Friday, February 10, 2023 // (IG): BB // BSidesCharm// Coffee for Bob
Balloon gate: Spy Balloon Shot Down by Pentagon Carried Devices to Intercept Sensitive Communications
Analyst Comments: Why do we care? Spies are gonna spy - it is being released that intercept equipment was onboard and active for its flight over US military bases and nuclear missile silos. Curious to see the US response - Budweiser Blimp?
FROM THE MEDIA: The U.S. State Department has confirmed that the Chinese spy balloon shot down last week was carrying devices used to intercept sensitive communications. The Pentagon flew U-2 spy planes over the balloon and found that it had the ability to conduct "signals intelligence collection operations." The incident has caused a diplomatic rift between the U.S. and China, with Secretary of State Antony Blinken canceling a trip to Beijing. FBI officials have said they are still in the early stages of recovering parts of the balloon, which had solar panels, multiple antennas for collecting signals, and possibly other Western-made components. Congress is demanding answers from the Biden administration and has held classified briefings on the matter. Electronic warfare experts say this incident is part of a larger network of Chinese surveillance balloons, and that the U.S. must modernize its military capabilities to protect against such threats.
READ THE STORY: Politico // USA Today // FOX
Water armies across the Taiwan Strait
Analyst Comments: Chinese Communist Party (CCP) is attempting to interfere in Taiwan's political affairs by using a paid online army to spread misinformation and attack the Facebook pages of senior politicians. This highlights the CCP's efforts and TTP used to influence public opinion and potentially sway elections in Taiwan.
FROM THE MEDIA: The Chinese Communist Party (CCP) has been using paid online commentators, also known as an "internet water army," to attack the Facebook accounts of Taiwanese President Tsai Ing-wen and former Premier Su Tseng-chang. The CCP has hired online marketing companies, who have in turn hired people to engage in cyberattacks, and at least 825 suspicious accounts have been identified. The cyber army is said to have used a four-step method to spread misinformation: posting articles using a fake account, using foreigners' fan pages to share screenshots, using these fake accounts to forward information, and sharing the fake articles with large public groups on Facebook to increase their reach. The topics the paid commentators focus on include inflation, selling agricultural and fishery products to China, military exercises against Taiwan, U.S. arms sales to Taiwan, the imminent breakout of a cross-strait war, and the U.S. abandoning Taiwan. Taiwan's intelligence suggests that the CCP used this method to extensively interfere in Taiwan's local elections in November and will target the 2024 presidential and legislative elections using the same method.
READ THE STORY: Taiwan News
Geotargeting tools are allowing phishing campaigns to home in on potential victims
FROM THE MEDIA: Hackers are using Geo Targetly, a tool used by businesses for customizing ads based on a recipient's location, to redirect victims to phishing pages that are customized to their language and region, according to Avanan, a cybersecurity firm. The tool allows hackers to attack multiple users in different parts of the world at the same time, making it more likely that victims will fall for the attack. In response to the issue, Geo Targetly has implemented measures such as URL malware and phishing scanners, as well as mandating that new accounts can only be created using legitimate company domain email accounts. However, the company admits that these efforts are not 100% effective and hackers can still create new websites that have not yet been classified as phishing or malware by antivirus vendors.
READ THE STORY: The Record
Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices
Analyst Comments: The vulnerabilities offer a remote entry point for attack, enabling unauthenticated adversaries to gain a foothold and subsequently spread to other hosts, causing significant damage. The findings underscore the danger of making IIoT devices directly accessible on the internet and create a "single point of failure" that can bypass all security protections.
FROM THE MEDIA: 38 security vulnerabilities have been found in wireless industrial Internet of Things (IIoT) devices from four vendors, creating a significant attack surface for threat actors looking to exploit operational technology (OT) environments. The flaws allow unauthenticated actors to gain initial access to internal OT networks, putting critical infrastructure at risk and disrupting manufacturing. Some of the vulnerabilities could be chained to give external actors direct access to thousands of internal OT networks, according to security researcher Roni Gavrilov. The findings highlight the risk of OT networks being put at risk by making IIoT devices directly accessible on the internet, creating a "single point of failure." Threat actors can target weak encryption schemes, coexistence attacks aimed at combo chips, or break into industrial Wi-Fi access points and cellular gateways. To prevent these attacks, it is recommended to disable insecure encryption schemes, hide Wi-Fi network names, and prevent devices from being publicly accessible.
