{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A rare flaw in Apple's Mail app made it possible for attackers to steal data from a range of high-profile victims. Government-linked hackers in Vietnam are focused on China's coronavirus response. And DOJ is trying to keep up with pandemic scams in the U.S. This is CyberScoop for Thursday, April 23.

A major Apple flaw exploited

A zero-day vulnerability in Apple’s Mail application for iOS has been used to target high-profile victims around the world for more than two years, according to ZecOps researchers. The attack is triggered by sending emails that consume a “significant amount” of a device’s memory. From there, hackers could gain access to email accounts via Mail, gaining the ability to leak, modify, or delete emails. Researchers said that individuals at a U.S. company in the Fortune 500, managed security service providers from Saudi Arabia and Israel, an executive in Japan, a journalist in Europe, and a high-profile individual from Germany were among the accounts targeted via the vulnerabilities. Shannon Vavra has the story.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Vietnamese hackers turn to China

Hackers working on behalf of the Vietnamese government have been targeting Chinese government organizations tasked with managing the country’s response to the coronavirus pandemic, FireEye says. Attackers specifically sent spearphishing emails laced with METALJACK malware to employees at China’s Ministry of Emergency Management and the government of Wuhan, where the virus is believed to have originated. The malware, which was delivered via phishing emails, eventually gets loaded into memory. The hackers, which FireEye suspects to be a group called Ocean Lotus or APT32, are just the latest state-backed hacking operation that has pivoted to targeting the health care sector or coronavirus-related organizations in recent months. Shannon has more details.

DOJ works to stop coronavirus scam surge

Federal officials announced that ongoing cooperation between the government and a range of technology companies has resulted in the removal of hundreds of websites that included “coronavirus,” “covid19” and related phrases in their names. The goal, the Justice Department said, is to curb fraudulent sites that prey on pandemic anxieties to distribute malware, solicit donations or steal personal data. The FBI has received and reviewed more than 3,600 complaints related to coronavirus scams, mostly in connection with fake cures and fraudulent vaccines. Bureau officials previously estimated that the Internet Crime Complaint Center receives between 3,000 and 4,000 complaints per day, up from a prior average roughly 1,000 per day, though not all alerts are regarding the pandemic. Jeff Stone has more context.

Zoom's security sprint is taking shape

The next version of Zoom, to be released this week, will have stronger encryption for data sent between participants in a meeting to prevent tampering, the Silicon Valley-based company said. The software will also allow Zoom account administrators to choose which parts of the world they route their data through. The upgrade follows a report from the University of Toronto’s Citizen Lab that found Zoom routed some meeting encryption keys through China. Some 200 million people use the app daily, up from roughly 10 million before the coronavirus pandemic resulting in widespread telecommuting. Sean Lyngaas breaks it down.

Hackers leak California city's data after breach

Officials in Torrance, California, last month said none of their roughly 145,000 residents’ personal data was compromised last month when the city was hit by a cyberattack that disabled municipal websites and online payment services. Hackers seemed to prove the claim wrong this week, though, when they offered up to 200 gigabytes of stolen data apparently stolen from city systems. Hackers behind a ransomware variant known as DoppelPaymer have started leaking documents stolen from Torrance on both a publicly accessible website and dark web forums, in hopes of collecting a bounty of 100 bitcoin — or about $700,000 — from the Los Angeles suburb. Benjamin Freed has the StateScoop story.

So that's settled

A lawsuit filed in the wake of a controversial cybersecurity presentation last year has ended with a whimper. Crown Sterling, which described itself as an “emerging digital cryptography” company, has entered into a confidential settlement with the company behind the Black Hat security conference. In a lawsuit filed last year, the vendor had accused Black Hat, owned by Informa Tech Holdings, of breach of contract after its content was pulled from the conference website in the aftermath of a sponsored presentation that saw independent cybersecurity researchers heckle Crown Sterling’s CEO. Despite the allegations in its lawsuit, Crown Sterling says it “recognizes the unique and important contribution of Black Hat USA and looks forward to future conferences.” Jeff covered the news.

Good bot or bad bot?

Imperva CTO Kunal Anand joined CyberScoop Editor-in-Chief Greg Otto earlier this week to talk about the company's Bad Bot Report, which looks at the rapid growth of bots and how they causing headaches for the cybersecurity industry. You can watch the full convo here.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}