It was a an unprecedented and historic week in the United States, as a crowd of supporters of President Donald Trump revolted on Capitol Hill in Washington, DC and stormed the Capitol building, forcing Congress to evacuate and temporarily stop the symbolic certification of Joe Biden’s election. as president. Digital archivists and others rushed to keep photos and footage from the insurgency as social media implemented ad hoc content moderation policies. Meanwhile, national security experts are alerting to the risks the incident poses to information security – and national security – at the Capitol.
In other news, transparency activists DDoSecrets, a kind of successor group to WikiLeaks, publish a lot of corporate information – a move that has been particularly controversial, given that the data was originally stolen by ransomware attackers. And speaking of Wikileaks, Britain on Monday rejected the US Justice Department’s request to extradite Julian Assange, citing Assange’s mental state and risk of suicide, rather than any assessment of whether the founder of WikiLeaks violated the Espionage Act.
WhatsApp users received a notification this week that a change to the app’s privacy policy means they can no longer give up sharing data with Facebook – which was confusing because WhatsApp shared this data in 2016 and offered only one option. giving up a transient window of 30 days that year. And Ticketmaster was caught breaking into the systems of a rival company, agreeing to pay a $ 10 million fine to settle the case with federal prosecutors.
And there are more. Below we have gathered the most important SolarWinds stories so far on the internet. Click on the titles to read them and stay safe there.
Ever since it was revealed that SolarWinds’ Orion IT management tool was exploited in a software supply chain attack, the cybersecurity industry has been eagerly feared by the news that the same Russian hackers have proven other popular software. This week, FBI sources told Reuters that the Czech software company JetBrains had been examined as another possible victim – and a potential vector for the corrupt code. The JetBrains TeamCity project management tool is used by tens of thousands of customers, including SolarWinds, increasing the possibility that it has served as a starting point for infection in the SolarWinds network. The fact that JetBrains was founded by three Russian engineers cast suspicion on the company. But the CEO of JetBrains in St. Petersburg said this week that he had not been contacted by the FBI or any other agency. Nor, he says, did JetBrains see any evidence that it itself had been breached by hackers, let alone those used to further breach SolarWinds systems.
Chris Krebs, former director of the Cybersecurity and Infrastructure Agency, became a notorious cause in November, when President Trump fired him for claiming – correctly – that allegations of widespread electoral piracy and fraud advanced by the president and his supporters were false. Now, after a federal career that many have acknowledged has helped secure the 2020 presidential election against foreign interference, Krebs is venturing into last year’s massive cyber security story: Russian hackers joining SolarWinds, a Texas company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies. SolarWinds hired Krebs to help him repair and recover from the breach that put him at the epicenter of that far-reaching hacking scandal. He will be joined by former Facebook and Yahoo security director Alex Stamos, who similarly signed up with video conferencing firm Zoom last spring to help him recover from security issues. Krebs and Stamos will both work with SolarWinds through a consulting firm they co-founded, Krebs Stamos Group. Given that SolarWinds shares have lost more than a third of its value, or about $ 2.5 billion, since its breach was extinguished, regardless of the fees the company pays for this consultancy – probably very high. – are undoubtedly a rounding error for its total infringement costs.
Desmond Tan, Singapore’s Minister of State for Home Affairs, told parliament on Monday that Singapore police could use data from the country’s Covid-19 contact tracking platform in investigations. Initially, the service was marketed as gathering the least amount of information possible and as a unique tool for tracking contacts. But on Monday, the platform was updated to reflect the access potential of law enforcement. More than four million of Singapore’s 6 million citizens reportedly used the application.