{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
The SolarWinds hack says a lot of things about the supply chain and the complicated nature of the U.S. government's relationships with technology suppliers. Twitter is fined in the EU. And should live hacking contests be held virtually? This is CyberScoop for Tuesday, Dec. 15, 2020.

Supply-chain pitfalls go deep

The SolarWinds breach serves as a stark reminder that government and private sector entities alike are dependent on a network of companies that can be quietly weaponized against them. The incident is raising questions about what an adequate counterintelligence operation looks like, and whether the federal government has the right framework to assess the security of the products it buys. The truth is that it's only natural for spy agencies to try to infiltrate sensitive targets by first breaching the companies that supply them with technology. Shannon Vavra has more.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

A large federal footprint is 'nightmare scenario'

SolarWinds has been supplying technology to federal agencies for a long time, and a full public assessment of those deals would be difficult. One estimate, according to FedScoop, shows 48 different resellers were awarded some of the 204 known federal contracts for the company's Orion product since 2006. “It’s almost a nightmare scenario, when you think about it, because these are tools that people put into the most sensitive parts of their network,” says a retired senior government official, who asked not to be identified to speak freely about the compromise of SolarWinds' software updates. More from FedScoop's Dave Nyczepir.

Key briefings held on the big hack

The incoming Biden administration is receiving briefings from U.S. officials on the colossal SolarWinds hack, including a classified session slated for Tuesday, according to a person familiar with the briefings. Meanwhile, DHS’s Cybersecurity and Infrastructure Security Agency briefed Capitol Hill aides Monday on how federal agencies are responding to the breach. At least one agency learned it had been affected after it followed CISA's emergency directive to look for such activity, a congressional aide told CyberScoop.

EU regulators dock Twitter for bug response

European Union authorities have penalized Twitter for failing to report a data breach promptly and not adequately documenting the incident. The decision — issued by Ireland's data protection agency because Twitter's European headquarters are in Dublin — imposes a fine of about $550,000 on the social media company. Twitter was lax in its response to the discovery of a bug in its "Protect My Tweets" feature, the regulators said. It's the first time the agency has fined a “big tech” company for violations of Europe’s General Data Protection Regulation (GDPR). Joe Warminsky breaks down the ruling.

A big live hacking event offered up some broader lessons

HackerOne and Verizon Media recently wrapped what they billed as the world's largest live hacking event, and they came away with some pros and cons. Both were related to the sheer enormity of a five-week, online event with 3,000 registrants. The expanded global scope brought in some new talent for events that are usually more like 50 or 60 people. But it also was a pretty difficult undertaking to manage an event that large. Tim Starks reports.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}