Solorigate updates: intrusion, scope, and remediation. Extradition of Assange to the US denied.

Cyber Attacks, Threats, and Vulnerabilities

Microsoft says it found malicious software in its systems (Reuters) Microsoft Corp said on Thursday it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.

Microsoft Hacked in Russia-Linked SolarWinds Cyberattack (Wall Street Journal) The Russia-linked hackers were able to access internal systems within Microsoft and view internal source code, used to build software products, the company said.

Microsoft Says Russian Hackers Viewed Some of Its Source Code (New York Times) The hackers gained more access than the company previously understood, though they were unable to modify code or get into its products and emails.

The threats arising from the massive SolarWinds hack (CBS News) Cybersecurity experts discuss the national security implications of the suspected Russian breach — a "cyber virus" — that has infected the computer systems of more than 18,000 private and government customers.

As Understanding of Russian Hacking Grows, So Does Alarm (New York Times) Those behind the widespread intrusion into government and corporate networks exploited seams in U.S. defenses and gave away nothing to American monitoring of their systems.

Emergency Directive 21-01 (CISA) A site for cybersecurity directives and implementation guidance, from the Cybersecurity and Infrastructure Security Agency.

DHS orders federal agencies to update SolarWinds Orion platform (BleepingComputer) The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020.

How Russia’s ‘Info Warrior’ Hackers Let Kremlin Play Geopolitics on the Cheap (Wall Street Journal) Moscow, with its growing cyber capabilities, appears undeterred by Western sanctions and other countermeasures.

Continuous Updates: Everything You Need to Know About the SolarWinds Attack (SecurityWeek) News coverage of the SolarWinds supply-chain attacks and useful security resources, including analysis and indicators of compromise (IOC).

Cyber attack on U.S. government may have started earlier than initially thought - U.S. senator (Reuters) The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said on Wednesday.

Actionable Threat Intelligence Available for Sunburst Cyber Attacks on SolarWinds (Anomali) On Dec. 13, FireEye published a detailed analysis about the attack carried out against SolarWinds, which appears to have compromised its Orion IT monitoring and management platform to spread the Sunburst Backdoor malware.

SolarWinds Attribution: Are We Getting Ahead of Ourselves? (Recorded Future) SolarWinds breach attribution — are we getting ahead of ourselves by assuming it’s Russia? John Wetzel takes a contrarian view in this blog.

SolarWinds Hack Infected Critical Infrastructure, Including Power Industry (The Intercept) The companies involved used compromised software, but it’s not clear if hackers entered their networks. Finding out could be difficult.

New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds (SecurityWeek) A piece of malware named Supernova and a zero-day vulnerability exploited to deliver this malware indicate that SolarWinds may have been targeted by a second, unrelated threat actor.

SolarWinds hackers accessed Microsoft source code in a number of repositories, the company says (Computing) But no changes were made to the code, Microsoft asserts

NSA, CISA warn of attacks on federated authentication (Urgent Communications) While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well. An attacker-modified update to the SolarWinds Orion network management product that compromised thousands of companies and government agencies is likely no...

Russia has allegedly hit the US with an unprecedented malware attack: Here's what you need to know (CNET) Blamed on Russia, the hack has hit local, state and federal agencies as well as major companies.

Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye) (Medium) First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information…

SUNBURST SolarWinds BackDoor : Crime Scene Forensics Part 2 (continued) (Medium) First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information

SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property Graph (Medium) FireEye released additional details here (on December 24th, 2020) that is well worth reading.

DHS says massive hack is also ‘impacting’ local, state governments (New York Post) The cybersecurity arm of the Department of Homeland Security warned that the massive hack that infiltrated a number of federal agencies is also “impacting” state and local governments. …

SolarWinds: What the Intelligence Tells Us (Recorded Future) Recorded Future's David SooHoo provides a brief recap of the first five days following disclosure of the SolarWinds attack incident.

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware (The Hacker News) New SolarWinds Orion API authentication Bypass Flaw Might Have Let Hackers Install SUPERNOVA Malware

Supply Chain Compromise (CISA) The FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign. Pursuant to Presidential Policy Directive (PPD) 41, the FBI, CISA, and ODNI have formed a Cyber Unified Coordination Group (UCG) to coordinate a whole-of-government response to this significant cyber incident.

CISA Warns SolarWinds Incident Response May Be Substantial (BankInfo Security) Federal, state and local governments are among the many victims of the supply chain attack that backdoored the SolarWinds' Orion network-monitoring software, and

Suspected Russian hackers used Microsoft vendors to breach customers (Reuters) The suspected Russian hackers behind the worst U.S. cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said.

Solarwinds Backdoor Affected 18,000 Customers; Microsoft Warns 40 Actively Targeted Organizations (CPO Magazine) SolarWinds’ recent filing with the Securities and Exchange Commission (SEC) claims that only 18,000 customers installed the malware-laced Orion software updates. This is contrary to initial media reports suggesting all 300,000 of SolarWinds’ customers were affected.

Russians Are Believed to Have Used Microsoft Resellers in Cyberattacks (New York Times) Evidence from the security firm CrowdStrike suggests that companies that sell software on behalf of Microsoft were used to break into Microsoft’s Office 365 customers.

Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk (Washington Post) Russian government hackers have compromised Microsoft cloud customers and stolen emails from at least one private-sector company, according to people familiar with the matter, a worrying development in Moscow’s ongoing cyberespionage campaign targeting numerous U.S. agencies and corporate computer networks.

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity (CISA) CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. If left unchecked, this threat actor has the resources, patience, and expertise to resist eviction from compromised networks and continue to hold affected organizations at risk.

SolarStorm Timeline: Details of the Software Supply-Chain Attack (Unit42) The SolarStorm timeline summarized here is based on the information available to us and our direct experience defending against this threat.

