Russian SolarWinds hack damage escalates 

Three weeks after the SolarWinds hack came to light, officials are shifting their thoughts about it being election related to something more sinister, involving “backdoor” access into government agencies, major corporations, the electric grid and nuclear weapons facilities. Mark Warner, a ranking member of the Senate Intelligence Committee stated, “It keeps expanding. It’s clear the United States government missed it, and if FireEye had not come forward, I’m not sure we would be fully aware of it to this day.” Recent discoveries of this expanding crisis include that hackers managed their intrusion from servers inside the United States, exploiting legal prohibitions on domestic surveillance; that dedicated early warning systems failed; that the government’s focus on election defense may have diverted resources and attention from the software supply chain; and that some of the compromised SolarWinds software was engineered in Eastern Europe.

(New York Times)

Backdoor account discovered in more than 100,000 Zyxel firewalls and VPN gateways

The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms of vulnerabilities giving potential access to DDoS botnet operators, state-sponsored hacking groups and ransomware gangs. Affected models include  many of Zyxel’s top products from its line of business-grade devices, usually deployed across private enterprise and government networks. Installing patches removes the backdoor account, which, according to Eye Control researchers, used a plaintext password that was visible in one of the binaries on the system.

(ZDNet)

Wall Street to kick out Chinese telecom giants

The New York Stock Exchange (NYSE) said it will delist three Chinese telecommunications firms based on claimed links with its military. China Mobile, China Telecom and China Unicom Hong Kong have all been targeted by the Trump administration, and shares in these companies will be suspended this week while proceedings to delist them have begun. The companies earn all of their revenue in China and have no significant presence in the US. The delisting is seen more as a symbolic blow amid heightened geo-political tensions between the US and China.

(BBC News)

NSO used real people’s location data to pitch its Covid contact-tracing tech 

In May, the spyware manufacturer, famous for its Pegasus spyware, demonstrated its new COVID-19 contact-tracing system named Fleming, to governments and journalists, but later a researcher found an exposed database storing thousands of location data points used by NSO to demonstrate how Fleming works — the same demo seen by reporters weeks earlier. NSO denied that the data used was genuine, but privacy expert Tehilla Shwartz Altshuler, who was also given a demo of Fleming, said NSO told her that the data was obtained from data brokers, which sell access to vast troves of aggregate location data collected from the apps installed on millions of phones.

(TechCrunch)

Thanks to our episode sponsor, Omada

Get stakeholders on board early. Sounds simple, but the hard part is making sure everyone has the right level of information they need at the right time to do their job. So start thinking early about the needs of your CISO, the security staff, auditors, compliance officers, and intellectual property controllers. The goal is increased awareness for all which will reduce resistance for everyone. Discover how Omada can help at omada.net.

Bitcoin tops $34,000 as record rally continues

This was a new high for the cryptocurrency, following a year of growth in 2020 that saw its value           jump by 300 percent. Ethereum, the second biggest cryptocurrency, gained 465% in 2020. The rise in Bitcoin value can be attributed to three key influences: short-term speculators seeking to ride the upwards trajectory, significant instability with the U.S. dollar throughout the second half of 2020 and its increased acceptance as a form of online payment, with PayPal among the most recent adopters of digital currencies.

(BBC News)

Ticketmaster fined $10 million for breaking into rival’s systems

Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees. The two employees directly involved in the scheme shared private CrowdSurge ticketing URLs in order to steal back signature clients. The employees also held a division-wide ‘summit’ at which stolen passwords were used to access the victim company’s computers, all in order to “cut its competitors off at the knees.”

(Bleeping Computer

Google Chrome to display warnings for weak passwords

Chrome is the world’s number one browser, running on over 70 percent of the world’s desktop computers out there. With its new build, named Canary, it now offers an additional safety check feature that will warn about weak passwords, and then offer to help users switch to more complex password phrases. When released publicly, it will still become part of the Safe Browsing set of safety checks.

(Softpedia News)

Top 7 cybersecurity predictions for 2021

This time of year always forces tech experts to bring out their crystal ball and state what they see in the next 12 months for cybersecurity and related fields. The Big Data magazine Analytics Insight offers this collection of seven future developments: 1. A rise in cyber terrorism that extorts governments or government institutes; 2. No relief from data breaches which will be exacerbated by weak networks due to work from home requirements; 3. An increase in the number of cybersecurity investments, with Gartner predicting the worldwide information security market to reach US$170.4 billion in 2022. 4. More demand for national security, based on a report by Microsoft that indicates that almost 89% of cyberattacks gets carried out to harm the sovereignty of a nation. 5. Educational institutes will be the next target for cyberattack due to the rise in online learning. 6. Healthcare institute’s increasing cybersecurity as a priority, based on the increase in ransomware attacks on such facilities during the pandemic; and 7. Advances in cyberattack methods, with AI-driven tools available and increased focus on staying undetected while carrying out attacks.

(Analytics Insight)