Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 1-19-2021

FBI warns of vishing attacks stealing corporate accounts
In multiple cases, once they gained access to the company's network, the threat actors gained greater network access than expected allowing them to escalate privileges using the compromised employees' accounts. In multiple cases, once they gained access to the company's network, the threat actors gained greater network access than expected allowing them to escalate privileges using the compromised employees' accounts.
Roubini Expects Violence, Cyber Attacks During Biden’s Term
U.S economist Nouriel Roubini fears Joe Biden’s presidency will be marked by unrest and cyber attacks, according to an interview he gave to Der Spiegel. There will be additional armed riots, especially from white nationalists, and Russia and China will orchestrate more cyber attacks against the U.S. and spread false information, Roubini, a professor at the Stern School of Business and a former adviser to the U.S. government, told the German magazine.
Medical Device Security: Diagnosis Critical
Experts warn medical-device security is a chronic problem, now exacerbated by COVID-era healthcare challenges. Hospitals have been forced to prioritize budgets and staffing to focus on lifesaving care – meaning that IT security often takes a back seat. Adding insult to injury, hackers are aware of this, and are also now capitalizing on these healthcare strains with a barrage of ransomware and phishing attacks and more.
Hackers 'manipulated' stolen COVID-19 vaccine data before leaking it online
The ongoing investigation found that some of the contents of those emails has been manipulated by those behind the attack in what appears to be an attempt to create mistrust with disinformation about vaccines. "Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines," said the update from the EMA.
How HHS' Cyber Threat Center Pushed Comms Strategies Amid COVID-19
“We’re seeing shifts and jumps as the actors do follow the themes of the day — anything really to get that click and be able to exploit your machine,” Singleton said. [...] “We’re going to see greater scrutiny and intense focus on supply chains and supply chain attacks and really concerted attention from the federal government, as well as I expect within the vendor community, to be looking at both their own software and the software that they’re introducing into the environment,” Singleton said.
Hackers leak trucker, rail worker medical records
According to an informational sheet on its website, Taylor Made’s customers include the U.S. Secret Service and Naval Special Warfare Development Group — better known as SEAL Team Six, the special forces unit responsible for killing Osama Bin Laden. The leaked data included completed U.S. Department of Transportation (DOT)-mandated medical exams, as well as drug and alcohol testing reports for truckers and rail workers at multiple companies. Many documents contained detailed personal information such as full names, addresses, social security numbers and scans of driver’s licenses.
MAS revises cyber risk guidelines
The revised Guidelines provide additional guidance on the roles and responsibilities of the board of directors and senior management - the board and senior management should ensure that a Chief Information Officer and a Chief Information Security Officer, with the requisite experience and expertise, are appointed and accountable for managing technology and cyber risks; and the board should include members with the relevant knowledge to provide effective oversight of technology and cyber risks.
How to Make the National Cyber Director Position Work
Specifically, President Biden and his leadership team will need to clarify the ONCD’s mission, especially its relationship to the National Security Council (NSC); recruit as national cyber director someone capable of navigating complex policy and bureaucratic landscapes; pick a suitable problem for the director to tackle from the start, such as the SolarWinds hack; and give the NCD direct access to the president.
SolarWinds hack is quickly reshaping Congress’s cybersecurity agenda
First, in the wake of the discovery of the SolarWinds breach, the incoming Biden administration committed to making cybersecurity a top priority. Late last week, the Biden team made good on that promise when announcing its Rescue Plan that calls for around $10 billion in cybersecurity spending, including $690 million for CISA to improve security monitoring and incident response at the agency.
Russia, Iran and China exploit Capitol Hill riot to push information operations, US intel concludes
Russian state media has harped on the Jan. 6 riot’s “violent and chaotic nature,” while focusing on the second impeachment of President Donald Trump, according to the memo. One Russian “proxy” suggested that “Antifa,” a loose collection of left-wing activists, was responsible for the storming of the Capitol, the intelligence memo said. Some Republican lawmakers also have mentioned that baseless conspiracy theory.
Iranian Cyber Operation Posts Threats
"The Iranian cyber actors have sought to intimidate some of the officials with direct threats, including an image of an apparent text communication between the [Enemies of the People] actors and an unidentified individual in the United States purportedly supporting the operation," according to the new FBI alert. The Iranian-linked threat actors are sending threatening emails and text messages to American citizens that can contain personal information as well as photographs, the FBI reports.
China cybersecurity and data protection: Review of 2020 and outlook for 2021
2020 has been an active year for developments in China’s cybersecurity and data protection regimes. In this e-bulletin we highlight the major regulatory and enforcement developments during the year in three key areas:

  • Security protection
  • Data protection
  • Supply chain security

Further details are set out below. In each case we set out a reminder of the obligations under the Cyber Security Law and provide a brief summary of the main developments during this year.
2021’s Shift Toward Unity Against High-Tech Illiberalism and Disinformation
Disinformation has long been a cost-effective way for foreign governments to create unrest in the United States, including Russia’s disinformation operations during the 2016 US presidential election and its ongoing efforts to foster vaccine uncertainty within the US alongside China. Robby Mook, a senior fellow at Harvard’s Defending Digital Democracy program, said in a recent podcast that adversaries’ disinformation goals are not to further a specific agenda; instead, they want the US “to kind of turn on itself.”
I used to wiretap. This is why encryption backdoors are dangerous
If U.S. service providers are forbidden from building secure products, then U.S. companies will look for them elsewhere. Enter foreign service providers, who will at best be happy to fill the competitive void in the market and at worst have their own governments’ data mandates to implement. That would likely put U.S. service providers out of business. The lack of trust would also damage our credibility worldwide, essentially turning the phrase “Made in America” into a warning label.
Capitol Rioters ID’ed With Help From Dating Apps
Dating apps are using images captured from inside the Capitol siege and other evidence to identify and ban rioters’ accounts, causing immediate consequences for those who participated. … Women and men have in some cases also turned the dating apps into hunting grounds. … Using the dating apps to pursue members of the mob has become a viral pursuit, with tips shared on Twitter?…?contributing to a wide-scale manhunt for dating-app users who played a part in the violent attack.
FIN11 e-crime group shifted to clop ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several of their recent ransom notes explicitly name data stolen from workstations that belong to top executives (including founders/CEOs) of the respective enterprises. “This is likely based on the hope that using data stolen from top executives in the extortion process raises their chances that the victim pays.”
‘Child’s Play’ – Kids breach and bypass Linux Mint screensaver lock
A few weeks ago, my kids wanted to hack my linux desktop, so they typed and clicked everywhere, while I was standing behind them looking at them play… when the screensaver core dumped and they actually hacked their way in! wow, those little hackers. [...] I thought it was a unique incident, but they managed to do it a second time. So I’d consider this issue… reproducible… by kids. I tried to recreate the crash on my own with no success, maybe because it required more than 4 little hands typing and using the mouse on the virtual keyboard.

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book