{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
Berserk Bear, best known in the U.S. for a years-long campaign to breach U.S. energy companies, has been busy in Europe, too. U.S. law enforcement nabs another FIN7 suspect. And EasyJet faces a big lawsuit. This is CyberScoop for Wednesday, May 27.

An old (Russian) foe threatens German infrastructure

Berserk Bear — a Russian-government-linked hacking group — has stalked German energy companies for years. This month, German intelligence and security agencies told the firms to avoid becoming complacent. The agencies’ memo cites evidence of “longstanding compromises” of German firms that investigators uncovered earlier this year. The hackers are pursuing smaller companies in the supply chains of larger corporations, which typically have stronger defenses. Sean Lyngaas had the scoop.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Another FIN7 arrest

A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, the syndicate known for stealing approximately $1 billion from victims in the United States. Denys Iarmak has been charged with conspiracy to commit computer hacking and accessing a protected computer to commit fraud, among other wire and bank fraud-related charges. In September, an accused administrator working for FIN7 pleaded guilty to hacking-related crimes in Washington. Shannon Vavra has the court documents.

Lawyers always seem to recognize a good data breach

A British law firm, PGMBM, announced Tuesday it filed a lawsuit against EasyJet, the largest airline in the U.K., in connection with a security incident in which details about 9 million people were exposed. The firm is seeking up to £18 billion ($22 billion), including up to 30% in fees, or roughly £5.4 billion ($6.6 billion), for itself. The suit in London’s High Court follows similar legal action against British Airways, which announced its own data breach in 2018. The U.K. Information Commissioner’s Office also said it is investigating the incident. Jeff Stone explains.

Coalition Against Stalkerware grows

The Coalition Against Stalkerware says it has added 11 members, including F-Secure, the Illinois Stalking Advocacy Center, the Commonwealth Peoples’ Association of Uganda, and the Cyber Peace Foundation. The coalition, which already counts among its founding members Kaspersky, Malwarebytes, and the Electronic Frontier Foundation, was founded last year to protect people against the kind of commercially available software that can enable partner surveillance and abuse. Other new members include AEquitas, Anonyome Labs, AppEsteem Corporation, bff Bundesverband Frauenberatungsstellen und Frauennotrufe, Centre Hubertine Auclert, Copperhead, and Corrata. Here's the full announcement.

Turla hit new victims in Eastern Europe

Turla — one of the oldest cyber-espionage groups in the game — has once again breached government organizations in Eastern Europe, siphoning off sensitive data from networks. The latest operation, exposed by anti-virus company ESET, stole data from two unnamed ministries of foreign affairs in Eastern Europe and a parliament in the Caucasus region bordering Russia. It’s a page out of an espionage book that Turla has followed for years: using custom code to gather valuable information on their adversaries. Sean Lyngaas has the story.

HackerOne secured a big federal government authorization

Bug bounty platforms don’t touch much of an agency’s tech directly — they facilitate contests that allow freelance hackers to get paid for finding vulnerabilities. But as with any IT-related business, things are changing, and bug bounty companies are looking for ways to expand what they offer and how they offer it. With that in mind, an otherwise low-level FedRAMP authorization for HackerOne is a sign that the industry is updating its approach to the federal government. It's related to a decision by the Cybersecurity and Infrastructure Security Agency requiring agencies to have vulnerability disclosure programs that allow outsiders to report bugs to the government in an organized, official way. Dave Nyczepir covered it at FedScoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}