Trump banned from Facebook & Instagram, maybe indefinitely

Facebook CEO Mark Zuckerberg announced that Donald Trump will be blocked from using Facebook and Instagram “for at least the next two weeks until the peaceful transition of power is complete.” He’s not happy about his platform being used “to incite violent insurrection against a democratically elected government,” he said. Facebook says that “the risks of allowing the President to continue to use our service during this period are simply too great.” The company blocked Trump’s accounts temporarily on Wednesday following his posting of content that incited followers to violence, but now Zuckerberg says the ban is extended “indefinitely.” Twitter has also threatened Trump with a permanent ban.

(TechCrunch)

Attempted coup prompts new rules from Facebook

Following Wednesday’s takeover of the Capitol by violent Trump supporters, Facebook and Instagram have banned the hashtag #StormTheCapitol. On Wednesday evening, the platforms began removing any content praising the attackers and joined Twitter in temporarily stripping Trump of his ability to post. Facebook called the rampage a “disgrace” and reacted with new rules. Among them, it will now require yet more admin review for group posts and will auto-disable comments on group posts that attract a “high rate” of hate speech or that encourage violence. Twitter has threatened Trump with permanent suspension. 

(TechCrunch)

Trump supporters openly posted about violent plans for weeks

Calls for violence against lawmakers, police, and journalists if Congress didn’t reject the results of the presidential election were posted in plain sight, for weeks, from all corners of the social web. Jared Holt, a visiting research fellow with DFRLab, told BuzzFeed News that “The earliest call we got on our radar … was a militia movement chatroom talking about being ‘ready for blood’ if things didn’t start changing for Trump.” Calls have gone out for platforms to completely “deplatform” Trump for having incited violence on Facebook, Twitter, and YouTube.

(BuzzFeed News)

Capitol breach has ‘staggering’ infosec implications

We know that they sat in Nancy Pelosi’s chair, put their feet on her desk, and rifled through legislators’ files. But what systems and physical files did they steal, alter or destroy? Figuring it out will be a “staggering” task, cybersecurity observers noted. We should assume that “all systems and physical files were compromised, and catalog what of each” was tampered with, noted security reporter Joe Uchill. Every printer. Every copier. Every nook and cranny. Another security reporter, Marc Ambinder, noted that “Every single computer on Capitol Hill is vulnerable to a USB-mounted attack.” 

(Twitter)

Thanks to our episode sponsor, Omada

Well-tested process frameworks are great starting points. No need to reinvent. Just tweak processes that have already proven effective such as automating identity management, access requests, cross-application segregation of duties, and least privilege access. Head over to omada.net to see how Omada can help you get two steps ahead with your identity management.

US intel probes JetBrains as possible entry point for SolarWinds hackers

Cybersecurity investigators and American intelligence agencies are looking into the possible use of software from JetBrains, a Russian company based in the Czech Republic, in the far-reaching SolarWinds hack. Sources told the New York Times that the inquiry is focusing on a possible breach of the TeamCity product, which is used by developers to test and swap code before release. The hackers may have used the popular product to insert backdoors into the software of an untold number of technology companies. JetBrains said it’s not aware of any breach.

(New York Times)

Disgruntled, now jailed former VP hacked PPE supply for healthcare workers

A former company vice president is facing a year and a day behind bars for disrupting shipping of crucial equipment to healthcare workers.  The company, Stradis Healthcare, fired Christopher Dobbins in March 2020. But Dobbins had set up a secret, fake staff account and used it to tamper with Stradis’ electronic records. He edited more than 115,000 records and deleted over 2,300 entries. It took months for Stradis to mop up, leaving those fighting the pandemic stuck without the PPE, medical supplies, and surgical kits they so desperately need. Dobbins will pay restitution of $221,200. 

(ZDNet)

US Army launches new bug-bounty program

The Defense Digital Service (DDS) and HackerOne have launched a new bug bounty program that’s meant to dig out vulnerabilities in the US Army’s digital systems. Called Hack the Army 3.0, this will be the 11th bug bounty program from the DDS and HackerOne and the third one that focuses on the US Army. It runs from Jan. 6 until Feb. 17, is by invitation only, and will include cash for military and civilian participants who successfully uncover bugs. 

(InfoSecurity)

Phishing campaign dangles video of Trump as bait

Researchers at Trustwave have discovered a new campaign that’s luring people into downloading the latest version of the QRat Trojan—a version they describe as “significantly enhanced”. The Quaverse Remote Access Trojan (QRat) first emerged in 2015. It uses multiple layers to hide its true purpose and gives hackers complete, remote access to compromised computers. The initial phishing email promises potential victims a loan with a “good return on investment.” However, the malicious attachment has nothing to do with investment returns and instead claims to be a video of Donald Trump.

(ZDNet)