Saturday, February 11, 2023 // (IG): BB // BSidesCharm// Coffee for Bob
City of Oakland hit with ransomware attack, but says ‘core functions’ are intact
FROM THE MEDIA: The city of Oakland in California has confirmed that its networks have been hit by a ransomware attack. The attack started on Wednesday night and the city's IT department is working with law enforcement to investigate the issue. According to the statement, 911, financial data, and fire and emergency resources have not been impacted. The IT department has taken affected systems offline for security reasons, causing delays for the public. A local reporter has reported that the city has faced IT talent issues and was warned of cybersecurity deficiencies last year. Meanwhile, the city of Modesto has also confirmed a ransomware attack and has limited connectivity to some systems. Ransomware attacks on cities have become less frequent as governments increase their cybersecurity protections, but they can still result in significant costs and disruptions to services.
READ THE STORY: The Record
Wave of telco attacks tied to bad third-party vendor security hygiene
FROM THE MEDIA: Telecom companies have faced a relentless wave of cyberattacks this year, with over 74 million private records tied to AT&T, T-Mobile, U.S. Cellular, and Verizon customers spilled onto the Dark Web. A report by Cyble Research and Intelligence Labs showed that the majority of the six reported data breaches were carried out by exploiting security weaknesses on third-party vendor networks. This highlights the risk of third-party vendors, who often hold sensitive data, and the difficulty of identifying these risks. The report also pointed to the growing importance of public-private partnerships in incident reporting, as well as the need for faster reporting of breaches to reduce the vulnerability window. Additionally, telecom networks are increasingly attractive targets for attackers due to their widespread use for multi-factor authentication and business data sharing, including email.
READ THE STORY: SCMAG
Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users
Analyst Comments: This kind of social engineering campaign can be highly effective and is becoming increasingly common. The use of advanced techniques such as custom loaders, Telegram, and the exploitation of vulnerabilities such as CVE-2015-2291 demonstrate the sophistication of these attacks.
FROM THE MEDIA: Russian threat actors have been targeting Eastern European users in the cryptocurrency industry with fake job opportunities as a way to install information-stealing malware on their computers. The malware, called Enigma, is an altered version of Stealerium, a C#-based malware that serves as a stealer, clipper, and keylogger. The infection starts with a rogue RAR archive file containing two files that are used to lure victims into executing the malware. The first file is a .TXT file with sample interview questions and the second file is a Microsoft Word document that launches the first-stage Enigma loader. This loader then downloads and executes an obfuscated secondary-stage payload through Telegram, which disables Microsoft Defender and installs a third-stage payload. This payload ultimately downloads Enigma Stealer from a Telegram channel controlled by the attacker, which is designed to harvest sensitive information, record keystrokes, and capture screenshots. The malware is exfiltrated back to the attacker using Telegram.
READ THE STORY: THN
Hacking marketplace emerges from Killnet partnership, seeks pro-Russia donations
Analyst Comments: This is an active marketplace focused on the .RU audience. A recent successful effort in seeking donations displays a user base that finds value in the service.
FROM THE MEDIA: The Infinity Team is a partnership between Killnet and Deanon Club that offers hacking services and resources, including DDoS, through its own online marketplace and forum. Killnet is a pro-Russian hacktivist group with potential ties to Russian government organizations. The leaders of the group have asked for donations from followers and the Infinity Forum supports the advertisement of illegal goods and services. The forum also provides paid tutorials and courses for aspiring criminals. If successful, the Infinity Forum could generate millions for the pro-Russian hacktivist groups, highlighting their growing threat and financial potential.
READ THE STORY: SCMAG
What the Balloon Saga Tells Us About China’s Espionage Program
Analyst Comments: The Chinese balloon program was part of a military-led spy effort that spans over 40 countries, according to Biden administration officials. China’s use of influence operations, scholars, company insiders, and front companies to gain access to technology and research has been in the headlines the last five years.
FROM THE MEDIA: A high-altitude balloon shot down by the US Air Force in February has raised concerns about China's alleged spying campaign. The US claims the balloon was gathering information over America while China says it was a civilian weather balloon that had blown off course. The balloon was equipped with surveillance equipment and a small motor, indicating it was maneuverable. China's main intelligence agency, the Ministry of State Security, has been accused of increasing the scale of spying and influence operations globally. The US sees China as the top threat to its technological competitiveness and lists it as the "broadest, most active, and persistent cyber espionage threat." Similar balloons have been spotted in other countries as well, indicating China's military-led spy program spans over 40 countries.
