This posting is here to collect cyber security news in January 2021.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
This posting is here to collect cyber security news in January 2021.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
369 Comments
Tomi Engdahl says:
https://hackaday.com/2021/01/14/teardown-tap-trapper/
Tomi Engdahl says:
Man pleads guilty after drone hits LAPD helicopter, conviction 1st of its kind
https://www.theaegisalliance.com/2021/01/15/man-pleads-guilty-after-drone-hits-lapd-helicopter/
Tomi Engdahl says:
Ransomware attacks now to blame for half of healthcare data breaches
https://www.zdnet.com/article/ransomware-attacks-now-to-blame-for-half-of-healthcare-data-breaches/
Almost half of data breaches at hospitals were because of ransomware attacks – and those attacks could’ve been prevented with timely patching.
Tomi Engdahl says:
NSA warns against using DoH inside enterprise networks
The NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic to third-parties.
https://www.zdnet.com/article/nsa-warns-against-using-doh-inside-enterprise-networks/
Tomi Engdahl says:
US adds nine Chinese firms, including Xiaomi, to military blacklist
https://www.scmp.com/news/china/article/3117814/us-adds-chinese-oil-giant-chinese-national-overseas-oil-corporation
Tomi Engdahl says:
Cybersecurity firm identifies third SolarWinds hack malware strain
Strain was used to create an opening for other malware
https://www.foxbusiness.com/technology/cybersecurity-firm-third-malware-strain-solarwinds-hack
Tomi Engdahl says:
Introducing Malvuln.com – the first website ‘exclusively dedicated’ to revealing security vulnerabilities in malware
https://portswigger.net/daily-swig/introducing-malvuln-com-the-first-website-exclusively-dedicated-to-revealing-security-vulnerabilities-in-malware
Tomi Engdahl says:
Windows 10 bug corrupts your hard drive on seeing this file’s icon
https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/
An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.
Tomi Engdahl says:
http://xn--hn-via.fi/2021/01/14/onko-trumpin-oikeutta-sananvapauteen-rikottu/
Tomi Engdahl says:
Voting Machine Company Threatens Researchers for Exposing Valid Security Flaws
Election Systems and Software (ES&S) is sending cease and desist letters to organizations simply for highlighting proven security vulnerabilities.
https://www.vice.com/en/article/3an7kj/election-hardware-vendor-threatens-researchers-for-exposing-valid-security-flaws
Tomi Engdahl says:
Adobe to block Flash content from running on January 12, 2021
Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL.
https://www.zdnet.com/article/adobe-to-block-flash-content-from-running-on-january-12-2021/
Tomi Engdahl says:
Twitter’s decentralized future
https://techcrunch.com/2021/01/15/twitters-vision-of-decentralization-could-also-be-the-far-rights-internet-endgame/?tpcc=ECFB2021
The platform’s vision of a sweeping open standard could also be the far-right’s internet endgame
Tomi Engdahl says:
https://www.cyberscoop.com/rob-joyce-nsa-cybersecurity-director-neuberger/
Tomi Engdahl says:
We should all simultaneously decide we want to download Facebook/Instagram account backups: https://www.facebook.com/help/212802592074644
I wonder what it would do?
Tomi Engdahl says:
The password guess worth $240m in bitcoin
https://www.google.com/amp/s/www.bbc.co.uk/news/amp/technology-55645408
We’ve all been there – brain fog makes us forget our password and after eight frantic attempts, we have just two left.
That’s the situation for programmer Stefan Thomas but the stakes are higher than most – the forgotten password will let him unlock a hard drive containing $240m (£175m) worth of Bitcoin.