READ THE STORY: THN
Ex-Mexican official pleads guilty to selling spyware to track business and political rivals
FROM THE MEDIA: A former official of Mexico's Attorney General Office, Julio Santamaria, has pleaded guilty to selling and using private computer-hacking tools to monitor political and business rivals in both Mexico and the US. He worked for a consortium of US and Mexican companies, including Elite By Carga, where he brokered the sale of interception and surveillance tools. Santamaria admitted to selling the technology to private citizens and Mexican politicians, knowing that some of the clients intended to use the equipment for political purposes, not law enforcement. He has been charged with conspiracy and is facing a five-year prison sentence and a $250,000 fine in May. The owner of Elite By Carga, Carlos Guerrero, and others involved with the company have already pleaded guilty to similar charges.
READ THE STORY: WFXRTV
SpaceX admits blocking Ukrainian troops from using satellite technology
Analyst Comments: Why do we care? Elon Musk and SpaceX are taking steps to prevent the use of their technology in military conflicts. The use of Starlink technology by Ukrainians raises questions about the role that technology companies and their products play in geopolitical conflicts - were ethics involved or did Musk feel exploited is the question.
FROM THE MEDIA: SpaceX President Gwynne Shotwell confirmed that the company has taken steps to prevent the Ukrainian military from using the Starlink satellite technology in their conflict against Russia. Starlink was not meant to be weaponized and Ukrainian forces have been using it in ways that were not part of any agreement, according to Shotwell. SpaceX's founder, Elon Musk, has been uneasy about the military use of Starlink in Ukraine, which fueled accusations that he was kowtowing to Russia after reports emerged of the signal being restricted during Ukrainian military operations. Despite this, Starlink has been praised by Ukrainian troops as a game-changer and thousands of units have been purchased for Ukraine by third countries. However, discussions between SpaceX and the Pentagon about a possible deal for military units have ended, according to Shotwell.
READ THE STORY: CNN
Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities
Analyst Comments: Why do we care? DPRK threat to critical infrastructure sector entities, particularly the healthcare and public health sector is becoming credible. Their deployment of Maui ransomware in 2022 strengthens this argument.
FROM THE MEDIA: North Korea is using state-sponsored ransomware to attack healthcare organizations and other critical infrastructure entities globally. The goal is to generate revenue to support national-level priorities and objectives, including cyber operations targeting the United States and South Korea governments. The actors are known to use various ransomware strains, including Maui and H0lyGh0st, and use VPNs to hide their location. They have been observed demanding ransoms in bitcoin and may threaten to expose a company’s proprietary data to competitors if ransoms are not paid. The advisory warns against paying ransoms as it may not guarantee file recovery and poses sanctions risks. The trend of nation-states using ransomware is a growing concern, with over 50 national governments or national government agencies being hit by ransomware in 2022.
READ THE STORY: CISA // The Record
Military Space: There’s More To Resilience Than Building Better Satellites
Analyst Comments: Why do we care? Space is not a new domain but its becoming the new battlefield. The loss or disruption of SATCOM or space assets will have significant impacts on national security, military operations, and daily life. Sat vs. Sat warfare is real so is the strategic use of debris fields.
FROM THE MEDIA: The U.S. military space community is undergoing a transformation due to great-power competition with China, new technological options, and the creation of the Space Force. The missile warning mission is being rethought and plans are in place to shift from a current system of satellites in geosynchronous orbit to a new system using lower orbits for greater granularity and less latency. However, low earth orbit has drawbacks, such as increased velocity and limited field of view, and increased vulnerability to attack. A hybrid architecture of low earth orbit, medium earth orbit, and geosynchronous orbit is seen as the best option for delivering capability, reliability, and affordability. A business plan involving both military and commercial players is also necessary.