Dissecting The SolarWinds Hack For Greater Insights With A Cybersecurity Evangelist (Forbes) 80% of hacks involve the use of compromised privileged credentials, and this one is no exception

SUNBURST: How it Happened and How to Minimize the Risk of Future Nation-State Attacks (HUNTERS) Learn about the key Techniques used by the nation-state actors in the SUNBURST campaign and recommendations on how to minimize the risk of complex attacks.

Experts who wrestled with SolarWinds hackers say cleanup could take months (iTnews) Or longer.

Microsoft alerts CrowdStrike of hackers' attempted break-in (CyberScoop) Hackers behind the SolarWinds espionage campaign have targeted CrowdStrike in an unsuccessful attempt to break in, according to CrowdStrike.

Suspected Russian hackers tried to access CrowdStrike's email (Reuters) The suspected Russian agents behind the biggest breach of U.S. government agencies in years leveraged access to a Microsoft cloud services reseller in a failed attempt to hack CrowdStrike, the cybersecurity firm said on Thursday.

Suspected Russian hackers made failed attempt to breach CrowdStrike, company says (CNBC) CrowdStrike said it was alerted by Microsoft on Dec. 15 that hackers tried to read its emails using a Microsoft reseller's account "several months ago."

CrowdStrike was targeted in failed attack by SolarWinds breach hackers (NASDAQ:CRWD) (SeekingAlpha) CrowdStrike (NASDAQ:CRWD) says the Russia-linked hackers tied to the breach of U.S. agencies attempted to hack the company through a Microsoft reseller's Azure account but failed.

Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are - CyberScoop (CyberScoop) The North American electric grid regulator has asked utilities to report how exposed they are to SolarWinds software that is at the center of a suspected Russian hacking operation, and the regulator advised utilities that the vulnerability “poses a potential threat” to parts of the power sector.

SolarWinds Attack Could Have Been Much Worse. The Next One Will Be. (US News) Despite ongoing intrusion into government and private servers, neither the current nor incoming administration appears poised to respond, the former National Security Agency head says.

Columbus uses SolarWinds, but says its product not among those hit by cyberattack (The Columbus Dispatch) The U.S. Cybersecurity and Infrastructure Security Agency says SolarWinds hack not only affected federal agencies but also state and local governments.

SolarWinds Attack: 'This Hit the Security Community Hard' (BankInfo Security) The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ.

Finland says hackers accessed MPs' emails accounts (ZDNet) The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament's email system.

Finnish Parliament attackers hack lawmakers’ email accounts (BleepingComputer) The email accounts of multiple members of parliament (MPs) were compromised following a cyberattack as revealed today by the Parliament of Finland.

Finnish Politicians’ Email Accounts Targeted by Cyber Attack (Bloomberg) Finland’s parliament was the target of a cyber attack during the autumn that compromised the security of an unspecified number of politicians’ email accounts, parliament’s information office said Monday.

Cyber attack on Armed Forces network detected (The Star Online) The Malaysian Armed Forces (MAF) network was the target of a cyber attack on Monday (Dec 28).

Malaysia's armed forces confirms cyber-attack on network (The Straits Times) But MAF managed to isolate data traffic to mask location of crucial data.. Read more at straitstimes.com.

Cyber attack on Budget Department in the Dominican Republic (Prensa Latina) The General Budget Department of the Dominican Republic underwent a cyber attack against its systems, local media reported in this capital on Monday.

Hackers Hit ECHR After Turkey Ordered To Free Prisoner (Law360) Hackers shut down the website of the European Court of Human Rights on Wednesday after a ruling that criticized Turkey's treatment of a Kurdish opposition politician.

Erdoğan’s censorship now targeting media outlets in Europe (Turkish Minute) Bold Medya, a YouTube channel run by the German-based International Journalists Association eV (IJA), was shut down due to efforts exerted by the government of Turkish President Recep Tayyip Erdoğan. Social media expert Yasin Kesen says Erdoğan is now resorting to fraudulent methods in an attempt to extend his crackdown on freedom of expression beyond Turkey’s borders and into the European Union, a dangerous trend.

Vietnam targeted in complex supply chain attack (ZDNet) Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).

Iran-linked hackers say they breached Israeli cyber security firm Portnox (Times of Israel) Pay2Key hacking group leaks documents from leading Israeli companies, latest in series of ransomware attacks tied to outfit researchers have traced to Iran

Emotet malware hits Lithuania's National Public Health Center (BleepingComputer) The internal networks of Lithuania's National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country's state institutions.

Germany: 'Colossal' cyberattack knocks out Funke news group (Deutsche Welle) Hackers knocked out one of Germany's biggest news organizations over the Christmas holiday. Such criminal attacks, which often come with ransom demands, have become a lucrative business model.

New Malware Targeting Windows And Other Operating Systems (Coulson Technologies) Researchers on the Global Research and Analysis Team (GReAT) at Kaspersky Lab have recently discovered a new malware strain dubbed PyMICROPSIA, currently being used by a group tracked as AridViper. AridViper operates primarily in the Middle East, focusing mainly on...

New Golang worm turns Windows and Linux servers into monero miners (SC Media) The potential number of systems is staggering: There are 5.5 million MySQL, Tomcat, Jenkins, and WebLogic devices connected to the internet that could be vulnerable.

Ransomware makes use of common vulnerabilities (Reason cyberSecurity) Not so long ago ransomware used to spread through phishing campaigns and more recently by...

Citrix devices are being abused as DDoS attack vectors (ZDNet) Citrix says it's working on a fix, expected next year.

Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways (ZDNet) The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries.