Tomi Engdahl says:
Trumpin potkiminen somesta oli PR-temppu, jolla on vaikutuksia sinunkin internetiisi – 6 asiaa jotka sinun pitää tietää
Voit tulevaisuudessa todennäköisesti nostaa oikeusjutun, jos oma tilisi poistetaan somesta.
https://yle.fi/uutiset/3-11738815
Tomi Engdahl says:
https://cyprus-mail.com/2021/01/16/a-closer-look-at-the-solarwinds-hack/
Tomi Engdahl says:
https://www.forbes.com/sites/rachelsandler/2021/01/15/so-many-people-are-using-signal-it-caused-an-outage/
Tomi Engdahl says:
https://arstechnica.com/information-technology/2021/01/hackers-used-4-0days-to-infect-windows-and-android-devices/
Tomi Engdahl says:
https://pentestmag.com/how-to-protect-your-website-10-security-holes-you-need-to-care-about/
Tomi Engdahl says:
Calculations Show It’ll Be Impossible to Control a Super-Intelligent AI
https://www.sciencealert.com/calculations-show-it-d-be-impossible-to-control-a-rogue-super-smart-ai
The idea of artificial intelligence overthrowing humankind has been talked about for many decades, and scientists have just delivered their verdict on whether we’d be able to control a high-level computer super-intelligence. The answer? Almost definitely not.
Tomi Engdahl says:
A Very Disturbing Look Deep Inside the Parler App
https://www.thestreet.com/mishtalk/politics/a-very-disturbing-look-deep-insider-the-parler-app
Tomi Engdahl says:
Telegram blocks ‘dozens’ of hardcore hate channels threatening violence
https://techcrunch.com/2021/01/13/telegram-channels-banned-violent-threats-capitol/
Tomi Engdahl says:
Building natural trust in artificial intelligence
Two new technologies being developed by Fujitsu Laboratories are making AI more transparent and robust.
https://www.nature.com/articles/d42473-020-00352-0?utm_source=twitter&utm_medium=social&utm_campaign=bcon-NI_AI_Fujitsu&fbclid=IwAR3-Iw_4cY3yVPsDzBWWexNMgw-T_sttEciwJ7b8N3KUFJA_PnZKRxb1F6w
Tomi Engdahl says:
Iconic BugTraq security mailing list shuts down after 27 years
https://www.zdnet.com/article/iconic-bugtraq-security-mailing-list-shuts-down-after-27-years/
BugTraq launched in November 1993 and it was one of the first mailing lists dedicated to disclosing vulnerabilities.
BugTraq, one of the cybersecurity industry’s first mailing lists dedicated to publicly disclosing security flaws, announced today it was shutting down at the end of the month, on January 31, 2021.
Tomi Engdahl says:
Venice is watching tourists’ every move
https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html
They’re watching you, wherever you walk. They know exactly where you pause, when you slow down and speed up, and they count you in and out of the city.
What’s more, they’re tracking your phone, so they can tell exactly how many people from your country or region are in which area, at which time.
And they’re doing it in a bid to change tourism for the better.
Welcome to Venice in a post-Covid world.
Tomi Engdahl says:
Parler’s CEO fled his home and went into hiding after receiving death threats and security breaches, a court filing says
https://www.businessinsider.com/parlers-ceo-fled-his-home-after-receiving-death-threats-2021-1
Parler was recently removed from the Apple App Store and Google Play Store, and Amazon Web Services stopped hosting the platform after it deemed Parler a “risk to public safety.”
Trump supporters flocked to the platform after the president was banned from Twitter following the siege at the Capitol on January 6.
Tomi Engdahl says:
Unmasking the Deceased Programmer Who Donated 28 Bitcoin to Capitol Hill Rioters
https://cryptobriefing.com/unmasking-deceased-programmer-donated-bitcoin-capitol-hill-rioters/
Crypto Briefing has uncovered the real identity of Pankkake, a deceased French programmer who allegedly donated $520,000 in Bitcoin to American white nationalist figures in the days ahead of the Capitol Hill riots.
Citing the downfall of Western civilization, Pankkake allegedly sent white nationalists in the U.S. $500,000, including almost $250,000 in BTC, to “white majoritarian” Nick Fuentes.
Tomi Engdahl says:
Hackers steal Mimecast certificate used to encrypt customers’ M365 traffic
Compromise by “sophisticated threat actor” prompts company to issue new certificate.
https://arstechnica.com/information-technology/2021/01/mimecast-says-hackers-stole-a-certificate-and-used-it-to-target-its-customers/
Email management provider Mimecast said that hackers have compromised a digital certificate it issued and used it to target select customers who use it to encrypt data they sent and received through the company’s cloud-based service.
