| Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ... THE BIG STORIES: --MANAFORT SUES MUELLER, DOJ: President Trump's former campaign chairman, Paul Manafort, has filed a lawsuit challenging the authority of special counsel Robert Mueller. In a court filing, lawyers for Manafort argue that the order establishing Mueller's investigation is overly broad and not permitted under Justice Department regulations. They said the special counsel's actions are "arbitrary, capricious and not in accordance with the law" and have asked a district court to set aside "all actions" that Mueller has taken against Manafort. "The investigation of Mr. Manafort is completely unmoored from the Special Counsel's original jurisdiction to investigate 'any links and/or coordination between the Russian government and individuals associated with the campaign of President Donald Trump,' " the complaint reads. "It has instead focused on unrelated, decade-old business dealings--specifically, Ukraine political campaign consulting activities of Mr. Manafort." The lawsuit was filed against Mueller, the Justice Department and Deputy Attorney General Rod Rosenstein, who gave the order last year that launched the special counsel investigation. Manafort pleaded not guilty to multiple criminal counts in October, including conspiracy against the United States and money laundering related to his work for a pro-Russia political party in Ukraine. To read the rest of our piece, click here. --WATCHDOG SUES DOJ OVER FBI TEXTS: A government watchdog group is suing the Justice Department for documents related to its decision to show reporters private text messages between two FBI agents who were critical of President Trump. Citizens for Responsibility and Ethics in Washington (CREW) filed a lawsuit on Wednesday against the Justice Department for failing to respond to an expedited request for documents related to the "highly unusual, if not unprecedented" decision to host reporters at its offices to view the text messages. On Dec. 12, the Justice Department reportedly invited journalists to its offices to review messages between FBI agents Peter Strzok and Lisa Page that the department had separately released to members of Congress the same day. The messages were discovered as part of an ongoing inspector general probe into the FBI and Justice Department's handling of the Hillary Clinton email investigation. Until recently, both agents were part of the special counsel investigation into Russian interference. Republicans have seized on the messages, which showed the officials criticizing Trump during the presidential campaign, as evidence of political bias on special counsel Robert Mueller's team. Strzok was removed from the investigation after the messages were unearthed. The text messages were featured at a House Judiciary Committee hearing on Dec. 13 where Deputy Attorney General Rod Rosenstein defended the department's decision to release the private messages to members of Congress when the inspector general investigation was still ongoing. To read the rest of our piece, click here. AN INTEL UPDATE: CRITICAL FLAW FOUND IN INTEL PROCESSORS: A critical security flaw reported by The Register late Tuesday affects Intel processors produced over the last decade and has left programmers at Linux, Microsoft and Apple scrambling to update operating systems for their computer systems. Details about the vulnerability are still coming to light, but it is believed to affect chips in millions of computers worldwide. In worst-case scenarios, the flaw could be leveraged by attackers to read sensitive information like passwords and login keys contained in the memory of the computer's kernel, the central module of the machine's operating system. --Intel said in a statement on Wednesday afternoon that it had planned to disclose the flaw next week and said that the bug is not unique to its products. The firm said that it chose to bump its disclosure date to today following "inaccurate media reports." Intel downplayed concerns about the exploits in the statement, saying, "Intel believes these exploits do not have the potential to corrupt, modify or delete data." --Microsoft is expected to issue a patch for its Windows operating system next Tuesday. The Department of Homeland Security's Computer Emergency Readiness Team has not released any advisories about the vulnerability. On Wednesday, Britain's National Cyber Security Centre said it was aware of the reports but has seen no evidence of any "malicious exploitation" of the flaw. "The NCSC advises that all organisations and home users continue to protect their systems from threats by installing patches as soon as they become available," a spokesperson for the organization said. To read more about the flaw, click here. A LIGHTER CLICK: Just in time to incite some post-holiday cheer: the founders of Amazon's defunct wine website are back. AN EVENT IN FOCUS: ELECTION ASSISTANCE COMMISSION TO HOST ELECTION SECURITY SUMMIT: The U.S. Election Assistance Commission (EAC) has announced that it will host