12-01-202114-01-2021

Security daily (13-01-2021)

FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout

While dealing with a massive cyber-espionage campaign against the U.S. government, the FBI is trying to quietly implement a new strategy aimed at better tracking foreign hackers. FBI officials last spring gave the head of the National Cyber Investigative Joint Task Force (NCIJTF) — a group of intelligence, law enforcement and defense officials who track hacking threats — a more senior role within the bureau, according to Tonya Ugoretz, deputy assistant director in the FBI’s cyber division. The result is that a senior FBI official now leads an interagency group whose work could lead to offensive cyber-operations, sanctions or State Department démarches — or all three. Herb Stapleton, the former head of the FBI’s the head of FBI’s Cyber Crime Operations, is filling that role. The goal of the strategy, which the FBI unveiled in September, is to disrupt foreign cyber operations against U.S. assets by “changing the risk calculus” of adversaries, as […] The post FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout appeared first on CyberScoop. (CyberScoop)

Iranian venture firm investing in cyber tech is subject of US sanctions

The U.S. sanctioned an Iranian venture capital firm on Wednesday that the Treasury Department said invests in cyberspace and information technology. Treasury’s Office of Foreign Assets Control identified the firm, Barkat Ventures, as an arm of an organization that the supreme leader of Iran controls called EIKO, short for Execution of Imam Khomeini’s Order. The sanctions also targeted a second Komeini-controlled organization, Astan Quds Razavi. “These institutions enable Iran’s elite to sustain a corrupt system of ownership over large parts of Iran’s economy,” said Secretary Steven Mnuchin. “The United States will continue to target those who enrich themselves while claiming to help the Iranian people.” Barkat Ventures has a small profile outside Iran. An apparent company website cites its desire to invest in technologies such as the internet of things, electronic health, cryptocurrency and software as a service. Its overall goal is to reduce barriers for entrepreneurs in “knowledge-based” businesses, […] The post Iranian venture firm investing in cyber tech is subject of US sanctions appeared first on CyberScoop. (CyberScoop)

Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC

Anne Neuberger, the National Security Agency’s cybersecurity director, will be joining the Biden administration as deputy national security adviser for cyber and emerging technology, the Biden transition team announced Wednesday. Neuberger has been serving in her role as the director of the year-old Cybersecurity Directorate at the Pentagon’s foreign signals intelligence agency for just over a year, but she has a track record of leadership at the NSA. She has previously served as the lead on the NSA’s task force to counter Russian threats to U.S. elections, previously known as the “Russia Small Group,” as well as its chief risk officer. She has also overseen cyber-operations at the NSA during her time serving as assistant deputy director of the Operations Directorate. Neuberger’s selection could be a signal the Biden administration intends to prioritize cybersecurity issues at the NSC. The Biden transition team has already announced a whole slew of other […] The post Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC appeared first on CyberScoop. (CyberScoop)

Mimecast breach investigators probe possible SolarWinds connection

Mimecast, a global email security provider, on Tuesday said that one of its software security certificates had been breached by a “sophisticated threat actor” in a targeted operation to access customer emails. London-based Mimecast has a sprawling footprint, claiming some 39,000 customers around the world. The company said 10% of its customers use the particular software implementation involved in the breach, adding that attackers apparently targeted “a low single-digit number” of customers. The illicit access would have allowed attackers to spy on Mimecast clients. The hackers’ methods, and the fact that they targeted Microsoft’s cloud-based email services, have parallels with a suspected Russian hacking campaign that has used tainted software made by contractor SolarWinds to breach multiple U.S. government agencies. A person familiar with the matter told CyberScoop that investigators are examining whether the same attackers who breached SolarWinds also infiltrated Mimecast, a detail first reported by Reuters. “As a […] The post Mimecast breach investigators probe possible SolarWinds connection appeared first on CyberScoop. (CyberScoop)

YouTube joins Silicon Valley backlash against Trump content

Despite the widespread backlash against President Donald Trump by tech companies since the Jan. 6 attack on the U.S. Capitol, one big platform hadn’t officially taken decisive action against him until Tuesday night. YouTube announced in a Twitter thread that it was blocking Trump from uploading new content for at least a week for violating its policies. In practice, it’s similar to Facebook’s move last week. Trump’s personal page is still fully available on YouTube, but the president can’t post anything new, for now. Twitter has permanently banned the president. YouTube’s announcement also spoke directly to concerns that major social media platforms have served as organizing points for the extremists, conspiracy theorists and white supremacists who raided the Capitol last week and are expected to try similar attacks in Washington and elsewhere again. The ban by the Google-owned video platform would last, at a minimum, to the eve of Joe […] The post YouTube joins Silicon Valley backlash against Trump content appeared first on CyberScoop. (CyberScoop)

Home schooling – how to stay secure

Whether you’re new to home schooling or an old hand, it’s worth taking a moment to ensure you’re doing it securely. (Naked Security)

House Impeaches Trump For Role In Deadly Capitol Riot

(News ≈ Packet Storm)

Mimecast Certificate Hacked In Microsoft Email Attack

(News ≈ Packet Storm)

The Password Guess Worth $240 Million In Bitcoin

(News ≈ Packet Storm)

WhatsApp Responds To Concerns Over Privacy Policy Update

(News ≈ Packet Storm)

Hackers Have Leaked The COVID-19 Vaccine Data They Stole

(News ≈ Packet Storm)

TikTok Takes Teen Accounts Private

The company announced accounts for ages 13-15 will default to a strong privacy setting, among other safety measures. (Threatpost)

High-Severity Cisco Flaw Found in CMX Software For Retailers

Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers. (Threatpost)

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Two security vulnerabilities -- one a privilege-escalation problem and the other a stored XSS bug -- afflict a WordPress plugin with 40,000 installs. (Threatpost)

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

On the heels of a cyberattack on the EMA, cybercriminals have now leaked Pfizer and BioNTech COVID-19 vaccine data on the internet. (Threatpost)

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove

Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. (Threatpost)

12-01-202114-01-2021

/security-daily/ 14-01-2021 23:44:23