{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
Cyber Command offers some numbers on its "hunt forward" operations, twice-over. Cisco Talos shares more on Chinese hacking tied to Ukraine. And a ransomware group with Russian ties goes after a Bulgarian refugee agency. This is CyberScoop for May 5.

Nakasone: Cyber Command undertook nine 'hunt forward' operations last year, including in Ukraine

National Security Agency director and U.S. Cyber Command leader Gen. Paul Nakasone said Wednesday that the U.S. conducted nine "hunt forward" missions in countries around the world last year, helping to "identify malware and tradecraft our adversaries were using." Nakasone made the remarks at a conference hosted by Vanderbilt University at which NSA Cybersecurity Directorate chief Rob Joyce and Mandiant CEO Kevin Mandia also appeared. All three said Russian cyberattacks on Ukraine have been severe and destructive. Nakasone cautioned that Russia could still launch a major cyberattack against the U.S. Mandia said he believes the Russians made a decision not to use cyberattacks outside of Ukraine and surrounding countries, but he worries that will change if Russia decides the U.S. has escalated its role in the war. Suzanne Smalley has more.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

More details emerge on Chinese Ukraine-related hacking

The long-running Chinese hacking group known in the information security world as Mustang Panda has gotten some notice in relation to Russia's Feb. 24 invasion of Ukraine, mostly in the context of its targeting of European and Russian targets using topical lures in phishing campaigns. But details continue to emerge on just how widespread the efforts are, including Thursday when researchers with Cisco's Talos Intelligence Group released previously unpublished domains, IPs and other details related to specific attacks on Russian and European targets. AJ Vicens has the details.

Russian ransomware group targets Bulgarian refugee agency

LockBit 2.0, a notorious ransomware group with strong ties within Russia, claimed Wednesday to have hit the Bulgarian State Agency for Refugees, the Bulgarian government agency that manages refugee matters. It's too early to tell how serious the attack was or what the ongoing impact will be, but the country has hosted nearly a quarter million Ukrainian refugees in the wake of Russia's invasion of Ukraine. LockBit 2.0 was among the ransomware groups that claimed neutrality as the Russian attack kicked off, but in an interview last year a spokesperson for the group shared views that strongly correlate with the public positions of top Russian officials. AJ has this one, too.

Happy World Password(less?) Day

Tech giants Apple, Google and Microsoft are celebrating by making it easier for users to sign-in without a password. Users will be able to use the FIDO Alliance's standard's system, which is a form of authentication that uses public-key cryptography. The companies already supported it in some form but still required users to make an initiate sign-in before activating the passwordless system. "This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS,” Apple wrote in a press release. Here's the announcement.

Cyber National Mission Force concludes 'hunt forward' operation in Lithuania

U.S. Cyber Command announced Wednesday that it deployed a hunt-forward team to conduct defensive cyber operations in Lithuania, a three-month operation that just wrapped up. "U.S. cyber operators hunted for malicious cyber activity on key Lithuanian national defense systems and Ministry of Foreign Affairs’ networks alongside its allies," Cyber Command said in a press release. The operation is the first defensive cyber collaboration between Lithuanian cyber forces and Cyber Command's Cyber National Mission Force. Cyber Command said the operation sought to identify cyber operations which threaten both the U.S. and Lithuania and to use insights gleaned to strengthen "resiliency of critical networks to shared cyber threats." The press release said that as of May 2022, CNMF has conducted 28 such operations in 16 countries, including Estonia, Lithuania, Montenegro, North Macedonia and Ukraine. Check out the full release.

WATCH: Interviews from Zero Trust Summit 2022

During last month’s Zero Trust Summit, cybersecurity decision-makers from the public and private sectors joined CyberScoop to discuss the adoption of zero trust across government, supply chain security and cloud security. Tune in for exclusive interviews with:

Find everything from the event here.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}