READ THE STORY: Forbes
Mount Saint Mary College confirms December ransomware attack
FROM THE MEDIA: The Mount Saint Mary College in New York was hit by a ransomware attack in December, which was confirmed by the school after the Vice Society ransomware gang claimed responsibility for the attack and published details about it this week. The school detected and stopped the attack, disconnected the affected part of the network, and hired cybersecurity specialists to help with the response. The school received a ransom demand from the attackers but did not comply with it, following recommendations from the FBI. The school rebuilt the impacted systems, strengthened security protocols, and has been working with cybersecurity experts and law enforcement agencies to assess the findings. The school has informed those affected that their personal information may have been accessed and offered them free credit monitoring and identity theft protection services. Vice Society has been responsible for numerous attacks on educational institutions and has drawn scrutiny from law enforcement agencies around the world.
READ THE STORY: The Record
Hacker develops new 'Screenshotter' malware to find high-value targets
Analyst Comments: The attacker may deploy additional malware like the info-stealer "Rhadamanthys," which is capable of stealing credentials, cryptocurrency wallets, and files. Signs are indicating TA886 is a Russian actor, but further attribution investigation is ongoing. The group's use of Active Directory profiling is a cause for concern and could result in widespread compromise of domain-joined systems.
FROM THE MEDIA: A new cybercrime group named TA886 is targeting organizations in the US and Germany with custom malware that can perform surveillance and steal data. The group was discovered by cybersecurity firm Proofpoint in October 2022 and is still active. The attackers send phishing emails with malicious attachments or links to download malware, which then takes screenshots of the victim's machine. The attackers then evaluate if the victim is valuable enough for further intrusion. If so, they drop additional malware capable of stealing data such as credentials, files, and cryptocurrency wallets. The group is likely Russian and works during regular work hours in the UTC+2 or UTC+3 time zones. The attacks are ongoing, and Proofpoint warns that domain profiling can compromise all domain-joined hosts with information-stealing malware.
READ THE STORY: BleepingComputer
NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities
FROM THE MEDIA: A phishing campaign called "NewsPenguin" has targeted Pakistani entities by using the upcoming international maritime expo as a lure. The attacker sends targeted phishing emails with a weaponized document attached, posing as an exhibitor manual for the event. The attacks aim to target marine-related entities and visitors by tricking recipients into opening the seemingly harmless Microsoft Word document. Once opened, remote template injection is employed to fetch a next-stage payload from an actor-controlled server that is configured to return the artifact only from IP addresses in Pakistan. The server was found to host a covert spying tool capable of bypassing sandboxes and virtual machines. The threat actor is believed to be targeting government organizations, rather than being financially motivated.
READ THE STORY: THN
Russia’s cyberattacks aimed at ‘destabilizing’ Moldova, PM says
FROM THE MEDIA: Moldova, being an ally of Ukraine, has been facing the consequences of Russia's hybrid warfare, which includes both physical and cyber attacks. The country has witnessed a sharp increase in cyberattacks over the past year, making it an attractive target for pro-Russian hackers. Moldova suffered from the largest cyberattacks in its history last year, according to the country's Prime Minister. In addition to cyberattacks, the country has also been targeted with bomb threats, phishing attacks, and distributed denial-of-service (DDoS) attacks. The Moldovan government has also claimed that Russian hackers and intelligence services have been involved in interfering with the country's internal politics. The war in Ukraine has put Moldova's economy, energy security, and social stability under great strain, and its internet connection has also been affected by the conflict. The Prime Minister of Moldova stated that the situation in the country will depend on the evolution of the war in Ukraine.
READ THE STORY: The Record
A Hackers Pot of Gold: Your MSP's Data
FROM THE MEDIA: A ransomware attack on a New Zealand managed service provider (MSP) disrupted several of its clients, most belonging to the healthcare sector. The targeted MSP was Mercury IT, and among the impacted businesses were the New Zealand health ministry, the Ministry of Justice, health regulatory authorities, a health insurer, and more. The attack highlights the risk of MSPs being attractive targets for cyber criminals as they store vast amounts of client data in one system. 60% of MSP client incidents in 2021 were related to ransomware, according to the 2021 MSP Threat Report by ConnectWise. Weak passwords are the most common and vulnerable method of securing data, leading to RDP brute-force attacks. Organizations can prevent inheriting security weaknesses by conducting security audits of their vendors. One tool that helps with this is Specops Password Auditor, a free read-only password auditing tool that scans active directories for security weaknesses.
