Friday, February 3, 2023

SolarWinds survey accelerates

Must read


It was a unprecedented and historic week in the United States as crowd of supporters of President Donald Trump riot on Capitol Hill in Washington, DC and stormed the Capitol building, forcing Congress to evacuate and temporarily halting its symbolic certification of Joe Biden’s election as president. Digital archivists and others scrambled to preserve photos and images of the insurgency as social networks deployed ad hoc content moderation policies. Meanwhile, national security experts are beware of risks the incident poses information security – and national security – on Capitol Hill.

In addition, the activists of transparency DDoSecrets, a sort of successor group of WikiLeaks, publish a wealth of business information—A particularly controversial move given that the data was initially stolen by ransomware attackers. And speaking of Wikileaks, the UK on Monday denied the US Department of Justice request to extradite Julian Assange, citing Assange’s mental state and risk of suicide rather than an assessment of whether the WikiLeaks founder violated espionage law.

WhatsApp users received a notification this week that a change in the app’s privacy policy meant they could no longer opt out of data sharing with Facebook – which was confusing, because WhatsApp has been sharing this data since 2016, and only gave an opt-out option for a fleeting 30-day window that year. And Ticketmaster was broken into the systems of a rival company, agreeing to pay a fine of $ 10 million to settle the case with federal prosecutors.

And there’s more. Below, we’ve rounded up the most important SolarWinds stories to date on the internet. Click on the headlines to read them and stay safe there.

Since it was revealed that SolarWinds’ Orion IT management tool was exploited in a software supply chain attack, the cybersecurity industry has been anxiously dreading the news that the same Russian hackers have also been sneaking around. supported by other popular software. This week, FBI sources told Reuters that Czech Republic-based software company JetBrains was investigated as another possible victim – and a potential vector of corrupt code. JetBrains ‘project management tool, TeamCity, is used by tens of thousands of customers, including SolarWinds, raising the possibility that it served as the initial point of infection within SolarWinds’ network. . The fact that JetBrains was founded by three Russian engineers cast another suspicion on the company. But the CEO of JetBrains based in St. Petersburg said this week that he had not been contacted by the FBI or any other agency. Additionally, he says, JetBrains has seen no evidence that he himself has been raped by hackers, let alone its use to further breach SolarWinds systems.

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, became a notorious cause in November when President Trump fired him for stating – correctly – that allegations of widespread electoral hacking and fraud advanced by the president and his supporters were bogus. Now, after a federal career that many attribute to securing the 2020 presidential election from foreign interference, Krebs is venturing into the other massive cybersecurity story of last year: the Russian hacker intrudes into SolarWinds, a Texas-based company whose software has been hijacked and used to penetrate the networks of at least half a dozen federal agencies. SolarWinds hired Krebs to help fix and recover from the breach that placed him at the epicenter of this high-profile hacking scandal. He will be joined by former Facebook and Yahoo security director Alex Stamos, who has also signed with a video conferencing company. Zoom in last spring to help him recover from his safety issues. Krebs and Stamos will both work with SolarWinds through a consulting company they co-founded, the Krebs Stamos Group. Given that SolarWinds stock has lost more than a third of its value, or roughly $ 2.5 billion, since news of its breach, regardless of the fees the company pays this consultant – probably very high – are definitely a rounding error for its total violation costs.

Desmond Tan, Singapore’s minister of state for its Home Office, told parliament on Monday that Singapore police could use data from the country’s Covid-19 contact tracing platform in investigations. Originally, the service was marketed as gathering as little information as possible and as a one-time tool for contact tracing only. But on Monday, the platform was updated to reflect the potential for law enforcement access. Over four million of Singapore’s 6 million citizens are said to use the app.


- Advertisement -spot_img

More articles


Please enter your comment!
Please enter your name here

- Advertisement -spot_img

Latest article