{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A company with six-figure contracts with U.S. cities also has serious security problems, researchers found. Someone used Facebook to masquerade as a Politico bureau in France. And Microsoft expands free election security services in the face of the coronavirus pandemic. This is CyberScoop for Friday, April 3.

Zero-days lurk in software sold to municipalities

It wasn’t your typical security test for Quentin Rhoads-Herrera. His client, a big city government, handed him the source code for software it was using to track infrastructure projects. He found more than a dozen previously unknown vulnerabilities. But the story didn’t stop there. He found out other municipalities were using the bug-ridden software, too. With cities under siege from ransomware attacks, any software flaws on city systems could present a liability. Sean Lyngaas has the exclusive story.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

This is starting to get ugly

Two Facebook representatives approached NSO Group in 2017 asking to purchase rights to use the infamous surveillance software to monitor its users, according to court documents filed this week in an ongoing lawsuit between the two companies. The Facebook representatives specifically told NSO Group they wanted to monitor users on Apple devices, NSO Group CEO Shalev Hulio said, according to court documents obtained by CyberScoop. The disclosure of Facebook's request, which NSO Group denied because Facebook is not a government, appeared to be part NSO Group's planned defense in the WhatsApp lawsuit: that it only sells its products to governments. Shannon Vavra has more.

Insights from Facebook's latest takedown

The social media company on Thursday announced it removed 180 Facebook accounts, 170 Instagram accounts, 160 groups and one page for violating company policies around coordinated inauthentic behavior. The activity involved unrelated campaigns targeting elections in France, Egypt and Russian efforts to launder information operations through accounts based in Africa, first detailed last month. In this case, the company says it found a network of 51 accounts, nine pages and nine Instagram accounts linked to the Sète region of France. The accounts weighed in on municipal elections, criticizing some candidates while praising others and discussing contentious topics like immigration. In at least one case, an account was masquerading as a Politico bureau. Jeff Stone has more details.

Microsoft expands election security work

Microsoft says it will offer free email threat detection and some incident response services to state and local election officials. The announcement comes as part of Microsoft’s two-year-old Defending Democracy Program, a suite of election-security products that the company has been providing to campaigns and officials in the U.S. and abroad. Microsoft also issued recommendations it said election officials should adopt as they adjust their procedures to the COVID-19 public health crisis. The pandemic already has led to several states postponing primary elections and expanding the use of absentee and mail-in ballots to avoid voters clustering at polling places at a time when people are being urged to stay at home. Benjamin Freed covered it at StateScoop.

New podcast: What COVID-19 means for your security

It didn't take long for hackers, scammers and spies to start exploiting coronavirus concerns for their own gain. In the latest episode of Securiosity, the whole CyberScoop staff dialed in from self-isolation to share notes about different phishing techniques, malicious apps, and all the ways that the good guys are trying to stop them. Stick around for the end, where we debate what this all means for the future of the larger cyber sector. Listen here.

Twitter discloses an odd little bug

Twitter said on Thursday that, in very specific circumstances, Mozilla Firefox may have stored some users' data for up to seven days without their knowledge. If Twitter users logged onto the social media site through Firefox on a shared computer, then logged out, some of their information may have been visible to other people who also used Twitter on that browser. No personal information was involved. Twitter didn't say exactly what caused the oversight, but it looks like Firefox was the only browser that did this. Here's the full explanation.

Europol says dark web sales have stabilized since coronavirus struck

European law enforcement agency Europol said in a report Friday that illicit transactions have returned to normal on hidden internet forums after dcoronavirus-related disruptions. Attackers are continuing to offer ransomware, even pushing new hacking tools meant to accelerate payments. "The period between the initial infection with ransomware and the activation of the ransomware attack is shorter," the report said. "Criminals do not wait for the ideal moment to launch the attack but try as soon as possible." Cops also are keeping an eye out for an uptick in child sexual exploitation enabled by these sites, and changes in narcotics sales. Read the full report.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}