Cyber Attacks, Threats, and Vulnerabilities
'Anonymous Malaysia' hacker group issues 2nd cyber attack threat (New Straits Times) KUALA LUMPUR: Police have opened an investigation paper on the hacker group ‘Anonymous Malaysia’, which issued a second warning yesterday that it would launch a cyber attack.
Suspected Russian Hackers Gained Edge Through Tech Firm Attacks (Bloomberg) Potential bounty includes access to clients, detection tools‘. They’re taking our safeguards and using them against us’.
SolarWinds Attackers Focused on Cyber and Tech Firms (Insurance Journal) Whether it was opportunity, strategy or sheer chutzpah, the suspected Russian hackers behind a massive cyber-attack revealed last month focused particular
Why Russia May Have Stepped Up Its Hacking Game (NPR) When Gen. Paul Nakasone, the head of U.S. Cyber Command and the NSA, broadcast his "defend forward" strategy to protect America from hackers, did he help goad Russia into aggressive action?
From Russia, with malware (Stuff) There is an awful irony in the hack of US agencies as part of some 250 networks compromised by Russian hackers last year. Piggy-packing on Orion software used
A Fifth of Sunburst Backdoor Victims from Manufacturing Industry (Infosecurity Magazine) 18% of all victims of the Sunburst backdoor are manufacturing organizations
Manufacturing particularly at risk of Solorigate-linked breaches (ComputerWeekly.com) Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers.
SolarWinds attack is not an outlier, but a moment of reckoning for security industry, says Microsoft exec (ZDNet) Security companies need to be unified in their response, says Microsoft.
High Profile Linux Vulnerability May Make Vehicles Susceptible to Cyber Attack (Argus Cyber Security) As vehicles become increasingly software driven their risk of cyber attack grows. To more about how public this CVE and others can impact vehicle manufactureres, read this blog.
Hacker group inserted malware in NoxPlayer Android emulator (ZDNet) Attackers targeted only a handful of victims. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.
Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher (Threatpost) New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware.
‘Remove this infection from your network’ (Meduza) The small Russian company that ‘saved’ Parler has other, far more odious clients
()
Ransomware: The rise of Misfortune 500 businesses (Help Net Security) The Misfortune 500 trend will only continue to grow in power. Ransomware gangs are now a massive operational threat, according to eSentire.
Trickbot—New Year | Old Lure (Menlo Security) Menlo Threat labs constantly looking for new threats by analyzing security events and recently observed the re-emergence of a known threat, Trickbot.
TrickBot returns with campaign against legal and insurance firms (CSO Online) The new iteration of the TrickBot botnet, which had enabled Ryuk and other ransomware attacks, uses malicious links in emails rather than rogue email attachments.
Trickbot Botnet Shows Signs Of Life After Microsoft Seemingly Killed It Last Year (HotHardware) Security researchers say Trickbot ‘might be back and active’ after recently observing some unsettling activity.
Emotet, NetWalker and TrickBot have taken big blows, but will it be enough? - CyberScoop (CyberScoop) A trio of operations meant to disrupt ransomware outfits in recent months — two of which came to light this week — could have lasting impacts even if they stop short of ending the threat, security experts say.
GnuPG crypto library can be pwned during decryption – patch now! (Naked Security) Many, if not most, Linux distros will be affected. Users of other operating systems should check for software that uses libgcrypt.
Microsoft 365 Becomes Haven for BEC Innovation (Threatpost) Two new phishing tactics use the platform's automated responses to evade email filters.
COVID-19: NHS Test and Trace 'unaffected' by cyber attack at Serco, firm says (Sky News) NHS Test and Trace, headed up by Baroness Dido Harding, has faced regular criticism during the pandemic.
UScellular Breach Allowed Hackers to Port Customer Phone Numbers (SecurityWeek) Hackers tricked employees of UScellular into installing malware, used it to access CRM software, and accessed customer accounts.
Multimillion-dollar Pakistani delivery company leaks 400+ million files (SafetyDetectives) A prominent vehicle-for-hire and parcel delivery company based in Pakistan has suffered a significant data breach which affected its extensive user database.
