{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
It's been awhile since Joker's Stash went down, and the market for stolen payment-card data hasn't recovered. Defense officials in Belgium have a Log4j problem. And U.S. federal agencies have a clear mission for fighting the bug. This is CyberScoop for Monday, December 20.

Weird times in the cybercrime 'carding' scene

The FBI and Interpol disrupted the Joker’s Stash dark web market around this time last year, and by February, it was completely gone. Since then, no single player has emerged to dominate the market for stolen payment-card data, researchers say. And although “carders” are still plying their wares on the dark web and in messaging apps like Telegram, it’s a more complicated business than it was a couple of years ago. Security enhancements in payment networks, and in the cards themselves, are only part of the picture. Joe Warminsky explains.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Belgium’s defense IT is on the mend

Parts of the Belgian Defense Ministry’s computer networks have been down since Thursday after a cyber incident in which attackers exploited the Apache Log4j vulnerability, government officials said. The Belgian government has not attributed the attack to any group or nation-state. The Belgian Defense Ministry is the first reported high-profile government victim of an attack using the vulnerability, and it's unlikely to be the last, given the ubiquity of Log4j in a host of enterprise software popular in the public and private sector. Tonya Riley has more.

An emergency Log4j directive for US agencies

The U.S. government's top cyber officials told all federal civilian agencies Friday that they had until Dec. 23 to assess their internet-facing networks for Apache Log4j vulnerabilities and either patch their systems or implement other mitigation measures. The emergency directive cited "active exploitation by multiple threat actors" of the vulnerabilities in widespread logging software that has roiled the information security community since Dec. 10, when the bug was first revealed. AJ Vicens has the news.

A cyber checkup for the IRS

The Treasury Department’s inspector general has some familiar insights for the Internal Revenue Service: Legacy systems, aged hardware and software and outdated programming languages “pose significant risks to the IRS’s ability to deliver its mission,” a recent IG report says. Those problems also mean that taxpayer data is at risk, too. The American Rescue Plan Act passed in March gave the IRS an additional funding to modernize legacy systems, but there’s still a lot of work ahead, the report says. FedScoop’s Dave Nyczepir dives in.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}