Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline's ransomware incident.
Federal Agencies Say ‘No Evidence’ Hackers Affected Colonial’s Operational Technology (Nextgov.com) A leading GOP lawmaker is pressuring CISA to release data on the agency’s pipeline cybersecurity initiative.
Physical Infrastructure Harder to Protect From Cyber Attacks: Darktrace (Bloomberg) Andrew Tsonchev, director of technology at Darktrace, explains how ransomware shut down a U.S. fuel pipeline and the difficulty of determining who's behind the attack. He speaks with Bloomberg's Anna Edwards on "Bloomberg Markets: European Open."
Cyber Innovation Center explains ransomware hack (KTBS) After a group of hackers attacked a critical pipeline that supplies fuel to much of the east coast and parts of the south, KTBS 3 reached out
Colonial announces pipeline restart, says normal service will take 'several days' (NBC News) Colonial Pipeline, operator of the largest U.S. fuel pipeline, said it is restarting operations after being shut down for five days due to a cyberattack.
Top U.S. fuel pipeline recovering from devastating ransomware attack (Reuters) After a six-day outage, the top U.S. fuel pipeline on Thursday moved some of the first millions of gallons of motor fuels after a crippling cyberattack led to fuel shortages across East Coast states.
Colonial Pipeline Restarts Operations As Biden Seeks To Protect Government From Cyber Attacks (Forbes) Resumption of service by Colonial Pipeline can’t come soon enough for the thousands of gas stations in the Southeast that have run out of gas. Experts are weighing in with advice for business leaders on how to thwart and recover from ransomware and other cyber attacks.
East Coast gas rush sparked by Colonial Pipeline cyber attack (FOX 5 DC) Residents throughout the D.C. metropolitan area were hitting the pumps on Tuesday amid fears of an imminent gas shortage.
Long lines form at gas stations after Colonial Pipeline cyber attack (WJBF) AUGUSTA, Ga. (WJBF) – Long lines are forming at gas stations in response to the Colonial Pipeline Cyber Attack. “We saw it with toilet paper and now we’re seeing it with the gas,&…
Why the Colonial Pipeline Shutdown Is Causing Gasoline Shortages (Wall Street Journal) Attackers who hacked into Colonial Pipeline systems chose one of the most important segments of the U.S. energy infrastructure, an artery that carries half of all fuel consumed on the East Coast.
Cybersecurity expert warns of future large-scale attacks if changes aren't made quickly (WCTI) The federal government is taking action, pushing for stronger cybersecurity as the nation's largest pipeline system for refined oil remains shut down after it was hacked by ransomware. According to an expert with Akamai Cyber Security, a cyberattack on this scale is unprecedented in the U. S. "In the U. S. , this is the first large scale, at least to this size, attack that we've seen involving the energy sector,” Charles Gero said. U. S.
Cyber attack on Colonial Pipeline raises security questions about Olympic Pipeline in PNW (KOMO) Washington doesn't get its fuel from the Colonial Pipeline, but we do have our own pipeline. The Olympic Pipeline runs from the Cherry Point Refinery in Blaine, by the Canadian Border all the way down to Portland. It's a critical piece of infrastructure that our region relies on for fuel. The massive cyber attack that shut down the Colonial Pipeline is a wakeup call.
Tech audit of Colonial Pipeline found 'glaring' problems (AP NEWS) An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press...
White House fears political fallout from pipeline hack (Axios) The White House is more worried than it's letting on.
US should consider ‘irregular warfare’ response to pipeline hack: Gallego (Military Times) An irregular warfare response is warranted if the hackers can be positively identified, says an Arizona congressman and Marine veteran.
WVU Today | EXPERT PITCH: Colonial Pipeline hack a wake-up call to ramp up cybersecurity for nation’s infrastructure (WVU Today) The ransomware attack on the Colonial Pipeline, which has sparked fears of a gasoline shortage, exposes vulnerabilities within critical infrastructure systems in the U.S., according to a West Virginia University cybersecurity expert.