Th
FonixCrypter ransomware gang releases master decryption key (ZDNet) FonixCrypter gang claimed it shut down and deleted their ransomware's source code.
British Mensa falls victim to cyber attack (Computing) Board not looking too clever as two directors resign over lax security
Poor password security at the British branch of Mensa? (Graham Cluley) The website of Mensa – the club for people who have scored highly in an IQ test but who feel their social lives would be improved by hanging out with other people who chose to join a club after…
New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers (The Hacker News) New cryptojacking malware is targeting cloud infrastructures using Apache, Oracle, Redis vulnerabilities.
Who’s Making All Those Scam Calls? (New York Times) Every year, tens of millions of Americans collectively lose billions of dollars to scam callers. Where does the other end of the line lead?
The QAnon Timeline: Four Years, 5,000 Drops and Countless Failed Prophecies (bellingcat) A month by month analysis reveals the story of QAnon’s growth, showing how the conspiracy has evolved and adapted to contradictions — and may yet live on.
A Vast Web of Vengeance (New York Times) Outrageous lies destroyed Guy Babcock’s online reputation. When he went hunting for their source, what he discovered was worse than he could have imagined.
What went wrong with America’s $44 million vaccine data system? (MIT Technology Review) The CDC ordered software that was meant to manage the vaccine rollout. Instead, it has been plagued by problems and abandoned by most states.
IoT Firmware Security: Zero-Day Exploitation & Prevention (Check Point Software) Here’s how hackers can compromise your network via routers that aren’t protect with IoT device security Intro Security for the “Internet of Things” (or
Countless emails wrongly blocked as spam after Cisco's SpamCop failed to renew domain name at the weekend (Register) Plus: Second ransomware operation in the sights of Uncle Sam – and the insurance industry under fire for fueling extortionware rise
Security Patches, Mitigations, and Software Updates
Apple Fixes One of the iPhone's Most Pressing Security Risks (Wired) By hardening iMessage in iOS 14, the company has effectively cut off what had been an increasingly popular line of attack.
Google uncovers new iOS security feature Apple quietly added after zero-day attacks (The Hacker News) Google uncovers a new iOS security sandbox feature, dubbed BlastDoor sandbox, which Apple added quietly after zero-day attacks.
Libgcrypt developers release urgent update to tackle severe vulnerability (ZDNet) A severe heap buffer issue was found by Google Project Zero’s Tavis Ormandy.
Cyber Trends
The Next Cyberattack Is Already Under Way (The New Yorker) Amid a global gold rush for digital weapons, the infrastructure of our daily lives has never been more vulnerable.
Attacks on Individuals Fall as Cybercrime Shifts Tactics (SecurityWeek) Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses.
Ransomware: Average Ransom Payment Declines to $154,108 (BankInfo Security) Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data-deletion promises.
Deep Analysis of More than 60,000 Breach Reports Over Three Years (SecurityWeek) Analysis of 67,529 publicly reported data breaches from 2018 to 2020 provides extensive data on where things are going wrong, and highlights trends on what is likely in the future
5 Insights From NSA’s 2020 Cybersecurity Year In Review (Forbes) The NSA and Microsoft collaborated to release a patch for a critical cryptographic vulnerability in Windows 10 the NSA originally discovered.
How consumers protect sensitive information when using FinTech apps (Help Net Security) 42% of global consumers are using free FinTech apps or platforms. Of those, 50% do not know if the app they use sells their data.
Malicious Actors Reserving Cyber Attacks for the Hospitality Industry (The State of Security) Hospitality is one of the most likely industries to be targeted by cybercriminals looking to steal personal and financial data.
Could these 'free' financial apps be stealing your data? (TechRadar) Nearly half of us use free fintech apps, but don't know what they're doing with our data
Generation Z is one of the most concerned about sharing their location data with the government (Atlas VPN) It is no secret that tech companies have shared their user information with governments in the past. This makes many Americans feel uncomfortable with how their data is handled.
Most federal government data breaches are caused by human error (SmartCompany) Of the 33 reports of data breaches made by government agencies to OAIC, human error accounted for 29 notifications.
Marketplace
U.S. based Rapid7 acquires Israeli cyber startup Alcide.io for $50M (Geektime) NASDAQ traded cyber firm Rapid7 acquires Israeli startup Alcide.io to boost its Kubernetes security offering...
Tanium Announces $150 Million Funding Investment to Bring Visibility and Control to the Edge through its Open Endpoint Management Platform (News Category Global Banking & Finance Reviews) Tanium, the provider of endpoint management and security built for the worlds most demanding IT environments, today announced that it has completed the sale of $150 million in common stock to the Ontario Teachers Pension Plan Board (Ontario Teachers) through its Teachers Innovation Platform (TIP). TIP focuses on late-stage venture and growth equity investments in […]
UK’s Riverlane raises €16.4M; here’s how it transforms quantum computers from experimental tech to commercial products (Silicon Canals) Riverlane develops software that transforms quantum computers from experimental technology into commercial products.
Cloud Security Startup Armo Emerges from Stealth with $4.5M (Dark Reading) Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
TPG Capital Acquires Majority Stake in PAM Solutions Provider Centrify (SecurityWeek) TPG will acquire a majority stake in Centrify from Thoma Bravo. Terms of the deal were not disclosed.
Federal IT contractor Perspecta strikes deal to be acquired for $7.1B (Washington Business Journal) The all-cash deal is expected to close by mid-2021.
Veritas Capital to acquire Perspecta in all-cash transaction valued at $7.1 billion (PR Newswire) Perspecta Inc. (NYSE: PRSP) ("Perspecta" or the "Company"), a leading U.S. government services provider, today announced that it has entered...
Northrop Grumman Completes Sale of IT Services Business to Veritas Capital for $3.4 Billion (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has closed the sale of its IT services business to Peraton, an affiliate of Veritas, for $3.4 billion in cash. Northrop Grumman expects to use the sale proceeds primarily for...
Facebook’s Oversight Board wants your feedback on whether the company was right to ban Trump (The Verge) The Facebook Oversight Board wants to know what the public thinks about the Trump ban.
Facebook’s Oversight Board Has Spoken. But It Hasn’t Solved Much (Wired) The board’s first content moderation decisions show how impossible its task—and Facebook’s—really is.
Facebook Knew Calls for Violence Plagued ‘Groups’, Now Plans Overhaul (Wall Street Journal) The social network struggled to balance CEO Mark Zuckerberg’s mantra of free expression against internal findings that misinformation and rabid partisanship had overrun a feature meant to be central to its future.
Facebook seeks a new head of U.S. public policy (Axios) Facebook is moving on from the Trump era in which Republicans held most of the power in Washington.
Exclusive: Mark Zuckerberg is creating a new criminal justice reform group in an overhaul of his political operation (Vox) The Facebook founder and his wife, Priscilla Chan, are making the largest structural change to their philanthropy since they launched it five years ago.
Apple’s Privacy Change Will Hit Facebook’s Core Ad Business. Here’s How. (Wall Street Journal) Apple’s new feature will limit Facebook’s ability to collect data from apps—information that allows its advertisers to target their ads efficiently.
Google reinstates federated chat app Element on Play Store after wrongful removal (Android Police) Element is a popular client for the federated chat protocol Matrix, and we highlighted it in our roundup of the best open-source alternatives to Google
Google union in turmoil following global alliance announcement (The Verge) The campaign was supposedly led by Google workers, but members of the Alphabet Workers Union say they knew nothing about it until the news broke Monday morning.
What happened this week — Under the Hood (Under the Hood) The mechanics behind your trades
Silver surges as Reddit army targets precious metals (CNN) Move over GameStop, Reddit mania is spreading to the precious metals market.
GameStop Day Traders Are Moving Into SPACs (Wall Street Journal) So-called blank-check companies are a hit with individual investors looking for speculative trades.
GameStop Rally Refuses to Die, As Robinhood Restores Trading (Intelligencer) Robinhood traders regained access to GME shares Thursday, while new details about the origins of the rally came to light.
Billionaire blasts ‘Robinhood market’ as Jon Stewart, others herald GameStop stock rebellion (Washington Post) The unlikely rise of GameStop stock was already seen by some as a populist war against Wall Street — average investors rallying online to hurt powerful financial firms by sending unexpected businesses soaring.
Podcast: Behold, the revolt of the retail traders arrives! (Silicon Valley Business Journal) On this week's Silicon Insider Podcast: The moves by Reddit subgroup WallStreetBets, and the reaction by Robinhood, may just be the first shot in a society-wide revolution against the elites.
How many stocks will Robinhood let you buy? The numbers keep shrinking (The Verge) Robinhood will let you buy a few stonks as a treat.
Robinhood restricts crypto trading 'due to extraordinary market conditions' (CNBC) Users reported that the trading app had halted instant deposits for crypto purchases on Friday.
Robinhood denies claims that it sold GameStop shares out from under its traders (The Verge) Users say they didn’t trigger the transactions
Robinhood, in Need of Cash, Raises $1 Billion From Its Investors (New York Times) The no-fee trading app, which is popular with young investors, has been strained by the high volume of trading this week in stocks such as GameStop.
5 things to know about why Robinhood just raised $1B (Silicon Valley Business Journal) Here are the highlights of what will likely go down as one of Robinhood's wildest days, which is saying something coming less than a year after the brokerage was unable to handle early pandemic trading volumes:
WSJ News Exclusive | Robinhood, Facing Ire on Many Fronts, Defends Its App to Regulators (Wall Street Journal) Rebuttal caps a wild week during which the popular online brokerage drew fierce ire for doing just the opposite: standing in customers’ way.
WSJ News Exclusive | Keith Gill Drove the GameStop Reddit Mania. He Talked to the Journal. (Wall Street Journal) The trader known as DeepF—ingValue on the WallStreetBets forum and “Roaring Kitty” on YouTube helped turn the investing world upside down. “I didn’t expect this.”
WallStreetBets Founder Reckons With Legacy Amid Stock-Market Frenzy (Wall Street Journal) The man who created Reddit’s WallStreetBets never imagined the community would send GameStop shares into overdrive, nearly topple a hedge fund and leave professional money managers staring at Twitter with mouths agape.
Reddit's CEO has a colorful nickname for the Redditors who ruin it for everyone (CNBC) Reddit CEO Steve Huffman spoke on startup Clubhouse Thursday to explain how his company policies "Daily Active S---heads" to keep community enjoyable and safe.
Opinion: How the GameStop army can really get even with Wall Street (Washington Post) When Robinhood restricted trading in a number of companies, most notably GameStop, on its app on Thursday, both sides of the political spectrum screamed in rage. Members of Congress ranging from Rep. Alexandria Ocasio-Cortez (D-N.Y.) to Sen. Ted Cruz (R-Tex.) called for congressional hearings. “The Redditors aren’t cheating, they’re joining a party Wall Street insiders have been enjoying for years,” Jon Stewart tweeted Thursday. Rush Limbaugh chimed in: “The elites are bent out of shape that a bunch of average, ordinary users have figured out how to make themselves billionaires.”
Why Microsoft’s latest cyber security milestone should have other vendors worried (Reseller News) Does Microsoft’s growth in cyber security represent an “existential” threat to potential competitors in the market?
New Cybersecurity ETF Arrives And It's The Cheapest Of The Bunch (Benzinga) Technology exchange-traded funds continue evolving and with that evolution comes a compelling opportunity for investors with industry funds, includ...
Digital Guardian Named One of the Country’s Top Places to Work (Digital Guardian) Data Protection Leader Earns Prestigious 2021 Top Workplace in the USA Award by Pairing Outstanding Corporate Culture with Employee Growth and Opportunity
Paul Ruinaard leaves Nutanix for Splunk (ITWeb) Sales manager for Nutanix sees exciting opportunities in data analytics company Splunk.
Products, Services, and Solutions
whiteCryption Secures Mobile Payment Ecosystem for ToothPic and Viva W (PRWeb) Intertrust subsidiary whiteCryption today announced the adoption of its whiteCryption application shielding and software tamper resistance solutions by
Seclore integrates with Microsoft Teams to ensure automatic protection of sensitive data (Help Net Security) Seclore announced integration with Microsoft Teams, providing seamless access, share, and download of protected files.