In a post published on Tuesday, the company said that the certificate was used by about 10 percent of its customer base, which—according to the company—numbers about 36,100. The “sophisticated threat actor” then likely used the certificate to target “a low single digit number” of customers using the certificate to encrypt Microsoft 365 data. Mimecast said it learned of the compromise from Microsoft.
https://www.mimecast.com/blog/important-update-from-mimecast/
Tomi Engdahl says:
What Are the Differences between Digital Signatures and Electronic Signatures?
https://penneo.com/blog/digital-signatures-vs-electronic-signatures/
Technology and digitalization have radically changed the way we do many things, from the more complex actions to the simpler ones like signing a document. Signing documents online has never been easier (and perhaps more confusing!). It’s easy to get overwhelmed by the different options available on the market when it comes to online signing.
Tomi Engdahl says:
More federal victims of SolarWinds hacking likely to come forward, CISA chief says
https://www.cyberscoop.com/solarwinds-cisa-brandon-wales-russia/
The number of federal agencies confirmed to have been breached in a suspected Russian espionage campaign will likely increase as the investigation continues, the head of the U.S Cybersecurity and Infrastructure Security Agency said.
“The number [of federal victims] is likely to grow with further investigation,” Brandon Wales, CISA’s acting director, said in an interview Friday. “That being said, we do believe that the number will remain extremely small because of the highly targeted nature of this campaign. And that is going to be true for both government and private-sector entities compromised.”
There is pressure on U.S. investigators from lawmakers, private companies and the public to be as forthcoming as possible with details on the SolarWinds espionage campaign and who was responsible. Sen. Mark Warner, D-Va., last week accused the White House of “water[ing] down” an interagency statement linking the hacking to Russia, which has denied involvement.
Tomi Engdahl says:
Ahhh 2021… the year where you livestream yourself committing a felony then get shocked when the FBI van your ass
‘Baked Alaska’ arrested in Capitol Hill riot: FBI
https://www.reuters.com/article/us-usa-trump-capitol-arrest-idUSKBN29L0RN?utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook
WASHINGTON (Reuters) – Far-right media personality Tim Gionet, who goes by the handle “Baked Alaska,” was arrested on Friday by the Federal Bureau of Investigation in Houston, Texas, according to documents the agency posted online, and charged with participating in the violent riot on Capitol Hill on Jan. 6.
Tomi Engdahl says:
Fired Florida COVID-19 data scientist Rebekah Jones arrested and charged with illegal access to state computer
https://www.cbsnews.com/news/rebekah-jones-fired-florida-covid-19-data-scientist-arrested/?ftag=CNM-00-10aab6a&linkId=109410500
“Insurrectionists planning attacks across the country this week and Florida is jailing scientists for the crimes of knowing and speaking.”
Jones is charged with “one count of offenses against users of computers, computer systems, computer networks and electronic devices,” according to the Florida Department of Law Enforcement.
Earlier Sunday, she tweeted she was turning herself in to authorities.
“To protect my family from continued police violence, and to show that I’m ready to fight whatever they throw at me, I’m turning myself into police in Florida Sunday night,” she tweeted. “The Governor will not win his war on science and free speech. He will not silence those who speak out,” she added.
Tomi Engdahl says:
Capitol rioter plotted to sell stolen Pelosi laptop to Russian intelligence
https://www.nbcnews.com/news/us-news/capitol-rioter-plotted-sell-stolen-pelosi-laptop-russian-intelligence-n1254583
A Pennsylvania woman accused of being one of the Capitol rioters told a former “romantic partner” she planned to steal a laptop computer from House Speaker Nancy Pelosi’s office and sell it to Russian intelligence, court documents revealed Monday.
Tomi Engdahl says:
A man who says he threw away a hard drive loaded with 7,500 bitcoin in 2013 is offering his council $70 million to dig it up from the city dump
https://www.businessinsider.com/man-offers-council-70-million-dig-up-bitcoin-hard-drive-2021-1
Tomi Engdahl says:
Linux Mint fixes screensaver bypass discovered by two kids
https://www.zdnet.com/article/linux-mint-fixes-screensaver-bypass-discovered-by-two-kids/
Two children playing on their dad’s computer accidentally found a way to bypass the screensaver and access locked systems.
