| Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ... THE BIG STORIES: --TRUMP TO ALLOW RELEASE OF CONTROVERSIAL INTELLIGENCE MEMO: President Trump plans to allow the release of a controversial memo detailing alleged surveillance abuses at the FBI, according to a senior administration official. The official said Trump will inform Congress of his decision "probably tomorrow," adding the president did not have any national security objections to releasing it and would likely not request that any material be redacted. "The president is OK with it," the official told reporters traveling with Trump aboard Air Force One. "I doubt there will be any redactions. It's in Congress' hands after that." The decision paves the way for the document, which was drafted by Republicans on the House Intelligence Committee, to be released to the public. Once the White House approves the memo's release, it would be up to the Intelligence panel to decide if and when to make it public. Trump has been widely expected to sign off on the public release of the document, which some conservatives on Capitol Hill have heavily hinted could prove the undoing of the federal investigation into the Trump campaign's possible ties to Russia. The president has long derided that probe as a "witch hunt." --DEMOCRATS have described the document as a series of cherry-picked data points designed to kneecap special counsel Robert Mueller's investigation. Intelligence Committee Republicans have blocked Democrats, at least for now, from releasing their own countermemo drafted to rebut the GOP document. The FBI also fiercely opposes the release of the document. Senior Justice Department officials, including FBI Director Christopher Wray and Deputy Attorney General Rod Rosenstein, have lobbied both the White House and the Intelligence Committee against releasing the document. In a rare public statement issued Wednesday afternoon, the FBI characterized the memo as misleading, noting that they had been given limited opportunity to review it before the committee voted to release it and saying it has "grave concerns about material omissions of fact that fundamentally impact the memo's accuracy." The future of the document now rests with Intelligence Committee Chairman Devin Nunes (R-Calif.), whose staff drafted the memo based on classified documents provided by the Justice Department. Nunes is under a mountain of pressure from the right to release the document, even as other members of his own party urge caution. Senate Republican Conference Chairman John Thune (S.D.) said Thursday that Nunes should first share the memo with Senate Intelligence Committee Chairman Richard Burr (R-N.C.) before releasing it publicly, noting that Burr has been unable to obtain the document. To read more of our coverage, click here, here, and here. --POMPEO DEFENDS MEETING RUSSIAN SPY CHIEF: CIA Director Mike Pompeo is defending a meeting between U.S. and Russian intelligence officials after a top Democratic lawmaker seized on the talks. Pompeo sent a letter to Senate Minority Leader Charles Schumer (D-N.Y.) saying he suggested during a press conference earlier this week that "there was something untoward" about the meeting. "Let me assure you there is not. We periodically meet with our Russian intelligence counterparts for the same reason our predecessors did -- to keep Americans safe," Pompeo said. Schumer had questioned whom Sergey Naryshkin, the director of Russia's foreign intelligence service, met with while he was in the United States and questioned if the visit was tied to the Trump administration's decision to delay implementing sanctions against Russia, which was announced Monday. Pompeo said in his letter that during the meetings "we cover very difficult subjects in which American and Russian interests do not align." "Neither side is bashful about raising concerns relating to our intelligence relationships and the interests of our respective nations. We vigorously defend America in these encounters and pull no punches -- we never will," he wrote. To read the rest of our piece, click here. A LEGISLATIVE UPDATE: GOP CHAIR THREATENS DHS OVER KASPERSKY FILES: House Science, Space and Technology Committee Chairman Lamar Smith (R-Texas) is threatening to take action to force the Department of Homeland Security (DHS) to turn over documents on Kaspersky Lab that his committee has requested. Smith sent a letter to Secretary of Homeland Security Kirstjen Nielsen on Thursday accusing the department of failing to properly respond to an outstanding document request related to the committee's ongoing probe into the Russia-based cybersecurity firm. Smith said the committee would consider using "compulsory process" against Homeland Security if it continues to buck the request, which would amount to subpoenaing the department for the documents. Kaspersky, which produces lauded anti-virus software and has operations across the globe, has been mired in controversy as a result of alleged ties to Russian intelligence, which the company has long denied. The Science, Space and Technology Committee has been investigating Kaspersky Lab since last year as part of a broader review of the federal government's cybersecurity posture. "Given the serious nature of these concerns related to the Committee's broader goal of uncovering all risks associated with Kaspersky, the Committee expects a full and complete response from the Department," Smith wrote on Thursday. Last September, Homeland Security publicly barred federal agencies and departments from using Kaspersky software, citing the risk of the Russian