Statement from FERC Chairman Richard Glick: Chairman Glick and Commissioner Clements Call for Examination of Mandatory Pipeline Cyber Standards in Wake of Colonial Pipeline Ransomware Incident (Federal Energy Regulatory Commission) “The cyberattack against the Colonial Pipeline system, which provides nearly half of the fuel supply for the East Coast, is a stark reminder that we must do more to ensure the safety of our nation’s energy infrastructure.
TSA Pipeline Oversight Faces Scrutiny After Colonial Hack (Wall Street Journal) Lawmakers are demanding answers on how the Transportation Security Administration probes pipeline security, after a cyberattack on the East Coast’s main conduit for fuel snarled the region’s gasoline supply.
DarkSide’s claim to be apolitical doesn’t carry much weight (CyberNews) The DarkSide hackers behind the Colonial Pipeline attack are manifesting themselves as robin hoods, claiming to give some of the ransom money to charity.
The Colonial Pipeline Hackers Are One Of The Savviest Criminal Startups In A $370 Million Ransomware Game (Forbes) The DarkSide hacking group has made as much as $30 million in the past six months. Its ransomware-as-a-service model appears to be working, as the shutdown of the largest U.S. fuel pipeline demonstrates.
Putting The Spotlight on DarkSide (Dark Reading) Incident responders share insight on the DarkSide ransomware group connected to the recent Colonial Pipeline ransomware attack.
Security Researchers Dive Into DarkSide Ransomware (SecurityWeek) At least five Russian speaking threat actors have been identified as affiliates with the DarkSide RaaS.
Colonial Pipeline cyberattack highlights U.S. ignorance of warnings (PropertyCasualty360) The ransomware attack on the nation’s biggest fuel pipeline is pressuring officials to address how to stop debilitating hacks.
DHS CISA, FBI Alert to DarkSide Ransomware, After Pipeline Attack (HealthITSecurity) The FBI and DHS CISA are urging organizations to be on alert and bolster security, after the supply chain attack on the critical infrastructure gas pipeline, sent by DarkSide ransomware threat actors.
Industry Reactions to Ransomware Attack on Colonial Pipeline (SecurityWeek) Industry professionals comment on the highly disruptive ransomware attack that hit Colonial Pipeline, the largest refined products pipeline in the United States.
Nozomi Networks responds to CISA security advisory on ransomware (World Pipelines) In response to the advisory, Edgard Capdevielle, CEO of Nozomi Networks discusses its recommendations and whether they are enough.
Colonial Pipeline cyberattack: Everything you need to know and gas price impact (Tom's Guide) How the attack on a fuel distributor could mean higher gas prices
Are Cybersecurity Stocks a Buy Today? (Morningstar, Inc.) Colonial ransomware attack highlights the demand tailwind.
Colonial Pipeline Cyberattack Puts All Eyes on FireEye (InvestorPlace) The cyberattack on the Colonial Pipeline is a good reason to take a renewed look at FEYE stock and other enterprise security stocks.
Attacks, Threats, and Vulnerabilities
Beyond Lazarus: North Korean cyber-threat groups become top-tier, ‘reckless’ adversaries (The Daily Swig) How do you solve a problem like North Korea?
Colonial pipeline hackers claim breach of 3 more companies (Reuters) The hacking group blamed for crippling a major U.S. pipeline company has claimed responsibility for breaking into three more companies on Wednesday, saying it was publishing hundreds of gigabytes of data from a Brazilian battery firm, a Chicago-based tech company, and a British engineering firm.
All Wi-Fi devices impacted by new FragAttacks vulnerabilities (BleepingComputer) Newly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks (fragmentation and aggregation attacks) are impacting all Wi-Fi devices (including computers, smartphones, and smart devices) going back as far as 1997.
Threat Alert: Russian-Backed Threat Actors, Avaddon Ransomware (HealthITSecurity) Recent federal threat alerts shed light on active cybercriminal campaigns led by Avaddon ransomware and Russian-backed threat actors. The cyberattacks are targeting healthcare and vaccine developers.
