Capitol Hill Computer Systems Exposed During Insurgency and Other Top Cybersecurity News You Need to Know Today

Justice system emails compromised by SolarWinds, JetBrains software may have been a conduit for Russian hacker compromise, NYSE reverses itself again and will delist Chinese telecoms, much more

Please consider helping us bringing you original and aggregated cybersecurity content you need to know to keep your organization safe. Subscribe now.

The cybersecurity implications of yesterday’s attack on Capitol Hill by insurrectionists aren’t yet clear. However, infosec professionals began weighing in quickly during the attack to point out the major vulnerabilities stemming from the hordes who invaded unprotected Capitol Hill offices.

Some experts argued that computer systems exposure was a counter-intelligence nightmare and a great opportunity to plant bugs and that all computers should be considered compromised.

Still, other experts downplayed the attack from a cybersecurity perspective, saying that no classified information was likely affected by any compromise or theft of technology during the assault.

Others expressed compassion for the Capitol IT staff, who face daunting challenges in securing the systems again.

The Washington Post’s Cybersecurity 202 report has a great run-down of some of the information security implications of yesterday’s attack.

The Justice Department and the federal court system said they had been compromised by the SolarWinds malware, along with dozens and potentially hundreds of other leading government and private sector organizations.

The Department said that 3% of its Microsoft Office 365 email accounts were potentially affected, although no evidence exists that classified systems were affected. (Eric Tucker and Frank Bajak / Associated Press)

Related: CNBCRT USAAssociated Press TechnologyBleeping ComputerPerthNowThe Hill: CybersecurityCNET NewsStars and StripesABC News: U.S.Dark Reading: Threat IntelligenceCyberscoopPOLITICOThomas Brewster - ForbesBleeping ComputerWashingtonExaminer.comThe GuardianSlashdotThe GuardianCyberscoopiTnews - SecurityEngadgetZDNet, Fortune

Intel agencies and private cybersecurity companies are examining whether Russian hackers used a product called TeamCity provided by a leading software company, JetBrains, to inconspicuously planted back doors in an untold number of JetBrains’ clients, a blue-chip list of Fortune 100 companies including Google, Hewlett-Packard, and Citibank.

JetBrains claims that it has not been involved in a Russian espionage attack in any way and has not been contacted by any security or government agency. (Nicole Perlroth, David E. Sanger and Julian E. Barnes / New York Times)

Related: MSSP AlertReuters: World NewsSlashdotZDNet, WebProNews, JetBrains

WhatsApp users are receiving notices about the service’s new terms and privacy policy that requires them to accept having their account information shared with parent company Facebook or else they can’t use the service.

Earlier versions of the policy gave WhatsApp users the option of not sharing their information with Facebook. (Pranob Mehrotra / xda developers)

Related: Gadgets NowWCCFtechTelecomlive.comGulf News TechnologyGulf News TechnologyTechradarIBTimes IndiaMediaNamaTechNaduThe Next WebPocketnowNDTV Gadgets360.comMacRumorsNDTV Gadgets360.comTechradar, Reddit - cybersecurityReddit - cybersecurityPocketnowMirroriDownloadBlog.com, iPhone HacksBleeping ComputerHotHardware.comThe SunSlashdotInputWCCFtechTechDatorSlashdotPhoneArena

Despite earlier reports that Google has not updated its iOS apps to do an end-run around Apple’s new privacy labels, the Internet giant said it plans to updates its apps as early as this week.

Google said it is not taking a stand against the labels but actually plans to roll out privacy labels across its sizable iOS app catalog as soon as this week or the next. (Sarah Perez / TechCrunch)

Related: PhoneArenaChannel News AsiaBig News NetworkSilicon UKWCCFtechSlashGearSilicon UKGadgets Now

Data activists known as the Distributed Denial of Secrets published a massive trove of data on its website collected from dark web forums where information was leaked online by ransomware attackers.

Saying they are operating for the sake of transparency, DDoSecrets dumped about 1 terabyte of that data, including more than 750,000 emails, photos, and documents from five companies.  (Andy Greenberg / Wired)

Related: Databreaches.net

The New York Stock Exchange reversed itself for a second time and announced it would, in fact, delist three major Chinese telecom companies, China Mobile, China Telecom, and China Unicom Hong Kong.

The exchange said it made the reversal because it received “new specific guidance” from the Treasury Department’s Office of Foreign Assets Control on Tuesday. (Alexander Osipovich / Wall Street Journal)

Related: AxiosWashington Free BeaconCyberNewsFinancial TimesBusiness InsiderJust SecurityVoice of AmericaMediaNamaData Breaches Digest

Due to a misconfigured Git server, the source code of mobile apps and internal tools developed and used by Nissan North America was leaked online, Tillie Kottmann, a Swiss-based software engineer, discovered.

Nissan said it is aware of the incident and is conducting an investigation. (Catalin Cimpanu / ZDNet)

Related: Dark Reading: Vulnerabilities / ThreatsDark Reading: Vulnerabilities / Threats, Cyberscoop

Security researchers from Trustwave say that cybercriminals use a supposed Donald Trump sex tape that delivers the Quaverse Remote Access Trojan (QRAT), a Java-based, remote access trojan (RAT) supercharged by plug-ins from Quaverse.

Despite the sex tape offer, the phishing email used to link to the malware comes with the subject line “Good Loan Offer.” (Becky Bracken / Threatpost)

Related: Security AffairsExploit OneGraham Cluley, The Hacker NewsSecurity Affairs

Hackers are invited to find vulnerabilities in U.S. army systems in Hack the Army 3.0, the Defense Digital Service (DDS) and bug bounty platform HackerOne announced.

The program is open to both military and civilian participants and runs from January 6, 2021, through February 17, 2021. (Danny Palmer / ZDNet)

Related: Security WeekInfosecurity Magazine

Photo by Alejandro Barba on Unsplash