{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A consumer advocate submitted a last minute objection to the Equifax settlement that made everyone so mad earlier this year. A 20-year-old college kid is accused of being IT support for ISIS. And piles of research showing how scammers are evolving. This is CyberScoop for Wednesday, November 20.

Watchdog says Equifax settlement doesn't treat victims equally

The nonprofit Center for Class Action Fairness, which advocates on behalf of consumers involved in class action suits, said in a court filing Tuesday the Equifax settlement — which proponents value at $700 million — “flunks” federal requirements for fairness and adequacy. This is the same agreement that Equifax said would include up to $425 million for customers who were affected by the data breach, which compromised information about 147 million Americans. After suggesting individual customers could be paid up t o $125 under certain conditions or accept free credit monitoring, Equifax introduced new requirements forcing Americans to prove they had credit monitoring in place at the time of the breach, otherwise they would be paid nothing. Jeff Stone has the court documents.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Prosecutors connect Chicago man to pro-ISIS propaganda

U.S. authorities on Tuesday announced the arrest of a 20-year-old DePaul University student, Thomas Osadzinski, for allegedly providing material support to the Islamic State by writing a computer script to boost the terrorist group’s propaganda. Osadzinski also told undercover FBI agents that he was in the process of creating a custom system for ISIS members, according to a criminal complaint. Osadzinski’s lawyer denied his client broke any laws. A LinkedIn profile apparently belonging to Osadzinski listed a short stint as a contractor at BlackBerry Cylance earlier this year. However, a BlackBerry Cylance spokesperson says the company has no record of Osadzinski as an employee or contractor. Sean Lyngaas has the story.

Just when more people are starting to patch...

There’s a new email scam circulating with the subject lines “Install Latest Microsoft Windows Update now!” or “Critical Microsoft Windows Update!" What appears to be a legitimate .jpg attachment actually is a malicious executable. If clicked, it will download ransomware and a file that explains how to decrypt your files (by paying, of course). This ransomware email scam is particularly horrible because it seeks to take advantage of the correct instinct to update and patch. This process could chill inclinations to fix real vulnerabilities in the future by perpetuating fears that updates are malicious. Here’s a broad reminder, in light of that: patch your stuff, folks. Just not by clicking through this email campaign. Technical details are here.

IRS scams aren't limited to tax season

Wannabe thieves have targeted more than 100,000 individuals since August with phishing emails that appear to be from the Internal Revenue Service, Akamai researchers found. The messages, sent through early October relied on fake websites that all looked the same, but still tried to hide their activity by including code meant to avoid detection. Remember: the IRS will not ever use email or phone calls to collect overdue taxes. Here's Akamai's research.

DIA details (the actual) Iranian cyber threat

The Defense Intelligence Agency released an assessment of Iran’s military power Tuesday which explains how the government there can, and can't deploy its digital capabilities. “Tehran often masks its cyberoperations using proxies to maintain plausible deniability,” the report notes. And yet, “Tehran’s offensive cyberspace capabilities remain underdeveloped" compared with U.S., China, and Russia, the DIA assesses. The DIA also notes Tehran gets “technical assistance for cyberspace defense from Russia and China.” That seems like a big deal.

One keylogger, many uses

Researchers at Cybereason have discovered a “keylogger” — a program that surreptitiously records strokes on a keyboard — that has been operating as a malware-as-a-service to steal personal data from nearly 20 different web browsers.  The tool, dubbed Phoenix, has been active since at least July and attempts to circumvent over 80 different security products and tools, researchers said. Whoever is behind the program has gone after targets in North America, the U.K., other parts of Europe, and the Middle East. And Cybereason researchers expect that targeting to expand as the keylogger gains popularity. Here's what else they found.

NSA pushes more guidance

The National Security Agency has another public advisory, this time about Transport Layer Security Inspection, a process that allows users to decrypt traffic, inspect it for threats, and re-encrypt the same data. The NSA points out there are some risks associated with this capability and lays out some possible ways to remedy them. One important item to note: “Many TLSI products cut corners to meet performance requirements,” the advisory notes. The NSA’s recommendation is to use products the National Information Assurance Partnership (NIAP) has approved. Check it out.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}