April 2021’s Most Wanted Malware: Dridex Remains in Top Position Amidst Global Surge in Ransomware Attacks (Check Point Software) Check Point Research reports that the Dridex trojan, which is often used in the initial stages of ransomware attacks, is the most prevalent malware for
Why you need to get used to SolarWinds (TechBeacon) You may not be able to make your systems secure, but you just might be able to make them good enough to handle what the real world throws at them.
Security researcher exploits Find My network to send messages over any nearby iPhone’s data connection (9to5Mac) The Find My network is used by Apple to report locations of items and devices via the data connection of any nearby iPhone, Mac, or other Apple device. Security researcher Fabian Bräunlein has today released a blog post demonstrating how the Find My network can be exploited as a generic data transfer mechanism. By faking […]
Panda Malware Gnaws On Crypto Wallets Everywhere (The Coin Radar) A ransomware that is brand new is going after cryptocurrency wallets, along side account qualifications
Tempted by cryptocoins? Fake trading apps get personal… (Naked Security) All that glisters is not gold/Often have you heard that told/Gilded tombs do worms enfold
Dropping In: Attackers Leverage Dropbox to Get to Inboxes (Avanan) Attackers are sharing files with suspicious names to users through Dropbox and static filters are missing it.
Emails from Jones Day vendor breach have Chicago officials playing defense (Reuters) The data breach of a file-transfer service used by Jones Day is causing fresh headaches this week, both for the law firm and city officials in Chicago.
Ransomware Attacks on Municipalities Continue (Security Boulevard) Recently, the Washington, D.C. police department suffered a ransomware attack when the Babuk Group gained access and encrypted and stole approximately 250 gigabytes of sensitive data from the department’s servers. The Russia-based criminal entity posted a few screenshots of the heist on their website and provided contact instructions.
Fraudsters preying on Canadians' loneliness and vulnerability amid pandemic, private investigators warn (Coronavirus) Private investigators are reporting a rise in fraud as scammers are apparently taking advantage of desperate and vulnerable Canadians during the pandemic.
Security Patches, Mitigations, and Software Updates
Microsoft fixes WSUS bug blocking May Windows security updates (BleepingComputer) Microsoft has resolved a known issue preventing managed devices from receiving the May 2021 Patch Tuesday security updates.
Microsoft Fixes Publicly Known Flaws in Security Update (Decipher) Overall, Microsoft patched 55 flaws, including four critical-severity remote code execution bugs.
Trends
Vulcan Cyber Research Reveals Most Enterprise Cyber Security Teams Lack the Ability to Remediate Risk (PR Newswire) Vulcan Cyber®, developers of the industry's only risk and vulnerability remediation platform, today released the results of its latest...
2021 Data Breach Investigations Report (Verizon Business) Reduce risks with insights from the 2021 Data Breach Investigations Report (DBIR) from Verizon. Read the official report today.
The Secret World of Cybersecurity (OZY) Jack Nicholson was playing the Joker, the Berlin Wall was about to fall and the first internet providers were emerging.
The rebellious origins of cybersecurity's wittiest, must-read report (The Record by Recorded Future) The idea that would become the world’s wittiest cybersecurity report was born in the mind of Wade Baker, then a Security Risk Management consultant at a forgotten firm called Cybertrust.
'Everyone had to rethink security': What Microsoft learned in last year (SC Media) Microsoft Corporate VP of Security, Compliance and Identity Vasu Jakkal shared lessons from the year of COVID and Solarigate.
Marketplace
Top 100 Cybersecurity Startups to Look Out for in 2021 (Analytics Insight) The increase in the intervention of technology in our life has raised the need for cybersecurity solutions. The Top 100 cybersecurity start-ups listed by Analytics Insight have exclusive products and services against cyberattacks.
HelpSystems Acquires Beyond Security to Continue Expansion of Cybersecurity Portfolio (PR Newswire) HelpSystems announced today the acquisition of Beyond Security, a global leader in vulnerability assessment and management software. Beyond...
