Security News Update for the Week Ending April 19, 2024
Feds Give Another Chip Maker Subsidy to Build in US
Last week the feds announced a subsidy to Taiwan Semi to build multiple chip plants (fabs) in Arizona. This week the feds announced, based on last year’s CHIPS Act, a subsidy to Samsung to build multiple plants in Texas. This creates a lot of construction and some permanent jobs in both states, but mostly gives us on-shore chip production. The companies are spending $40-$60 billion each to build these plants and the subsidy is about $6 billion each. Credit: Korea Joongang Daily
MGM Says FTC Can’t Investigate Them Because FTC Chair Was Guest at Hotel
This is a bit weird. MGM wants the FTC to halt their probe of MGM’s breach because Lina Kahn, FTC Chair, was a guest at one of their hotels at the time. They want Khan to recuse herself and a declaration that the FTC acted unconstitutionally. That seems highly unlikely to happen. Recusal is maybe possible, but the other – I doubt it. Credit: The Register
I can be Had, but I am Not Cheap
I think most people have a price for which they might be willing to do illegal things, but for most people, that needs to have a lot of zeros after the 1 and before the decimal point – along with a ticket to a country without an extradition treaty. Attackers are offering T-Mobile and Verizon employees UP TO $300 to perform illegal SIM swaps. I sure hope they are not getting any takers, but who knows. Credit: ZDNet
This is Embarrassing – Mitre Hacked – By Well Known Bug
Security firm to the biggest companies in the world, Mitre, was compromised by a now well known bug that started off as a zero-day. Mitre is the inventor of the Mitre ATT&CK framework that companies use to find and track down attackers. Mitre said the attackers got in before the zero-day was announced. They exploited bugs in an Ivanti VPN appliance and then moved laterally. They also said that they thought they mitigated the risk but it turns out the hackers were able to wander around their network anyway. From one perspective, it shows that protecting yourself is hard. From the other, it says don’t get too cocky. Credit: The Record
President Issues EO On Personal Data Distribution to Adversaries
You might think that businesses are smart enough not to sell your and my personal data to our adversaries, but the general model is if the check, credit card or wire clears, the data is yours. Executive Order 14117, issued February 28th, directs federal agencies to issue regulations and standards to stop the distribution of sensitive personal data of you and me and also sensitive government data to “foreign adversaries”. You would not think we would have to tell people not to do that. Since that is not the case, DoJ has already released an Advance Notice of Proposed Rulemaking. Details in the article. Credit: Steptoe & Johnson