Collaborate Disseminate
On March 17, the U.S. Internal Revenue Service (IRS) and the Treasury Department announced the extension of the federal income tax filing due date from April 15, 2021 to May 17, 2021. This decision is designed “to help taxpayers navigate the unusual ci… Continue reading Beware of These 3 Scams Making the Rounds This Tax Season
A milestone date for an ambitious federal banking industry cybersecurity regulation that debuted at the tail end of the Trump administration has nearly arrived. Monday, April 12 marks the deadline for comments on an initial proposal that would mandate how a wide range of financial firms would need to report more kinds of cyber incidents to regulators within 36 hours. That’s a more stringent timeline that many comparable regulations; Europe’s General Data Protection Regulation notification window is twice as long, at 72 hours. The relatively quick notification requirement generated most of the attention when the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Treasury’s Office of the Comptroller of the Currency announced the rule in December. It’s expected to receive significant blowback from the financial services industry as an overly aggressive demand. Some analysts, though, cite the types of incident reports that need to be […]
The post Financial industry preps for proposal that would require 36-hour breach notification appeared first on CyberScoop.
President Joe Biden is giving a reprieve to Chinese apps that his predecessor’s administration had put on the defensive. On Thursday, the Commerce Department said in a court filing that it was reviewing the Trump administration’s bid to ban WeChat. It comes one day after a similar court filing where Commerce said it was reviewing the proposed ban on TikTok, and after the Biden administration has reportedly “indefinitely” placed on hold the plans to force the sale of TikTok’s American division to Oracle and Walmart. In Thursdays’ filing, the department asked the Ninth Circuit Court of Appeals to pause a court case challenging the WeChat ban, which the Trump administration sought to implement in response to what it deemed the national security threat the app posed. “As the Biden Administration has taken office, the Department of Commerce has begun a review of certain recently issued agency actions, including the Secretary’s […]
The post Biden administration pauses Trump’s plans to ban WeChat, TikTok appeared first on CyberScoop.
Continue reading Biden administration pauses Trump’s plans to ban WeChat, TikTok
The U.S. sanctioned an Iranian venture capital firm on Wednesday that the Treasury Department said invests in cyberspace and information technology. Treasury’s Office of Foreign Assets Control identified the firm, Barkat Ventures, as an arm of an organization that the supreme leader of Iran controls called EIKO, short for Execution of Imam Khomeini’s Order. The sanctions also targeted a second Komeini-controlled organization, Astan Quds Razavi. “These institutions enable Iran’s elite to sustain a corrupt system of ownership over large parts of Iran’s economy,” said Secretary Steven Mnuchin. “The United States will continue to target those who enrich themselves while claiming to help the Iranian people.” Barkat Ventures has a small profile outside Iran. An apparent company website cites its desire to invest in technologies such as the internet of things, electronic health, cryptocurrency and software as a service. Its overall goal is to reduce barriers for entrepreneurs in “knowledge-based” businesses, […]
The post Iranian venture firm investing in cyber tech is subject of US sanctions appeared first on CyberScoop.
Continue reading Iranian venture firm investing in cyber tech is subject of US sanctions
The U.S. Treasury Department on Monday leveled sanctions at another batch of current and former Ukrainian government officials it says are affiliated with a 2020 election influence campaign. Treasury said all four men have publicly associated themselves with Andrii Derkach, a previously sanctioned Ukrainian parliament member and suspected Russian agent who has met with President Donald Trump’s personal attorney Rudy Giuliani as part of his bid to spread misinformation about the Biden family. Of the four, Konstantin Kulyk, Oleksandr Onyshchenko and Andriy Telizhenko are former Ukrainian government officials, while Oleksandr Dubinsky currently sits in parliament. Treasury says they are part of Derkach’s inner circle and have coordinated to spread fraudulent, unproven claims. In total, Treasury’s Office of Foreign Assets Control imposed sanctions on Monday on seven individuals and four “media front companies” associated with the disinformation campaign. The other three men are also Derkach supporters, Treasury said. In a sign […]
The post US government sanctions more Ukrainians tied to Biden family smear appeared first on CyberScoop.
