{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
We go inside a novel FBI summit where public and private sector officials traded ideas on how to stop the ransomware scourge. There was more to the Shadow Brokers' data dump than it initially seemed. And a former Trend Micro employee sold customer data to an outsider. This is CyberScoop for Wednesday, November 6.

An exclusive look at an unprecedented FBI summit on ransomware

To put a dent in a spate of ransomware attacks, the FBI invited the country’s top experts to Pittsburgh in September. Over two days of briefings, attendees traded tips on combating the more rampant strains of ransomware, studied the recent widespread infection in Texas, and heard from a firm that specializes in negotiating with attackers (something the FBI advises against). The bureau asked companies to look for ways to share more victim data anonymously, and those companies got an update on the latest law enforcement investigations. Sean Lyngaas has the scoop.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Accused Vault7 leaker wants his espionage charges tossed

A defense attorney for Joshua Schulte, a former CIA employee, filed a motion Tuesday asking a judge in the U.S. Southern District of New York to dismiss five charges prosecutors brought against Schulte under the Espionage Act and federal larceny law because they “are unconstitutionally overbroad and void for vagueness.” Schulte’s attorney, Edward Zas, asked Judge Paul Crotty to accept a pretrial motion which argues that the Espionage Act and federal larceny statutes do not apply in this case. The motion was due in July, though Zas wrote to Judge Crotty that the delay was “not a tactical, strategic, or reasoned decision. Counsel simply and inexcusably overlooked that the constitutionality of these statutes is open to serious question and vigorously debated by courts, journalists and commentators." Jeff Stone has the court documents.

Former Trend Micro employee stole customer data

In a reminder that insider threats can plague companies of all kinds, the security vendor Trend Micro said Tuesday that a former employee stole the personal data of some of its customers and then sold it to an unknown third-party. Trend Micro first caught wind of the stolen information when several of its users began receiving unannounced phone calls from people impersonating Trend Micro support staff, which appeared to be a scam because Trend Micro says it only schedules support calls out in advance. After investigating, Trend Micro uncovered that the employee, who has since been fired, had accessed a customer support database that contained names, email addresses, support ticket numbers and some phone numbers. Trend Micro said it disabled the unauthorized account and law enforcement has been notified. Shannon Vavra breaks it down.

How the Shadow Brokers tipped researchers off to a new APT group

Clues about a hacking group that carried out attacks against targets in countries including Syria, Iran and Russia were included in files leaked by a mysterious group known as the Shadow Brokers. Kaspersky researchers detailed an advanced persistent threat group the company has dubbed DarkUniverse. Documents published in 2017 by the Shadow Brokers — an elusive group that publicly disseminated NSA hacking tools — included a script that checked for other hacking teams lurking in a compromised system. (DarkUniverse was among the groups the script could check for.) DarkUniverse breached “around” 20 victims ranging from military agencies to private sector organizations like telecommunication firms and medical institutions. Jeff has more details.

Feds see no disruption to election infrastructure

The federal government saw “no evidence of a compromise or disruption to election infrastructure that would enable adversaries to prevent voting, change vote counts or disrupt the ability to tally votes" across several U.S. elections on Tuesday. That's according to a joint statement from a plethora of government agencies: the Office of the Director of National Intelligence, the National Security Agency, the Department of Defense, FBI, DOJ, and Department of Homeland Security. They added they are continuing to monitor for threats, noting, “our adversaries want to undermine our democratic institutions, influence public sentiment and affect government policies. Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions.” We've been watching this whole time.

Just don't get HACKED, okay?

Lots of capital letters this week, huh? (We're talking about you, FACEBOOK). A group of bipartisan lawmakers introduced a new bill, the HACKED Act, with the full title “The Harvesting American Cybersecurity Knowledge through Education Act." It's intended to boost cybersecurity education and expand workforce training. The bill includes proposals to incentivize recruitment of cybersecurity educators, authorizing up to $200,000 for regional alliances for cybersecurity education. The act would also prioritize partnerships with local employers and universities, and proposes a new White House-level working group housed in the Office of Science and Technology Policy. Shannon has the bill.

Senator urges FCC to mandate strong encryption in 5G deployments

Sen. Ron Wyden has asked the federal agency overseeing next-generation wireless deployments to ensure they include strong encryption to guard against hacking. Wyden, an Oregon Democrat who is vocal on cybersecurity and privacy issues, wrote to the Federal Communications Commission on Wednesday asking the commission to mandate better authentication features in wireless carriers’ 5G deployments. Wyden cited widely available commercial technology that can be used to intercept unencrypted cellular communications. “For decades, wireless carriers have ignored known cybersecurity vulnerabilities that foreign governments were and are still actively exploiting to target Americans,” Wyden wrote to FCC Chairman Ajit Pai. Here's the letter.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}