The Register

1. FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

   Instructions for spotting and keeping suspected Russians out of systems

   Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs of intrusion in light of new guidance and tooling.…

2. Labour Party urges UK data watchdog to update its Code of Employment Practices to tackle workplace snooping

   Key doc hasn't been updated since 2018, warn politicos and trade union

   The UK's Information Commissioner's Office needs to update its Code of Employment Practices to tackle workplace spying by bosses, the Prospect trade union and the Labour Party have said.…

3. AnyVan confirms digital break-in, says customer names, emails and hashed passwords exposed

   Burglary took place 3 months before biz discovered unauthorised entry

   Updated  Anyvan, the European online marketplace that lets users buy delivery, transport or removal services from a network of providers, has confirmed it was the victim of a digital burglary that involved the theft of customers' personal data.…

4. Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data

   Which is exactly what you should do

   Scotland's environmental watchdog has confirmed it is dealing with an "ongoing ransomware attack" likely masterminded by international "serious and organised" criminals during the last week of 2020.…

5. Bye bye, said Trump admin to Huawei: You give a cheque-ie to our techies, but there's no licence to ply

   And them good ol' boys revokin' sanction to buy, singin', 'Soon will come the day that we fly'

   As parting gifts go, this one ranks pretty low. With less than three days until the inauguration of Joe Biden, the Trump Administration has reportedly revoked several licences that would allow Huawei to buy US-made tech, and plans to deny over 150 pending requests.…

6. Hallowed Bugtraq infosec list killed then resurrected over the weekend: We heard your feedback, says Accenture

   Plus: Watch out for NTFS-corrupting folder, Mimecast hack, and more

   In brief  Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month.…

7. Signal boost: Secure chat app is wobbly at the moment. Not surprising after gaining 30m+ users in a week, though

   Install base explodes following WhatsApp 'privacy' update, Musk endorsement

   Updated  Signal is experiencing a partial outage as tens of millions of netizens flood the free secure messaging service.…

8. Coming in at number 5, it's a blast from the past! Tenable's 2020 security flaw chart show features hits of yesteryear

   You know that update thing? JFDI

   Out of the top five vulnerabilities for 2020 three dated back to 2019 or earlier, according to infosec firm Tenable's annual threat report.…

9. Ministry of Defence's cyber warfare drive is helping burn a hole through its budget, warns UK's National Audit Office

   All that counter-China stuff costs a pretty penny, y'know

   The Ministry of Defence's multibillion budget overrun has been caused in part because of its spending splurge on flashy new "cyber" capabilities, according to the National Audit Office.…

10. Is a remote workforce making your organisation less secure?

    And can SASE save us?

    Webcast  Last year your bosses embraced remote working because, let’s face it, none of us had a choice.…