Rioters storm US Capitol, Trump’s Twitter suspended
Yesterday afternoon, a group of pro-Trump rioters stormed the US Capitol, causing a lockdown and suspension of the Electoral College vote count. As this recording, 8:30pm ET on January 6th, Congressional leaders plan to return to the chamber and resume the count. Twitter removed three Trump tweets inciting the rioters and suspended the President’s personal account for at least 12 hours, which will not be unlocked until the tweets are officially deleted. Twitter says the account will be permanently banned if violations continue. YouTube and Facebook also removed a video the president posted addressing the attack as it contained false information on the 2020 election and “contributes to rather than diminishes the risk of ongoing violence.”
SolarWinds attackers accessed DOJ’s email server
The Department of Justice confirmed that the attackers escalated access from the trojanized SolarWinds Orion app across its network and was able to access some employee emails. This appears limited to about 3% of employees, estimated at around 3000 accounts, with the DOJ saying there is no evidence classified information or systems were exposed. The DOJ says it has now blocked the attacker’s point of entry to the network. While thousands of companies and organizations downloaded the trojanized version of Orion, the attackers only escalated access with second stage attacks on select targets.
WhatsApp to share user data with Facebook
Facebook will ban political ads in Georgia following runoff
The company announced the ban would go back into effect in the state, covering ads on social issues, elections and politics nationwide. Facebook had eased up on political ad restriction in the state starting December 16th to allow for messaging surrounding the runoff election, even as it kept in place a broader political ad ban in the wider US. On December 10th, Google fully lifted its ban on political ads it put in place after the US election polls closed on November 3rd.
Thanks to our episode sponsor, Omada
Google to add App Store Privacy Labels this week
Following up on the speculation that Google hadn’t updated its apps to comply with new iOS privacy features, TechCrunch confirmed that Google plans to begin updating its iOS apps to feature the new App Store Privacy Labels as early as this week. Apple began requiring the labels to be included in all app and app updates submitted as of December 8th. Since then, Google has updated its Slides and the homework helper app Socratic by Google, but neither included the new privacy labels.
Chinese firms face new bans and re-delistings
After receiving new guidance from the Treasury Department, the New York Stock Exchange says it will in fact delist China Telecom, China Mobile and China Unicom. The new guidance states that people in the U.S. could not engage in certain transactions with the three companies as of next Monday. The exchange will halt trading with the three as of 4pm January 11th.
In a similar move, a new executive order bans transactions with eight Chinese apps, including Alipay, Tecent’s QQ Wallet and WeChat Pay, as well as CamScanner, SHAREit, VMate, and WPS Office. The Commerce Department now has 45 days to define which transactions will be banned under the order, although Reuter’s sources say the department plans to act before the January 20th inauguration of President-elect Biden. The order claims data collected by those apps could pose a threat to national security.
Intel launches RealSense ID
The latest product in Intel’s depth tracking portfolio, RealSense ID is an on-device solution that combines an active depth sensor with a machine learning model to perform facial authentication. Intel claims the system can adapt over time to changes in facial hair and accessories like glasses, working across a range of lighting conditions. RealSense ID processes all recognition locally, encrypts all user data, and won’t try an authentication unless prompted by a pre-registered user. RealSense ID pricing starts at $99 and will be available later in Q1.
Nissan investigating source code leak
The car maker is looking at whether code from its North American division’s mobile apps, and marketing tools was leaked online. The leaked info was publicized by software engineer Tillie Kottmann on Twitter, saying it came from a “severely mismanaged” Git server with username and password set to the ever popular “admin.” Code for Nissan’s Dealer Business Systems, diagnostic tools, and vehicle connected services were also reportedly in the leaked data. After the leak was publicized, Nissan took the server offline on January 5th.
New ransomware family taking aim at corporate networks
The Babuk ransomware has attempted to extort at least four corporate victims since being discovered. According to security researcher Chuong Dong, Babuk lacks the obfuscation techniques found in more sophisticated ransomware families, but uses a strong encryption scheme which has proven effective against organizations. Babuk can infect local machines or spread across network shares if command line parameters are supplied by the attackers, and uses a single private key for each malware sample. Overall, security researchers found some evidence of mediocre coding, like its approach to multithreading and leaving in chat logs from previous ransom attempts online.