RevBits launches Cyber Intelligence Platform (KPVI) Integration of ten security modules takes cybersecurity to the next level while reducing complexity and cost
Buchbinder Tunick & Company LLP Launches a Cybersecurity Services Practice (WFMZ) Buchbinder Tunick & Company LLP, a leading CPA firm, has launched Buchbinder Information Technology Solutions (BITS), a suite of cybersecurity services for small
Northrop Grumman Contracted to Provide DevSecOps Capabilities for US Air Force (Northrop Grumman Newsroom) The U.S. Air Force has selected Northrop Grumman Corporation (NYSE: NOC) as one of multiple companies competing for task orders under the five year Software Development Security Operations (DevSecOps) Basic...
Technologies, Techniques, and Standards
Life after the SolarWinds supply chain attack (SecureLink) The SolarWinds supply chain attack is a good reminder to check in with the different tools you’re using.
After SolarWinds: Untangling America’s cybersecurity mess (Fortune) The SolarWinds hack exposed dozens—maybe hundreds—of U.S. companies to hackers' spying eyes. Here's what went wrong, and how business and government can fix it.
Banks hold large-scale cyber attack exercise (ERR) A large-scale cyber attack exercise took place Thursday, involving the Bank of Estonia and several other banks.
Object Management Group New Business Processing Modeling Standard to Track Pedigree and Provenance (Object Management Group) New request for proposals creates new specification in OMG BPM family of modeling notation standards.
Hand-to-hand combat on computer networks: How cyber threat hunters work (Defense News) During a major breach, the Department of Defense tasks its elite cyber protection teams to root out hackers.
Don't make these cyber resiliency mistakes (TechRepublic) Find out why it might be time to shift your cybersecurity prevention strategies to resiliency and what not to do in the process.
Secure Third Party Access Best Practices – It’s Time for Zero Trust (Check Point Software) By Jacob Lee, Global Leader for SASE In our hyper-connected world it’s imperative to collaborate with B2B business partners securely and seamlessly to be
From Pinterest to Fitbit, No App Is Truly Kid-Safe. Here’s What Families Can Do. (Wall Street Journal) Shielding children from inappropriate online content and interactions can feel like a losing battle, but there are ways to prepare kids so they’ll know what to do when they see it.
Design and Innovation
How Red Hat and Tufin Are Driving Secure Innovation (DevOps.com) Tufin and Red Hat together are committed to enabling organizations to innovate safely without slowing down the rate at which applications are developed.
I checked Apple’s new privacy ‘nutrition labels.’ Many were false. (Washington Post) Apple’s plan to make iPhone apps be transparent about the data they take falls short of being helpful — or even accurate
Facebook is working on tools to keep ads in News Feed away from topics such as crime and politics (CNBC) Facebook is building tools to help advertisers keep their ad placements away from certain topics in its News Feed.
Internet of Cars: A driver-side primer on IoT implementation (TechCrunch) How can we ensure that all of the new data from our smart cars will be handled in a secure and private way?
This Encrypted Gun Registry Might Bridge a Partisan Divide (Wired) Researchers from Brown University have developed a system that could keep track of firearms while preserving privacy.
Is artificial intelligence the answer to data privacy protection? (Includes interview) (Digital Journal) The last week in January sees the marking the importance of protecting the rights of individuals from the business world. This is marked on January 28, through Data Privacy Day. An expert looks at the measures that businesses can be taking.
Research and Development
IBM’s top executive says, quantum computers will never reign supreme over classical ones (The Hindu) But, the quantum machines will work in concert with classical computers, building on each other's unique strengths, Gargi Dasgupta, Director, IBM research in India, noted.
Academia
Educational institutions strive to stock a talent-hungry cybersecurity industry (MiBiz) Even before colleges started offering curricula centered on cybersecurity, Susan Rhem-Westhoff was exploring that realm with her students at the Muskegon Area Career Tech Center.
Legislation, Policy, and Regulation
Myanmar military seizes power, detains elected leader Aung San Suu Kyi (Reuters) Myanmar's military seized power on Monday in a coup against the democratically elected government of Nobel laureate Aung San Suu Kyi, who was detained along with other leaders of her National League for Democracy (NLD) party in early morning raids.
The Myanmar Mirage: Why the West Got Burma Wrong (Foreign Affairs) Just a few years ago, Myanmar (also called Burma) was widely seen as an international success story. In March 2011, after half a century of military rule, a quasi-civilian government led by the former general Thein Sein came to power and embarked on a remarkable campaign of political and economic reforms.
India cuts internet around New Delhi as protesting farmers clash with police (CNN) Internet access remained blocked Monday in several districts of a state bordering India's capital following violent weekend clashes between police and farmers protesting controversial agricultural reforms.
EU Aims to Seal Data-Flow Deals With U.S. and Britain (Wall Street Journal) Significant uncertainty surrounding international data flows remains as the U.S. and U.K. seek data-flow arrangements with Europe.
Russian hack brings changes, uncertainty to US court system (AP NEWS) Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he’ll...
What the Arab Spring Can Teach Us About GameStop (Wired) Ten years ago, democracy protesters used social media to organize against an oppressor. But ultimately, the powerful came out ahead.
China's push to control Americans' health care future (CBS News) U.S. officials say the Chinese government is trying to collect Americans' DNA, and they believe a recent offer from a Chinese company for assistance in COVID-19 testing was suspicious. Jon Wertheim reports.
Inside a Pro-Huawei Influence Campaign (New York Times) A covert online push to sway telecommunications policy in favor of the Chinese company may presage a new twist in social manipulation.
Eswatini decides not to block Chinese telecoms firms Huawei and ZTE (South China Morning Post) Eswatini has backed out of its plan to join the US’ anti-China ‘Clean Network’ campaign.
How Saudi Arabia Restored Its U.S. Influence Machine After the Khashoggi Murder (Foreign Policy) Biden’s pause on arms sales to the Saudis underscores how lobbying will be even more crucial for Riyadh.
Encrypted Services Providers Concerned About EU Proposal for Encryption Backdoors (SecurityWeek) European encrypted services providers ProtonMail, Threema, Tresorit and Tutanota have urged the EU to rethink a resolution that would require the implementation of encryption backdoors.
Brazil Orders Cos. to Build Separate 5G for Government Use (Bloomberg) Rule may pave the way for Huawei in a broader national network. U.S. urged Brazil to block the Chinese giant in 5G networks.
Brazil’s new rules on 5G auction appear to put Huawei back in the running (South China Morning Post) Federal government will require winners of 5G spectrum auction to build a high security wireless network for its exclusive use.
Does SolarWinds change the rules in offensive cyber? Experts say no, but offer alternatives (SC Media) While tempting, most experts agree that hack-back strategies are a bad idea for companies. But there are tactics that can help deter nation-state actors and limit their ability to penetrate networks.
Espionage attempts like the SolarWinds hack are inevitable, so it’s safer to focus on defense – not retaliation (GCN) The best strategy would be not to prevent systems from being breached, but to limit the damage and speed the recovery when they are broken into.
After SolarWinds, the U.S. can trust no one (Fortune) SolarWinds was a trusted vendor until it wasn’t, and its supply chain was clean until it got dirty. We must assume all networks are dirty, and act accordingly.
Opinion | The Constitution Can Crack Section 230 (Wall Street Journal) Tech companies think the statute allows them to censor with impunity. The law is seldom so simple.
New State Department cyber bureau stirs opposition (TheHill) A newly established State Department bureau focused on cybersecurity and emerging technologies could give the Biden administration a launch pad for strengthening ties with allies after a massive Russian hack on the federal government.
Cyberspace Commission Offers Security Guidance to Biden Administration (MSSP Alert) The bipartisan Cyberspace Solarium Commission (CSC) releases guidance to help the Biden Administration strengthen the nation's cyber defense profile.
