720-891-1663

Alerts, Breach, Hacks, Legal, News Bites, Privacy, Safety, Security Practices

Security News Bites for February 7, 2025

Leave a comment

Musk Aides With No Government or Cybersecurity Expertise Play Critical Roles at OPM

Six young engineers, all under age 24 and one just out of high school, with no government or cybersecurity experience, are now playing critical roles in Musk’s Department of Government Efficiency (DOGE) project, gaining unrestricted access to computer systems at the Office of Personnel Management (OPM), General Services Administration (GSA), Treasury Department, US AID and possibly elsewhere. What could go wrong? Judges are pushing back on some of the access but not all of it. Credit: Metacurity

Chinese Cyber Crooks Use SSH Backdoor to Compromise Network Devices and Networks

While not explaining how to compromise network devices, Fortinet shared that these devices are being compromised by Chinese hackers and using the compromised network gear to have a persistent beachhead into corporate networks. The backdoor supports multiple functions like read sensitive data. Credit: Bleeping Computer

USPS Halts, Then Resumes, Accepting Packages From China

In a move that one can only speculate is designed to hurt Chinese businesses like Temu that benefit from importing millions of cheap Chinese products without paying any customs fees, the president eliminated an exemption for small packages designed to allow family members to send gifts to each other but now used by companies like Temu to undercut US businesses. Now the Customs Bureau will need to process an additional 1.36 billion shipments a year. I am sure that they can do that starting tomorrow. Credit: Reuters

SolarWinds Has Been Acquired by PE Firm for $4.4 Billion

This is not good for SolarWinds customers. First a major meltdown in 2020 when the Chinese compromised their software and many of their customers. Now a buyout by a PE firm. PE firms only care about one thing – cutting costs to prepare for a sale. Not exactly what customers are looking for. On the other hand, customers like Walmart and Amazon would have a big project to change horses. Smaller companies who followed their lead might have an easier time of it. If you are a SolarWinds customer, now is the time to watch very closely and be ready to do something if you need to. Credit: CSO Online

UK Home Office Not Talking About Apple Backdoor Order

The UK’s Home Office isn’t confirming but also not denying reports that it ordered Apple to create a backdoor to allow the government to access any user data that it wants to. This could potentially affect users worldwide. This is based on the UK’s Snooper’s charter, a 2016 law officially called the investigatory powers act. That law was expanded last year with the passage of the investigatory powers bill, which gave the government even more power to snoop. The law prohibits Apple from telling its customers that their data is no longer secure. One option would be to stop offering cloud backups in the UK without explaining to users why, although I think that train has already left the station. We will see whether Apple has any principles any more other than to make as much money as possible. Other companies have threatened to leave the UK if forced to do this. None have so far. Credit: The Register

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2025 CyberCecurity, All rights reserved. Privacy Policy