Secretary of State Mike Pompeo announced the creation of a new bureau within the state department for cybersecurity.
CISA Tells Federal Agencies to Update SolarWinds Software ASAP
In the wake of the SolarWinds cyber attack on the U.S. government, CISA urges agencies to update their software by the end of the year.
US Government Appeals Injunction Against TikTok Ban
The U.S. government is appealing an injunction from S. District Court Judge Carl Nichols that blocked its ban of TikTok.
The Trump administration had raised concerns over the video-sharing app due to its Chinese ownership by way of parent company ByteDance, and the potential risk of TikTok’s U.S. user data being accessed by the Chinese government.
[…]
Judge Nichols in the separate case led by TikTok ruled that Trump overstepped his authority in trying to ban the app from the U.S., referring to the agency’s action as “arbitrary and capricious.”
New Covid Relief Package Removes Huawei, ZTE Broadband Equipment
The U.S. passed a new US$900 Covid relief package and it provides US$1.9 billion to remove Huawei and ZTE equipment from US networks.
DOJ Charges Zoom Executive With Aiding Chinese Government
The Department of Justice is charging a China-based Zoom executive with aiding the Chinese government to shut down certain Zoom meetings.
Russian ‘Cozy Bear’ Hacking Team Hits US Government Networks
A group of Russian hackers known as Cozy Bear has hacked several U.S. government agencies like the Treasury and Commerce departments.
On Sunday night, FireEye said the attackers were infecting targets using Orion, a widely used business software app from SolarWinds. After taking control of the Orion update mechanism, the attackers were using it to install a backdoor that FireEye researchers are calling Sunburst.
How the U.S. Used the Patriot Act to Track Web Browsing
Government entities have been using Section 215 of the Patriot Act as justification to collect logs of web browsing activity.
In fact, “one of those 61 orders resulted in the production of information that could be characterized as information regarding browsing,” Mr. Ratcliffe wrote in the second letter. Specifically, one order had approved collection of logs revealing which computers “in a specified foreign country” had visited “a single, identified U. S. web page.”
Big Tech CEOs to Speak on Section 230 Law Tomorrow
The CEOs of Facebook, Alphabet, and Twitter will appear before the Senate Commerce Committee tomorrow to speak about Section 230.
Apple Lobbies Congress on Uyghur Slave Labor Bills
A report on Friday says that Apple lobbied Congress through Fierce Government Relations on the Uyghur Forced Labor Prevention Act.
Apple Looks for Tax Breaks for U.S. Chip Production
A report on Thursday says that Apple has been lobbying the government for tax breaks as it seeks to build its U.S. chip production.
Federal Judge Halts TikTok Ban From United States
On Sunday, federal judge Carl Nichols granted a preliminary injunction against a TikTok ban from the Trump administration.
How to Vote According to Apple News
Apple News has a section to help people register to vote, how to become a poll worker in your state, and more.
How the United States is Ensuring Votes are Secure
Max Eddy writes an examination of election engineering and how the U.S. can ensure voting security. The part I think is fascinating is the work of Sam Curry, CSO of cybersecurity company Cybereason. His team has been simulating election attacks to figure out how best to protect our elections.
He’s observed numerous strategies and has advice on how best to protect an election. The people playing the role of defenders, usually given the role of law enforcement, “must create open lines of communication between government departments and also media sources and social media companies,” said Curry. Knowing who to call and when to call them and having a reliable back-up system in case one fails (or is intentionally sabotaged) are all critical.
CISA Believes China Hacked US Government Systems
According to the Cybersecurity and Infrastructure Security Agency, Chinese-affiliated hackers have compromised U.S. government computer systems.
“This beaconing is a result of cyber threat actors successfully completing cyber operations that are often designed around emergent vulnerabilities and reliant on existing exploitation tools,” the advisory states. “CISA observed activity from a Federal Government IP address beaconing out to the threat actors’ [command and control] server.”
Get we just get it together for 10 seconds, please?
Government Contractor ‘Anomaly Six’ Used SDK to Track Phones
A U.S. government contractor called Anomaly Six used its SDK embedded in over 500 apps to track people. Which apps have this SDK is unknown.
Congressman Wants Apple to Increase Security Over Foreign-Linked Apps
Rep. Stephen Lynch, chairman of the House subcommittee on national security, sent separate letters to Apple and Google, wanting assurances these companies could warn users about apps with foreign ties.
At a minimum, Apple and Google should take steps to ensure that users are aware of the potential privacy and national security risks of sharing sensitive information with applications that store data in countries adversarial to the United States, or whose developers are subsidiaries of foreign companies.
Apple can only do so much. They probably can’t check the source code of every app to see if it contains Chinese spying code. And what about U.S. spying code?
Supreme Court Supports Federal Ban on Robocalls
The U.S. Supreme Court has upheld a federal ban on robocalls and eliminated an exception that was made for government debt collectors.
Senate Judiciary Committee Passes Anti-Privacy ‘EARN IT Act’
Today the Senate Judiciary Committee passed the EARN IT act, a bill that weakens Section 230 protections for social media companies in an attempt to fight online child abuse.
Senators Introduce COVID-19 Consumer Data Protection Act
Today a group of Republican senators announced plans to introduce the COVID-19 Consumer Data Protection Act.
The legislation would provide all Americans with more transparency, choice, and control over the collection and use of their personal health, geolocation, and proximity data. The bill would also hold businesses accountable to consumers if they use personal data to fight the COVID-19 pandemic.
A good move, I think. We need thoughtful legislation passed to preempt the contact tracing train.
Apple Exec Cynthia Hogan Joins Joe Biden’s Team as Adviser
Joe Biden’s presidential campaign announced that Apple executive Cynthia Hogan will join their team as an adviser to search for a running mate.