{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A long-term surveillance campaign re-tooled to leverage COVID-19 anxieties. An influential venture capital firm predicts fewer deals for security startups. And how Huntress Labs duped a hacker into giving himself up. This is CyberScoop for Thursday, March 19.

Have investors had their fill of cyber startups?

Venture capital investment in security startups in the first two months of 2020 is down from years past. The downward trend started gaining steam in 2019 and continued into the beginning of 2020, even before the COVID-19 pandemic sent the economy into a freefall. Forty-three venture capital deals have closed so far this year, compared to 103 deals in the first two months of 2018, and 91 deals over the same period in 2019, according to research from DataTribe, a venture capital firm known for its investments in security businesses like Dragos and Enveil. Cyber deals fell by 12.9% last year from 2018, a drop DataTribe blamed on the trade war between the U.S. and China, geopolitical instability, particularly in Iran, and uncertainty in the U.S. surrounding the impeachment of President Donald Trump. Jeff Stone has the report.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Spies are exploiting COVID-19, too

The novel coronavirus pandemic is a gift to scammers, grifters and hackers. In that latter category, it’s not just opportunistic cybercriminals looking to make a buck. Research published Wednesday by mobile security firm Lookout lays out a long-term surveillance campaign against people in Libya that only recently moved to exploit the health crisis. “In terms of other mobile malware that has been seen taking advantage of COVID-19 fears, this is the most invasive I’ve seen,” Lookout’s Kristin Del Rosso told CyberScoop. Sean Lyngaas has the latest.

More malware screening for Google’s high-risk users

Google is automatically enrolling members of its “Advanced Protection” program, which provides a hardware token as a second authentication factor, into a mobile malware screening service, the tech giant announced Wednesday. It’s an added layer of protection for “high-risk” users that Google markets its Advanced Protection program to: political campaigns, business executives, and journalists. “[W]e’re now blocking the majority of these non-Google Play apps from being installed” on devices with Advanced Protection, Google’s Roman Kirillov wrote in a blog. Here's what it means.

How Huntress Labs tricked a hacker

Huntress Labs Co-Founder and CEO Kyle Hanslovan talks with CyberScoop Editor-in-Chief Greg Otto on how his company found a hacker breaking into a managed service provider’s network, then socially engineered the group into turning themselves in. “We got [the hacker] to give up a screenshot,” Hanslovan told Otto at the 2020 RSA Conference. “From the screenshot, we were able to derive not only the victim customers, but the actual compromised MSP, notified the compromised MSP, and helped them clean up.” Get the full story here.

Hackers tried exploiting two Trend Micro flaws

Trend Micro fixed vulnerabilities in two security products, Apex One and OfficeScan, that hackers had leveraged to try to attack unwitting organizations. Trend Micro issued the "critical patches" on Monday to avoid zero-day attacks, which could have allowed remote code execution, or enable an attacker to manipulate client machines. Both issues require valid user credentials for exploitation, Trend Micro said. "However, even though an exploit may require several specific conditions to be met, due to the critical nature of these vulnerabilities, Trend Micro strongly encourages customers to update to the latest builds as soon as possible," the company said. Here's the advisory.

Another coronavirus-themed email scam

The San Francisco-based software company Abnormal Security advised that attackers are using the fact that students and staff are “likely highly attuned to any news about a university’s response to the outbreak, and thus are more likely to engage with an email about it.” The bulletin warned of another phishing campaign trying to play on anxieties over the coronavirus pandemic, this one aimed at college students and faculty members. By creating an email that looked as though it was coming from a university’s board of trustees with important information from the institution’s “health team,” attackers directed victims to a fake Microsoft Office 365 page that tried collecting their password. Betsy Foresman has the EdScoop story.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}