Backdoor Account Discovered in More Than 100,000 Zyxel Firewalls, VPN Gateways (Slashdot) More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. From a report: The backdoor account, discovered by a team of Du...

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products (The Hacker News) A Secret Hard-Coded Backdoor Account Found in Several Zyxel Firewall, VPN Products

NSO used real people’s location data to pitch its contact-tracing tech, researchers say (TechCrunch) Researchers say NSO's use of real data "violated the privacy" of thousands of unwitting people.

NSO Group's Breach of Private Data with 'Fleming', a COVID-19 Contact-Tracing Software (Forensic Architecture) In March 2020, with the rise of COVID-19, Israeli cyber-weapons manufacturer NSO Group launched a contact-tracing technology named ‘Fleming’.

()

Report: Online Fashion App Exposes Financial Records of Top European Influencers (vpnMentor) vpnMentor’s cybersecurity research team, led by Noam Rotem, recently discovered that e-commerce app 21 Buttons was exposing private data for 100s of influencers across Europe.

Government’s cyber cell warns of “pay and register” scam related to coronavirus vaccination; Details (The Financial Express) Scammers are taking advantage of the anticipation and anxiety among people and defrauding them.

Fake Amazon gift card emails deliver the Dridex malware (BleepingComputer) The Dridex malware gang is delivering a nasty gift for the holidays using a spam campaign pretending to be Amazon Gift Cards.

Koei Tecmo reveals cyber attack, shuts down forum websites (NME) Koei Tecmo has revealed that it was the target of a recent cyber attack, and that 65,000 items of consumer data has been breached.

Nintendo Conducted Invasive Surveillance Operation Against Homebrew Hacker (TorrentFreak) Leaked documents have revealed an invasive surveillance operation carried out by Nintendo against a 3DS hacker.

Kawasaki Heavy Industries reports data breach as attackers found with year-long network access (The Daily Swig) Japanese conglomerate confirms possible leak of sensitive information

Home Appliance Company, Whirlpool, Endures Ransomware Attack (SpearTip Cyber Counterintelligence) The home appliance company, Whirlpool, confirmed a ransomware attack and explained they will be slowly bringing back systems until all are restored.

Voyager Cryptocurrency Broker Suffered Brief Outage After Cyber Attack (Latest Hacking News) Cryptocurrency broker Voyager recently faced a cyber attack after which the service went offline. But they succeeded to fend off the attack.

Ransomware Is Headed Down a Dire Path (Wired) 2020 was a great year for ransomware gangs. For hospitals, schools, municipal governments, and everyone else, it’s going to get worse before it gets better.

How to remove Banco Millennium BCP Email Scam - virus removal guideFacebookTwitterLinkedInMediumTwitterFacebookLinkedInYoutube (PC Risk) What is Banco Millennium BCP email scam?

T-Mobile data breach exposed phone numbers, call records (BleepingComputer) T-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.

Kaspersky reveals two APT incidents related to vaccine research (BW Businessworld) Kaspersky reveals two APT incidents related to vaccine research

Hackers threaten to leak plastic surgery pictures (BBC News) The Hospital Group has confirmed that patient photos are being held to ransom by hackers.

Mac Attackers Remain Focused Mainly on Adware, Fooling Users (Dark Reading) Despite reports that Macs have encountered more threats than Windows systems, the platform still sees far fewer exploits and malware - including ransomware.

Hebrew Academy Becomes Victim Of Online Cyber Attack (Great Neck Record) North Shore Hebrew Academy High School’s online homepage was flooded with anti-Semitic images, slurs and songs in an apparent cyber attack at around 4 p.m. on Dec. 14. Stopantisemitism.org, a websi…

Multi-platform skimmer hits Shopify, Bigcommerce and others (Sansec) A new type of payment skimmer was found on a dozen stores hosted on Shopify, BigCommerce, Zencart and Woocommerce.

Data breach broker selling user records stolen from 26 companies (BleepingComputer) A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned.

Nashville Bombing Spotlights Vulnerable Voice, Data Networks (Fire Engineering) The blast seriously damaged a key AT&T network facility, an important hub that provides local wireless, internet and video service.

Vulnerability Summary for the Week of December 21, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Security Patches, Mitigations, and Software Updates

SolarWinds releases updated advisory for new SUPERNOVA malware (BleepingComputer) SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform.

SolarWinds Orion: Fixes Aim to Block Sunburst and Supernova (Data Breach Today) Software vendor SolarWinds has updated multiple versions of its Orion network-monitoring software to address the Sunburst backdoor that was added to its code and to

Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug (The Hacker News) Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Print Spooler API Bug

Adobe Flash Player is officially dead tomorrow (BleepingComputer) Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years.

Adobe Flash rides off into the sunset (The Verge) Say goodbye to Flash and tell us what you remember most! Its memory lives in you.

Microsoft Edge Now Offers Built in Password Monitors, for a Secure Online Experience (Digital Information World) This feature checks your passwords that are stored on Microsoft Edge and compares them against a repository of known compromised passwords.

Cyber Trends

5 Major Cybercrime Predictions for 2021 (Loss Prevention Media) Threats, vaccine rollout, remote working will make 2021 a prosperous year for cybercriminals As society continues to navigate through the ongoing pandemic, hackers are honing in on new targets and new means to access sensitive data. To prepare for 2021, Experian is releasing its eighth annual Data Breach Industry Forecast, which predicts five major threats […]

CyberArk Study: Why Remote Workers Bypass Corporate Security Policies (MSSP Alert) Remote workers bypass corporate security policies to be more productive, according to CyberArk State of Remote Work Survey.

Ransomware 2.0: India and Australia logged the highest number of incidents across APAC region (New Kerala) Global cybersecurity company Kaspersky recently revealed in a virtual conference that 2020's cybersecurity disease is targeted ransomware.

