Feds Finally Fess Up to Russia's Role in SolarWinds and More Infosec Developments You Should Know Today

Trump bans dealings with eight Chinese apps, Google's afraid to update its iOS apps, Italian mobile operator to replace up to 2.5M SIM cards following a breach, Attacks against healthcare apps soar

Please consider becoming a premium subscriber to Metacurity, or even better, consider giving the gift of a premium subscription to a colleague, friend, or student. You’ll gain a lot of benefits, including access to our archives and special premium content. Thank you!

The Director of National Intelligence's office, along with the FBI, the National Security Agency, and DHS’s Cybersecurity and Infrastructure Security Agency, admitted after a delay of almost one month that Russia was “likely” behind the SolarWinds hack.

According to people briefed on the material, there is no evidence that China could have been involved in the devastating supply chain hack, despite Donald Trump's misdirection. (David E. Sanger and Julian E. Barnes / New York Times)

Related:Sydney Morning HeraldJapan TodayIsrael National NewsArutz Sheva NewsUSA TodayDark ReadingDNI.govReutersThe Mainichi, Channel News AsiaAl Jazeera EnglishReutersABC.net.auDeutsche WelleCNNPOLITICOAP Top NewsDefense Daily NetworkDefense One, The Hill: CybersecurityNextgov LA Daily NewsWashington ExaminerMiami HeraldCBC The IndependentSecurityWeekSlashdotCourthouse News ServiceArutz Sheva NewsThe Hindu - NewsThe GuardianNBC News Top StoriesReddit - cybersecurityBleeping ComputerInside CybersecurityCNETSydney Morning HeraldCapital GazetteInquirer.comYahooDAILYSABAHTribLIVEInquirer.comInsideDefense.comAxiosCNETSecurity MagazineBoing BoingCyberscoopTechCrunchDark Reading,ZDNet SecurityGizmodoZDNet SecuritySecurity AffairsBusiness InsiderBleeping ComputerHomeland Security TodayFortuneThe IndependentDevdiscourse News DeskPC MagazineIT WorldFCWUPI.comCNBC TechnologyRT USA, PoliticoVox, Law & Disorder – Ars TechnicaNew York TimesFinancial Times, Bloomberg NewsThePrint, LA Daily News

Donald Trump signed an executive order banning transactions with eight Chinese apps, including the Alipay payment platform owned by Chinese billionaire Jack Ma’s Ant Group Co. and apps owned by Chinese tech giant Tencent Holdings Ltd.

Trump claims the Chinese government to “track the locations of Federal employees and contractors, and build dossiers of personal information.” (Andrew Restuccia and John D. McKinnon / Wall Street Journal)

Related: Associated Press TechnologyFinancial TimesSecurity WeekThe IndependentThe NationalRaw StoryFortunePOLITICO EU,  The SunLawfareChicago Sun-Times - AllThe MainichiSlashGearSouth China Morning PostThe Register - SecurityPocketnowPYMNTS.comBloomberg TechnologyZDNet SecurityNBC News TechnologyCTVNews.ca, The VergeEcnsTechmemeChinanews.netDevdiscourse News DeskReuters: World News

Vodafone-owned Italian mobile operator Ho Mobile confirmed it experienced a massive breach affecting a possible 2.5 million customers and offered to replace all affected customers' SIM cards.

The hackers stole customers’ full names, telephone numbers, social security numbers, email addresses, dates and places of birth, nationality, and home addresses. (Catalin Cimpanu / ZDNet)

Related: Bleeping ComputerEuro Weekly News SpainEuro Weekly News SpainTechDatorDataBreaches.netSlashdot\

Share Metacurity

No Google iOS app has been updated in a month, in all likelihood because Apple began applying its app store privacy labels on December 8, a move that would require any developer fill out the privacy label information for the app it was submitting or revising.