Cyberspace Solarium Commission White Paper #5: Transition Book for the Incoming Biden Administration (Cyberspace Solarium Commission) In the months since the launch of the Commission's final report, many of the Commission’s critical recommendations have been enacted in legislation, but there is still more work to be done to meet the urgent challenges facing our nation, and much can be achieved through coordinated and thoughtful executive action.
The Cybersecurity 202: Here's what cybersecurity experts think Biden should prioritize in his first 100 days (Washington Post) President Biden has promised that cybersecurity will be a top priority of his administration. The Cybersecurity 202's network of experts had some ideas for how the new administration could make the biggest impact in the first 100 days.
Governments Tap Covid Data for Other Uses, Risking Backlash (Bloomberg) The new use of personal data has raised concerns of overreach. Critics say the move could deter people from using technology.
Litigation, Investigation, and Law Enforcement
Blast Near Israel Embassy in Delhi: Cyber Cell of Delhi Police Investigates Telegram Account From Which Screenshot Was Sent Claiming Jaish-Ul-Hind Taking Responsibility for Explosion (Yahoo) The screenshot had claimed that an entity named Jaish-Ul-Hind has taken responsibility for explosion near Israel Embassy on Friday. No loss of life was reported in the blast. Initial impressions suggest a mischievous attempt to create a sensation.
Democrats Question NSA Over SolarWinds, Juniper Cyberattacks (Bloomberg) Democratic Senators Ron Wyden and Cory Booker, along with House lawmakers, ask the National Security Agency what actions it has taken to protect the government from supply chain attacks, like SolarWinds and Juniper Networks.
After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case (CyberScoop) As the U.S. investigation into the SolarWinds hacking campaign grinds on, lawmakers are demanding answers from the National Security Agency about another troubling supply chain breach that was disclosed five years ago.
Navalny: Thousands join fresh protests across Russia (BBC News) More than 5,000 people are arrested amid demonstrations for the jailed opposition leader.
Opinion: The FBI should reveal what it knows about another Russian dissident’s poisoning (Washington Post) THE BIDEN administration has quickly and appropriately toughened the U.S. response to Russia’s human rights violations.
Opinion | Alexei Navalny may be in jail, but he’s helping to give birth to a new Russia (Washington Post) The protests across Russia show that society is waking up.
Judge refuses to remove Meng Wanzhou's security guards, who are tasked with preventing her escape (Yahoo) A Canadian judge has refused to order the removal of private security guards tasked with preventing Huawei Technologies Co. executive Meng Wanzhou from escaping when she leaves her Vancouver mansion.
Police Using Emotet's Network to Help Victims (Data Breach Today) The law enforcement agencies behind this week's disruption - dubbed “Operation Ladybird” - of Emotet are helping victims by pushing out an update via the
‘Be ready to fight’: FBI probe of U.S. Capitol riot finds evidence detailing coordination of an assault (Washington Post) When die-hard supporters of President Donald Trump showed up at rally point “Cowboy” in Louisville on the morning of Jan. 5, they found the shopping mall’s parking lot was closed to cars, so they assembled their 50 or so vehicles outside a nearby Kohl’s department store.
Ex-FBI lawyer avoids prison after admitting he doctored email in investigation of Trump’s 2016 campaign (Washington Post) The former FBI lawyer who admitted to doctoring an email that other officials relied upon to justify secret surveillance of a former Trump campaign adviser was sentenced Friday to 12 months of probation, with no time behind bars.
SEC Says It’s Investigating Stock Mania for Potential Misconduct (Bloomberg) Brokers’ decisions to halt trading will also be reviewed: SEC. Agency’s comments are most specific to date on wild trading.
Xiaomi Sues U.S. Seeking to Reverse Investment Ban (Bloomberg) Pentagon had called it a ‘Communist Chinese military company’. The move prohibits U.S. investors from buying Xiaomi’s shares.
Enterprise Denied Again In Bid To Toss BIPA Claims (Law360) An Illinois federal judge has again denied Enterprise's bid to toss an ex-Chicago employee's claims that it breached the state's Biometric Information Privacy Law, finding the rental giant's fears of a December ruling's broad impact on other businesses to be "overwrought."