Cyber Attacks, Threats, and Vulnerabilities
Widely Used Software Company May Be Entry Point for Huge U.S. Hacking (New York Times) Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic, to gain access to federal government and private sector systems in the United States.
Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations (CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.
CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise (CISA) CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2.
Justice Department says it’s been affected by Russian hack (AP) The Justice Department disclosed on Wednesday that it was among the federal agencies harmed by a massive breach of government networks that U.S. officials have linked to Russia.
SolarWinds hackers accessed DOJ emails, but there's no indication they reached classified systems (CNBC) On Tuesday, U.S. intelligence agencies said Russians were likely behind the breach, which impacted multiple government departments.
DOJ Data Breach Compromised Federal Courts System (Law360) Hackers linked to the global SolarWinds software data breach that was discovered in December targeted emails from the U.S. Department of Justice, a breach that also ended up compromising the federal courts case management system, the agency and U.S. Administrative Office of the U.S. Courts said Wednesday.
Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks (Cybereason) In a December 31 blog update, Microsoft revealed that its investigation into Solarwinds had found no evidence of unauthorized access to its production services or customer data, but that effort did uncover another attack attempt.
The SolarWinds attacks: What we know so far (SearchSecurity) The SolarWinds supply chain attack is an event of unprecedented significance, one that resulted in the compromise of multiple U.S. government agencies and numerous technology organizations. Here is a summary of recent developments with the SolarWinds attacks.
Russia has allegedly hit the US with an unprecedented malware attack: Here's what you need to know (CNET) The hack has compromised local, state and federal agencies as well as major tech companies.
SolarWinds Attack: Pointing a Finger at Russia (GovInfo Security) Mounting evidence points to the "serious compromise" of SolarWinds' Orion software having been an intelligence gathering operation "likely" run
Rioters Open Capitol's Doors to Potential Cyberthreats (BankInfo Security) The massive pro-Trump demonstrations that saw large crowds riot and then occupy the U.S. Capitol building in Washington pose a significant potential cybersecurity
The storming of Capitol Hill was organized on social media. (New York Times) Just after 1 p.m., when President Trump ended his speech to protesters in Washington by calling for them to march on Congress, hundreds of echoing calls to storm the building were made by his supporters online.
Twitter, Facebook lock Trump’s accounts amid D.C. riots (Washington Post) President Trump took to Twitter on Wednesday to call for calm mere hours after he sought to rally his supporters outside the U.S. Capitol, sending mixed messages that incited real-world violence and forced congressional lawmakers into a lockdown.
Facebook declares "emergency situation" and removes Trump video (The Verge) The final removal decisions follows a cycle of different labels
President Trump Just Used Social Media To Attempt A Coup (BuzzFeed News) While violent supporters stormed the Capitol, Donald Trump cheered them on using the last tool he has: the internet.
Authorities Probe Threat of Attack on U.S. Capitol (Wall Street Journal) The message was broadcast on an air-traffic control channel and indicated the motivation was to avenge the U.S. government’s 2020 assassination of a prominent Iranian military leader.
Officials say U.S. Capitol Complex secure after hours of violent occupation (WHNT) UPDATE: Officials have declared the U.S. Capitol complex “secure” after heavily armed police moved to end a nearly four-hour violent occupation by supporters of President Donald Trump.
Pro-Trump reporter gloats over access to fleeing Hill staffer’s computer (Ars Technica) A violent mob invaded the US capitol building at the behest of Donald Trump.
Who is in charge of Capitol Building security anyway? A primer (Fast Company) The building’s security is manned by the U.S. Capitol Police, which is small.
Activists Publish a Vast Trove of Ransomware Victims' Data (Wired) WikiLeaks successor DDoSecrets has amassed a controversial new collection of corporate secrets and is sharing them in the name of transparency.
Hackers Using Fake Trump's Scandal Video to Spread QNode Malware (The Hacker News) Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan (RAT) by purporting to contain a sex scandal video of U.S. President Donald Trump.
A Trump Sex Video? No, It's a RAT! (Trustwave) While reviewing our spam traps, a particular campaign piqued our interest primarily because the attachment to the email does not coincide with the theme of the email body. When we investigated further, we discovered that its attachment is a variant of the QRAT downloader we blogged about last August.
Nissan source code leaked online after Git repo misconfiguration (ZDNet) Nissan was allegedly running a Bitbucket Git server with the default credentials of admin/admin.
Hackney Council data leaked by Pysa ransomware gang (ComputerWeekly) Council data stolen in October is leaked online in a double extortion attack.
Cyber Trends
2020 DevSecOps Practices and Open Source Management (Synopsys) As software relies more and more on open source components, organizations must be proactive in managing the associated security, license, and operational risks. At the same time, many organizations are moving to DevOps to keep up with market demands of velocity and scale.
