Norway parliament data stolen in Microsoft Exchange attack (BleepingComputer) Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities.
Norway parliament 'hit by cyber attack' (Yahoo) The Norwegian parliament says it has sustained a new cyber attack, six months after a previous one was publicised."We know that data has been extracted but we do not yet have a complete overview of the situation," parliament's administrative chief Marianne Andreassen said in a statement.
CISA and FBI Issue Joint Advisory on Exchange Server Hafnium Attacks (Redmondmag) The U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation announced a Microsoft Exchange Server joint advisory that offers consolidated advice for Exchange Server users on detecting Hafnium attacks.
FBI-CISA Joint Advisory on Compromise of Microsoft Exchange Server (CISA) CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) to address recently disclosed vulnerabilities in Microsoft Exchange Server. CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal information, encrypt data for ransom, or even execute a destructive attack.
The Cybersecurity 202: More hackers jump to take advantage of a widespread Microsoft security flaw (Washington Post) Government officials and cybersecurity experts are scrambling to stem the damage from a security flaw in Microsoft Exchange that has allowed hackers to infiltrate the servers of at least 30,000 U.S. organizations.
Microsoft Exchange Hack Could Be Worse Than SolarWinds (Data Center Knowledge) The massive hack’s scope keeps growing. Unlike the SolarWinds exploit, this one can be automated.
Exchange Server email hack: Why this is such a big deal (TechGenix) The repercussions from the Microsoft Exchange Server email hack are still being sorted out, but the implications — and the damage — may be enormous.
Microsoft Server Hack Has Victims Hustling to Stop Intruders (Claims Journal) Victims of a massive global hack of Microsoft email server software -- estimated in the tens of thousands by cybersecurity responders --
Massive Hacks Linked to Russia, China Exploited U.S. Internet Security Gap (Wall Street Journal) Protecting U.S. networks from cyberattacks launched domestically is emerging as an intelligence blind spot, security experts say.
Cyber Command: ‘No evidence’ that SolarWinds attackers compromised DoD networks (The Record by Recorded Future) “To date, there’s no evidence of a compromise in DoD networks because of the SolarWinds attack,” said Cyber Command's executive director.
Prioritize NATO integration for multidomain operations (C4ISRNET) The U.S. military's modernization efforts increase technological disparity and challenges for NATO, according to an expert who explains why integration is a must.
Was SolarWinds a Different Type of Cyber Espionage? (Lawfare) There is a gap between how administration officials are framing the nature of the SolarWinds incident and what the available evidence indicates about it.
Germany’s Positions on International Law in Cyberspace Part II (Just Security) Germany issues major statement on cyberspace and international law, analyzed here by leading expert Professor Michael Schmitt. Here Schmitt addresses use of force and international humanitarian law.
Britain to take a 'slightly less European approach' to data privacy laws, minister says (Computing) While UK is not directly subject to the EU's jurisdiction post-Brexit, it still needs to have sufficient measures in place to protect the personal data of European users
Solving Data-Transfer Impasse May Require Diplomatic Agreements on Espionage (Wall Street Journal) A new deal for transferring data between the U.S. and the European Union could require international agreements on industrial espionage and citizen surveillance.
Ukraine, Brazil hold first cybersecurity consultations – MFA (Ukrinform) Ukraine and Brazil have held the first interdepartmental cyber consultations, the press service of the Ministry of Foreign Affairs reports. — Ukrinform.
WSJ News Exclusive | U.S. Sanctions Islamic State’s Central African Franchise for First Time (Wall Street Journal) The U.S. imposed sanctions on two of Islamic State’s fast-growing affiliates in Central Africa for the first time, underscoring the rising threat posed by the group outside the Middle East.
Facebook Drops Plan to Run Fiber Cable to Hong Kong Amid U.S. Pressure (Wall Street Journal) The China-California link is the latest in a string of cables project derailed by pressure from U.S. national-security officials.
Telcos can only use govt approved gear from 15 June (mint) The tightening of procurement rules could impact Chinese equipment suppliers
How Biden’s Cyber Strategy Echoes Trump’s (Lawfare) Comparing the Biden administration’s Interim National Security Strategic Guidance with Trump’s National Cyber Strategy.
House approves cyber funds in relief package as officials press for more (TheHill) The House on Wednesday allocated almost $2 billion toward cybersecurity and technology modernization as part of passing the American Rescue Plan, which officials described as a “down payment” on the f
Proposed Bill Would Allow Americans to Sue Foreign Cyber-Actors (SecurityWeek) A bill introduced in the House of Representatives this week could allow United States citizens to seek monetary damages if cyber-attacks by foreign threat actors harm them in any way.
Merrick Garland Confirmed as Biden’s Attorney General (Wall Street Journal) The Senate confirmed Merrick Garland as President Biden’s attorney general, putting a respected jurist and experienced former prosecutor in charge of the Justice Department.
Cybersecurity and Infrastructure Security Agency: Actions Needed to Ensure Organizational Changes Result in More Effective Cybersecurity for Our Nation (GAO) A 2018 federal law established the Cybersecurity and Infrastructure Security Agency to help protect critical infrastructure from cyber and other...
Russia moves to slow Twitter's speed after protest row (Reuters) Russia said on Wednesday it was slowing down the speed of Twitter in retaliation for what it described as a failure to remove banned content, threatening to block the U.S. platform outright if it did not comply with its deletion demands.
Russia slows down Twitter over 'banned content' (BBC News) The US company is accused of failing to remove 3,000 posts relating to suicide, drugs and pornography.