It was one a historic and unprecedented week in the United States when a crowd of supporters of President Donald Trump revolted on Capitol Hill in Washington, DC and stormed the Capitol building, forcing Congress to evacuate and temporarily halting its symbolic certification. of the election of Joe Biden as president. Digital archivists and others struggled to preserve photos and images of the insurgency while social media implemented ad hoc content moderation policies. Meanwhile, national security experts are wary of the risks the incident poses to information security and national security at the Capitol.
In other news, transparency activists DDoSecrets, a kind of successor group to WikiLeaks, publish a lot of corporate information, a move that was particularly controversial since the data was originally stolen by ransomware attackers. And speaking of Wikileaks, on Monday the UK denied the U.S. Department of Justice’s request to extradite Julian Assange, citing Assange’s mental state and suicide risk instead of making an assessment of whether the WikiLeaks founder violated the Espionage Act.
WhatsApp users received a notification this week that a change in the app’s privacy policy meant they could no longer choose not to share data with Facebook, which was confusing, as WhatsApp has been sharing this data since 2016 and it only gave a deactivation option for a fleeting 30-day window that year. And Ticketmaster was caught breaking into the systems of a rival company, agreeing to pay a $ 10 million fine to settle the case with federal prosecutors.
And there are more. Below we summarize the most important SolarWinds stories to date from all over the Internet. Click on the headlines to read them and be safe.
Ever since it was revealed that SolarWinds ’Orion IT management tool was exploited in an attack on the software supply chain, the cybersecurity industry has feared the news that Russian hackers themselves were also in favor of other popular programs. This week FBI sources told Reuters that the Czech-based software firm JetBrains has been scrutinized as another potential victim and potential vector of corrupt code. The JetBrains TeamCity project management tool is used by tens of thousands of customers, including SolarWinds, with the possibility that it may have served as an initial point of infection in the SolarWinds network. The fact that JetBrains was founded by three Russian engineers has generated more suspicion in the company. But the CEO of JetBrains in St. Petersburg said this week that the FBI or any other agency has not contacted him. Nor, he says, has JetBrains seen any evidence that it has been breached by hackers, not to mention its use to further infringe on SolarWinds systems.
Chris Krebs, former director of the Security and Cybersecurity Agency, became a notorious cause in November when President Trump fired him for claiming – correct – that allegations of widespread electoral piracy and fraud by the president and his supporters they were false. Now, after a federal race that many credited with helping secure the 2020 presidential election against foreign interference, Krebs is venturing into last year’s massive mass cybersecurity story: hacker intrusion Russians to SolarWinds, a Texas-based company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies. SolarWinds has hired Krebs to help him remedy and recover from the breach that placed him at the epicenter of this widespread hacking scandal. He will be joined by former Facebook and Yahoo security chief Alex Stamos, who similarly signed with video conferencing firm Zoom last spring to help him recover from security concerns. Krebs and Stamos will work with SolarWinds through a consulting company they co-founded, the Krebs Stamos group. Given that SolarWinds shares have lost more than a third of their value, or about $ 2.5 billion, since the news of its breach occurred, any commission paid by the company for this consultancy (probably very large) is certainly a its total cost of default.
Desmond Tan, Singapore’s Minister of State for his Home Office, told parliament on Monday that Singapore police may use data from the country’s Covid-19 contact tracking platform in investigations. Originally, the service was marketed as a collection of the least amount of information possible and as a single-purpose tool for tracking contacts. But on Monday the platform was updated to reflect the potential for police access. According to reports, more than four million of Singapore’s 6 million citizens use the app.