In 2020, we reached peak Internet. Here’s what worked — and what flopped. (Washington Post) Covid-19 made Zoom, WiFi, virtual school, Instacart, streaming and telemedicine parts of everyday life. What will we keep using when this is all over?

The Worst Hacks of 2020, a Surreal Pandemic Year (Wired) From ransomware schemes to supply chain attacks, this year melded classic hacks with extraordinary circumstances.

12 Cybersecurity CEOs On What Each Learned Leading During the Pandemic (Business 2 Community) Bottom Line: Cybersecurity CEOs’ lessons learned from navigating the pandemic provide a valuable framework for leading and growing a business…

What do cybersecurity and wildfires have in common? We don’t have enough firefighters (The Print) Cybercriminals took advantage of Covid pandemic. The world now needs 4 million digital firefighters.

Cyber crime has cost Russia $49 bln in 2020, Sberbank says (Reuters) Cyber attacks have cost Russian companies and citizens up to 3.6 trillion roubles ($49 billion) this year, the country's largest lender Sberbank said.

From Kashmir to BigBasket, India under attack in cyber space (ET Telecom) This year, till August, India faced nearly 7 lakh cyber attacks, as per the data compiled by the Indian Computer Emergency Response Team (CERT-In).

Marketplace

Cyber Startups Face Broader Funding Challenge in 2021 (Wall Street Journal) Companies that want to attract funding will have to move beyond established niches, while competing with global rivals and enduring greater scrutiny than in the past, venture firms say.

NYSE to Delist Chinese Telco Giants on U.S. Executive Order (Bloomberg) Exchange will remove China Mobile, China Telecom, China Unicom. Latest trade war fracas follows battle for IPOs with Hong Kong.

China warns of retaliation for NYSE's delisting of companies (Bay News 9) China says it will take necessary countermeasures in response to the New York Stock Exchange’s announcement this week that it will delist three major Chinese telecoms, in the latest flare-up of tensions between Beijing and Washington

The SolarWinds Breach Reinforces Why Boards And Audit Committees Need More Tech Expertise (Forbes) Boards’ ability to monitor cybersecurity is hampered by directors' experience, outdated committee charters and fragmented oversight. Five meaningful actions by boards, audit committees and executives can change that.

Wall Street Seeks the Upside in an Historic Hack (Barron's) The attack that may have exposed 18,000 SolarWinds’ customers also brought a lot of attention to the importance of cybersecurity. That had Wall Street analysts revising their views of the industry and the stocks.

'What's the alternative?' SolarWinds boosts security firms' bottom lines (Reuters) Cybersecurity providers including FireEye Inc and Microsoft Corp could not prevent a huge network breach disclosed this month by numerous U.S. agencies and companies, yet their shares are soaring for a second straight week.

Privacy Management Firm OneTrust Secures $300M at $5.1B Valuation (SecurityWeek) OneTrust, a provider of privacy, security and data governance tools, announced a $300 million Series C funding round led by new investor TCV.

Cerberus Sentinel Announces Acquisition of Alpine Security (GlobeNewswire) U.S. cybersecurity services firm expands compliance and penetration testing teams

Kaspersky acquires Nexway to increase online sales channel (Borneo Bulletin Online) Kaspersky has acquired a stake in Nexway, a leading e-commerce and payment platform, to strengthen its position and increase opportunities for the company’s online sales channel. In a statement, Nexway said it will remain a separate entity, managed by its current leadership team in accordance with the European rules and regulations, with Kaspersky’s […]

Goldman Sachs leads acquisition of bot mitigation company White Ops (VentureBeat) White Ops, a fraud detection platform that protects enterprises from automated attacks, has been acquired by Goldman Sachs and others.

Zix acquires CloudAlly backup for SaaS data protection (SearchDataBackup) It's a crucial time for cybersecurity and backup. With its acquisition of CloudAlly backup, email security provider Zix added important protection of SaaS applications.

FireEye Needs to Keep the Heat On (Wall Street Journal) The SolarWinds hack has boosted shares of the former cybersecurity star, but the benefits aren’t so clear-cut.

Telia to remove all Huawei equipment in Lithuania (ET Telecom) Sweden's Telia Company will replace all 4G telecoms equipment from Huawei in Lithuania and will not use it for 5G networks, due to the geopolitical si..

Finland’s Champion Nokia Is Letting the Side Down on Huawei and 5G (Washington Post) Pekka Lundmark has a lot resting on his shoulders. As chief executive officer of Nokia Oyj, he’s tasked with turning around the stuttering telecoms giant’s fortunes before it misses out on the 5G revolution. Also riding on his success, however, is the ability of the world’s industrialized economies to compete with China.

Hacker earns $2 million in bug bounties on HackerOne (BleepingComputer) Cosmin Iordache is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne.

Hundreds of Google Employees Unionize, Culminating Years of Activism (New York Times) The creation of the union, a rarity in Silicon Valley, follows years of increasing outspokenness by Google workers. Executives have struggled to handle the change.

Cisco stops selling Kinetic for Cities product, shifting 'smart city' product strategy (Silicon Valley Business Journal) The San Jose networking giant is changing its approach to "smart city" technology, which uses sensors and other electronic methods to collect data from traffic lights, water supply networks and other municipal infrastructure.

Nice Try, Facebook. iOS Changes Aren’t Bad for Small Businesses (Wired) The social media giant would have you believe that Apple’s privacy update will hurt the little guys. But Facebook’s motives aren’t so altruistic.

Facebook Managers Trash Their Own Ad Targeting in Unsealed Remarks (The Intercept) The internal documents suggest that Facebook should stop positioning itself as a champion of small business.

