Ahead of first anniversary of Soleimani’s death, Iran still eyeing retaliation against the United States (Washington Post) Nearly a year after the U.S. airstrike that killed a revered Iranian military leader, a senior American general said that Tehran is still considering retaliatory steps, raising the possibility of renewed confrontation with Iran in the Trump administration’s final days.
Facebook child abuse detection hit by new EU rules (BBC News) A new ban on the scanning of private messages is hampering child protection efforts online.
Liberals won’t commit to date for 5G, Huawei review (thestar.com) Ottawa first expected to make a call about Huawei’s participation in Canada’s 5G networks before the 2019 election. Fourteen months later, the Liberal...
Attorney General Barr breaks with Trump, says SolarWinds hack ‘certainly appears to be the Russians’ (CNBC) By singling out Russia, Barr sided with Secretary of State Mike Pompeo and the rest of the national security establishment but contradicted Trump.
Sen. King: American Credibility Has Failed in Cyberspace (Barron's) The SolarWinds hack makes it obvious: No one in Moscow is afraid they’ll get hit back.
SolarWinds incident should be a catalyst to rethink federal cybersecurity (Federal News Network) Current and former federal cyber experts say lawmakers and the White House should focus on how federal cybersecurity needs to change.
We Have a National Cybersecurity Emergency -- Here's How We Can Respond (Dark Reading) Let's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that.
Can Biden whack Russia for its latest big hack? (POLITICO) Retaliation is the easy part. Calibrating the entire U.S. response will be far more delicate task.
How Should the U.S. Respond to Russia’s Cyberattack? (Slate Magazine) The rules of cyberwarfare are still pretty fuzzy.
Trump's bizarre defense of Russian hacks becomes dangerous - comment (The Jerusalem Post) Trump has declared that “everything is under control” when all experts have said that the damage may take months or years to calculate.
Trump’s acting Pentagon chief unlikely to advance plan for splitting NSA, Cyber Command leadership (Washington Post) Some lawmakers suspected that the Trump administration was seeking to install a political loyalist atop the National Security Agency.
Lawmakers throw cold water on splitting Cyber Command from NSA (CyberScoop) DOD officials have suggested the NSA and Cyber Command split, a bipartisan group of lawmakers says the DOD hasn't met standards to do so yet.
Ending the “Dual-Hat” Arrangement for NSA and Cyber Command? (Lawfare) Are big changes afoot at Cyber Command? What are the relevant legal constraints?
FCC affirms ZTE poses U.S. national security threat (ETTelecom) The Federal Communications Commission (FCC) said on Tuesday it had rejected a petition from ZTE Corp asking the agency to reconsider its decision desi..
Commerce Department Will Publish the First Military End User List Naming More Than 100 Chinese and Russian Companies (U.S. Department of Commerce) The Bureau of Industry and Security (BIS) will amend the Export Administration Regulations (EAR) by adding a new ‘Military End User’ (MEU) List, as well as the first tranche of 103 entities, which includes 58 Chinese and 45 Russian companies. The U.S.
What's Next For Cybersecurity Maturity Model Certification (Law360) Companies in the defense supply chain should have confidence their efforts to comply with interim U.S. Department of Defense cybersecurity certification rules won't be for naught in 2021, while those expecting relief from program requirements may be disappointed, because dramatic changes under the Biden administration are unlikely, say attorneys at Rogers Joseph.
Congress (Once Again) Sells Out To Hollywood: Sneaks CASE Act And Felony Streaming Bill Into Government Funding Omnibus (Techdirt.) As we warned about earlier this month, it appears that Congress has in fact put two very controversial copyright provisions into the government funding "omnibus" bill that will be voted on later today. As you may have heard, last night...
CPRA explained: New California privacy law ramps up restrictions on data use (CSO Online) The California Privacy Rights Act (CPRA) is a new law that toughens some data security requirements, brings California more in line with Europe's General Data Protection Regulation, and creates a new state agency—the California Privacy Protection Agency.
NSA, CISA Warn of Attacks on Federated Authentication (Dark Reading) While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well.
SolarWinds is the perfect storm attack on the US (TheHill) Federal agencies need a new approach to address the perfect storm of cyberattacks on our software supply chain.
Hacked Networks Will Need to be Burned 'Down to the Ground' (SecurityWeek) Experts say it’s going to take months to kick elite hackers widely believed to be Russian out of U.S. government networks, after a complex supply chain attack allowed access to thousands of organizations.
The fallout from the SolarWinds hack that infiltrated the US Treasury and Homeland Security will get worse before it gets better (Business Insider) Attackers were able to gain access for a long time without being detected — and determining exactly what's been compromised will take even more time.
Vietnam Government Suffers Supply-Chain Attack: All you need to know (TheDigitalHacker) Only a few weeks after the supply chain assault on Able Desktop applications, another similar attack occurred on the website of the Vietnam Government