Cybersecurity analytics startup VisibleRisk secures $25M in fresh funding - SiliconANGLE (SiliconANGLE) Cybersecurity startup VisibleRisk Inc. today disclosed that it has raised $25 million in funding to drive the adoption of its newly launched software platform, which enables companies to evaluate if their breach prevention efforts are effective.
Fraud prevention firm Arkose Labs raises $70M (VentureBeat) Arkose Labs, a startup fighting online fraud with AI tools, raised $70 million in a venture capital funding round.
Query.AI Closes $4.6M in Funding to Accelerate Adoption of Market’s Only Security Investigations Control Plane (Security Boulevard) ClearSky Security Leads Seed Investment; Query.AI Browser-based Platform Delivers Real-time Access and Centralized Insights Across Existing Applications Without Duplicating Data
Cyral Closes $26 Million in New Financing as Customer Demand Soars (Cyral) Recognizing a significant opportunity in data security, existing investors double-down on Cyral's unique approach to securing the data cloud.
Booz Allen Hamilton to Acquire Liberty IT Solutions (HS Today) Booz Allen Hamilton has entered into a definitive agreement to acquire Liberty IT Solutions, LLC, an information technology and services firm, for $725 million. The acquisition will broaden and deepen Booz Allen’s digital solutions capabilities, expand its talent base and service delivery models, and strengthen its ability to work with strategic industry partners to help clients adapt and transform.
Moody’s and Team8 Announce Investment in VisibleRisk as It Launches Cyber Rating (BusinessWire) Moody’s Corporation (NYSE:MCO) and Team8, a global venture group, today announced the completion of a $25 million investment in VisibleRisk, a joint v
Cyber Security Penetration Testing Leader NetSPI Secures $90 Million in Growth Funding Led by KKR (PR Newswire) NetSPI, the leader in enterprise penetration testing and attack surface management, today announced it has raised $90 million in growth funding...
Cloudflare on the Edge (Stratechery) Cloudflare is uniquely positioned to become a major player in an Internet 3.0 world, where politics matter more than economics.
Should Tech Stock KnowBe4 Be on Your Watch List? (The Motley Fool) Today we explore this newly public company in the cybersecurity industry.
One cybersecurity stock is bucking the tech sell-off and on pace for its best week since 2001 (CNBC) As tech takes a tumble this week, there is one name that is bucking the sell-off to rally higher.
Zerto Named Overall Champion for the Second Year in a Row by SoftwareReviews Backup and Availability Emotional Footprint Award (Zerto) Zerto Earns Perfect Score for Being Respectful, Time Savings, and for Putting Clients’ Interest First
Axio Honored With New Industry Awards (The Argus-Press) Axio, a leading cyber risk management Software-as-a-Service company, today announced that their Vice President of Process Engineering, Pamela Curtis, was named as one of the Top 25 Women Leaders in Cybersecurity of 2021 by The Software Report.
Inside the Mind of a Cybersecurity Pro: Part 3 (IGI) The key to cybersecurity is to embrace the inherent disorder and recognize the value of the right expertise, at the right time, in the right place.
Mimecast looks for new CTO as two execs become advisers (Boston Business Journal) Lexington-based Mimecast said on Tuesday it is working with executive search firm Spencer Stuart to find a chief technology and product officer. The new executive will be leading the product management and engineering teams, which the company plans to unify.
vArmour to Expand Global Channel Relationship Strategy Appoints Louise Cooke as Global Head of Channel Alliances (GlobeNewswire) Business development expert brings 20+ years of security and high-tech industry experience to lead the new vRM Global Channel Program, “Relationships Re-Imagined”, expanding engagement with strategic channel partners and customers.
BigID, Cylance Vet Leading vArmour Partners, Growing Channel Program (Channel Futures) vArmour partners have a new channel leader with Louise Cooke, previously with BigID and Cylance, as global head of channel alliances.
NeuVector Bolsters Leadership Team with a Pair of Security Industry Hires (GlobeNewswire) Amid accelerating enterprise demand for its end-to-end Kubernetes security solution, NeuVector names Zach Hill as VP of Sales and Susan Don as VP of Business Development
EclecticIQ Appoints Jay Zimmet as Chief Revenue Officer (PR Newswire) EclecticIQ, a leading global threat intelligence, hunting and response technology provider, today announced that Jay Zimmet has joined the...