READ THE STORY: THN
Largest Canadian bookstore Indigo shuts down site after cyberattack
FROM THE MEDIA: Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday that caused the website to be unavailable to customers and only accept cash payments. The exact nature of the incident is still being investigated, but Indigo is not ruling out that hackers may have stolen customer data. Cybercriminals are often targeting big companies, and with an annual revenue of more than CAD $1 billion, Indigo fits the bill. It is possible that hackers used data collected by information-stealing malware to gain access to Indigo’s network.
READ THE STORY: BleepingComputer
HTML smuggling campaigns impersonate well-known brands to deliver malware
FROM THE MEDIA: Trustwave SpiderLabs has reported an increase in HTML smuggling activity, where cybercriminals abuse the versatility of HTML and social engineering to distribute malware. Four recent HTML smuggling campaigns have been discovered that impersonate well-known brands such as Adobe Acrobat, Google Drive, and the US Postal Service to increase the chances of users falling for the scam. HTML smuggling uses HTML5 attributes to store a binary in an immutable blob of data within JavaScript code, which is decoded when opened via a web browser. The four malware strains that have recently been detected using HTML smuggling in their infection chain are Cobalt Strike, Qakbot, IcedID, and Xworm RAT. HTML smuggling attacks can be challenging to prevent and protect against, as users often consider HTML files safe. To stop and mitigate the risks of HTML smuggling, email gateway solutions should be updated to handle these threats and security awareness training should be updated to communicate the risks to end users.
READ THE STORY: CSO
US and UK Sanction Members of Russian TrickBot Gang
FROM THE MEDIA: The United States and the United Kingdom have imposed sanctions on seven Russian nationals accused of developing and managing the TrickBot malware. One of the individuals, Vitaly Kovalev, has also been indicted on nine counts of bank fraud. The sanctions freeze any assets the men may have in U.S. or U.K. financial institutions and put the global financial system on notice to avoid transactions that can be tied to them. TrickBot is believed to have targeted healthcare organizations during the height of the COVID-19 pandemic. The sanctions make it difficult for the men to convert stolen money into Western currencies and complicate the decision for victims considering paying ransomware demands. Two alleged TrickBot members are already facing prosecution in the U.S. TrickBot evolved from a banking Trojan to a ransomware dropper and has been associated with Russian intelligence services.
READ THE STORY: GovInfoSec
Normalizing an illegal occupation: organization charts and sham elections
FROM THE MEDIA: The recent changes in the military organization of Russia and the announcement of the regional elections in newly annexed areas of Ukraine are being seen as propaganda of the deed. The integration of the occupied areas of Ukraine into the Southern Military District of Russia and the formalization of the move through the state news agency TASS is seen as a gesture toward the normalization of Russia's annexation of occupied Ukrainian territory. The announcement of the regional elections in these areas on the same day as the voting scheduled across Russia is seen as a further effort to present the areas as integral parts of the Russian Federation and to "Russify" the occupied territories. The MoD report says that while meaningful democratic choices are no longer available to voters at regional-level elections in Russia, the leadership will likely make the argument that the new elections further justify the occupation.
READ THE STORY: GOV.UK
Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children's Schools
FROM THE MEDIA: A new survey by Kaspersky reveals that 14% of American parents have experienced ransomware attacks on their children's K-12 schools, up from 9% last year. The average ransom paid by schools is $887,360, up from $375,311 in 2021. The results show that a growing number of schools are paying a ransom to restore their systems, with 76% of parents reporting their school paid the ransom, up from 71% in 2021. The average school closure was 2.5 days, up from 2.3 days last year. The majority of parents, 82%, were satisfied with the school's response to the attack, and 81% were confident in their school's ability to handle cyber security incidents in the future. Kaspersky recommends schools keep software updated, set up offline backups and detect lateral movements and data exfiltration, while parents and students should protect their personal devices with a cybersecurity product.
