Feds Finally Fess Up to Russia's Role in SolarWinds and More Infosec Developments You Should Know Today
Trump bans dealings with eight Chinese apps, Google's afraid to update its iOS apps, Italian mobile operator to replace up to 2.5M SIM cards following a breach, Attacks against healthcare apps soar
Please consider becoming a premium subscriber to Metacurity, or even better, consider giving the gift of a premium subscription to a colleague, friend, or student. You’ll gain a lot of benefits, including access to our archives and special premium content. Thank you!
The Director of National Intelligence's office, along with the FBI, the National Security Agency, and DHS’s Cybersecurity and Infrastructure Security Agency, admitted after a delay of almost one month that Russia was “likely” behind the SolarWinds hack.
According to people briefed on the material, there is no evidence that China could have been involved in the devastating supply chain hack, despite Donald Trump's misdirection. (David E. Sanger and Julian E. Barnes / New York Times)
Related:Sydney Morning Herald, Japan Today, Israel National News, Arutz Sheva News, USA Today, Dark Reading, DNI.gov, Reuters, The Mainichi, Channel News Asia, Al Jazeera English, Reuters, ABC.net.au, Deutsche Welle, CNN, POLITICO, AP Top News, Defense Daily Network, Defense One, The Hill: Cybersecurity, Nextgov , LA Daily News, Washington Examiner, Miami Herald, CBC , The Independent, SecurityWeek, Slashdot, Courthouse News Service, Arutz Sheva News, The Hindu - News, The Guardian, NBC News Top Stories, Reddit - cybersecurity, Bleeping Computer, Inside Cybersecurity, CNET, Sydney Morning Herald, Capital Gazette, Inquirer.com, Yahoo, DAILYSABAH, TribLIVE, Inquirer.com, InsideDefense.com, Axios, CNET, Security Magazine, Boing Boing, Cyberscoop, TechCrunch, Dark Reading,ZDNet Security, Gizmodo, ZDNet Security, Security Affairs, Business Insider, Bleeping Computer, Homeland Security Today, Fortune, The Independent, Devdiscourse News Desk, PC Magazine, IT World, FCW, UPI.com, CNBC Technology, RT USA, Politico, Vox, Law & Disorder – Ars Technica, New York Times, Financial Times, Bloomberg News, ThePrint, LA Daily News
Donald Trump signed an executive order banning transactions with eight Chinese apps, including the Alipay payment platform owned by Chinese billionaire Jack Ma’s Ant Group Co. and apps owned by Chinese tech giant Tencent Holdings Ltd.
Trump claims the Chinese government to “track the locations of Federal employees and contractors, and build dossiers of personal information.” (Andrew Restuccia and John D. McKinnon / Wall Street Journal)
Related: Associated Press Technology, Financial Times, Security Week, The Independent, The National, Raw Story, Fortune, POLITICO EU, The Sun, Lawfare, Chicago Sun-Times - All, The Mainichi, SlashGear, South China Morning Post, The Register - Security, Pocketnow, PYMNTS.com, Bloomberg Technology, ZDNet Security, NBC News Technology, CTVNews.ca, The Verge, Ecns, Techmeme, Chinanews.net, Devdiscourse News Desk, Reuters: World News
Vodafone-owned Italian mobile operator Ho Mobile confirmed it experienced a massive breach affecting a possible 2.5 million customers and offered to replace all affected customers' SIM cards.
The hackers stole customers’ full names, telephone numbers, social security numbers, email addresses, dates and places of birth, nationality, and home addresses. (Catalin Cimpanu / ZDNet)
No Google iOS app has been updated in a month, in all likelihood because Apple began applying its app store privacy labels on December 8, a move that would require any developer fill out the privacy label information for the app it was submitting or revising.
By submitting its apps by December 7, Google managed to avoid filling out the privacy labels for those apps. (Michael Grothaus / Fast Company)
Related:9to5Mac, AppleInsider, MacRumors, Channel News Asia, BGR, SiliconANGLE, Pocketnow, AndroidHeadlines.com, Ubergizmo, TechSpot, iPhone in Canada Blog, SlashGear, Slashdot, AppleInsider, iDownloadBlog.com, iPhone Hacks, MacRumors, iMore, 9to5Mac, fossBytes, Fast Company, Gadgets Now, The Mac Observer, BGR
Cyberattacks targeting healthcare organizations soared by 45% in December as COVID-19 cases spiked, researchers at Check Point report.
That rise stood in contrast to the 22% overall increase in cyberattacks last month. (Ravie Lakshmanan / The Hacker News)
Intezer Labs discovered a new malware operation that uses fake cryptocurrency apps to install currency-stealing malware dubbed ElectroRAT.
The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, which began circulating as early as January 2020. (Catalin Cimpanu / ZDNet)
Researcher Nikolai Tschacher disclosed a proof-of-concept showing a three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API with 97% accuracy.
The attack hinges on research dubbed "unCaptcha," published by University of Maryland researchers in April 2017 targeting the audio version of reCAPTCHA. (Ravie Lakshmanan / The Hacker News)
According to security researcher Chuong Dong, a new ransomware strain called Babuk Locker is targeting corporate victims, demanding payments of $60,000 to $85,000 in Bitcoin.
Each Babuk Locker executable has been customized on a per victim basis to contain a hard-coded extension, ransom note a Tor URL. (Lawrence Abrams / Bleeping Computer)
Boston-based cloud-based cybersecurity software start-up iBoss has raised $145 million in a venture fund round led by NightDragon and Francisco Partners.
iBoss said that investor interest in the company was driven by the COVID-19 era “distributed and dispersed workforces,” which requires cybersecurity protection regardless of where employees are and what devices they use. (Jon Chesto / Boston Globe)
The White House and the National Security Council issued a cybersecurity update to the government’s national maritime security strategy, which directs federal agencies to develop more streamlined cybersecurity standards for organizations in the maritime transportation system (MTS).
The update is also aimed at promoting more information-sharing on maritime cyber threats with the private sector. (Shannon Vavra / Cyberscoop)
Bug-hunter Ahmed Hassan discovered that a Telegram feature called People Nearby that allows users to see who’s nearby could be misused to pinpoint a user’s exact distance to other users by spoofing latitude and longitude.
Telegram said it doesn’t regard the issue as a bug and declined Hassan’s security report. (Tara Seals / Threatpost)
The NSA released guidance showing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
The agency developed several server configurations and network signatures to accompany the report that are available on the NSA Cybersecurity Github. (Sergiu Gatlan / Bleeping Computer)
Related: US-CERT Current Activity
In what is being investigated as a breach of aviation frequencies, air traffic controllers in New York heard a disturbing message"We are flying a plane into the Capitol on Wednesday. Soleimani will be avenged."
Authorities are aware of the threat and don’t be it’s credible. (Kenneth Garger / New York Post)
The Australian Cyber Security Centre (ACSC) is warning that Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person’s computer has been compromised.
Phishing emails sent to victims in this campaign instruct them to download antivirus software via a link in the message, which, if they do, installs malware on their computers. (Juha Saarinen / IT News)