Trusona Announces Two Strategic Additions To Advisory Board (PR Newswire) Trusona, the pioneering leader in passwordless identity authentication, today announces the strategic appointment of two new members to the...
Products, Services, and Solutions
Progress Releases MOVEit 2021 with Advanced Security, Usability and Integration Capabilities (GlobeNewswire) New release makes it easier than ever to securely share sensitive files across more systems
Devo Introduces Content Delivery Service to Revolutionize How Security Teams Defend Their Organizations (Devo.com) Devo introduces new content delivery service to seamlessly deliver high-value content to security teams.
Sycomp Achieves Prisma Cloud Specialization with Palo Alto Networks (PR Newswire) Sycomp today announced the achievement of its Prisma Cloud Specialization with Palo Alto Networks. This designation recognizes that Sycomp...
Jamf adds zero trust security to the Apple enterprise (Computerworld) Jamf is buying Zero Trust Network Access firm Wandera as it moves to enhance what it can offer Apple enterprise customers.
KnowBe4 Launches New Program to Help Underserved and Underrepresented Communities Get Technical Support Work Experience (GlobeNewswire) KnowBe4 Jumpstart Technical Support program offers those with little to no experience an opportunity to learn technical skills on the job
Someone made an app that wipes your phone if police try to crack it (BGR) In many modern criminal cases, the defendant’s phone is often the first thing that the police will turn to in order to find evidence to corroborate their case. This has sparked major controve…
Exabeam reimagines analytics to address security needs at scale (Help Net Security) Exabeam announced Exabeam Fusion XDR and Exabeam Fusion SIEM to deliver outcomes-based approach to security operations (SecOps).
Cyware Unveils New Threat Response Docker to Empower Security Community with Open-Source Threat Intelligence Technologies (PR Newswire) Cyware, the industry's only Virtual Cyber Fusion platform provider, today unveiled its new Cyware Threat Response Docker, a free, curated...
IronNet Cybersecurity Named to Carahsoft ITES-SW2 Contract to Support U.S. Army Enterprise Infrastructure Goals (My TechDecisions) IronNet Cybersecurity Inc, in its mission to transform cybersecurity through Collective Defense, today announced that it has been named a manufacturer on the Information Technology Enterprise Solutions – Software 2 (ITES-SW2) contract for the U.S. Army Computer Hardware Enterprise Software and […]
Menlo Security Working with Child Cyber Safety Expert to Educate Parents and Students About Staying Safe Online (The Daily News) Social media is the least trusted platform for children according to 55 percent of respondents to an online poll 1 about cyber parenting run by Menlo Security, a leader in cloud security. VIEW, Calif.
HackerOne partners with SecurityScorecard to evaluate corporate and supply chain cyber risk (Help Net Security) HackerOne and SecurityScorecard announced integrated solution to showcase their bug bounty and vulnerability disclosure efforts.
Owl Cyber Defense Announces the Release of IXD - The World’s First Industrial Cross Domain Solution (Yahoo) Technology represents revolutionary cybersecurity development for industrial and critical infrastructure networks
Thales Expands Its Access Management Capabilities to Offer a Unified Authentication Platform (BusinessWire) Thales has announced an expansion of its SafeNet Trusted Access solution, offering customers full access management protection across all applications
Technologies, Techniques, and Standards
CISA to pilot secure cloud instance in response to SolarWinds attack (Federal News Network) Brandon Wales, the acting director of CISA, told Senate Homeland Security and Governmental Affairs members about the agency’s four priorities to improve federal networks.
CISA’s Connelly: TIC is the First Step Towards Zero Trust (Meritalk) As Federal agencies and organizations are looking to make the move to zero trust security architectures, the Trusted Internet Connections (TIC) program should help guide that transformation, Sean Connelly, TIC program manager for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said May 12 at MeriTalk’s CDM Central: the Age of the Cyber Defender virtual conference.
MITRE Protection Tests Shed New Light on Endpoint Security (eSecurityPlanet) MITRE has added an important new test to its endpoint security evaluations - the ability to stop adversarial attacks.
Cybersecurity for IoT and Operational Technology (Booz Allen Hamilton) Read a 5-minute overview on how to ensure a strong IoT/OT security framework.
Managing cyber risks in M&A transactions (Lexology) Cyber risks are an important consideration regarding all merger, acquisition and financing (“M&A”) transactions. Cyber risks can affect the viability…
Cybersecurity: What Is Truly Essential? (Dark Reading) In an effort to protect their organizations, security professionals can overdo it. The result often works against them.
U.S., Philippine Marines tackle cyber battlefield (United States Marine Corps Flagship) When addressing the subjects of technology and innovation in his 2020 statement to the Senate Armed Services Committee regarding Marine Corps readiness, the 38th Commandant of the Marine Corps, Gen.
Academia
BlackBerry and the University of Waterloo Expand Partnership to Create First Ever Joint Innovation Program (PR Newswire) BlackBerry Limited (NYSE: BB; TSX: BB) and the University of Waterloo today announced a five-year, multi-million dollar partnership agreement...
Legislation, Policy, and Regulation
Executive Order on Improving the Nation's Cybersecurity (The White House) By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:Section 1.
Biden signs executive order designed to strengthen federal digital defenses (Washington Post) President Biden signed an executive order Wednesday aimed at shoring up the federal government’s digital defenses as his administration grapples with cybersecurity crises, including a ransomware strike on a major fuel pipeline that has caused gas shortages.
The Cybersecurity 202: Biden administration issues executive order in wake of pipeline attack (Washington Post) In the wake of yet another major cyberattack, the Biden administration unveiled a historic cybersecurity directive that officials hope will initiate major change in U.S. cybersecurity standards.
Incremental improvements are not enough as Biden signs order boosting US cyber posture (ZDNet) Presidential order will see the US government shift to zero-trust as-a-service architectures with mandated 2FA, endpoint detection and response, and log keeping, as well as a Cybersecurity Safety Review Board.
How Biden's new executive order plans to prevent another SolarWinds attack (The Record by Recorded Future) President Biden signed a sweeping executive order on Wednesday aimed at protecting federal networks.
UK foreign secretary calls for cooperation on cybersecurity (AP NEWS) U.K. Foreign Secretary Dominic Raab on Wednesday urged global cooperation to combat cyberattacks by “hostile state actors" and criminal gangs. Raab also pledged 22 million pounds ($31 million) in support to “vulnerable” countries in Africa and the Indo-Pacific to improve their digital defense capacity...
CYBERUK conference 2021: Foreign Secretary's speech (GOV.UK) Dominic Raab spoke at the National Cyber Security Centre’s CYBERUK conference on how the UK will lead internationally in protecting the most vulnerable countries.
UK pledges £22 million to support cyber capacity building in vulnerable countries (GOV.UK) The Foreign Secretary has announced £22 million of new investment to build cyber security resilience across the world.
Inside The UK's Active Cyber Defense Program (SecurityWeek) The UK’s National Cyber Security Center (NCSC – part of GCHQ) Active Cyber Defense (ACD) program is an ambitious project designed to improve the security posture of an entire nation.
House lawmakers roll out bill to invest $500 million in state and local cybersecurity (TheHill) A group of bipartisan House lawmakers on Wednesday rolled out legislation that would provide state and local governments with $500 million annually to defend against cyberattacks, which have escalated over the past
IN THE SENATE OF THE UNITED STATES—117th Cong., 1st Sess.S. 1316 (US Senate) To amend the Homeland Security Act of 2002 to authorize the Secretary of Homeland Security to make a declaration of a significant incident, and for other purposes.
A BILL To establish a Federal rotational cyber workforce program for the Federal cyber workforce. (US Senate) ...This Act may be cited as the ‘‘Federal Rotational Cyber Workforce Program Act of 2021."
