{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A curious case of surveillance in India. Equation Group is back in the news. And 2020 was a productive year for cybercrime. This is CyberScoop for Feb. 22, 2021.

Allegations of planted evidence raise questions about hacking ecosystem in India

Recent allegations that planted evidence may have been used to frame an activist in a terrorism case are raising new questions about the surveillance and hacking landscape in India. The human rights activist in question, Rona Wilson, is one of several people accused of plotting to overthrow the Indian government in connection with a violent demonstration in Bhima Koregaon, India in 2017. And while there has been at least one other case in Turkey where digital evidence appears to have been planted, the turn of events in India could shed new light on just how far attackers will go to silence activists, researchers and digital rights activists say. Shannon Vavra breaks it down.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Chinese hackers go after NSA tools

A group of suspected Chinese government-linked hackers appear to have copied an exploit developed by Equation Group, a hacking group broadly believed to be associated with the NSA, according to Check Point research published Monday. The copying came more than two years before the Shadow Brokers leaked the trove of NSA tools. While the exploit was originally attributed to APT31 years ago, it was actually developed based on an NSA-linked tool called “EpMe,” according to Check Point’s analysis. And while APT31 is notoriously resourceful and tenacious, it’s not the first time researchers have suggested Chinese hacking groups have gained access to NSA tools before the ShadowBrokers leaked their existence to the public, raising questions about just how much intelligence agencies can prevent their tools from leaking to the wrong hands. Shannon has more.

Cybercrime making up bigger share of human-generated hacking attacks

CrowdStrike saw a fourfold increase in intrusions relying on non-automated, "hands-on-keyboard techniques" in the past two years, the company said in its annual report out Monday, with 2020 numbers "significantly higher" than in 2019. Cybercrime drove the intrusion figures, making up 79% of them in 2020, compared to 69% the year before. Ransomware strains that major threat groups used infected 104 health care organizations in 2020, with the pandemic, of course, motivating some of the major trends the company found. Read the full report.

Employing Telegram for credential-harvesting

Cofense researchers on Monday revealed a phishing campaign centered around Telegram's application programming interface, a protocol set that dictates how data interacts between applications. The hackers spoof an email address so it looks like it's from an internal address, directing employees to look at spam or scam messages. When users click on the link and enter their credentials, it sends them to a Telegram API, and the API posts the username and password into a message to the attacker. Here's more on how it works.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}