Parler resurfaces online
The URL for the social media platform Parler was updated to show a message from CEO John Matze, reiterating the site’s self-proclaimed commitment to free speech and pledging to “welcome all of you back soon.” In a separate interview with Fox News, Matze said he was confident the social network could come back online by the end of January. CNN reports that Parler is now hosted by Epik, which also hosts the fringe websites 8chan and Gab. Amazon suspended Parler from its web services earlier this month, finding the platform failed to implement a system that effectively identified and removed content that incited violence.
Darknet forum Joker’s Stash shutting down
The site’s operators said Joker’s Stash will shut down on February 15th through messages and advertisements on other hacking forums. While no specific reason was given for the closure, the site has received increased attention from law enforcement of late, with Interpol and the FBI seizing multiple servers and several domains that temporarily disrupted operations. Joker’s Stash has been active since 2014, and served as a trading platform for cybercriminals to trade and sell stolen credit card information and other financial information, tied to numerous data breaches.
(CISO Mag)
Microsoft Defender to enable auto-remediation by default
This will be enabled for those Microsoft Defender for Endpoint customers opted into public preview as of February 16, 2021. Microsoft said the change from semi to full automation for remediation was made after data showed that customers with full automation enabled had “40% more high-confidence malware samples removed than customers using lower levels of automation.” Once full automation is enabled, Microsoft Defender will auto-create a remediation action that removes or contains a malicious entity found after analyzing suspicious activity. The previous default required manual approval of all remediation actions. The change in defaults will not override device group definitions and can be changed by admins.
NSA appoints Cyber Director
The United States National Security Agency announced that Roy Joyce was appointed to head its Cybersecurity Directorate. The division within the NSA was only founded in October 2019, and Joyce will succeed its first director Anne Neuberger. Joyce has worked in the NSA’s Cybersecurity and Signals Intelligence division since 1989, currently serving as a special liaison for the US Embassy in London. From 2013 to 2017 he served as chief of the NSA’s Tailored Access Operations, and before that he was deputy director of the agency’s Information Assurance Directorate.
Thanks to our episode sponsor Armis
Signal recovers from day-long outage
The encrypted messaging app confirmed user reports of an outage at 11:30am ET on January 15th, saying it was working to restore service as quickly as possible. The service was finally restored fully as of 7pm on January 16th. Signal said it had been working to add server capacity to its network all week, but that a recent surge in new users exceeded its expectations. While it’s unknown how many new users Signal received, Apptopia estimates it gained 1.3 million sign-ups on January 11th alone. Signal said the outage did not impact message security, but that users may have to reset their session to receive all messages sent during the outage.
(Engadget)
WhatsApp delays changes in data sharing policy
One of the major reasons Signal saw such an influx of new users was an announced change in WhatsApp’s terms of service, set to go into effect February 8th. This would have allowed merchants using WhatsApp an option to use secure hosting services from Facebook to manage WhatsApp chats, which could use the information for targeted ads, but led to user concerns about further data sharing with WhatApp’s social network parent company. The messaging app reiterated, “this update does not expand our ability to share data with Facebook.” WhatsApp said it will make new business options available on May 15th.
Commerce Department pulls licenses to supply Huawei
Reuters’s sources say the US Commerce department notified semiconductor suppliers of Huawei that it intends to revoke some licenses needed to sell to the company while it remains on the entity list, and will reject dozens of applications to do so from other companies. Sources say at least 8 licenses were revoked from 4 companies. Intel previously announced it had received approval to supply some components to Huawei, although it’s unclear if it has had any licenses revoked. Companies have 20 days to respond to an “intent to deny” notice from the Commerce department and can appeal the decision.
(Reuters)
Researcher “hijacks” TLD domain to prevent abuse
After analyzing the name server records used by all TLDs, Detectify founder Fredrik Almroth found the domain scpt-network.com, which had been listed as a name server for .cd, the TLD for Congo, had been left to expire. Almroth acquired the domain to prevent this, as it could have opened the door for a malicious actor to redirect DNS traffic from legitimate sites to phishing or other malicious websites, as well as passively intercept DNS traffic for surveillance purposes or generally disrupting the TLD. Almroth is currently working to return the domain to its rightful owner, and the admins of .cd have changed name servers to another domain.