Dealing with Hafnium’s work against Microsoft Exchange Server and Holiday Bear’s visit to the SolarWinds supply chain. A plea for OSINT, and some wins for the cyber cops.

CISA urges everyone to take the Microsoft Exchange Server vulnerabilities seriously. The SolarWinds compromise is also going to prove difficult to mop up. The US is said to be preparing a response to Holiday Bear’s SolarWinds compromise (some of that response will be visible, but some will not). A plea for more OSINT. Ben Yelin from UMD CHHS ponders face scanning algorithms in the job application process. Our guest is Sam Crowther from Kasada, asking why are we still talking about bots? And dragnets haul in some cybercrooks. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/45