Contact your organization’s administrative offices to see about getting an extremely cost-effective corporate subscription to Metacurity. Government and military organizations are eligible for steeply discounted subscriptions. Contact us today at info@metacurity.com or check out our half off bulk subscription offers below.

Get 50% off for 1 year

Many cybersecurity experts worry that computers left unlocked and unattended during the siege of Capitol Hill on Wednesday could have allowed the attackers to get their hands on sensitive data, or worse, compromise Congress’s IT system, although not everyone agrees.

Some IT specialists think that the IT shop on Capitol Hill should throw the “kitchen sink” at mitigating any damage, including remote wipes, locating creds, and locating all potentially affected devices, including mobile devices. (Lorenzo Franceschi-Bicchierai / Motherboard)

Related: Reddit - cybersecurity, IT Pro, IT World, Business Insider, Forbes, Verdict, The Hill, Buzzfeed News

ca$s:e cage 💫 @akolsuoicauqol

I’m not sure if anyone has participated in active shooter drills, but I can assure you none of the procedures include locking a computer before leaving because human life is the priority. That being said, stop blaming the employees that were responding to terroristic threats.

January 7th 2021

47 Retweets494 Likes

MalwareTech @MalwareTechBlog

The "every computer in the capitol could now be hacked" angle is overly alarmist. These are unclassified internet connected desktops. Any even remotely funded adversary could compromise them by other means.

January 7th 2021

67 Retweets704 Likes

Kim Zetter @KimZetter

These are all really bad takes by people who are crossing their fingers that nothing significant occurred

Eric Geller @ericgeller

So far, hearing that cyber risks of the Capitol attack were low. * Congress isn't one big network * Vulnerable machines held unclassified files * Hill leaks so much already that truly sensitive stuff is walled off * Rioters weren't there long enough for thorough, careful access

January 7th 2021

59 Retweets229 Likes

The SolarWinds hack likely compromised the electronic filing system used by the federal court system, extending the Russian espionage scope.

The federal judiciary said it is working on adding new security procedures to protect highly sensitive documents in the system. (Dustin Volz and Robert McMillan / Wall Street Journal)

Related: CRN, Cyberscoop, ZDNet Security, IT Pro, Bleeping Computer, Wall Street Journal, Krebs on Security, WebProNews, United States Court

Seamus Hughes @SeamusHughes

I talked with the ⁦@dnvolz⁩ about the hack of the Judiciary branch “Documents like these are a road map of investigations...In the right hands, they could tip off a target of investigation, be it an individual or a country’s intelligence apparatus.” Federal Judiciary’s Systems Likely Breached in SolarWinds HackApparent compromise in suspected Russian attack has put highly sensitive nonpublic court documents at risk, officials saidwsj.com

January 7th 2021

53 Retweets48 Likes

SolarWinds has hired a new company formed by former CISA chief Chris Krebs and Alex Stamos, a former chief security officer at Facebook and an adjunct professor at Stanford University, to assist in coping with the aftermath of Russian operatives’ hack of one of its software updates.

“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company,” the company said in a statement. (Joseph Menn / Reuters)

Related: Financial Times Technology, Cyberscoop, Reddit - cybersecurity, CyberNews, Gadgets Now

The State Department has approved creating a “new” Bureau of Cyberspace Security and Emerging Technologies (CSET)  to help diplomats deal with matters of international cyber conflicts.

The move comes four years after the Trump Administration’s elimination of a cybersecurity coordinator’s office in the State Department. (Maggie Miller / The Hill)

Related: Dark Reading, YonhapNews, Defense Daily

Prolific Russian hacker Andrei Tyurin was sentenced to twelve years in federal court after pleading guilty in September 2019 to computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses for stealing more than 80 million customers from JP Morgan Chase alone.

By targeting financial institutions, brokerage firms, and financial news publishers, including the Wall Street Journal, Tyurin collected over $19 million. He utilized a computer infrastructure across five continents from his apartment in Moscow. (Larry Neumeister / Associated Press)

Related: Bloomberg Technology, PYMNTS.com, DataBreaches.net, Security Week,  Justice.gov

The FBI warned in a TLP:WHITE Private Industry Notification (PIN) that the Egregor ransomware operation is actively targeting and extorting businesses worldwide.

The Bureau also shared a list of recommended mitigation measures that should help defend against Egregor's attacks. (Sergiu Gatlan / Bleeping Computer)

Related: Health IT Security

A criminal group has posted on the dark web what it claims are documents stolen from the Hackney Council in a ransomware attack.

Many residents say the Council's hack has cost them personally and disrupted some of their house purchases. (BBC News)

Related: IT Pro, teiss, ComputerWeekly: IT security, Silicon UK, ZDNet, Sky News, Evening Standard, DIGIT, Graham Cluley, Infosecurity Magazine

Share Metacurity

Ryuk ransomware operators are believed to have earned more than $150 million worth of Bitcoin from ransom payments following attacks all over the world, according to a joint report by threat intel company Advanced Intelligence and cybersecurity firm HYAS.

In an odd finding, the two firms discovered that Ryuk converted Bitcoin into real fiat currency using accounts on two well-established crypto-portals, such as Binance and Huobi, most likely using stolen identities. (Catalin Cimpanu / ZDNet)

Related: Security Affairs, Bleeping Computer, Advanced-Intel

Automated containerized workload defense start-up Lacework raised $525 million in its latest funding round, giving it a $1 billion valuation.

The round was led by Sutter Hill Ventures and Altimeter Capital with a strategic investment from Snowflake Ventures. (Kyle Wiggers / Venture Beat)

Related: Venture Beat, SecurityWeek

Multiple malware authors are using the "Ezuri" crypter and memory loader to make their code undetectable to antivirus products, according to a report by AT&T Alien Labs.

Written in Go, Ezuri acts both as a crypter and loader for ELF (Linux) binaries. (Ax Sharma / Bleeping Computer)

Related: ATT

President-elect Joe Biden plans to nominate career intelligence official Anne Neuberger to serve in a newly created cybersecurity role on his National Security Council, the deputy national security adviser.

She joined the NSA more than a decade ago and currently serves as the agency’s cybersecurity director. (Natasha Bertrand / Politico)

Related: The Times of Israel, Computer Weekly, Tech Insider, Jerusalem Post, Mercury News, SC Magazine, Cyber-Security | Compliance Week, Israel National News, Arutz Sheva News, Threatpost

Andrey Medov, a lead security researcher at Positive Technologies, discovered serious vulnerabilities discovered in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to attacks.

The flaws can be exploited for denial-of-service (DoS) attacks and to execute unauthorized code or commands. (Eduard Kovacs / Security Week)

Related: The Daily Swig

Threat intelligence firm Recorded Future said that two penetration testing kits used by security researchers, Cobalt Strike and Metasploit, were used to host more than a quarter of all the malware command and control (C&C) servers that have been deployed in 2020.

Recorded Future tracked more than 10,000 malware C&C servers last year, across more than 80 malware strains. (Catalin Cimpanu / ZDNet)

Related: Recorded Future

Follow Us on Twitter

Photo by Alejandro Barba on Unsplash