05-01-202107-01-2021

Security daily (06-01-2021)

re:Invent – New security sessions launching soon

Where did the last month go? Were you able to catch all of the sessions in the Security, Identity, and Compliance track you hoped to see at AWS re:Invent? If you missed any, don’t worry—you can stream all the sessions released in 2020 via the AWS re:Invent website. Additionally, we’re starting 2021 with all new […] (AWS Security Blog)

Justice Department confirms SolarWinds hackers accessed Department emails

The Justice Department on Wednesday joined a growing list of confirmed victims in the public and private sector of a suspected Russian espionage campaign that used tainted software made by SolarWinds. The attackers were able to burrow their way into the Microsoft Office 365 email accounts of Justice Department employees and potentially had access to “around 3%” of such email accounts in the department, Marc Raimondi, a department spokesman, said in a statement. The Justice Department has more than 115,000 employees, according to a fiscal 2020 budget request, but not all employees use Office 365, Raimondi told CyberScoop. He declined to say how many employees do use the software. The departments of Commerce, Energy and Treasury have also confirmed breaches. “Fewer than 10” U.S. agencies have been victimized by the targeted espionage operation, according to investigators. The Justice Department statement comes a day after U.S. investigators for the first time […] The post Justice Department confirms SolarWinds hackers accessed Department emails appeared first on CyberScoop. (CyberScoop)

NYSE to remove 3 Chinese telecoms from market

The New York Stock Exchange said Wednesday it will delist several Chinese telecommunications firms that allegedly worked with the Chinese military. The stock exchange had first said last week it would remove China Telecom, China Unicom and China Mobile in order to comply with a Trump administration executive order. The NYSE then tried to reverse course, causing confusion on Wall Street, only to ultimately remove the companies from its exchange, after all. The effect is to bar the companies from trading on the exchange. The movement comes in the wake of an executive order, issued in November, that aims to block Chinese companies from using U.S. capital to help advance Chinese military and intelligence goals. The decision on Wednesday to delist the firms came after the Treasury Department‘s Office of Foreign Assets Control issued guidance Tuesday that would block people in the U.S. from conducting transactions with the firms, according to […] The post NYSE to remove 3 Chinese telecoms from market appeared first on CyberScoop. (CyberScoop)

Nissan investigating possible source code exposure

Nissan is examining whether source code for its North American division’s mobile apps, marketing tools and more have leaked online, the company said. “We are aware of a claim regarding a reported improper disclosure of Nissan’s confidential information and source code,” said a Nissan spokesperson. “We take this type of matter seriously and are conducting an investigation.” Tillie Kottmann, a software engineer, publicized the apparently leaked information earlier this week on Twitter and Telegram. They told CyberScoop the information came via a “severely mismanaged” server that had the username and password of “admin:admin.” “I was informed about the server by an anonymous source but acquired it myself and can thus mostly verify it,” Kottmann said via a Twitter direct message exchange. Kottmann said they also heard some ex-Nissan employees recognized projects there. Poorly configured servers are a common source of online data leaks, in recent months afflicting Razer, medical scans, […] The post Nissan investigating possible source code exposure appeared first on CyberScoop. (CyberScoop)

More Chinese apps attract a ban from a presidential administration on the way out

President Donald Trump’s latest executive order against Chinese tech companies might not ever take effect, but at a minimum it will force some decisions by the incoming presidential administration. The order bans U.S. transactions with several mobile apps, including Alipay and WeChat Pay, in the interest of protecting the security of U.S. users. The Trump administration made similar moves against TikTok last year, and those efforts are still tied up in court. “The United States has assessed that a number of Chinese connected software applications automatically capture vast swaths of information from millions of users in the United States, including sensitive personally identifiable information and private information,” according to the executive order, which Trump issued Tuesday night. As with TikTok, the assumption is that such data could be readily available to the Chinese government. The catch is that the order takes effect in 45 days — well after the inauguration of President-elect […] The post More Chinese apps attract a ban from a presidential administration on the way out appeared first on CyberScoop. (CyberScoop)

Zyxel hardcoded admin password found – patch now!

Hardcoded passwords are always wrong - they are equivalent to implanting a global backdoor and hoping no one will find it. (Naked Security)

US Capitol Breached By MAGA Idiots With Guns

(News ≈ Packet Storm)

Ho Mobile To Replace SIM Cards After Massive Data Breach

(News ≈ Packet Storm)

US Intelligence Task Force Accuses Russia Of Cyber-Hack

(News ≈ Packet Storm)

SMS Phishing Is Getting Out Of Control

(News ≈ Packet Storm)

Telegram Triangulation Pinpoints Users' Exact Locations

(News ≈ Packet Storm)

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols. (Threatpost)

It’s Not the Trump Sex Tape, It’s a RAT

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report. (Threatpost)

Feds Issue Recommendations for Maritime Cybersecurity

Report outlines deep cybersecurity challenges for the public/private seagoing sector. (Threatpost)

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover. (Threatpost)

05-01-202107-01-2021

/security-daily/ 07-01-2021 23:44:22