| The Hill's Overnight Cybersecurity and Tech teams are joining forces to bring you Hillicon Valley, a new comprehensive newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. Welcome! Follow the tech team, Ali Breland (@alibreland) and Harper Neidig (@hneidig), and the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers), on Twitter. A BUG WORTH SQUASHING: Twitter is recommending that all of its users change their passwords after the company discovered a bug that exposed passwords on an internal system. "We recently identified a bug that stored passwords unmasked in an internal log," Twitter announced Thursday. {mosads}"Out of an abundance of caution, we ask that you consider changing your password on all services where you've used this password," the company said. Twitter, which has over 330 million users globally, said an investigation turned up no evidence of "breach or misuse by anyone." As a precaution, the company recommended users change their Twitter passwords and enable two-factor authentication to further protect their accounts. --What happened: Twitter uses a bcrypt, a hashing function that encrypts passwords. It allows the company to validate the account credentials without revealing the actual password. But Twitter said Thursday that a glitch resulted in passwords being written to an internal log before the hashing function was complete--meaning that they were exposed on the company's internal system. --The company was quick to apologize and play damage control. Twitter's chief technology officer though, Parag Agrawal, wants everyone to know that the company "didn't have to" make the breach transparent. "We are sharing this information to help people make an informed decision about their account security. We didn't have to, but believe it's the right thing to do," he tweeted. To read more, click here. MEET THE ARMY'S NEW CYBER CHIEF: Maj. Gen. Stephen Fogarty has been selected to lead the U.S. Army's cyber warfare unit, replacing soon-to-be director of the National Security Agency, Lt. Gen. Paul Nakasone. Fogarty's nomination was quietly confirmed by the Senate late last week, before lawmakers left for a weeklong recess. A Senate Armed Services Committee staffer and a spokesman for Army Cyber Command both confirmed the development. --Where he's from: Fogarty has served at Fort Meade, Md., as chief of staff at U.S. Cyber Command, the Pentagon's chief cyber warfighting unit, since June 2016. Before that, Fogarty was the commanding general at the Cyber Center of Excellence at Fort Gordon in Georgia. --What he'll be doing: Army Cyber Command, which is headquartered at Fort Belvoir in Virginia, is a service component supporting U.S. Cyber Command. Past commanders of the Army's cyber warfighting unit have also led Joint Task Force Ares, a unit that conducts cyber operations against computer networks used by the Islamic State in Iraq and Syria (ISIS). To read more, click here. SCOOP ON CIA PICK: The White House has drafted a 27-page memo providing talking points to back up CIA Deputy Director Gina Haspel's controversial nomination to lead the spy agency. The document, obtained by The Hill, includes five broad points that Haspel's supporters are urged to use in defending and promoting Trump's nominee, who is expected to face a difficult confirmation fight in the Senate. The five talking points emphasize the CIA veteran's experience and "common-sense" leadership and note that she would be the first woman to lead the intelligence agency. It also preps defenders to counter attacks on Haspel for her involvement in the agency's use of harsh interrogations techniques, now widely considered torture, in the post-9/11 era. --Take note of talking point #5: The final talking point doesn't mention that controversy directly but says that if the White House is "pressed on a specific matter," defenders of Haspel should respond with the following: "She is an 'intelligence and national security expert' who follows the law as written, and has demonstrated strong and clear leadership in very challenging positions." --Why it's important: The talking points are intended to counter the narrative from Democratic critics of Haspel who argue her past work should disqualify her from leading the CIA. "Her role, whatever it was and whatever you think of torture, her role in it is not as deep or not as horrific as Democrats are describing it," according to one GOP source familiar with the confirmation process. To read more about the administration's Haspel talking points, click here. LATEST ON RUSSIA PROBES: Rod Rosenstein is offering a fierce defense of the Justice Department amid mounting Republican criticism, making an unusually public stand for the institution he has served for nearly three decades. On Tuesday, the deputy attorney general rebuked the