Cybersecurity News of the Week, January 17, 2021

Individuals at Risk

Cyber Privacy

How law enforcement gets around your smartphone’s encryption: Openings provided by iOS and Android security are there for those with the right tools. ars technica, January 15, 2021

WhatsApp Delays Privacy Changes Amid User Backlash: The company faced a backlash from users who worried the changes made the messaging service less secure. The New York Times, January 15, 2021

New iOS Privacy Labels Reveal Major Data Collection Differences Between Messaging Apps: The new iOS 14 privacy labels that are required of Apple app publishers are revealing some major differences between competitors. There is a particular disparity in the messaging apps, best illustrated by setting Signal (which collects no data) next to Facebook Messenger (which collects about 65 different categories of data). CPO, January 14, 2021

Cyber Update

Microsoft Patch Tuesday, January 2021 Edition: Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users. KrebsOnSecurity, January 12, 2021

Cyber Warning

Phishing warning: These are the brands most likely to be impersonated by crooks, so stay alert: Cyber criminals know how many of us are working from home and are looking to exploit that situation with phishing emails designed to copy big brands. ZDNet, January 14, 2021

Cyber HUmor

Information Security Management for the Organization

Information Security Management

Ransomware has MSPs in its sights: Peter Geytenbeek, senior manager of channels EMEA at Thycotic, shares a warning about the need for managed service providers to take their own security seriously. ComputerWeekly, January 15, 2021

NSA warns against using DoH inside enterprise networks …The NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic to third-parties: The US National Security Agency has published today a guide on the benefits and risks of encrypted DNS protocols, such as DNS-over-HTTPS (DoH), which have become widely used over the past two years. ZDNet, January 14, 2021

Cloud Attacks Are Bypassing MFA, Feds Warn … CISA issues alert warning cloud services at U.S. organizations are being actively & successfully targeted, says most of attacks take advantage of poor cloud cyber-hygiene and misconfigurations: The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and successfully attacking cloud services at various U.S. organizations. ThreatPost, January 14, 2021

The Before, During, and After of Successful Enterprise Incident Response: The sophistication and frequency of cyberattacks is increasing every day. In this year alone, major hotel chains MGM and Marriott suffered huge data breaches and dumps. Twitter’s highest profile accounts were compromised in a scheme involving classic social engineering and crypto payments. And Magellan Health, a Fortune 500 company, suffered a phishing-based ransomware attack. CPO, January 13, 2021

If FireEye And The U.S. Government Can Be Hacked, What About Me? … Remembering that you are most likely to fall prey to a common-variety attack, this is a good time to review 7 things that you should be doing to protect your organization: On December 8, premier information security company FireEye released in a blog post that it had been hacked. Company CEO and industry legend Kevin Mandia wrote, “Based on my 25 years in cybersecurity and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years.” David Lam, Partner & CISO, Miller Kaplan, Forbes, January 12, 2021

Cyber Update

Still haven’t patched Zerologon vulnerability? Microsoft will protect you from yourself and enforce update as part of February Patch Update: Microsoft today warned admins that updates addressing the Windows Zerologon vulnerability will transition into the enforcement phase starting next month. BleepingComputer, January 15, 2021

Cyber Insurance

Cybersecurity Insurance Has a Big Problem after Cyber Losses Climb to $1.8 billion in 2019, up an eye-popping 50% year over year: In 2020, the world seemingly entered a new era of cyberattacks. Although there have been decades of viruses, breaches, and other forms of attack, last year saw increased bad actor sophistication, a propensity to pay in ransomware cases, and a broad swath of geopolitical uncertainty — conditions that hackers have found favorable. Harvard Business Review, January 12, 2021

Cybersecurity in Society

Cyber Crime

Ransomware attacks now to blame for half of healthcare data breaches: Almost half of data breaches at hospitals were because of ransomware attacks – and those attacks could’ve been prevented with timely patching. ZDNet, January 15, 2021

Ransomware Disrupts Scottish Environment Protection Agency: The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data. GovInfo Security, January 15, 2021

National Cybersecurity

Biden calls for ‘most ambitious effort ever’ to modernize federal IT, cybersecurity: President-elect Joe Biden will make federal IT modernization and cybersecurity top priorities during the early days of his administration — second only to COVID-19 response, it seems. fedscoop, January 15, 2021