Marketplace
Data compliance startup Hyperproof raises $4M as pandemic puts spotlight on security and privacy (GeekWire) Hyperproof, a Bellevue, Wash.-based startup that helps companies comply with state and international privacy and data protection laws, has raised a $4 million seed round. "We are growing fast and this…
Lacework lands $525M investment as revenue grows 300% (TechCrunch) As the pandemic took hold in 2020, companies accelerated their move to cloud services. Lacework, the cloud security startup, was in the right place at the right time as customers looked for ways to secure their cloud native workloads. The company reported that revenue grew 300% year over year for t…
Md. cybersecurity company acquires Fairfax company's product line (Virginia Business) Columbia, Maryland-based cybersecurity company Owl Cyber Defense Solutions LLC announced Tuesday it has acquired Fairfax-based Trident’s Assured Collaboration Systems (ACS) product line. Financial terms of the acquisition were not disclosed. The ACS product line includes voice over IP, video teleconference, cross domain solution and full-motion video filtering capabilities. The acquisition adds network defense services to…
Managed Intelligence Provider Nisos Raises $6 Million to Counter Disinformation and Cyber Threats (BusinessWire) Managed intelligence provider Nisos announces funding to counter disinformation and cyber threats. Company names new CEO to propel expansion.
Israeli cyber firm NSO Group mulls Tel Aviv IPO at $2 billion value - reports (Reuters) Israeli cyber surveillance firm NSO Group is considering an initial public offering (IPO), most likely in Tel Aviv, Israeli media reported, citing sources close to the matter.
NYSE Reverses Course Again, Will Delist Three Chinese Telecom Stocks (Wall Street Journal) The New York Stock Exchange reversed course again and said it would delist three Chinese telecom stocks. The NYSE cited new guidance it received from the Treasury Department.
European Commission makes its first equity investments into startups (Sifted) The European Commission has made its first direct equity investments into startups — backing 42 companies from around Europe.
3 Top Cybersecurity Stocks For 2021 As The Sector Heats Up (Investing.com) Stocks Analysis by Investing.com (Jesse Cohen/Investing.com) covering: ETFMG Prime Cyber Security ETF, First Trust NASDAQ Cybersecurity ETF, Okta Inc, Crowdstrike Holdings Inc. Read Investing.com (Jesse Cohen/Investing.com)'s latest article on Investing.com
Hot 150 Cybersecurity Companies To Watch In 2021 (Cybercrime Magazine) Second annual list of pure-play vendors and service providers Press Release
Interview with Darren Guccione, CEO of Keeper Security (TechRound) We caught up with Darren Guccione, CEO of Keeper Security to discuss all things Keeper and what advice Darren Guccione...
Panaseer appoints Jonathan Gill as CEO (Information Age) Enterprise security platform Panaseer has appointed Jonathan Gill as its new CEO, with Gill succeeding its founder, Nik Whitfield
Malwarebytes Promotes Thomas R. Fox to President After Leading Transformative Change in the Business (PR Newswire) Malwarebytes™, a leading provider of advanced endpoint protection and remediation solutions, today announced Thomas R. Fox, its current chief...
Former GCHQ CIO strengthens Becrypt's Board (ResponseSource) Becrypt has announced the appointment of Nick Hopkinson to join as a non-executive director. The appointment is aimed at supporting and enhancing the company's focus on the development and delivery of...
Gary Cohn, Former Trump Adviser, Joins IBM (Wall Street Journal) IBM appointed the former Goldman Sachs executive and economic adviser to President Trump its vice chairman and a member of its executive leadership team as the tech company tries to revive its fortunes.
Products, Services, and Solutions
Computex Technology Solutions Achieves Nutanix Cloud Champion Status — The Highest Tier in the Nutanix Elevate Partner Program (Computex) Computex Demonstrates Exceptional Depth and Breadth of Technical Product, Services and Support Expertise Across Nutanix Portfolio of Cloud Software and Hyperconverged Infrastructure Solutions Houston, TX (January 6, 2021) – Computex Technology Solutions — an American Virtual Cloud Technologies Inc. company, IT solutions provider and one of CRN’s Tech Elite 250 — today announced it has […]
4C Announces Partnership with AppOmni to Help Enterprises Simplify Security of Mission-Critical SaaS Applications (4C) 4C, a Wipro Company, is excited to announce its partnership with AppOmni, a leading provider of advanced SaaS security software.
SentinelOne Releases Free SUNBURST Attack Identification Assessment Tool (BusinessWire) Tool Enables Enterprises to Emulate SUNBURST and Identify Cybersecurity Readiness
Wind River and Curtiss-Wright Collaborate on Cybersecurity Protections for Defense Systems (Wind River) Wind River Titanium Security Suite integrated, tested, and validated on Curtiss-Wright OpenVPX™ module portfolio
Cyberbit Leverages XSOAR to Power Orchestration and Automation on Cyberbit Skills Development Platform (Cyberbit) Cyberbit, the world’s leading provider of Cyber Skills Development Platforms, today announced that XSOAR, the world’s leading Security Orchestration, Automation and Response (SOAR) platform, is now available on Cyberbit and is integrated into hands-on incident response simulation exercises.
Telos Announces Latest Version of its Next-Generation Cyber Risk Management Platform (Telos Corporation) Xacta.io 1.5 expands support for scanning and compliance of AWS cloud resources
Constella Intelligence Upgrades Hunter for Efficient, Targeted and Intuitive Investigations (PR Newswire) Constella Intelligence ("Constella"), a leading global Digital Risk Protection business, today announced the release of Hunter, a platform for...
Technologies, Techniques, and Standards
NSA Releases Guidance on Obsolete Encryption Tools (BankInfo Security) The U.S. National Security Agency has released guidance on how the Defense Department, other federal agencies and the contractors that support them should replace
NSA Shares Guide to Eliminating Obsolete TLS Protocol Configurations (HealthITSecurity) New NSA guidance can help organizations detect and eliminate vulnerable, obsolete TLS protocol configurations, which have been increasingly targeted by malicious threat actors to bypass security.
For cybersecurity, people are the new perimeter (FedScoop) Advances in user activity monitoring solutions can help agencies proactively mitigate cybersecurity risks and improve zero trust security.
Design and Innovation
Privacy fears over WhatsApp terms of service (The Times of India) India Business News: WhatsApp has updated its terms of services and privacy policy, making it mandatory for users to share their data with its parent company, Facebook.
WhatsApp gives users an ultimatum: Share data with Facebook or stop using the app (Ars Technica) The Facebook-owned messenger with 2 billion users revamps its privacy policy.
Apple's privacy labels show which apps collect the most data (Marketplace) The idea here is much like the idea that once you find out a single burrito has 1,000 calories, you'll be horrified and make better choices.
Google to add App Store privacy labels to its iOS apps as soon as this week (TechCrunch) Contrary to reports, Google is not delaying updates to its iOS apps because it doesn’t aim to comply with Apple’s recently announced App Store Privacy Labels policy. The new policy, a part of the company’s larger privacy push, requires developers to disclose how data is collected …
Upcoming Apple privacy update has developers desperately seeking dodges (Ars Technica) Developers look at invasive user tracking techniques before advertising rule change.
Academia
Virginia Tech named Cybersecurity Manufacturing Innovation Institute managing member (VT News) CyManII will enter into a five-year cooperative agreement with the U.S. Department of Energy to lead a consortium of 59 proposed member institutions in introducing a cybersecure energy-ROI that drives American manufacturers and supply chains to further adopt secure, energy-efficient approaches.
Legislation, Policy, and Regulation
China criticizes US order against dealing with Chinese apps (AP NEWS) China's government on Wednesday accused Washington of misusing national security as an excuse to hurt commercial competitors after President Donald Trump signed an order banning...
5 privacy regulations marketers need to know for 2021 (MarTech Today) Join us for this live webinar and learn how to build an effective marketing program that is compliant with the world’s privacy laws.
Crypto Firms Blast FinCEN's Push To Regulate Industry (Law360) Cryptocurrency heavy hitters are blasting attempts by the U.S. Department of the Treasury to regulate the industry, claiming that a recent regulatory proposal to clamp down on "illicit finance risks" of crypto transactions is a misguided and hasty effort that could actually have the reverse effect.
Biden taps intelligence veteran for new White House cybersecurity role (POLITICO) Anne Neuberger, the NSA's director of cybersecurity, will join Biden's National Security Council.
Biden picks cyber veteran to reinvigorate security response (ComputerWeekly) Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration
Prolific open source developer named new White House Director of Technology (TechRadar) A champion of open standards
Litigation, Investigation, and Law Enforcement
Dutch Lawsuit Seeks Quicker Resolution In Google Privacy Case (Wall Street Journal) A consumer advocacy group is suing the Netherlands’ privacy regulator over a two-year wait for action on a complaint against Google, arguing there are flaws in the European system for handling data privacy and security cases involving multinationals.
Ticketmaster Pays Up for Hacking a Rival Company (Wired) Employees admitted to using stolen passwords and URL guessing to access confidential data.
TikTok faces fresh legal challenge in UK for violating children’s data privacy law (Campaign Live) The popular video sharing app was sued a record $5.7 million by the FTC for violating U.S. children’s privacy law in 2019.
Ex-Twitter Worker Accused Of Being Saudi Spy Wins Info Bid (Law360) A California federal judge instructed the federal government Wednesday to provide additional information regarding money laundering charges filed against a former Twitter employee accused of helping the Saudi Arabian government spy on users deemed critics of the regime, finding the charging documents lacked sufficient details to establish venue.
11 arrested as mob of Trump supporters protest at California capitol (ABC 10) Anti-protesters clashed with Trump supporters through words and physical altercations. Police worked throughout the day to keep the groups separated.
British Airways will pay billions in compensation over infamous data breach (ITProPortal) Settlement discussions set to begin early this year.