Home https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Technology https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ The SolarWinds investigation is growing

The SolarWinds investigation is growing



It was an unprecedented and historic week in the United States, when a crowd of supporters of President Donald Trump exploded on Capitol Hill in Washington and stormed the Capitol building, forcing Congress to evacuate and temporarily suspending the symbolic certification of Joe Biden’s election. Digital archivists and others went up to save photos and footage of the uprising, while social media introduced ad hoc content moderation policies. Meanwhile, national security experts are wary of the risks the incident poses to information security and national security in the Capitol.

In other news, transparency activists DDoSecrets, a kind of successor to WikiLeaks, published a wealth of corporate information ̵

1; a move that was particularly controversial since the data was originally stolen by hacker attacks. Speaking of Wikileaks, the United Kingdom on Monday rejected a request from the US Department of Justice to extradite Julian Assange, citing Assange’s mental state and risk of suicide, rather than any assessment of whether the WikiLeaks founder has violated the Espionage Act.

WhatsApp users were notified this week that a change in the app’s privacy policy means they can no longer opt out of sharing data with Facebook – which is confusing because WhatsApp has been sharing this data since 2016 and only gives an option for refusing a fleeting 30-day window this year. And Ticketmaster was caught hacking into the systems of a rival company, agreeing to pay a $ 10 million fine to settle the case with federal prosecutors.

And there is more. Below we have collected the most important SolarWinds stories so far from across the Internet. Click on the titles to read them and beware there.

As it was revealed that SolarWinds’ Orion IT management tool was exploited in an attack on a software supply chain, the cybersecurity industry is worried about the news that the same Russian hackers have taken advantage of other popular software. This week, FBI sources told Reuters that Czech-based software company JetBrains was seen as another possible victim and potential vector for a broken code. The JetBrains TeamCity project management tool is used by tens of thousands of customers, including SolarWinds, which increases the likelihood that it has served as a starting point for infection in the SolarWinds network. The fact that JetBrains was founded by three Russian engineers cast further suspicion on the company. But the chief executive of JetBrains in St. Petersburg said this week that he was not affiliated with the FBI or any other agency. In addition, he says, JetBrains has seen no evidence that it itself was compromised by hackers, let alone used to further compromise SolarWinds systems.

Chris Krebs, a former director of the Agency for Cyber ​​Security and Infrastructure Security, became a cause in November when President Trump fired him because he rightly said that allegations of widespread hacking and fraud by the president and his supporters were untrue. . Now, after a federal career that many have credited with helping secure the 2020 presidential election from foreign interference, Krebs is embarking on another huge cybersecurity story in the past year: Russia’s hacking of SolarWinds, a Texas-based company. whose software was hijacked and used to infiltrate the networks of at least half a dozen federal agencies. SolarWinds hired Krebs to help him remove and recover from the breakthrough that put him at the epicenter of this large-scale hacking scandal. He will be joined by former Facebook and Yahoo chief executive Alex Stamos, who similarly signed with video conferencing company Zoom last spring to help her recover from her security concerns. Both Krebs and Stamos will work with SolarWinds through a consulting firm they set up, Krebs Stamos Group. Given that SolarWinds shares have lost more than a third of their value, or about $ 2.5 billion, since the news of its breach broke, whatever fees the company they consult – probably very large – pay undoubtedly are an error in rounding up its total infringement costs.

Desmond Tan, Singapore’s interior minister, told parliament Monday that Singapore police could use data from the country’s Covid-19 tracking platform in investigations. Initially, the service was marketed as little information as possible and as a one-time tool for contact tracking only. But on Monday, the platform was updated to reflect the potential for access to law enforcement. More than 4 million of Singapore’s 6 million citizens use the app.


Source link