READ THE STORY: DARKReading
Britain and US make major move against ransomware gangs by sanctioning seven individuals
FROM THE MEDIA: The United Kingdom and the United States have sanctioned seven individuals who are believed to be part of the same network behind the Conti and Ryuk ransomware gangs, as well as the Trickbot banking Trojan. All seven individuals are based in Russia, which does not extradite its own citizens, making arrests by Western law enforcement unlikely. Naming the cybercriminals is meant to disrupt their operations, undermine their anonymity, and add stress to any potential relationships between them and Russia’s Federal Security Service. The U.K.’s National Cyber Security Centre believes that the group has likely received tasking from the Russian intelligence services and that the targeting of certain organizations aligns with Russian state objectives. The sanctions are part of a new campaign of concerted action between Britain and the United States and more actions are expected later this year.
READ THE STORY: The Record
Reddit admits security breach
FROM THE MEDIA: The quick and timely response by Reddit to a recent data breach sets a positive example for other companies. Reddit admitted that some internal company data was stolen in a phishing attack, but quickly reassured users that passwords and credit card information were not impacted. This stands in contrast to the handling of data breaches by other companies, such as Nvidia, which remained silent for several weeks after a "data extortion event," and LastPass, which confirmed a data breach but failed to report it for at least a month and faced criticism for mishandling the situation. Reddit's prompt disclosure and transparency in its response to the breach have been praised by cybersecurity researchers.
READ THE STORY: Cybernews
If You Use LastPass, You Need to Change All of Your Passwords ASAP
FROM THE MEDIA: LastPass, a popular password manager, suffered a major data breach in December 2022, putting customers' online passwords and personal data at risk. The unauthorized party was able to access unencrypted subscriber information such as usernames, company names, billing addresses, email addresses, phone numbers, and IP addresses. They also stole encrypted and unencrypted customer vault data, which includes website URLs, usernames, and passwords for all sites stored in the vault. It's recommended for LastPass subscribers to change all their passwords, enable two-factor authentication, and consider transitioning to a different password manager. Bitwarden, 1Password, and iCloud Keychain are alternative options. The breach was initially disclosed in August 2022 and was believed to have been contained, but the full extent of the breach was not revealed until later in December. The threat to the encrypted vault data remains, and if the master password was not strong enough at the time of the breach, the passwords are at risk of being exposed. The safest course of action is to change all the passwords site by site.
READ THE STORY: CNET
‘Shady business’: Ireland accused of facilitating tax avoidance by spyware group
FROM THE MEDIA: A Dutch member of the European Parliament, Sophie in 't Veld, is leading an investigation into the regulation and misuse of spyware within the EU. Two products, Pegasus and Predator, are at the forefront of her investigation. Pegasus is produced by the blacklisted NSO Group in Israel, while Predator is produced by Intellexa Group in Dublin, Ireland. In 't Veld is concerned that spyware has been used for political and criminal purposes and has been sold to regimes with poor human rights records. Intellexa's Predator is at the center of controversy in Greece for allegedly targeting politicians, business figures, and journalists. In 't Veld is calling for more co-operation between the EU and the US, more pressure on Israel, and better implementation of laws and controls related to the surveillance of citizens and the export of products with military use.
READ THE STORY: IT
New 'invisible finger' technology poses potential phone-hacking threats
FROM THE MEDIA: Researchers from the University of Florida have discovered a new hacking technique called the "invisible finger," which allows someone to remotely tap and swipe a touchscreen-enabled device through electromagnetic signals. The technique uses an antenna array to detect the electrical charge released by a finger when it touches a screen, and can be used to perform a variety of criminal acts, such as downloading malware or sending money from the victim's account. The hacking technique only works when the phone is unlocked or the attacker knows the password and the phone is placed face down, and the antenna array must be within 4 centimeters of the phone. The researchers hope to continue improving the technology and help manufacturers improve the security of their products to prevent potential hacking threats.
READ THE STORY: TechXplore
Cyber firm cracks OneKey crypto wallets, raises broader questions of hardware security
FROM THE MEDIA: A cybersecurity start-up called Unciphered has published a video that demonstrates a vulnerability in a hardware wallet manufactured by Hong-Kong based firm OneKey. The white hat hackers used a "man-in-the-middle" attack to trick the OneKey device into relaying its seed phrase, which can then be used to steal the digital assets stored in the wallet. OneKey has since provided an update to repair the exploit and paid Unciphered $10,000 in bug bounty. However, Unciphered's founder Eric Michaud warns that hardware wallets can provide a false sense of security and that older wallets, whose manufacturers may no longer be in business, could be vulnerable. He also says that multiple hardware wallet manufacturers recycle the same code base, meaning that a vulnerability discovered in one wallet is often found in others, leading to the need for vigilance among those who rely on hardware wallets to protect their crypto.