a summit this month focused on several issues including election security in preparation for the 2018 midterm elections. The event has been scheduled for Jan. 10 and is sure to delve into the issue of cybersecurity of election systems, which has become a hot topic in the wake of Russian interference in the 2016 presidential election. According to an advisory issued by the EAC on Wednesday, the event will feature a keynote address from Christopher Krebs, a top cybersecurity official at the Department of Homeland Security (DHS). Homeland Security is taking the lead on helping states shore up their digital voting infrastructure ahead of future elections as part of its critical infrastructure efforts. Various state and local election officials from across the country will also participate in the daylong summit next week. Issues covered will include election security, voting accessibility, and the use of election data, according to the EAC. The meeting comes as state officials are clamoring for more resources to tackle election cybersecurity after revelations that Russian hackers targeted election-related data systems in nearly two-dozen states before the 2016 vote. To read more about the event, click here. WHAT'S IN THE SPOTLIGHT: HUMA ABEDIN'S EMAILS: President Trump escalated his public attacks on Hillary Clinton and her close aide Huma Abedin on Tuesday, tweeting that Abedin didn't follow security protocols and put "classified passwords" in the hands of foreign agents. Trump appeared to be referencing a story in The Daily Caller reporting that Abedin had forwarded State Department passwords to her personal Yahoo email account that was likely compromised in subsequent breaches reported by the email provider. Taking to Twitter on Tuesday morning, Trump wrote: "Crooked Hillary Clinton's top aid (sic) Huma Abedin has been accused of disregarding basic security protocols. She put Classified Passwords into the hands of foreign agents. Remember sailors pictures on submarine? Jail! Deep State Justice Dept must finally act? Also on Comey & others." The revelations are once again dredging up Clinton's email controversy, which plagued the Democratic nominee throughout her campaign. It's a fight Trump wants to have. Republicans have been eager to relitigate the controversy as part of an effort to distract from and undermine the special counsel investigation into whether Trump's campaign colluded with Russia. The Daily Caller report hinges on government emails made public as a result of litigation from the conservative group Judicial Watch against the State Department in 2015. The headline highlights a Aug. 2009 email released by State in September that appears to show Abedin, who served as vice chair on Clinton's presidential campaign, forwarding passwords to her government laptop to her personal Yahoo account. To be sure, the FBI said in documents related to the Clinton email probe that Abedin "routinely" forwarded emails from her official account to her personal one because it was easier to print. Some of the emails cited by The Daily Caller contain information that was later determined to be classified, though none contain classified markings. The article lays the groundwork for accusations that Abedin offered up sensitive information to hackers by detailing successive breaches at Yahoo, the first of which is now known to have impacted all 3 billion accounts in 2013. A second, unrelated breach in 2014 exposed account information on 500 million users. The Justice Department has charged two Russian intelligence agents in connection with the case. Cybersecurity experts cautioned that there is no evidence Abedin's account was targeted by hackers. "The classified information and other sensitive data was potentially exposed, but not definitely exposed based on what is known publicly," said Ryan Kalember, a top executive at cybersecurity firm Proofpoint. Still, her employment status would have made Abedin a top mark for a Russian spying operation. According to the criminal indictment, the hackers sought access to accounts of "Russian and U.S. government officials" on behalf of the FSB, Moscow's federal security service. To read the rest of our piece, click here. IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Deputy AG Rosenstein meeting with Paul Ryan about Russia investigation. (The Hill) Feinstein requests interview with WH social media director amid Russia probe. (The Hill) OP-ED: Bulk surveillance is the wrong way to approach security. (The Hill) Twitter says Trump's North Korea tweet doesn't violate terms of service. (The Hill) Low morale at the NSA is causing top personnel to flea. (Washington Post) A profile on the Canadian hacker implicated in the Yahoo breach case. (Toronto Life) The Pentagon plans to spend more time on cybersecurity. (Fifth Domain) An ex-NSA contractor accused of stealing classified documents will plead guilty. (Politico) Indonesia launches agency to combat 'fake news.' (AFP) If you'd like to receive our newsletter in your inbox, please sign up here. | 
沒有留言:
張貼留言