government capitalizing on the software "whether acting on its own or in collaboration with Kaspersky." The Trump administration has not issued any evidence to back up the assertions in the directive. But news reports have emerged alleging that Russian spies used the company's software to gain access to classified secrets on a National Security Agency contractor's computer. Agencies and departments were given until December to remove any Kaspersky software found on their systems. Kaspersky has vowed to fight the ban. The committee thus far has held two hearings on the issue, including one that featured testimony from Homeland Security's top cyber official. Smith sent a letter to DHS in early December requesting a number of documents related to its investigation, including a complete list of agencies that identified Kaspersky software on their information systems by Dec. 19. Homeland Security has yet to fully respond to the request, according to Smith, who wrote Thursday that the department provided a response earlier this month that "largely contained publicly available information outside the scope of the Committee's request." To read the rest of our piece, click here. A LIGHTER CLICK: For Hostess employees, the GOP tax overhaul is pretty sweet. (Bloomberg) A REPORT IN FOCUS: A new report indicates that cybercriminals are growing increasingly interested in targeting cryptocurrency as a way to earn a quick pay day. Cybercriminals have developed new methods to defraud digital currency investors, especially as new alternative coins -- or "altcoins" -- continue to regularly join the roughly 1,442 cryptocurrencies already in circulation, according to a report by intelligence firm Digital Shadows. "Cybercriminals follow the money and right now they see in the unregulated and largely unsecure world of digital currencies a huge opportunity to target people, businesses and exchanges and make money quickly and easily," Rick Holland, the Vice President of Strategy for the firm, said in a statement. "In many ways it's like the gold rush of the 1840s as people flood to the opportunity cryptocurrencies present and are preyed on by criminals and the unscrupulous." Holland also warned that as the cryptocurrency-sphere continues to grow, morph, and change, so will the techniques cybercriminals use to scam its users. "While the future of cryptocurrencies remains somewhat uncertain, what we can be sure of is that cybercriminals will continue to find new ways of making money as long as there are enough suitable targets and the profits to be made justify their time and effort," Holland said. "Those that buy and trade crypto currencies should be aware it is the 'wild west' and be on your guard at all stages of the transaction cycle," he added. The report warned that malicious actors have used several exploitative tactics including infecting a network of private computers to mine the digital currencies through botnets and crypto jacking, or even just by luring unassuming investors with fake cryptocurrencies and fake exchanges. A new mining software that is publicly sold at a small cost called "Crypto Jacker" also allows users to duplicate popular websites that can then be used in spam campaigns, the report found. WHAT'S IN THE SPOTLIGHT: FAKE FOLLOWERS: Two senators are asking the Federal Trade Commission (FTC) to investigate a company that sells fake Twitter followers in the wake of a New York Times report that revealed that dozens of public figures purchased social media followings to inflate their prominence. Sens. Jerry Moran (R-Kan.) and Richard Blumenthal (D-Conn.), the chairman and ranking member, respectively, of a Senate Commerce subcommittee on consumer protection, argue in a letter to acting FTC Chairman Maureen Ohlhausen on Wednesday that Devumi, the company at the center of the Times report, has been deceiving consumers and stealing identities. "This company seems engaged in unfair or deceptive practices, and we urge you to use all the tools at your disposal to take immediate action to investigate this company, along with any other similar services, and shut down any fraudulent practices they are engaged in," the senators wrote. According to the Times report, Devumi has sold legions of fake followers that in some cases are similar to the accounts of real people. The company also sells Soundcloud listeners, LinkedIn connections and YouTube shares and likes. "We take requests from Congress seriously, and we are reviewing this specific request but we have no other comment at this time," an FTC spokeswoman said in a statement to The Hill. New York Attorney General Eric Schneiderman (D) has promised an investigation into Devumi, accusing the company of engaging in illegal "impersonation and deception." To read the rest of our piece, click here. IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Several lawmakers have seen intelligence behind Nunes memo. (The Hill) Google parent company in talks to build tech hub in Saudi Arabia: report. (The Hill) How the Coincheck hack may impact the future of blockchain security. (Technology Review) The cheap price tag of an effective cyber-espionage scheme. (Cyberscoop) A look at how emerging tech trends are impacting cybersecurity. (Forbes) New program automatically locates, infiltrates vulnerable Internet-connected devices. (Motherboard) Are you bothered that Amazon's Alexa is always listening? (CNET) Researchers have found over 130 malware samples built to exploit Metdown and Spectre. (Security Week) If you'd like to receive our newsletter in your inbox, please sign up here. | 
沒有留言:
張貼留言