Malwarebytes Hacked by the Same Group That Hit SolarWinds and Eleven Other Top Infosec Developments - 1/20/21
Another malware SolarWinds malware strain discovered, Open source tool released for tracking techniques used by SolarWinds threat group, Trump issues EO to thwart malicious foreign use of cloud stuff
Happy inauguration day to our readers! No pitches today, just good thoughts for our country flowing from Metacurity’s Washington, DC offices.
Security firm Malwarebytes said it was hacked by the same, presumed Russian state-backed threat group that hacked IT software provider SolarWinds.
The company learned about the hack from the Microsoft Security Response Center (MSRC) on December 15, which detected suspicious activity from the dormant Office 365 security app. Malwarebytes said the company only gained access to a limited subset of internal company emails. (Catalin Cimpanu / ZDNet)
Security firm Symantec said it identified another malware strain called Raindrop used during the SolarWinds supply chain attack, adding a fourth malware strain involved in the SolarWinds hack, including Sunspot, Sunburst (Solorigate), and Teardrop.
According to Symantec, the malware was used only during the very last stages of an intrusion deployed only on the networks of very few selected targets. (Catalin Cimpanu / ZDNet)
FireEye Mandiant released an open-source tool named Azure AD Investigator designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name assigned by the cybersecurity firm to the threat group that attacked the IT management company SolarWinds.
The tool allows organizations to check their Microsoft cloud environments for evidence of an attack and alerts security teams if it identifies artifacts that may require further review. (Eduard Kovacs / Security Week)
On his last day in office, Donald Trump issued an executive order to thwart foreign use of cloud computing products for malicious cyber operations against the United States.
The order allows the Commerce Department to write rules to bar transactions with foreigners in cloud computing products or services if a foreigner uses them for cyber attacks. (Alexandra Alper / Reuters)
Related: iTnews - Security
The Biden-Harris transition team announced that a senior adviser to National Security Agency and U.S. Cyber Command leader Gen. Paul Nakasone Michael Sulmeyer would become the senior director for cybersecurity at the White House.
Sulmeyer joins another Nakasone cybersecurity lieutenant, Anne Neuberger, who will work as deputy national security adviser for cyber and emerging technology. (Tim Starks / Cyberscoop)
Related: The Times of Israel, Reuters, RAPPLER, MediaNama, BusinessLine - Home, fossBytes, Android Central, TechNadu, xda-developers, The Next Web, Business Insider, Gulf News Technology, Elcomsoft, iMore, Telecomlive.com, Android Police, Techradar, The Next Web, Neowin, Al Bawaba,Telecomlive.com, Devdiscourse News Desk, The Financial Express, NDTV Gadgets360.com
Russian cryptocurrency exchange Livecoin shut down in the wake of a purported hack that some critics say was, in reality, an exit scam.
In December, the exchange claimed it was hacked and has asked currency owners to file a complex list of personal documents to file claims to obtain the currency they may have lost in the hack. (Kevin Helms / Bitcoin.com)
Related: GBHackers on Security
According to an international law firm DLA Piper, European data regulators imposed GDPR fines totaling €158.5 million (around $191.89 million) between 28 January 2020 and 2021, a 39% increase over the previous 20 months since the introduction of the more stringent data protection law.
At the same time, the number of breach notifications jumped by 19% to 121,165. (Robert Scammell / Verdict)
VpnMentor discovered a data breach involving the now-defunct Fleek social media app, an X-rated alternative to Campus Stories from Snapchat.
VpnMentor discovered a misconfigured AWS S3 bucket in October 2020 with 377,000 files containing photos and bot scripts. (Waqas / HackRead)
President-elect Joseph Biden’s nominee for defense secretary General Lloyd Austin told the Senate Armed Services Committee during a hearing that the perpetrators of the SolarWinds hack should face the consequences.
He also said that he believes the intelligence agencies’ attribution to Russia as the source of the hack is an accurate one. (Mila Jasper / NextGov)
Security experts disclosed details about seven vulnerabilities, tracked as DNSpooq, impacting a popular DNS software package, Dnsmasq, commonly deployed in networking equipment, such as routers and access points.
DNSpooq software can be combined to poison DNS cache entries recorded by Dnsmasq servers. It is now in millions of devices sold worldwide, such as Cisco devices, Android smartphones, and many types of networking gear like routers, access points, firewalls, and VPNs. (Catalin Cimpanu / ZDNet)
In what might be considered a refreshing scandal of the incoming Biden Administration, some cybersecurity experts say the President-Elect’s use of a Peloton bike, which is connected to the Internet, might be a cybersecurity risk.
However, most cybersecurity experts say the threat of a Peloton bike to national security pales compared to the digital security threats posed by Biden’s predecessor. (Sheryl Gay Stolberg / New York Times)
The New York Times @nytimesCan President-elect Joe Biden bring his Peloton bike with him to the White House? The answer, cybersecurity experts say, is yes. Sort of. https://t.co/eOH59yA0Jw