READ THE STORY: Yahoo finance
Chinese government-linked security cameras installed in Tasmanian parliamentary offices; Greens call for removal
FROM THE MEDIA: The Tasmanian government is being urged to remove security cameras from its parliamentary offices and surrounds, following calls for the federal government to remove cameras manufactured by companies linked to the Chinese government. The federal government has announced plans to remove cameras and security gear made by two companies, Hikvision and Dahua, which have been banned in the US and UK over fears they may contain spyware. The Tasmanian Greens leader, Cassy O'Connor, has raised concerns about the presence of Hikvision cameras in Tasmania's Parliament since 2020, but her concerns have fallen on deaf ears. An audit has uncovered more than 900 units of Chinese government-linked equipment within Commonwealth government buildings. The Tasmanian Parliament's presiding officers have declined to comment on security matters, but the Tasmanian Premier has said that security cameras in Parliament House are a matter for the presiding officers, but the government would consider the issue.
READ THE STORY: ABC
The Twitter Files Reveal an Existential Threat
FROM THE MEDIA: Elon Musk's takeover of Twitter last October and the subsequent reporting on the Twitter Files by journalists Matt Taibbi, Bari Weiss and others has revealed an unholy alliance between Big Tech and the deep state designed to throttle free speech and maintain an official narrative. The Twitter Files show that the FBI pressured Twitter to suppress stories of Hunter Biden's corruption, suspend President Trump for tweets that did not violate any Twitter policies, and deputize Twitter as a tool for censorship and narrative control. These revelations demonstrate how the administrative state has metastasized into a destructive deep state that threatens to collapse America's constitutional system. The American people and their elected representatives must take action in defense of the First Amendment and free and fair elections.
READ THE STORY: The Epoch Times
CISA Releases Recovery Script for Victims of ESXiArgs Ransomware
FROM THE MEDIA: The US Cybersecurity and Infrastructure Security Agency (CISA) has released a free recovery script on GitHub for victims of the ESXiArgs ransomware variant that affected thousands of organizations worldwide this week. The tool is designed to help organizations attempt the recovery of configuration files on vulnerable VMware ESXi servers without having to pay a ransom. Organizations should understand how it works before attempting to use the tool. Meanwhile, VMware has urged organizations to patch the 2-year old vulnerability that ESXiArgs is exploiting, as well as disable ESXi's service location protocol (SLP) and port 427, where possible, to mitigate the risk of attack.
READ THE STORY: DARKReading
Items of interest
Japan joins ranks of nations plotting smackdown for Apple, Google
FROM THE MEDIA: The Los Angeles City Council voted to move forward with an $800-million plan to convert the city's largest gas-fired power plant to green hydrogen. The vote authorized the L.A. Department of Water and Power to begin the contracting process, but critics raised the possibility that the project could fail and leave L.A. stuck burning natural gas. The motion approved by the council requires DWP officials to more closely examine alternatives and engage with communities near the gas plant. Green hydrogen has been touted as a potential substitute for natural gas on the electric grid, but climate activists have raised concerns about explosions, short-term climate change effects, and fossil fuel companies' involvement.
READ THE STORY: The Register
Dealing with Remote Access to Critical ICS Infrastructure (Video)
FROM THE MEDIA: One of the world's most popular cyber security classes for industrial control systems (ICS) and SCADA is getting another update. New for 2019, ICS410 will now contain a section on dealing with remote access to critical infrastructure and is updating the secure reference network architecture used throughout the class. Join Justin Searle, the author of ICS410, to get a free sneak peek of these new changes to the class.
Mastering ChatGPT For SEO Content (Video)
FROM THE MEDIA: This video explains how to use ChatGPT, a chatbot focused on content creation, to create SEO-friendly content quickly and easily. It provides an overview of the bot and its features, and gives instructions on using it to create a custom content creation script that will automatically link all of the author's content.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.