{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
The FBI has evidence that an FSB asset introduced the man accused of hacking LinkedIn, and the guy who allegedly tried selling the stolen data. The election commission just hired a security expert to help states prepare for November. And more on how coronavirus is impacting the infosec community. This is CyberScoop for Friday, March 13.

Russian scammers got to work after the LinkedIn, Formspring breaches

The trial of Yevgeniy Nikulin took an interesting turn this week when attorneys alleged he reached out to others after hacking LinkedIn and Formspring in 2012. Prosecutors say he worked with a number of co-conspirators to gather and attempt to sell that data, including Nikita Kislitsin, who allegedly tried selling stolen Formspring data before he became an executive at Group-IB, and Alexsey Belan, a Latvian man who made the introduction between Nikulin and Kislitin. In a recent filing, the government reproduced an email conversation in which, prosecutors say, Kislitsin was trying to sell the stolen Formspring data, and wanted Belan to vouch for Nikulin’s trustworthiness. Belan was accused in 2017 of helping Russian FSB officers access hacked Yahoo accounts for their own intelligence-gathering purposes. Jeff Stone has the court documents.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Election commission adds cyber talent

The Election Assistance Commission, a tiny agency that plays a big role in securing elections, is bringing in a security professional with years of experience in voting technology. Joshua Franklin is expected to not only protect the EAC’s networks from hackers, but also work with state and local officials to protect their infrastructure ahead of November. Franklin's hire is part of an effort to seize on momentum that picked up when Congress authorized an additional $6 million in funding for the agency in 2020. Sean Lyngaas had the scoop.

Watch out for coronavirus spearphishing

Cybercriminals and nation-state actors continue to exploit fears about the novel coronavirus, sending malware-laced emails that appear to be from legitimate health authorities, according to several different cybersecurity companies. In Iran, the health ministry urged victims to download an app to help track COVID-19 symptoms, when in reality it delivers spyware, Recorded Future found. FireEye found Chinese actors targeting Mongolian entities with POISONIVY. Check Point and BAE Systems are also on the case of Chinese hackers using coronavirus lures. Shannon Vavra wrapped it all up.

Russia's troll farm returns with an eye on racial divisions

The Internet Research Agency, the Russian troll farm responsible for interference in the 2016 U.S. presidential election, has outsourced its activities in 2020 to Ghana and Nigeria, Facebook said in an announcement Thursday. It wasn’t clear that the new behavior was focused on elections or political candidates, according to the company, but many of the topics mimicked those the IRA exploited in the buildup to the 2016 election, such as police brutality, oppression, injustice. The topics also focused on U.S. news, black history, black fashion, black excellence, celebrity gossip, historical figures, and LGBTQ issues. Shannon has the news.

Illinois health agency alerts patients to ransomware attack

Workers at the Champaign-Urbana Public Health District discovered Tuesday that they were victims of a cyberattack, which was confirmed as ransomware the following day. While the website has been disabled, the agency’s email accounts, environmental health records and patient records were not impacted, having been moved to a cloud-based backup storage system. The ransomware has been identified as NetWalker, a relatively new form of malware that targets enterprises running on Microsoft Windows 10. Since the attack, the health district has moved most announcements related to the coronavirus to its Facebook page, and has also established a backup website with alerts about the pandemic while it restores its main page. That should take about a week. Benjamin Freed has more at StateScoop.

Europol busts 2 SIM-swapping rings

Police in Europe have arrested 26 people in an effort against two gangs of scammers who would take over victims’ phones, then steal financial and personal data from the devices. Law enforcement in Spain and Romania, in coordination with Europol, arrested 12 and 14 people, respectively, in actions against two distinct groups of SIM swappers. SIM swapping occurs when thieves convince phone companies to give them access to an individual’s phone number, often by impersonating the victim during a call with a customer service representative. The group in Spain stole more than €3 million ($3.34 million) in a series of 100 attacks. Jeff had the announcement.

Marc-Etienne Léveillé on Linux malware

Marc-Etienne Léveillé, senior malware researcher for ESET, talks with CyberScoop Editor-in-Chief Greg Otto about all the different Linux malware he sees being used. Both sophisticated actors and amateur hackers are going after various flaws in the operating system. "We have seen very very advanced stuff," Léveillé told CyberScoop at the 2020 RSA Conference. "And we have seen very like low-hanging fruit, like commodity malware. Watch here.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}