A BILL To require the Secretary of Homeland Security to establish a national risk management cycle, and for other purposes. (US Senate) This Act may be cited as the ‘‘National Risk Manage5 ment Act of 2021’’.
A BILL To prohibit certain individuals from downloading or using TikTok on any device issued by the United States or a government corporation. (US Senate) This Act may be cited as the ‘‘No TikTok on Govern5 ment Devices Act’’.
A BILL To ban the Federal procurement of certain drones and other unmanned aircraft systems, and for other purposes. (US Senate) This Act may be cited as the ‘‘American Security 5 Drone Act of 2021’’.
House NDAA Vote Not Expected Until After August as Infrastructure Takes Priority (Air Force Magazine) The 2022 defense policy bill likely won't get out of committee until July, as Congress waits on the Biden administration to release its budget.
India's decision to allow 5G trials without Huawei, ZTE a sovereign step: US (Business Today) India's Department of Telecom last week approved applications of telecom companies Reliance Jio, Bharti Airtel, Vodafone Idea and MTNL to conduct 5G trials but none of them will be using technologies of Chinese entities
Huawei ban timeline: Xiaomi to be removed from US list of boycotted Chinese companies (CNET) Here's a breakdown of the Chinese phone maker and telecommunications giant's problems with the US and its allies.
Cyberspace Is Neither Just an Intelligence Contest, nor a Domain of Military Conflict; SolarWinds Shows Us Why It’s Both (Lawfare) Future conversation needs to move beyond the military versus intelligence contest binary construct to more meaningfully explore how states may seek to use cyberspace for multiple objectives, either in sequence or in parallel.
Funding is key to strengthening national cybersecurity (SearchSecurity) During a Senate committee hearing Tuesday, Senators pressed CISA and other federal agencies on how national cybersecurity can be improved.
CISA looking to use new personnel system to hire more cyber workers (Federal News Network) In today’s Federal Newscast, the much-anticipated Cyber Talent Management System at the Department of Homeland Security may finally be ready.
In Biden’s broadband plan, cable is in for the fight of its life (Protocol) The plan has set off a David vs. Goliath fight over who gets to build the country's broadband future.
Will New Privacy Changes Protect Census Data or Make Things Worse? (The Markup) The U.S. Census Bureau is undertaking a privacy overhaul. It’s not going well
Swiss spy chief exits after reports of row over CIA-linked firm (Reuters) Switzerland's spy chief will leave his post, the government said on Wednesday, after a newspaper reported he had fallen out with the defence minister over his handling of a scandal involving a cryptography firm linked to the CIA.
Moultrie's cyber background clears path to confirmation (FCW) President Joe Biden's pick to lead the Defense Department's intelligence and security office, Ronald Moultrie, appears to have a smooth path to Senate confirmation thanks in large part to his cybersecurity experience.
Litigation, Investigation, and Law Enforcement
Germany bans Facebook from processing WhatsApp data (Computing) German data regulator says Facebook's new privacy policy could violate European data protection rules
Senate hearing raises questions about SolarWinds backdoors (SearchSecurity) The U.S. Department of Commerce was one of the first federal agencies to discover the SolarWinds backdoors, but it's unclear when the agency first detected them.
Who is Mr. Zhao? (Intrusion Truth) In our last article, we identified a number of front companies used by two Chengdu-based indicted hackers Li Xiaoyu and Dong Jiazhi. What struck us when reading the US indictment was referenc…
Operator of WeLeakInfo database marketplace sentenced to two years in prison (The Record by Recorded Future) One of the three operators of WeLeakInfo, a website that sold access to hacked databases, was sentenced today in the Netherlands to two years in prison, with one year suspended.
Snap suspends anonymous Q&A apps Yolo and LMK after lawsuit over teen's death (Los Angeles Times) The mother of Carson Bride, a 16-year-old who died after being bullied over Snapchat apps, filed suit against the tech companies yesterday.
Trump ‘Havana syndrome’ probe found more than a dozen instances in 5 years (POLITICO) In the Havana cases, victims reported residual headaches, loss of hearing and balance, and some cases of permanent brain damage.