{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A Russian hacking group (not the one you're thinking of) was caught targeting European diplomatic offices and companies in the U.S. The new security boss in the Pentagon's acquisition shop forced an audience to acknowledge they will be hacked. And a House panel advances an election security bill. This is CyberScoop for Thursday, October 17.

Cozy Bear has been hacking this whole time. We just didn't realize it.

One of the Kremlin-linked hacking groups that breached the Democratic National Committee in 2016 has remained active in the years that followed, even if it’s been less visible. Cozy Bear, also known as APT29, began using different malicious software and new hacking techniques after 2016, according to ESET findings published Thursday. Hackers targeted U.S. think tanks in 2017, defense contractors in 2018 and three European countries’ ministries of foreign affairs. (FireEye suggested in November that Cozy Bear was showing signs of activity.) Cozy Bear operates on behalf of either the Russian spy service SVR, as Dutch intelligence has suggested, the FSB, which is charged with counterintelligence work, according to CrowdStrike, or both. Jeff Stone has the latest.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Pentagon acquisition security boss tells contractors they will be hacked

The U.S. Department of Defense for years has tried to influence defense contractors to secure their networks against foreign hackers interested in their intellectual property. On Wednesday, Katie Arrington, a politician-turned-chief information security officer of the Pentagon’s acquisition policy office, raised the urgency of those warnings. She told a room full of contractors that they should expect to get breached, that adversaries are intent on stealing their data, and that they had to shape up if they wanted to do business with the Pentagon. The stern words come as the Pentagon prepares to implement stricter cybersecurity standards for contracting next year. Sean Lyngaas was in the audience.

Kansas attorney admits hiring a hacker for extortion

Brad Pistotnik, a Wichita personal injury lawyer known around town as "The Bull," was ordered to pay a $375,000 fine and $55,200 in restitution for his role in a cyberattack, the U.S. Department of Justice announced Tuesday. Prosecutors accused Pistotnik, 63, of hiring a software engineer to launch a flood of emails against Ripoff Report, the law service Leagle.com and other local attorneys who apparently refused to remove information that reflected badly on Pistotnik. It's not exactly clear what was included in the posts that had Pistotnik so riled up, but Ripoff Report celebrated the verdict. Local affiliates know Pistotnik well.

House panel approves plan to combat election interference

While $250 million in new election security funding may be stalled in Congress, lawmakers are looking for other ways to tackle the issue. On Wednesday, the House Committee on Administration passed the SHIELD ACT, which requires candidates  to report any outreach from foreign agents trying to influence their campaign. The bill effectively is a rebuke of President Donald Trump’s solicitation of Ukraine for damaging information on former Vice President Joe Biden. The legislation also would “close loopholes that allow foreign spending in our elections,” according to a summary from the committee majority. Here's the bill.

Firefox is the only browser to pass a German security audit

Germany's national cybersecurity agency tested a number of popular web browsers against its new "modern security" guidelines to find a clear leader: Firefox. To pass the the audit, and receive a government recommendation for adoption in federal agencies and the private sector, browsers needed to meet certain criteria. They had to support TLS, have a list of trusted certificates, sign browser updates in a verifiable way, and their password managers need to store credentials in an encrypted way, among other requirements. Germany also tested Google Chrome, Internet Explorer 11, Microsoft Edge 44, but not Safari or the privacy-focused Brave. Find the results here.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}