Forbes Cybersecurity Awards 2020: Corellium, The Tiny Startup Driving Apple Crazy (Forbes) It’s a dangerous internet out there, but there are some champions trying to make the online world safer. Our inaugural Forbes Cybersecurity Awards celebrate their achievements.

10 Hot Cybersecurity Companies You Should Watch In 2021 (CRN) Top cybersecurity companies to watch in 2021 include Palo Alto Networks, Rapid7 and CrowdStrike.

Awards winner The Keyholding Company blends physical and cyber security (Computing) The Keyholding Company built a totally custom service delivery platform with partner Haulmont – and the benefits have been clear

Booz Allen Leads New Frost & Sullivan Security Report (AiThority) Frost & Sullivan, a leading market research and strategy firm, ranked Booz Allen Hamilton as holding the largest single market share

Booz Allen Hamilton Hires Cybersecurity Expert Andrew Turner (MSSP Alert) Booz Allen Hamilton, which has a Top 250 MSSP business, hires former Visa & Microsoft cybersecurity leader Andrew Turner as EVP of global commercial business.

Products, Services, and Solutions

CrowdStrike Launches Free Tool to Identify & Mitigate Risks in Azure Active Directory | CrowdStrike (CrowdStrike) CrowdStrike launches free community tool to help organizations quickly & easily review their Azure AD environment for weaknesses. Learn more here!

Signal Fires Back: Cellebrite Can’t Break Our App Encryption (iPhone in Canada Blog) In response to a BBC article that all but congratulated Cellebrite on cracking Signal’s encryption, the communication app clarified that Cellebrite can actually not bypass its encryption.

Germany's Secunet to provide cyber-protection for EU Secret (Intelligence Online) The European Union (EU), which would like member states' intelligence services to step up their information-sharing, has hired the German cryptography company Secunet to protect European institutions' classified EU Secret information.

IBM Security unveils next-level data encryption for mainstream use (Back End News) IBM unveils its next-level encryption technology to offer organizations a more secure form of communications. IBM Security Homomorphic Encryption is a new service designed to keep any data or file …

VMware Adds Container Security to Carbon Black Cloud (SDxCentral) VMware added container security to Carbon Black Cloud, its endpoint and workload platform. It uses technology acquired from Octarine.

Axio Offers Free Coverage Analysis for SolarWinds Impacts (Yahoo) Axio, a leading cyber risk management Software-as-a-Service company, today launched a limited time offering, through January 31, 2021, to perform a rapid analysis of insurance coverage in the wake of the SolarWinds event.

Scalable remote access with VMSS enhances Azure security (Check Point Software) Azure security is enhanced by Check Point CloudGuard. Learn how to provide scalable remote access using Azure VMSS.

Business Leaders Encouraged to Engage a Personal Cyber Security Trainer (PRWeb) A NYC area IT security consultant and MSP reviews three common business cyber security threats and urges business leaders to consult a cyber security exper

AESI Acumen Engineered Solutions International Inc./ AESI-US Inc. (‘AESI’) simplifies mission-critical security operations with Check Point Software (Check Point Software) By Amit Sharon, Head of Global Customer Community & Market Intelligence, Check Point Software A consulting company gains cloud-based security

Technologies, Techniques, and Standards

3 Ways to Step Up Cybersecurity in Wake of SolarWinds Breach (ThinkAdvisor) Use these events as a learning opportunity and strive to make [your] data more secure,” says F2 Strategy's Scott Lamont.

‘Very difficult to defend’: What happens if hackers are inside the Pentagon’s networks? (Marine Corps Times) Suspected Russian hackers' ability to burrow into Pentagon networks through lateral movement after the SolarWinds breach poses tremendous challenges for the department.

The SolarWinds Breach: What We Know Now and What Businesses Can Do to Protect Themselves (LexBlog) Earlier this month, we learned that the SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1*, released between March 2020 and June 2020, were compromised by an advanced persistent threat actor (or APT). The perpetrators of this sophisticated attack implanted a Trojan into a legitimate update to the Orion Platform that was […]

Government cyber breach shows need for convergence (C4ISRNET) Keeping offensive and defensive cyber operations in silos results in exploitable weaknesses, according to three cyber experts.

Health insurance cyber-attacks: How insurers can prevent weaponized files from staking a claim (Votiro) The increased digital accessibility of the health insurance system in recent years has come with many benefits, such as easier procurement of coverage, more efficient insurance transactions, transparency in billing and lower costs – but it has also increased insurers’ exposure to cyber-attacks by overwhelming percentages. Cybersecurity and its threat to the healthcare insurance industry...

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test. (The Copper Courier) Roughly 500 employees failed the test, which claimed they would receive a $650 bonus in lieu of a holiday party.

GoDaddy Apologises For Fake Christmas Bonus Email Security Test (International Business Times AU) GoDaddy apologises for fake Christmas bonus email security test

Someone Is Spying On You | Avast (Avast) From governments to ISPs, it's almost certain that someone is spying on you online. Luckily, you have the ability to take back at least most, if not all, of your privacy.

Becoming the Enemy: How Ethical Hacking Changes Your Outlook on Security (Infosecurity Magazine) How does understanding the offensive side of the cyber playing field change how you perceive security?

Design and Innovation

New cyber defense feed protects government systems in live trial across four states (Security Magazine) A new automated data feed that helps defend state and local government computer systems from cyberattacks and rapidly blocks threats across state lines reduced cyber defense time from some three days to less than three minutes in a successful pilot program across four states.

Will 2021 be the year passwords die? Microsoft would like to think so (Ladders) Microsoft contends that more changes need to be made to the way we navigate the digital workforce in the future including the password.

