. Ransomware is always on their minds these days, and during one panel, the CIO of San Jose, California, said the city’s government is battling it by emphasizing basic cyber-hygiene for workers. “We still start with the human factor,” Rob Lloyd said. “The number of devices and amount of continuous data being created is no longer. ... Hygiene is core to everything.” Benjamin Freed has coverage for StateScoop.

North Dakota says “game on”

North Dakota is preparing a “capture the flag” competition for high school and college students, with the goal of getting more of them interested in cybersecurity careers. The event will run next month in conjunction with the National Integrated Cyber Education Research Center, an educational and grant-funding center based in Louisiana. Students will join red or blue teams and participate in challenges designed by NICERC. “This first-of-its-kind event is unprecedented in terms of bringing together dozens of private and public sector and military organizations to promote hundreds of exciting career opportunities across North Dakota,” state CIO Shawn Riley said. Ryan Johnston has the story for StateScoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}