Continue reading US government sanctions more Ukrainians tied to Biden family smear
The incoming Biden administration has spent the week heralding some of its cybersecurity-related personnel decisions, even as a couple key jobs remain a question mark. The Biden transition on Friday announced a slew of National Security Council picks. Among them is Caitlin Durkovich to serve as senior director for resilience and response, reflecting a similar role she once held at a Department of Homeland Security division that Congress later renamed and reorganized as the Cybersecurity and Infrastructure Security Agency. Andrea Kendall-Taylor will take the job of senior director for Russia and Central Asia, areas she worked on during a prior government stint in the intelligence community. “This outstanding team of dedicated public servants will be ready to hit the ground running on day one to address the transnational challenges facing the American people — from climate to cyber,” said Vice President-elect Kamala Harris. “They reflect the very best of our […]
The post Biden transition fills some top cybersecurity personnel spots appeared first on CyberScoop.
Continue reading Biden transition fills some top cybersecurity personnel spots
The New York Stock Exchange said Wednesday it will delist several Chinese telecommunications firms that allegedly worked with the Chinese military, the reversal of a previous decision. The stock exchange had first said last week it would remove China Telecom, China Unicom and China Mobile in order to comply with a Trump administration executive order. The order, issued in November, aimed to block Chinese companies from using U.S. capital to help advance Chinese military and intelligence goals. The effect is to bar the companies from trading on the exchange. The NYSE initially tried to backpedal on Monday after “further consultation with relevant regulatory authorities.” The exchange at the time said it would not delist the firms, causing widespread confusion. The decision on Wednesday to delist the firms, after all, came after the Treasury Department‘s Office of Foreign Assets Control issued guidance Tuesday that would block people in the U.S. from conducting […]
The post NYSE to remove 3 Chinese telecoms from market appeared first on CyberScoop.
Continue reading NYSE to remove 3 Chinese telecoms from market
The fallout from a sweeping hacking campaign by suspected Russian operatives continued Monday as Sen. Ron Wyden said that the hackers had breached “dozens of email accounts” of officials at the Treasury Department. The hackers “broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” Wyden said after Treasury officials briefed the Senate Finance Committee, where the Oregon Democrat serves as ranking member. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.” Multiple federal agencies, including the departments of Commerce and Homeland Security, are investigating breaches in the apparent espionage campaign, which has used tampered software made by federal contractor SolarWinds, but also has other vectors for breaking into systems. The breach at Treasury began in July, and the full extent of it is still unknown, Wyden said in a statement. “Microsoft notified the agency […]
The post Senator: SolarWinds hackers breached ‘dozens’ of Treasury email accounts appeared first on CyberScoop.
Continue reading Senator: SolarWinds hackers breached ‘dozens’ of Treasury email accounts
Microsoft revealed that a second hacking group had deployed malicious code that affects software made by SolarWinds, the federal contractor at the center of a suspected Russian espionage campaign against multiple U.S. government agencies. “[T]he investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor,” a Microsoft research team said in a blog post on Friday. The discovery underscores the extent to which Texas-based SolarWinds, whose software is used throughout Fortune 500 companies, is a valuable target for hackers. The newly revealed malware, known to researchers as Supernova, differs from the alleged Russian tampering because it does not appear to involve a compromise of the supply chain, Microsoft said. The Supernova code does, however, allow an attacker to send and execute […]
The post Microsoft identifies second hacking group affecting SolarWinds software appeared first on CyberScoop.
Continue reading Microsoft identifies second hacking group affecting SolarWinds software
Two key Senate Democrats extensively questioned the U.S. Treasury Department on Tuesday about its reported data breach, a subject it has been less forthcoming about than the other federal agencies swept into the compromise of SolarWinds software. The senators, Sherrod Brown of Ohio and Ron Wyden of Oregon, also want to know whether Treasury plans to sanction the attackers and if it has begun evaluating the overall damage to the economy of the cyber-espionage campaign, which could ripple through the private sector, too. The senators’ letter to Treasury Secretary Steven Mnuchin pushes the department not only to provide information about its own breach, but also to develop a broader response that includes punishments for the hackers responsible. Cybersecurity researchers have tied them to Russia. “These media reports suggest that these attacks were comprehensive and historic and bad actors may have had access to critical U.S. government networks for many months,” […]
The post Senators press Treasury to speak about breach, planned response to hackers appeared first on CyberScoop.
Continue reading Senators press Treasury to speak about breach, planned response to hackers