President Biden takes on cybersecurity on day one
On his first day in office, he announced three new appointments for national cybersecurity agencies: Anne Neuberger as head of the newly formed National Security Council (NSC), Rob Joyce replacing her as NSA Cyber Director, and Michael Sulmeyer appointed as the Senior Director for Cyber. President Biden also proposed a budget of $10 billion to strengthen the cyber defenses, through CISA and the General Services Administration and asked for a detailed report on the biggest hack of the decade – the SolarWinds cyberattack.
(CISOMag)
SonicWall firewall maker hacked using zero-day in its VPN device
SonicWall on Friday evening issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their Secure Mobile Access (SMA) VPN product and its NetExtender VPN client. It was described as a “highly sophisticated” attack on their internal systems. SonicWall has not released detailed information about the zero-day, but Bleeping Computer reports that based on the mitigation steps, they appear to be pre-auth vulnerabilities that can be remotely exploited on publicly accessible devices. SonicWall states that customers can protect themselves by enabling multi-factor authentication (MFA) on affected devices and restricting access to devices based on whitelisted IP addresses.
Intel probes reports of quarterly earnings hack
Intel Corporation said on Thursday that it was investigating reports that an infographic in its quarterly earnings statement had been the object of unauthorized access by an unknown actor before publication. The company released a statement that said, “once we became aware of these reports, we made the decision to issue our earnings announcement a brief time before the originally scheduled release time.” This measure was taken to prevent individuals who might have gained access to the stolen infographic from illegally using the information obtained in advance for an unfair advantage on the market.
(Reuters and Bleeping Computer)
Tesla fires new software engineer for allegedly stealing Python scripts
Tesla has fired and sued a software engineer for trade secret theft and breach of contract after discovering that he had allegedly copied thousands of files to his personal Dropbox account just days after being hired. A complaint, filed on Friday in US District Court in San Jose, California, claims that Alex Khatilov, transferred Warp Drive files from Tesla’s secure internal network to his Dropbox account that Tesla has no access or visibility.” Khatilov said he was unaware of the lawsuit and insisted that the transfer was a mistake – the result of Dropbox automatically copying Python files he installed as part of his onboarding process.
And now our sponsor Nucleus Security brings you “The Top 5 Antipatterns in Vulnerability Management”:
Google threatens to withdraw search engine from Australia
Australia is introducing a world-first law to make Google, Facebook, and potentially other tech companies pay media outlets for their news content. This proposed news code is seen as a possible global test case for how governments could seek to regulate big tech firms. It would tie Google and Facebook to mediated negotiations with publishers over the value of news content, if no agreement could be reached first. Google Australia managing director Mel Silva told a Senate hearing on Friday that the laws were “unworkable” and would give us no real choice but to stop making Google Search available in Australia,” she said. Australian PM Scott Morrison stated in return that Australian lawmakers “would not yield to “threats”.
(BBC News)
Hacker leaks data of 2.28 million dating site users
The hacker group ShinyHunter has been identified as behind the hack of the MeetMindful.com dating website. They have released a 1.2 gigabyte file as a free download on a publicly accessible hacking forum. The file contains members’ names, addresses, birthdates, IP addresses, FaceBook credentials, account passwords, and personal descriptive details. As of yesterday, January 24, the data was apparently still available for download, and experts suggest it is ripe for use in a blackmail practice known as sextortion.
(ZDNet)
Adobe Flash lives on in zombie form
Stories are already emerging of localized Y2K-like occurrences in which organizations are suffering outages or malfunctions due to instances of Flash still causing infections even after its official removal from the marketplace in recent weeks. A story in Wired describes how a train operation depot in northeast China lost control of its train data due to an unremoved, zombie version of Flash. As isolated as this example may seem, the Wired article reminds readers that versions of the software that haven’t been updated recently don’t have a kill switch inside, and in fact Adobe’s last release of Flash included a special enterprise feature that lets network administrators essentially override the kill switch and place Flash functions on an “allow” list. Furthermore, organizations that uninstall desktop Flash will also need to worry about the browser versions if they aren’t updating those regularly.
(Wired)
The era of the citizen developer is dawning, says Google Cloud executive
Amit Zavery, vice president, general manager and head of platform at Google Cloud, is in agreement with Gartner who has predicted that in two years, more than 50% of medium-sized to large enterprises will have adopted some form of a low-code/no-code platform fostering the growth of citizen developers. In an interview with SiliconAngle, Mr. Zavery points out “It’s not a solution for everything. If you want to build a full end-to-end e-commerce site, I would not use a no-code platform for it, however, the opportunity to draw an expanding class of developers into the cloud platform tent is too hard for Google to pass up.