{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
John Bolton dishes on cybersecurity policy in his new book. "Blue Leaks" looks to dump data on cops. A ‘malware’ attack hits a big health care provider outside Philly. This is CyberScoop for Monday, June 22.

Inside the cyber portions of John Bolton's book

In his new book, former national security adviser John Bolton says that squabbling amongst Trump administration officials hobbled the White House’s efforts to issue new policies that shaped the U.S. government’s offensive and defense cyber-operations. Although Bolton eliminated the cybersecurity coordinator role, he portrays himself as being crucial to pushing updates to the U.S. government’s cyber policies, while portraying other officials as impediments to progress. He also paints President Donald Trump as preoccupied and angered by cybersecurity-related issues, as well as all too willing to use hacking to prop up his political goals in negotiations with China and Ukraine. Shannon Vavra has it all.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Here's what 'Blue Leaks' is about

The “Distributed Denial of Secrets” group marked Juneteenth, the June 19 holiday marking the end of slavery in the U.S., by publishing a searchable database containing 269 GB of data apparently stolen from more than 200 law enforcement agencies. The database, which the group has named “Blue Leaks,” appears to contain police training materials, police safety guidelines and protest containment strategies. The file appear to originate with a Texas web development firm that provides services to police information sharing centers. Jeff Stone has the latest.


How Oak Ridge National Lab DevSecOps team mobilized amid pandemic

When the coronavirus pandemic required federal offices to start closing, Oak Ridge National Laboratory — the largest Department of Energy science and energy laboratory — all but 1,000 of the lab’s 6,000 staff suddenly needed to conduct their work remotely. The lab’s IT department was forced to quickly implement solutions to maintain continuity of operations while also supporting a newly mobile workforce. Oak Ridge National Laboratory’s CISO shares steps the research institute took to ensure security and integrity of its data.

Listen to more from Kevin Kerr.

Another health care organization needs a security prescription

The computer systems of Crozer-Keystone Health System, which owns four hospitals in the Philadelphia suburbs, were hit with an attack, a spokesman for the organization confirmed Friday. Crozer-Keystone was mum on details on the attack, but did say they had “isolated the intrusion.” It was unclear what impact, if any, the incident had on the hospitals. A nascent ransomware gang known as NetWalker, which has had a habit of attacking health organizations, claimed responsibility. Sean Lyngaas has the details.

NSA tests a plan to secure web technology

In an effort to protect the U.S. defense industrial base from hacking threats, the National Security Agency has launched a pilot program on securing Domain Name System use for contractors. The NSA’s secure DNS pilot is meant to provide secure services to small- and medium-sized companies working on Department of Defense weapons technologies, says Anne Neuberger, the chief of the NSA’s Cybersecurity Directorate. The pilot comes amid a broader push from the U.S. government to bolster government defenses against threat actors’ efforts to exploit DNS. Shannon Vavra walks through it.

This time, hackers are behind a Wells Fargo fraud campaign

Hackers at aiming to infect Wells Fargo customers with malicious software by sending phishing emails that appear to be from members of the bank's security team. Some 15,000 people have received messages that contain malicious calendar invites which direct recipients to websites where visitors are prompted to enter their username, password, banking PINs and account data, according to Abnormal Security. In a statement to CyberScoop, Wells Fargo says it's aware of the effort. "We encourage our customers who receive suspicious emails to not respond, click on any links, or open any attachments in any format," the bank said. Find the full explanation here.

Web skimming is becoming even more annoying

Web skimming — injecting commerce sites with code to steal data — is a well-worn tradition for cybercriminals. Kaspersky researchers just revealed a twist to the technique. Instead of redirecting stolen data to third-party sources, hackers are sending it to official Google Analytics accounts. It allows them to cover their tracks, in part because the Analytics accounts are something legitimate sites use to track users. Scammers used this technique to hit two dozen websites around the world, including stores selling food products and cosmetics in Europe and North and South America. Here's the blog.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}