{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
There's more to the FireEye story than meets the eye; we're just not sure what it is. Facebook has some things to say about APT32. And CISA's Matt Masterson lines up a new gig. This is CyberScoop for Friday, Dec. 11, 2020.

After FireEye’s breach the cyber world asks, ‘Now what?’

FireEye’s announcement this week that hackers breached its systems has sent shockwaves through the cybersecurity community, raising new questions about how one of the most influential security firms in the U.S. grappled with an apparently state-sponsored attack. The incident also has triggered policy discussions about whether the U.S. government should do more to protect industry titans like FireEye, which has several Fortune 500 companies among its clients. The hack adds FireEye to the list of cybersecurity companies that have experienced their own breaches, a roster stretching back to at least the beginning of the last decade. Tim Starks details the ripple effect.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

APT32, Bangladeshi groups outed by Facebook

Cybersecurity officials at Facebook said late Thursday that the company had disrupted two hacking campaigns that abused the social media platform, including an effort involving the Vietnam-linked group known as APT32, and a separate operation originating from two Bangladeshi organizations. The APT32 operation featured an "IT company" known as "CyberOne Group," Facebook said, making it the latest example of alleged nation-state hackers operating through corporate disguises. In both of the disrupted campaigns, the perpetrators sought to “abuse our platform, distribute malware and hack people’s accounts,” Facebook said. Joe Warminsky has the story.

Matt Masterson to leave CISA for Stanford

One of the U.S. government’s top election security experts is headed to academia to continue his work combatting disinformation. Matt Masterson is calling time on more than two and a half years at DHS’s Cybersecurity and Infrastructure Security Agency, where he worked to rebuild trust between federal and state personnel. The biggest area that still needs improvement in election security, Masterson said in an exit interview, is getting federal resources to small and medium-sized counties. Sean Lyngaas has more.

CISA: Attacks against K-12 growing more aggressive

More than half of all ransomware attacks against state and local government entities reported over the past few months have targeted K-12 school systems, CISA said Thursday. “Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year,” reads the alert, which was issued in conjunction with the Multi-State Information Sharing and Analysis Center. CISA said that 57% of ransomware incidents reported to the MS-ISAC in August and September — when new academic years began — affected school districts, compared to 28% in the first seven months of the year. StateScoop's Benjamin Freed has more.

Some nasty Chrome and Firefox extensions

Malicious web browser extensions are nothing new, but a hacking campaign revealed Thursday by Microsoft goes further than most. The malware disables browsers’ security settings and exfiltrates website credentials, opening up further avenues of attack. At its height, the so-called Adrozek malware was affecting more than 30,000 devices per day. Sean has the research.

NYC government wants to lean on zero trust

When New York City's government makes a cybersecurity decision, it resonates beyond the Five Boroughs. This week the city gave a stamp of approval to zero-trust security architecture, issuing a request for proposal that seeks input on a variety of security components, including multi-factor authentication, endpoint monitoring, encryption protocols and identity management. New York City Cyber Command has already adopted the technology, and found it particularly useful when workers were sent home at the beginning of the pandemic. The city government, overall, has more than 100 agencies and more than 325,000 employees. Ben has this one, too.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}