The document, titled “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations”, invites buyers and end users of digital hardware, software, and services to conduct due diligence on the origin and security of components of a digital/technology product.

Supply chain attacks have become one of the most dangerous hacking variants, as they allow threat actors to compromise multiple devices at once, in addition to exploiting vulnerabilities in widely used components. Just remember the SolarWinds attack, which impacted thousands of organizations worldwide.

For Ilkka Turunen, software supply chain security specialist at Sonatype, these measures are important to substantially improve the security of organizations: “This document outlines fundamental best practices, such as generating software bills of materials (SBOM), as well as describing the maintenance activities necessary to maintain effective security practices in the supply chain.”

The researcher adds that software risk mitigation begins with understanding how the use of managed and unmanaged software occurs in an organization, in addition to the progressive mitigation of those risks at the vendor level and with the constant participation of customers.

On the other hand, Cequence Security experts recently alerted the cybersecurity community about the persistence of attacks exploiting flaws such as Log4Shell, discovered a few months ago and that allows abusing the Apache Log4j login utility, considered omnipresent.

A new wave of attacks, identified as LoNg4j, demonstrates the interaction between modern enterprise IT infrastructure and the digital supply chain, spreading across all kinds of applications and creating a critical attack vector in case any vulnerability is exploited.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post NIST updates the Cybersecurity Supply Chain Risk Management Guidance (C-SCRM) in Response to Executive Order Signed by President Biden appeared first on Information Security Newspaper | Hacking News.

However, the developers of this variant of ransomware claim to have lost control of their web servers and even some of the funds obtained from these attacks: “Just a few hours ago we lost access to the public part of our infrastructure, including our blog, payment servers and DoS servers,” one of the ransomware operators mentioned.

“These servers are not available via SSH, and hosting panels are blocked,” added the Darkside operator while complaining that the web hosting provider refused to cooperate. The Darkside trader also reported that cryptocurrency funds were also withdrawn from the payment server of this hacking group, which hosted ransom payments made by victims.

These funds should have been split between the developers of the ransomware and the attackers, although during this incident they were sent to a cryptocurrency wallet controlled by an unidentified actor.

As mentioned in previous paragraphs, this incident occurred after authorities in the U.S. disclosed a series of actions to track DarkSide activities. President Biden mentioned that he would devote considerable efforts to disrupt the operations of this and other ransomware-as-a-service (RaaS) groups.

Moreover, some ransomware analysts point out that the announcement of this group could also be a ruse, as in reality the U.S. government only disclosed its intention to investigate its operations: “DarkSide hackers are only trying to take advantage of Biden’s statements to hide its infrastructure and escape with as much money as possible without sharing any of the loot with attack operators” , says researcher Dmitry Smilyanets.

In this regard, a Justice Department (DOJ) spokesperson only added that the investigation is still ongoing, so no further details can be provided.

Just an hour after the announcement of DarkSide, REvil operators also posted a statement on their dark web platform mentioning that soon, hackers will stop operating as a ransomware platform as a service, so they will return to work as a private operation, which in the cybercriminal community means that they will only work with a small number of accomplices.

This message has been removed, although experts report that REvil also pledged not to attack critical sectors such as health services or basic education institutions, as this generates too much attention from the authorities.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post DarkSide ransomware creators lose control of their servers and cryptocurrency addresses appeared first on Information Security Newspaper | Hacking News.

From the beginning of his administration Trump implemented severe measures against multiple Chinese technology companies, mainly impacting Huawei and TikTok, considering that their practices posed severe security threats to American individuals and organizations.

According to specialized reports, Biden’s administration has asked a federal court to delay a hearing that will discuss the possibility of completely banning the use of TikTok in the U.S., which will give the White House time to analyze in detail Trump’s executive orders. On the other hand, rumors have grown that ByteDance, TikTok’s parent company, is interrupting its merger project with Oracle, implemented at Trump’s request to ensure the operation of this app on American soil.

Huawei also seems to be looking at the opportunities that the change of management brought. A couple of weeks ago the company’s legal representatives filed an appeal regarding the “threat to national security” status assigned to them by the Trump administration, considering that this decision exceeds the powers of the Federal Communications Commission.

Despite this appeal, Biden’s administration does not seem to have any intention of making a change in current Huawei policy, at least with regard to the implementation of 5G technology.

Huawei CEO Ren Zhengfei is optimistic that Biden’s administration may change the former president’s stance. However, it should be recalled the statements issued a few days ago by Biden’s press chief, who mentioned that the U.S. plan remains to ensure that its telecommunications infrastructure is not affected by “unreliable suppliers.”

It is a fact that Joe Biden will reassess the Trump administration’s measures in terms of cybersecurity and potential national security threats, although specialists in the field believe that most of these measures will remain in place for a few more months until U.S. government agencies can complete an assessment according to the scale of the problem.

An example of this is Megan Stifel, director of the Global Cyber Alliance for America, who for the time being rules out the implementation of major changes: “We do not expect radical changes in focus on these companies and their relationship with the Government of China; however, we believe that a shift towards a comprehensive strategy is feasible, fully analyzing the impact of these companies on American territory.”

The post U.S. government to discuss Huawei, TikTok and other Chinese companies ban imposed by former President Trump appeared first on Information Security Newspaper | Hacking News.

It has been made public that Biden is working out at his home using a stationary bicycle from manufacturer Peloton; this bike includes a phone and a camera, which in an undesirable scenario would expose the president to all kinds of cyberattack attempts, according to a specialized report.

“Any device equipped with an Internet connection could be available to threat actors, regardless of whether it has a firewall or any other security mechanism,” says Max Kilger, a researcher at the University of Texas in charge of the report. In addition to pointing out the security risks, Kilger mentions that the developers of Peloton bikes would have to use much less sophisticated software than the current one to prevent many of the attacks to which this machine is exposed: “Removing the camera and microphone is a good start; turning off bike streaming features is also recommended,” adds the expert.

Not just the newcomer President Biden could be exposed to the hacking of this gym equipment. The most recent reports indicate the detection of a large increase in demand for Peloton bikes since the beginning of the social distancing due to the coronavirus pandemic, as people now exercise at home. It should be noted that these bikes are not exactly accessible, since each one costs a little more than $2,000 USD.

Concern about these kinds of potential risks is not new to the United States. security agencies. In his recently released memoirs, former President Barack Obama reveals that the Secret Service provided him with a BlackBerry device specifically modified to only send emails, as its call or SMS features were disabled.

The work of these security teams increased considerably during the period of government of Donald Trump, who was obsessed with continuing to use his personal phone to make calls inside the White House, regardless of the constant warnings about the very high security risks involved in this practice. Let’s hope President Biden is more accessible about information security risks than the most routine activities in his life can present.

The post Joe Biden’s Internet-connected bike: New cybersecurity risk for the US Govt? appeared first on Information Security Newspaper | Hacking News.