nascent conservative effort to impeach him, likely exacerbating tensions with conservatives in the House. House Republicans are demanding access to classified documents related to special counsel Robert Mueller's investigation, including a heavily redacted memo that spells out the scope of the investigation. "There is really nothing to comment on there, but just give me the documents. The bottom line is, he needs to give me the documents," Rep. Mark Meadows (R-N.C.) said during an interview with The Hill on Wednesday when asked about his response to Rosenstein. "I have one goal in mind, and that is not somebody's job or the termination of somebody's job, it is getting the documents and making sure we can do proper oversight," he said, adding that there are "no current plans to introduce an impeachment resolution." Republican lawmakers led by Meadows, chairman of the House Freedom Caucus and one of President Trump's top allies in Congress, have drafted eight articles of impeachment against Rosenstein. The articles make a series of charges against Rosenstein and question his credibility, reputation and fitness to serve. Rosenstein dismissed the impeachment threat and went a step further by suggesting the Justice Department's independence is being threatened. To read more of our piece, click here. SPRINT SHUFFLES LEADERSHIP: Sprint is giving a title bump to its CEO as the company pursues regulatory approval for its merger with T-Mobile. Marcelo Claure will become the company's executive chairman, while CFO Michael Combes will replace him as chief executive. Claure will focus on getting the $26 billion merger cleared in Washington, Sprint said in a release. "Marcelo has done a remarkable job of turning around the Sprint brand and business, driving enhanced network performance, strong subscriber growth and significant cost reductions leading to the best financial results in Sprint's history," Masayoshi Son, CEO of Sprint parent company SoftBank, said in a statement. "Marcelo has also positioned Sprint as a leader in the race to 5G, which promises to revolutionize the communications industry. He will continue to guide Sprint's strategy and momentum as Executive Chairman through a successful closing with T-Mobile." To read more, click here. TROUBLE IN SEATTLE: Amazon is threatening to halt development projects in Seattle as the city's leaders consider a new tax to fund efforts to help its homeless population. The Seattle Times reported that the tech giant has paused its plans on a new downtown building and is considering subleasing another building it currently occupies ahead of the Seattle City Council's vote on a "head tax" on companies that earn more than $20 million a year. "I can confirm that pending the outcome of the head-tax vote by City Council, Amazon has paused all construction planning on our Block 18 project in downtown Seattle and is evaluating options to sub-lease all space in our recently leased Rainer Square building," Amazon spokesman Drew Herdener said in a statement. To read more, click here. REPORT ALERT: The Estonian Foreign Intelligence Service has published an annual assessment of the security environment around the country that delves into cyber and other threats. No surprise: It's mostly about Russia. A LIGHTER NON-RELATED TWITTER CLICK: What happens when Giuliani orders breakfast? (Twitter) TODAY'S OPINION: Senate would be prudent to leave internet freedom alone. (The Hill) LONGREAD OF THE DAY: The New Yorker looks at digital vigilantes who hack back. American companies are increasingly finding themselves on the receiving end of hacks from foreign governments and other actors. Companies usually refrain from hitting back. (The risk of backlash can be high.) But what if other people not explicitly affiliated with such companies took it upon themselves to do something? ON TAP: Mark your calendars: The Senate Armed Services Committee has released its fiscal 2019 National Defense Authorization Act (NDAA) markup schedule. The Subcommittee on Cybersecurity's closed-door markup will take place on Tuesday, May 22, according to a release sent out on Thursday. NOTABLE LINKS FROM AROUND THE WEB: EXCLUSIVE: Giuliani calls for Sessions to 'step in' on Cohen investigation. (The Hill) Mueller subpoena of Trump could spark historic legal clash. (The Hill) Sen. John McCain writes in a new book that the U.S. should considering striking back at Russia with a cyberattack. (Defense News) Pennsylvania has convened an independent commission to investigate its election security. (Pittsburg Post-Gazette) "Cyber Warfare: The Threat From Nation States." (Forbes) The European Central Bank has developed a cyber simulation test. (Reuters) Elon Musk turns conference call into a sparring session (WSJ) BSA, the Software Alliances new policy agenda | 
沒有留言:
張貼留言