Tomi Engdahl says:
Switching to Signal? Turn on these settings now for greater privacy and security
https://www.zdnet.com/article/switching-to-signal-turn-on-these-settings-now-for-greater-privacy-and-security/
Switching to Signal because you’re worried about privacy? Here are a few settings you should tweak to add even more security to your messaging.
Tomi Engdahl says:
Scraped Parler data is truly revealing
https://techbeacon.com/security/scraped-parler-data-reveals-countless-capitol-perps
Tomi Engdahl says:
Threat of inauguration violence casts a long shadow over social media
In spite of sweeping changes, extremism remains in plain sight.
https://techcrunch.com/2021/01/17/capitol-attack-social-media-inauguration-day/
Tomi Engdahl says:
EMA warns over doctored COVID-19 vaccine data hacked and leaked online
https://techcrunch.com/2021/01/15/ema-warns-over-doctored-covid-19-vaccine-data-hacked-and-leaked-online/
Tomi Engdahl says:
Elon Musk said ‘use Signal,’ and confused investors sent the wrong stock up 438% on Monday
https://www.cnbc.com/2021/01/11/signal-advance-jumps-another-438percent-after-elon-musk-fueled-buying-frenzy.html
Tomi Engdahl says:
How Law Enforcement Gets Around Your Smartphone’s Encryption
New research has dug into the openings that iOS and Android security provide for anyone with the right tools.
https://www.wired.com/story/smartphone-encryption-law-enforcement-tools/
Tomi Engdahl says:
Big Tech’s De-Platforming Binge Highlights The Need For Web 3.0
https://www.forbes.com/sites/leeorshimron/2021/01/17/big-techs-de-platforming-binge-highlights-the-need-for-web-30/
Following the U.S. Capitol riot last week, the Big Tech leaders simultaneously de-platformed President Trump. Twitter followed suit by suspending 70,000 accounts associated with the far-right QAnon conspiracy theory group. Parler, the social media platform billing itself as a “free-speech paradise” was the next target as Apple AAPL -1.4% and Google GOOG -0.2% banned the mobile app from their app stores and Amazon Web Services stopped hosting Parler’s website.
Although the effort is arguably justified for several reasons, these actions raise questions about the state of “cancel culture” and the amount of unilateral power these centralized tech companies have accrued. If a sitting U.S. President can be de-platformed, does that mean everyone of us is also at risk of being cut off? Evidenced by Cambridge Analytica and other scandals, Big Tech has been exploited by malicious foreign actors to manipulate its users. Are the interests of Big Tech and its advertising-based business model aligned with those of its users?
Tomi Engdahl says:
https://cybernews.com/editorial/hackers-leverage-sophisticated-and-novel-techniques-to-break-into-networks/?utm_source=facebook&utm_medium=cpc&utm_campaign=rm&utm_content=hackers_leverage&fbclid=IwAR0MVFDCjCYHyxcu_f3g7QnDllDtasEnyVU9rwxT4Qu796q0Q0dGy84xZgc
Tomi Engdahl says:
Los Angeles Times:
Amateur digital sleuths have joined massive crowdsourcing efforts on social media to track violent Capital rioters, passing the evidence to authorities — The digital sleuths take to their computers in the moments when they can peel away from their real-world responsibilities — jobs …
On social media, amateur digital sleuths try to help track violent Capitol rioters
https://www.latimes.com/california/story/2021-01-17/amateur-social-media-sleuths-track-violent-capitol-rioters
The digital sleuths take to their computers in the moments when they can peel away from their real-world responsibilities — jobs, school, families — with a singular mission: finding the rioters who brought violence to the nation’s capital last week.
Behind computer screens on the West Coast, in the Midwest, and as far away as Australia they scour the depths of the internet in search of photos and videos of the insurrection, hoping to identify the most violent protesters, amass digital dossiers on them and pass the evidence on to authorities.
In the days following the Jan. 6 riot, which left five people dead and injured dozens of police officers, some amateur detectives have joined massive crowdsourcing or “open-source intelligence” efforts on social media aimed at piecing together clues that rioters — and journalists — left via live streams, photographs and videos taken at the scene.
They are searching, they say, for justice.
