{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
WhatsApp provides technical evidence that NSO Group hacking tools were used in the U.S. More evidence that far-right gun activists are behind an astroturfing campaign. And security pros are starting to look into contact tracing. This is CyberScoop for Friday, April 24.

A blow to NSO

Attorneys representing WhatsApp in the company’s lawsuit against NSO Group have introduced evidence that hacking tools built by the Israeli spyware firm were using infrastructure based in the U.S. In a new filing, lawyers for WhatsApp argued that NSO Group utilized a number of internet servers throughout the U.S. owned by Amazon Web Services and enterprise hosting provider QuadraNet. Facebook-owned WhatsApp sued NSO Group last year for allegedly developing malware designed to hack victims by using the WhatsApp messaging app as an entrypoint to their device. NSO Group has argued that WhatsApp had failed to demonstrate that NSO customers used its hacking tools in the U.S., and thus the case should be dismissed. Shannon Vavra has the court documents.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

It goes beyond social media

Threat intelligence firm DomainTools reports that pro-gun activist Aaron Dorr appears to be using widely available software to operate dozens of websites, many of which include “reopen” in the URL. It’s latest addition to a mounting pile of evidence that a group of conservative political activists is behind a network of inauthentic websites and social media pages used to inflame pandemic-related tension in the U.S. In this case, DomainTools conducted a technical examination of “reopen” sites to determine just how consolidated many of the pages are, despite the appearance that they operate as standalone entities. Most are registered to local gun advocacy groups and utilize One Click Politics, a digital organizing service that allows a single person to manage dozens of websites, run email promotion and collect money. Jeff Stone has more context.

The security considerations of contact tracing

Apple and Google made waves when they announced they would use Bluetooth technology to help trace coronavirus infections. There are obvious benefits to using the wireless standard to map the virus, but security concerns are now coming to the fore. A German researcher demonstrated how a hacker in close proximity to an Android device could use Bluetooth to execute code on a phone. The findings don’t mean that Bluetooth shouldn’t be used to track the virus. They are, however, another reminder that technology that has gained traction in the health crisis could also be an opening for hackers. Sean Lyngaas has the story.

Poland implicates Russia in wild cyber and info op

There’s never a dull moment on the Eastern European cyber front. Poland’s security services on Thursday said a hack of a Polish military academy website, followed by a smear campaign against U.S. troops, bore the hallmarks of Russian activity. The U.S. rotates about 4,500 troops in and out of Poland on a regular basis, and the country is a key ally on NATO’s Eastern flank. Moscow has previously denied being behind such attacks. Sean has more.

A fake message from France's postal service

Hackers are trying to infect victims by sending a text messages that appear to be from the French postal service, only to hit them with malicious software. The Android banking trojan intercepts SMS messages, steals victims' contact lists and then tries to infect their friends and family. The attack, which impersonates "La Poste," first was distributed mainly in Japan before it arrived in France. ESET's Lukas Stefanko discussed the findings.

Another 400,000 stolen cards go up for sale

Scammers started selling a new batch of data from stolen credit cards this month on Joker's Stash, a marketplace for hacked financial information. Details from roughly 397,000 credit and debit cards belonging to people in the U.S. and South Korea are available on the forum, according to the security vendor Group-IB. The payment numbers have a validity rate of 30 to 40%, the seller says, and a purported value of nearly $2 million, Group-IB claims. Most of the information included in the database consists of bank identification numbers, account numbers, expiate dates and CVV codes. Here's more.

Cockroaches and botnets. You just can't kill 'em.

While APTs and ransomware attract a lot of attention, there are still legions of infected computers out there that hackers use to generate cryptocurrency. ESET researchers say they disrupted a 35,000-device botnet centered around Peru that had been quietly mining thousands of dollars in cryptocurrency over the last year. The infections reached the Peruvian public sector and financial institutions, adding urgency to the effort to defang it. It’s an example of how the fight against cybercrime is often long and methodical — and usually led by the private sector. Sean has the news.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}