By submitting its apps by December 7, Google managed to avoid filling out the privacy labels for those apps. (Michael Grothaus / Fast Company)

Related:9to5MacAppleInsiderMacRumorsChannel News AsiaBGRSiliconANGLE, PocketnowAndroidHeadlines.comUbergizmoTechSpot,  iPhone in Canada BlogSlashGearSlashdot, AppleInsideriDownloadBlog.comiPhone HacksMacRumors,  iMore9to5MacfossBytesFast CompanyGadgets NowThe Mac ObserverBGR

Cyberattacks targeting healthcare organizations soared by 45% in December as COVID-19 cases spiked, researchers at Check Point report.

That rise stood in contrast to the 22% overall increase in cyberattacks last month. (Ravie Lakshmanan / The Hacker News)

Related: Bleeping ComputerZDNet SecurityTimes of Israel, Infosecurity MagazineSecurity AffairsCheck PointDataBreaches.net, Check Point

Intezer Labs discovered a new malware operation that uses fake cryptocurrency apps to install currency-stealing malware dubbed ElectroRAT.

The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, which began circulating as early as January 2020. (Catalin Cimpanu / ZDNet)

Related: IntezerThe Hacker NewsArs TechnicaBleeping ComputerThreatpost, HackReadSC MagazineSecurity Affairs

Researcher Nikolai Tschacher disclosed a proof-of-concept showing a three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API with 97% accuracy.

The attack hinges on research dubbed "unCaptcha," published by University of Maryland researchers in April 2017 targeting the audio version of reCAPTCHA. (Ravie Lakshmanan / The Hacker News)

Related: Security WeekSecurity AffairsReddit - cybersecurityTechDatorCyber News Group, Incolumitas

According to security researcher Chuong Dong, a new ransomware strain called Babuk Locker is targeting corporate victims, demanding payments of $60,000 to $85,000 in Bitcoin.

Each Babuk Locker executable has been customized on a per victim basis to contain a hard-coded extension, ransom note a Tor URL. (Lawrence Abrams / Bleeping Computer)

Related: Chuong Dong, Bleeping Computer

Boston-based cloud-based cybersecurity software start-up iBoss has raised $145 million in a venture fund round led by NightDragon and Francisco Partners.

iBoss said that investor interest in the company was driven by the COVID-19 era “distributed and dispersed workforces,” which requires cybersecurity protection regardless of where employees are and what devices they use. (Jon Chesto / Boston Globe)

Related: Infosecurity MagazineWebProNewsWall Street JournalSecurityWeek

The White House and the National Security Council issued a cybersecurity update to the government’s national maritime security strategy, which directs federal agencies to develop more streamlined cybersecurity standards for organizations in the maritime transportation system (MTS).

The update is also aimed at promoting more information-sharing on maritime cyber threats with the private sector. (Shannon Vavra / Cyberscoop)

Related: Whitehouse.govCyberscoop, Defense Daily NetworkSecurityWeek

Bug-hunter Ahmed Hassan discovered that a Telegram feature called People Nearby that allows users to see who’s nearby could be misused to pinpoint a user’s exact distance to other users by spoofing latitude and longitude.

Telegram said it doesn’t regard the issue as a bug and declined Hassan’s security report. (Tara Seals / Threatpost)

Related: The Register - SecurityArs Technica

The NSA released guidance showing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.

The agency developed several server configurations and network signatures to accompany the report that are available on the NSA Cybersecurity Github. (Sergiu Gatlan / Bleeping Computer)

Related: US-CERT Current Activity

In what is being investigated as a breach of aviation frequencies, air traffic controllers in New York heard a disturbing message"We are flying a plane into the Capitol on Wednesday. Soleimani will be avenged."

Authorities are aware of the threat and don’t be it’s credible. (Kenneth Garger / New York Post)

Related: GizmodoRT USAThe Sun

The Australian Cyber Security Centre (ACSC) is warning that Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person’s computer has been compromised.

Phishing emails sent to victims in this campaign instruct them to download antivirus software via a link in the message, which, if they do, installs malware on their computers. (Juha Saarinen / IT News)

Related: Bleeping Computer, Cyber.gov.au

Photo by Steve Harvey on Unsplash