National Cybersecurity – Solar Winds

SolarWinds Hack Followed Years of Warnings of Weak Cybersecurity: Congress and federal agencies have been slow or unwilling to address warnings about cybersecurity, shelving recommendations that are considered high priority while investing in programs that have fallen short. Bloomberg, January 13, 2021

SolarWinds: What Hit Us Could Hit Others: New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers. KrebsOnSecurity, January 12, 2021

Cyber Freedom

Far-right website 8kun again loses internet service protection following Capitol attack: Shell company owned by two Russians cut ties with internet host of 8kun, which has been linked to other acts of violence. TheGuardian, January 15, 2021

Exclusive: Large bitcoin payments to right-wing activists a month before Capitol riot linked to foreign account: WASHINGTON — On Dec. 8, someone made a simultaneous transfer of 28.15 bitcoins — worth more than $500,000 at the time — to 22 different virtual wallets, most of them belonging to prominent right-wing organizations and personalities. Yahoo, January 14, 2021

The Cybersecurity 202: Parler scrape puts some Capitol rioters in legal jeopardy: Researchers and analysts say a trove of data archived from conservative-favored social media app Parler poses a real risk for those who used the platform to share their involvement in a pro-Trump mob that stormed the U.S. Capitol. The Washington Post, January 12, 2021

Parler’s amateur coding could come back to haunt Capitol Hill rioters: Some 80 terabytes of posts, many already deleted, preserved for posterity. ars technica, January 12, 2021

Electronic voting machines and their software: Q&A with cybersecurity expert Bryson Bort: The Internet is rife with theories about voting machines and how they can be hacked. Various self-proclaimed smarties about computing have expounded theories as to how the Democrats changed votes. These theories have gotten shared widely online and even have made their way into a few media outlets. The media has reviewed and cast doubt on the claims being made about election software being compromised (e.g., here, here, and here). AEI, November 17, 2021

Internet of Things

Automotive Cybersecurity: Major Changes Underway as National Highway Traffic Safety Administration (NHTSA) releases update to their Cybersecurity Best Practices for the Safety of Modern Vehicles: The National Highway Traffic Safety Administration (NHTSA) released an update to their Cybersecurity Best Practices for the Safety of Modern Vehicles. The timing of this update and its new recommendations are indicative of major changes underway in the automotive industry concerning cybersecurity. While the NHTSA document provides non-binding guidance, the update is aligned with two new European Union automotive cybersecurity regulations, which are binding. These regulations were adopted in June 2020 by the United Nations Economic Commission for Europe (UNECE) World Forum for Harmonization of Vehicle Regulations (WP.29) and went into effect as of January 2021. DigiKey, January 15, 2021

Cyber Defense

CompTIA Introduces New Cybersecurity Advisory Council: Top security executives will offer advice and guidance on staying ahead of cyber threats. PRNewswire, January 15, 2021

Introducing – the first website ‘exclusively dedicated’ to revealing security vulnerabilities in malware: A pioneering malware vulnerability database has become a surprise addition to security pros’ defensive toolkits as they seek to disrupt, remediate, or attribute cyber-attacks. The Daily Swig, January 14, 2021

Cyber Enforcement

Europol announces bust of “world’s biggest” dark web marketplace: You probably don’t need to be told what sort of products were on offer at an online retail site called DarkMarket. NakedSecurity, January 14, 2021


Man makes last-ditch effort to recover $280 million in bitcoin he accidentally threw out: LONDON — A British man who accidentally threw out a hard drive with a trove of bitcoin on it is once again urging local city officials to let him search for it in a landfill site. CNBC, January 15, 2021

Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes: Bitcoin owners are getting rich because the cryptocurrency has soared. But what happens when you can’t tap that wealth because you forgot the password to your digital wallet? The New York Times, January 14, 2021

Cyber Talent

Can Edtech Close the Talent and Workforce Gap in Cybersecurity?: How we protect our data is more important than ever. Attacks on high-value entities, including big businesses and federal government agencies, regularly make headlines. Schools are increasingly targeted as well. Just last month, the FBI, CISA and MS-ISAC issued a joint warning about attacks on educational institutions. EdSurge, January 14, 2021

Cyber Disinformation

American Thinker apologizes for falsely accusing Dominion Voting Systems of conspiring to steal the November 2020 election from Donald Trump … admits “there is simply no evidence to support these claims”: We received a lengthy letter from Dominion’s defamation lawyers explaining why they believe that their client has been the victim of defamatory statements. Having considered the full import of the letter, we have agreed to their request that we publish the following statement. American Thinker, January 15, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge