ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack. “The software company SolarWinds unwittingly allowed hackers’ code into thousands of federal computers. A cybersecurity system called in-toto, which the government paid to develop but never required, might have protected against this.”

Politico: France identifies Russia-linked hackers in large cyberattack

Politico: France identifies Russia-linked hackers in large cyberattack. “France’s cybersecurity agency ANSSI on Monday said ‘several French entities’ had been breached, and linked the attacks to a Russian hacker group thought to be behind some of the most devastating cyberattacks in past years. The agency said it had identified “an intrusion campaign” in which hackers, linked to Russian military intelligence agency GRU, compromised the French software firm Centreon in order to install two pieces of malware into its clients’ networks.”

TechCrunch: Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware

TechCrunch: Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware. “Security researchers say that they have found evidence that for the first time Russia-backed hackers are now using a more sophisticated type of malware to target government entities. ESET presented its case Thursday that the hacker group, known as Fancy Bear (or APT28), is using rootkit malware to target its victims. That marks an escalation in tactics, which the researchers say the group’s hacking capabilities ‘may be even more dangerous than previously thought.’” ESET sounds like it should be an explained acronym but it’s the name of a security company.