Research and Development

Scientists demonstrate high-fidelity quantum teleportation over long distances (Computing) The breakthrough could pave the way to develop technology to redefine global communication in future

The Turing Test is obsolete. It’s time to build a new barometer for AI (Fast Company) The head scientist for Alexa thinks the old benchmark for computing is no longer relevant for today’s AI era.

Google told its scientists to 'strike a positive tone' in AI research - documents (Reuters) Alphabet Inc's Google this year moved to tighten control over its scientists' papers by launching a "sensitive topics" review, and in at least three cases requested authors refrain from casting its technology in a negative light, according to internal communications and...

Legislation, Policy and Regulation

10 Conflicts to Watch in 2021 (Foreign Policy) The world in 2021 will be haunted by the legacies of 2020: an ongoing pandemic, an economic crisis, Donald Trump’s divisive presidency—and new threats emanating…

Are China’s Cyber Espionage and Wolf-Warrior Diplomacy Worrisome for BND and BFV? (Modern Diplomacy) I have been living for quite some time in Germany, and as national security and counter terrorism Analyst, I have observed the socio-economic, political and security developments in the country. In order to get an exact posture of the Germany foreign policy objectives, I joined a couple of leading political parties and even endeavored to […]

India: A Growing Cybersecurity Threat (Dark Reading) Geopolitical tensions and a dramatic rise in offensive and defensive cyber capabilities lead India to join Iran, Russia, China, and North Korea as a top nation-state adversary.

3 Resolutions The Govt Should Make For India’s Cyberspace in 2021 (TheQuint) A genuine respect for data privacy should be on the government’s list of resolutions for 2021.

Turkey reveals its three-year cybersecurity plan (TRT World) The country hopes to defend its citizens from cyberattacks through a set of new measures.

Cyberspace: The new frontier in the Israeli-Iranian battleground (Arab News) There is hardly any respite in the broadening and intensification of the points of friction between Israel and Iran. The battle between these two major Middle Eastern powers is mainly indirect, but has many aspects and is threatening to slide dangerously into situations that could escalate into open hostilities — a situation neither side wants nor can afford.

Russia blacklists German military, intel officers as cyberattack tensions rise (Daily Sabah) Russia on Tuesday expanded its list of German citizens who will be denied entry to the country. The move came in response to the EU's decision to ban Russian citizens accused...

The Russians Have Issued a Wake Up Call (The Cipher Brief) Weeks after a massive cyber breach of U.S. government agencies and private sector companies was publicly announced, there is still not a clear response from the administration on who is responsible and what will be done about it. While the government has yet to officially name the nation-state that is believed to be behind the … Continue reading "The Russians Have Issued a Wake Up Call"

Russia’s global hacking efforts are going to unwind in 2021 (WIRED UK) “Skirmishes in cyberspace will intensify in 2021 with pre-planned ambushes on the side of the attackers”

National security is the defense industrial base’s responsibility too (Defense News) Contractors must embrace an unwavering commitment to implement security controls to effectively defend their IT infrastructures, a cybersecurity expert advises.

The Sunburst hack was massive and devastating – 5 observations from a cybersecurity expert (The Conversation) Cyberwarfare is more like cancer than bombs and bullets. Cybersecurity experts are just beginning to make their diagnosis of the Sunburst hack.

How Can the U.S. Rebuild After Shocking Series of Cyber Breaches (The Cipher Brief) President-Elect Joe Biden’s incoming national security adviser Jake Sullivan told NPR this week that the Defense Department hasn’t granted a meeting to the Biden transition team since Dec. 18. That – Sullivan tells NPR – is complicating the ability of the incoming administration of being read-in on the current administration’s response to what experts are … Continue reading "How Can the U.S. Rebuild After Shocking Series of Cyber Breaches"

Op-ed: What nobody else will say about the new cybersecurity crisis (CNBC) The culprit is said to be Russia, but equal responsibility lies much closer to home.

An 'Act of War?' Avoiding a Dangerous Crisis in Cyberspace (The Moscow Times) Opinion | Unlike in the nuclear sphere, there are no rules governing the increasingly intense rivalry between the U.S. and Russia in the cyber sphere.

Escalation in Cyberspace Raises Risk of Nuclear Attacks, Russia's General Staff Chief Says (Sputnik) The expansion of military confrontation to cyberspace and space increases risks of interference into control systems and use of nuclear weapons...

COMMENTARY: America must respond to cyber-Pearl Harbor attack (Fredericksburg.com) On December 7, 1941, America was attacked at Pearl Harbor. This month, America was hit with a cyberattack which was the virtual version of another Pearl Harbor. We have to

COLUMN: It's an act of espionage,not war (Sun Newspapers) WASHINGTON — One simple way to think about the threat posed by Russian intelligence in its “SolarWinds” hack is that it exposed the vulnerability of the vast store of supposedly

Everybody Spies in Cyberspace. The U.S. Must Plan Accordingly. (The Atlantic) Because all countries engage in espionage, intrusions like Russia’s latest data hack are devilishly hard to deter.  

Concern mounts over government cyber agency's struggle to respond to hack fallout (CNN) With Microsoft acknowledging for the first time this past week that suspected Russian hackers behind a massive government security breach also gained access to its source code, pressure is mounting on US officials and cybersecurity experts to explain how the attackers infiltrated various US computer networks, what they did once inside and the steps that are being taken to mitigate the damage.

SolarWinds: Cyber strategists are back to the drawing board (Hindustan Times) Cyber strategists are now back to the drawing board as even the most meticulously derived variables and equations of cyber power look like unfounded abstractions. It is a moment of reckoning for the neoliberal system which was the very foundation of the Internet.

SolarWinds cyberattack demands U.S. enact a long-overdue deterrent strategy (The Washington Times) The months-long cyberattack on SolarWinds’ Orion software, used by most U.S. government agencies and hundreds of U.S. companies, is the latest proof that our efforts to deter such attacks have failed.