Some amateur sleuths simply amplify the information others have unearthed, using the hashtag #SeditionHunters, among others. More ambitious investigators create collages filled with photos of each violent protester as well as an analysis of the type of gear or clothing that person was wearing and any weaponry they were wielding. The most organized set — like Lisenby — might assign an individual a moniker, such as #Scallops or #BaldEagle, to keep information in one place.
Novice detectives interviewed by The Times said that they perform their work carefully, taking measures aimed at protecting suspects’ identities — including not posting someone’s name online — while passing information to the FBI and other authorities.
But criminal justice scholars say there is a danger that suspects could be misidentified by other digital investigators, doxxed or otherwise named in harmful, public ways before law enforcement officials can verify an alleged perpetrator’s identity.
“Online witch hunts can be bad or dangerous, and could lead me to shutting down the site earlier if we can’t do this in a way where we are not accidentally doxxing people,” the 30-year-old said, adding that they joined the effort to “make things safer than they have been.” “I don’t see social media as the platform where justice is delivered.”
In the days since the riot, Washington, D.C.’s Metropolitan Police Department has received tens of thousands of tips about suspected participants, including links to tweets or messages asserting personal knowledge about a specific attendee, said spokesperson Alaina Gertz.
On Jan. 7, the department posted photos of suspected rioters and asked the public for help in identifying them. Within a day, they received about 17,000 tips.
“The intent for many people may be good, but the unintentional consequences give me pause,” said Oren Segal, vice president for the Anti-Defamation League’s Center on Extremism. “When the tensions are high this way, verification is so important.”
“To get rid of root rot on a plant, you have to change the soil and disinfect the roots,” she said. “If you just transplant it, the rot is still on the root and it’s just going to come back.
“If we don’t have that disinfectant — the accountability — I don’t think there is a tenable way forward for democracy.”
Tomi Engdahl says:
Depop: ‘I felt so violated when my account was hacked’
https://www.bbc.com/news/business-55635601
“I thought I had just forgotten my password when I couldn’t get back in, but a couple of days passed and I realised something wasn’t right,” says the Birmingham-based law student.
She then received a message from a stranger on Instagram, alerting her to the fact that her account had been taken over by a scammer advertising Apple AirPod headphones for £50.
She immediately used her brother’s Depop account to comment on the offending post and contact the app. It was removed by the firm in a few hours and her password was reset.
Tomi Engdahl says:
Los Angeles Times:
Amateur digital sleuths have joined massive crowdsourcing efforts on social media to track violent Capitol rioters, passing the evidence to authorities — The digital sleuths take to their computers in the moments when they can peel away from their real-world responsibilities — jobs …
On social media, amateur digital sleuths try to help track violent Capitol rioters
https://www.latimes.com/california/story/2021-01-17/amateur-social-media-sleuths-track-violent-capitol-rioters
The digital sleuths take to their computers in the moments when they can peel away from their real-world responsibilities — jobs, school, families — with a singular mission: finding the rioters who brought violence to the nation’s capital last week.
Behind computer screens on the West Coast, in the Midwest, and as far away as Australia they scour the depths of the internet in search of photos and videos of the insurrection, hoping to identify the most violent protesters, amass digital dossiers on them and pass the evidence on to authorities.
Tomi Engdahl says:
Washington Post:
Tech giants are bracing for tougher regulation under Biden’s administration, as Democrats’ calls for regulation have become more urgent after Capitol attacks — The Democratic Party’s calls for regulation have grown more urgent in the days since Biden won the presidency …
https://www.washingtonpost.com/politics/2021/01/18/silicon-valley-tech-biden-democrats/
Tomi Engdahl says:
Parler partially reappears with support from Russian technology firm
https://www.reuters.com/article/us-usa-trump-parler-russia/parler-partially-reappears-with-support-from-russian-technology-firm-idUSKBN29N23N
(Reuters) – Parler, a social media website and app popular with the American far right, has partially returned online with the help of a Russian-owned technology company.
Tomi Engdahl says:
Capitol riot suspect plotted to sell stolen Pelosi laptop to Russian intelligence, authorities say
Riley June Williams was turned in to the FBI by a former “romantic partner,” according to court documents.
https://www.nbcnews.com/news/us-news/capitol-rioter-plotted-sell-stolen-pelosi-laptop-russian-intelligence-n1254583