Security News > 2020 > December

United States secretary of state Mike Pompeo has laid the blame for the SolarWinds hack on Russia, but his boss begs to differ. The Associated Press reports that the White House was set to issue a Friday afternoon statement describing Russia as "The main actor" behind the incident, but that staff were told to stand down instead. At the time of writing the State Department, National Security Agency, White House, Cybersecurity and Infrastructure Security Agency, and president Trump all appear not to have attempted to reconcile the administration's conflicting view on the incident.

Deep Instinct announced that Ryan Shopp has been named to the newly created position of chief marketing officer. "We're building a management team to support the growth of our business which is accelerating everywhere in the world," said Guy Caspi, CEO and co-founder of Deep Instinct.

Three dozen journalists working for Al Jazeera had their iPhones stealthily compromised via a zero-click exploit to install spyware as part of a Middle East cyberespionage campaign. In a new report published yesterday by University of Toronto's Citizen Lab, researchers said personal phones of 36 journalists, producers, anchors, and executives at Al Jazeera, and a journalist at London-based Al Araby TV were infected with Pegasus malware via a now-fixed flaw in Apple's iMessage.

Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices. Symrise is a major developer of flavors and fragrances used in over 30,000 products worldwide, including those from Nestle, Coca-Cola, and Unilever.

Microsoft's Windows Hello biometric, PIN, and hardware authentication system is slowly growing in popularity, according to a new report from Microsoft. For those unaware, Windows Hello allows users to authenticate secure access to their devices, online accounts, web browsers, etc with a Windows Hello supported hardware such as FIDO keys, PINs, or biometric features such as iris scan support, fingerprint scanner, and facial recognition.

A new Windows 10 utility called TaskbarGroups lets you group shortcuts on the taskbar so they can easily be launched without taking up a lot of space. Once you pin a group to the taskbar, you can click on the pinned group to open a small overlay containing all of the grouped programs.

The SolarWinds supply chain attack and related hacksWhen the week before last FireEye said they've been breached by sophisticated attackers using a "Novel combination of techniques," we wondered what those were. We didn't have to wait long - news of the SolarWinds hack and the consequent revelations about the attackers using the company's products as a stepping stone towards compromising a slew of US government agencies and other targets have revealed some of the attackers' capabilities.

Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China - not Russia - may be behind the cyberattack against the United States and tried to minimized its impact. Officials at the White House had been prepared to put out a statement Friday afternoon that accused Russia of being "The main actor" in the hack, but were told at the last minute to stand down, according to one U.S. official familiar with the conversations who spoke on condition of anonymity to discuss private deliberations.

NATO said Saturday it was checking its computer systems after a massive cyberattack on US government agencies and others that Washington blamed on Moscow. "At this time, no evidence of compromise has been found on any NATO networks. Our experts continue to assess the situation, with a view to identifying and mitigating any potential risks to our networks," a NATO official told AFP. Microsoft said Thursday its anti-virus software detected intrusions in dozens of networked systems, most of them in the United States, via software supplied by US tech company SolarWinds.

Recently discovered Gitpaste-12 worm that spreads via GitHub and also hosts malicious payload on Pastebin, has returned with even more exploits. This time, the advanced worm and botnet has returned with over 30 vulnerability exploits.