Next-Generation Program Protection: The Next Federal Cybersecurity Challenge (Nextgov) As the government aims to buy more innovative products, we must make critical advancements in program protection.

Brazil looks for legal options to ban China's Huawei from 5G: Sources (ET Telecom) Brazilian President Jair Bolsonaro's government is looking for a legal way to exclude Chinese telecom equipment maker Huawei Technologies Co Ltd from ..

Trump administration declassifies unconfirmed intel on Chinese bounties (Axios) The disclosure comes months after reports of Russian bounties and after Trump vowed to ratchet up pressure on China.

Intel on China bounties called ‘less' credible than Russia payments (POLITICO) "Very thin" and "rumors" are how one senior official described the intelligence report that Beijing is plotting to kill American troops in Afghanistan.

US investigating unconfirmed intel that China offered bounties on American troops (ABC News) President Donald Trump has been briefed about the uncorroborated intelligence, the official said.

How the U.S. Misread China’s Xi: Hoping for a Globalist, It Got an Autocrat (Wall Street Journal) Early hopes that Xi Jinping would want closer integration with the U.S.-led global order have become one of the biggest strategic miscalculations of the post-Cold War era. The Chinese president has pursued an expansive, hypernationalistic vision of the nation’s future.

Biden calls for modernizing US defenses following massive hack (TheHill) President-elect Joe Biden on Monday stressed the need to modernize U.S.

In a first, Congress overrides Trump veto of NDAA (Federal News Network) In an extraordinary New Year’s Day session, the Republican-controlled Senate easily turned aside Trump’s objections to the $740 billion bill.

House votes to override Trump’s veto of defense bill (Federal News Network) The Democratic-controlled House has voted to override President Donald Trump’s veto of a defense policy bill…

McConnell signals Senate has votes to override Trump's defense veto (TheHill) Senate Majority Leader Mitch McConnell (R-Ky.) is signaling lawmakers have the votes to override President Trump's veto of a mammoth defense policy bill as soon as Wednesday.

Which NDAA cyber provisions have the most impact for DoD? (C4ISRNET) Lawmakers make several changes impacting oversight of DoD cyber operations.

National cyber director role in the spotlight after SolarWinds hack (FedScoop) The compromise of at least seven federal agencies through the SolarWinds hack has technology experts stressing the importance of a national cyber director (NCD) role within the incoming Biden administration. President-elect Joe Biden is expected to appoint the first-ever NCD, a position the National Defense Authorization Act of 2021 will create, after taking office Jan. 20. The role could prove instrumental in …

U.S. helps countries build secure 5G networks (US Embassy in Georgia) Fifth-generation wireless technology is transformative and has the potential to reshape industries. From remote health care to self-driving cars, to critical services such as electrical grids and water systems, 5G has the potential to touch every part of our lives.

Networked security: 5G and supply chains (Observer Research Foundation) While the geopolitical contestation in emerging technologies will continue, the importance of strengthening policies towards network security cannot be ignored.

CFIUS Eyes A Laser Focus On Chinese Players In 2021 (Law360) The Committee on Foreign Investment in the United States is slated to ramp up its emphasis on inbound transactions that involve either Chinese companies or entities with significant ties to China, particularly when those inbound bets feature intellectual property or sensitive technology, even if the new administration's approach is quieter.

Split Up NSA and CYBERCOM (Defense One) And have the signals-intelligence agency report directly to the Director of National Intelligence.

Now is not the right time to split NSA and CYBERCOM (C4ISRNET) Military necessity, not politics, should guide the decision on whether to end the dual-hat arrangement, a cybersecurity researcher argues.

7 Reasons Why Silicon Valley Will Have a Tough Time With the Biden Administration (Foreign Policy) The coziness between Washington and Big Tech is over.

Anti-Facebook agitators see their moment under Biden (POLITICO) Joe Biden has said he’s no fan of Facebook. Now he has an opportunity to show it as he assumes landmark policy and legal battles against the company.

Can regulation solve businesses' IoT security woes? (Computing) IoT manufacturers are waking up to the fact that they have responsibilities - even if it hurts their bottom line

Brexit: Good News Regarding Transfers of Personal Data from the EEA to the UK (cyber/data/privacy insights) What has happened? The draft UK-EU post-Brexit Trade Deal provides that transfers of data to the UK from EU Member States will not be treated as “restricted transfers” to a non-EU country for a period of up to six months from January 1, 2021.This will also apply to transfers to the UK from EEA Me

Global Privacy Roundup: The World Beyond Europe and California (cyber/data/privacy insights) Since Europe’s General Data Protection Regulation took effect in May 2018, a growing number of legislatures around the world have introduced comprehensive data protection laws that emulate the GDPR or have updated existing laws to align with it. California became the first major non-European economy

Understanding Canadian Cybersecurity Laws: Measuring Up — Outlining Existing National Cybersecurity Legislation in Canada, the UK, Australia, and the US (Article 8) (IT World Canada) In this article, we will outline the relevant national privacy and cybersecurity-related laws currently in effect in the United Kingdom, Australia, and the United States, as fellow common law countries.

The year we gave up on privacy (Vox) Our lives moved online in 2020. Too bad privacy laws didn’t.

12 new state privacy and security laws explained: Is your business ready? (CSO Online) States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Let's break down what each of these laws entails and how businesses and consumers are affected.

New York Issues First-In-Nation Moratorium On Facial Recognition In Schools (Forbes) The state will conduct a study into whether facial recognition is appropriate in schools.

Local governments needn’t face ransomware streak alone, experts say (StateScoop) The Christmas ransomware attack against the small town of Cornelia, Georgia, marks just the latest incident in a trend experts said they expect to become worse still in 2021.

