NSA refuses to say if it still uses encryption backdoors
The National Security Agency declined to disclose to Sen. Ron Wyden its promised new guidance on encryption backdoors because, basically, the dog ate its homework. The NSA claims to not be able to locate the guidance document it told Wyden in 2018 that it created in the wake of the 2015 hack of Juniper Networks devices through an NSA-mandated encryption backdoor. Security experts familiar with the case say that the Chinese government was responsible for the hack. (Reuters)
Ryuk ransomware smashes hospital networks across the U.S.
An Eastern European cybercriminal group known as UNC1878 has taken down multiple hospital networks over the past few days with the Ryuk ransomware. As the U.S. continues to struggle with its pandemic response, and hospitals across the Midwest face skyrocketing numbers of Covid-19 infected patients, some cybersecurity professionals have begun to volunteer their time to protect hospital and healthcare provider networks. (Cyberscoop)
Section 230 hearing devolves into political rants
The Senate Commerce Committee convened Wednesday morning to hear the heads of Google, Facebook, and Twitter explain their positions on Section 230 of the Communications Decency Act. That’s the 1996 law that gives legal cover to computer services for user-generated content while allowing them to moderate that content without fear of liability. But instead of deep, nuanced dives into one of the preeminent laws protecting Big Tech, many of the Republicans leading the conversation wanted to know why, to them, Twitter wasn’t fair. (Wired)
Physical security schematics stolen in Swedish data breach
Bank vault schematics and surveillance system layouts are among the tens of thousands of sensitive documents stolen from the computer systems of Swedish security giant Gunnebo Group. The Swedish multinational with billions in annual revenue provides physical security to, among others, banks, governments, airports, casinos, and even nuclear power plants.(Krebs on Security)
Thanks to our sponsor, F5
U.S.-based hate groups continue to use Big Tech for payments
What do Amazon, Facebook, PayPal, and Stripe have in common? They are all used, along with 50 others, by 73 hate groups based in the United States to conduct online transactions. 32 of those hate groups have nonprofit status, which lets them legally raise funds through charity fundraising platforms. (NBC News)
Who tracks the Web trackers?
A new online tool from the data-driven publisher The Markup shows consumers which sites are tracking them online, and how. In this story I wrote for Dark Reading, I look at the new Blacklight tool and how for even the most Web-savvy consumer or site owner, it can help show how deep tracking cookies are buried, and what to do about them. (Dark Reading)
Who is Vijaya Gadde, Twitter’s top lawyer?
Love ‘em or hate ‘em, the new rules on how Twitter governs its users, from its ban on political advertising to deleting controversial Covid-19 tweets, come from its head of legal, policy and trust. Vijaya Gadde is CEO Jack Dorsey’s right-hand woman, and Politico dives into the personality behind the policy. (Politico)
You can’t stop phishing with human eyes or better fonts
Cybersecurity expert Troy Hunt analyzes why some in the field are trying to change the fonts used in browser location bars as a way to stop successful phishing attacks. Instead, he says they should be encouraging the use of password managers and automated spoofed URL detection systems. (Troy Hunt)