Litigation, Investigation, and Enforcement

Exclusive: Leonardo hack targeted military plane details, arrest warrant shows (Reuters) An investigation into a data theft at Leonardo has found that a hacker working inside the Italian defence group appeared to target details of Europe's biggest unmanned fighter jet programme and aircraft used by the military and police, an arrest warrant shows.

Menendez Seeks Answers about Russia’s SolarWinds Hack on State Department (U.S. Senator Bob Menendez of New Jersey) Ranking Member Bob Menendez (D-N.J.) is calling on Secretary of State Mike Pompeo to provide the Senate Foreign Relations Committee details on the extent of the recent Russian-backed SolarWinds cyberattack targeting the State Department along with other federal agencies. In a new letter, the Senator formally requested a briefing for committee members on the security breach and the efforts that the State Department and the Trump administration are taking to mitigate its impacts and defend against future attacks.

UK judge denies US request to extradite WikiLeaks’ founder, Julian Assange (TechCrunch) A UK district court judge has refused to extradite WikiLeaks founder Julian Assange to the US. In a hearing at Westminster Magistrates’ Court this morning, Judge Vanessa Baraitser denied the extradition on grounds that Assange is a suicide risk and extradition to the US prison system would be…

U.K. Judge Blocks Assange’s Extradition to U.S., Citing Mental Health Concerns (New York Times) The WikiLeaks founder, who is currently jailed in Britain, had been indicted in the United States on 17 charges of violating the Espionage Act.

WikiLeaks founder Julien Assange faces ruling on extradition to US (France 24) WikiLeaks founder Julian Assange will learn on Monday whether a British judge has approved his extradition to the United States to face charges including espionage over the release of secret U.S. mil…

Dept. of Justice credits Microsoft with identifying tech-support fraud scheme that targeted seniors (GeekWire) The perpetrators of an online tech-support fraud scheme, originally brought to the attention of U.S. authorities by Microsoft, have been shut down by a federal court for allegedly trying to scam…

How Your Digital Trails Wind Up in the Police’s Hands (Wired) Phone calls. Web searches. Location tracks. Smart speaker requests. They’ve become crucial tools for law enforcement, while users often are unaware.

Twitter Sued for Defamation by NY Post’s Source for Hunter Biden Stories (Variety) A Delaware computer repair shop owner sued Twitter, alleging the social network defamed him by effectively labeling him a “hacker” after his business was cited as the source for info ob…

Pardon of Edward Snowden would embolden the enemies of America (TheHill) His selfish actions inflicted so much harm to our nation.

Edward Snowden Leaked US Secrets To China — Some Republicans Now Want Trump To Pardon Him (Daily Caller) One significant consequence of Edward Snowden&#039;s intelligence leak in 2013 was that it boosted Beijing’s espionage capabilities.

Opinion | Can Snowden Bamboozle Trump? (Wall Street Journal) He stole American security secrets. His allies cajole the President for a pardon.

Apple loses copyright battle against security start-up Corellium (Washington Post) Apple lost its copyright lawsuit against Corellium, a small security research company that sells its customers the ability to more easily find bugs in Apple's mobile operating system. The federal judge in the case ruled Corellium's business was protected under the "fair use" provision of copyright law.

Insecure wheels: Police turn to car data to destroy suspects' alibis (NBC News) Looser privacy standards for vehicle data are a treasure chest of data for law enforcement.

Coinbase to Suspend XRP Trading Following SEC Suit Against Ripple - CoinDesk (CoinDesk) Coinbase said it will suspend trading of XRP, the cryptocurrency at the heart of an SEC lawsuit against Ripple Labs.

He spent 10 days in jail after facial recognition software led to the arrest of the wrong man, lawsuit says (nj) A Passaic County man says he spent a year trying to clear his name after Woodbridge police relied on facial recognition software to identify him a suspect.

VMware files lawsuit against Nutanix CEO Rajiv Ramaswami (ETCIO) Nutanix had appointed Ramaswami as chief executive on December 10, after founder Dheeraj Pandey had announced that he would be stepping down from the ..

TikTok faces legal action from 12-year-old girl in England (BBC News) An English court rules the girl can remain anonymous over claims TikTok misuses children's data.

Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company (CyberScoop) One of the biggest brands in the music and events business, Ticketmaster, has agreed to pay a $10 million fine for “computer intrusion and fraud offenses” after employees used stolen credentials to spy on a competitor, according to the Department of Justice.

Ticketmaster to Pay $10M to Resolve Fraud, Hacking Allegations in Brooklyn Federal Court (New York Law Journal) The fraud and hacking allegations against Ticketmaster were introduced in an antitrust lawsuit filed by a competitor, but the company said it has terminated the employees involved in the illegal conduct.

The Democrats' Eric Swalwell problem (Daily Journal Online) House Democratic leaders are trying to keep the espionage scandal surrounding Intelligence Committee member Rep. Eric Swalwell under tight control. But it's going to be an uphill battle. Republicans are

George Blake, notorious Cold War double agent who helped Soviets, dies at 98 (Washington Post) George Blake, a British intelligence official who betrayed closely guarded secrets to the Soviets and was among the most damaging traitors of the Cold War, then made a daring escape from a London prison in 1966 and lived out his days as a national hero in Moscow, has died at 98.

Israel gives Pollard, its former spy in U.S., warm but low-key homecoming (Reuters) A former U.S. Navy analyst who served 30 years in prison for spying on behalf of Israel emigrated there on Wednesday to a warm but low-key welcome by Prime Minister Benjamin Netanyahu.

Solorigate updates: intrusion, scope, and remediation. Extradition of Assange to the US denied.

Aerospace news worthy of attention.