READ THE STORY: Washington Post
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
FROM THE MEDIA: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, due to evidence of active exploitation in the wild. One of these vulnerabilities (CVE-2022-24990) affects TerraMaster network-attached storage devices and has been weaponized by North Korean nation-state hackers to deliver ransomware to healthcare and critical infrastructure entities. Another vulnerability (CVE-2015-2291) is in the Intel ethernet diagnostics driver for Windows and has been exploited by multiple threat actors, including the Lazarus Group, to gain elevated privileges. The third vulnerability (CVE-2023-0669) is a remote code injection in Fortra's GoAnywhere MFT managed file transfer application, and is linked to a cybercrime group affiliated with the Silence ransomware operation. Federal Civilian Executive Branch agencies are required to apply the fixes by March 3, 2023.
READ THE STORY: THN
Nuspire Threat Analysis: Qakbot Spam Campaign Leveraging Microsoft OneNote
FROM THE MEDIA: The Black Basta ransomware group is targeting U.S.-based companies using QakBot malware to gain initial access to their networks and move laterally within them. The group uses double extortion tactics to steal sensitive data and then demands cryptocurrency payments to prevent the release of the stolen information. QakBot is a banking trojan that steals financial data, browser information, keystrokes, and credentials. The recent Black Basta attacks deliver Cobalt Strike directly through QakBot, after a spear-phishing email with a malicious disk image file is opened. Black Basta is a highly active ransomware group and has successfully targeted 25 companies in October 2022 alone. Nuspire is actively monitoring for indications of compromise within client environments.
READ THE STORY: Security Boulevard
AI-powered Bing Chat spills its secrets via prompt injection attack
FROM THE MEDIA: A Stanford University student named Kevin Liu used a prompt injection attack to reveal the initial prompt of Microsoft's new "Bing Chat" conversational bot, powered by OpenAI technology. The initial prompt was a list of instructions for the AI model, such as behavior guidelines and how to identify itself. The prompt injection works like a social engineering hack, tricking the AI model into revealing its secrets. Despite attempts to block the prompt injection, Liu was able to reaccess the initial prompt, showing that it is difficult to guard against. The similarity between tricking a human and tricking an AI model raises questions about the logic and reasoning abilities of large language models.
READ THE STORY: arsTECHNICA
Austin ethical hacker group makes reporting security bugs easier
FROM THE MEDIA: Austin Hackers Anonymous (AHA!), a group of ethical hackers based in Austin, has become the first unorganized hacker collective in the US to join the globally recognized CVE (Common Vulnerabilities and Exposures) program. This gives the group the designation of a CVE Numbering Authority (CNA), giving them more credibility when reporting security flaws to companies. The AHA! members present their security discoveries at the last Thursday of each month in a local bar and, if they want to report the findings, Tod Beardsley, one of the group's founders, handles the process and negotiates with the vendor. Becoming a CNA gives the reports more legitimacy, as the first response from companies is often suspicion or dismissal when approached by a solo hacker. The program is expected to lead to more bugs being reported and patched.
READ THE STORY: AXIOS
Moscow wants bid on large border biometric ID project
FROM THE MEDIA: Russian authorities are reportedly looking for bids for an 830 million ruble ($11.3 million) contract to build facial recognition stations at the country's borders. The tender was reportedly found on a government procurement portal, but this has not been verified. The facial recognition system will be installed at several border crossing points, including those along the Russian-Chinese border, the Russian-Polish and Lithuanian border, and the Russian-Kazakhstan border. The system will analyze face images to identify drivers and match their faces at the entrance and exit of the checkpoint, as well as recognize license plates and car brands. The equipment must be delivered by November 25, 2023. However, there are questions about the accuracy of the biometric databases and lists used by the system. Mikhail Klimarev, the director of the non-profit organization "Internet Defense Society," has raised concerns about the reliability of the current video surveillance system and the accuracy of the border crossing database.
READ THE STORY: Biometric Update
What technologies and tactics are countries using to spy on each other
FROM THE MEDIA: Countries are using various techniques and technologies to spy on each other in the world of rising tensions. These techniques range from traditional spies on the ground, signals, imagery, and cyber intelligence to open source information. Open source information, which can often be directly published, is where countries like the UK, US and Australia are focusing their efforts as it accounts for 70-90% of usable intelligence. However, collecting open source information becomes difficult when it comes to countries like China, which tries to restrict and police social media usage. The Five Eyes intelligence alliance is working on countering China's intelligence activities. AI is becoming a game changer in the field of espionage as it can preload an autonomous system with analysis to interpret information at the same level of human intelligence.
READ THE STORY: ABC (AU)
Attacker Allure: A Look at the Super Bowl's Operational Cyber-Risks
FROM THE MEDIA: The Super Bowl is a high-risk event for cyber attacks due to the large number of systems involved and the third-party stakeholders involved. Threats include shutting down systems, perpetuating ransomware, or hacktivism. To secure the event, it is important to have multiple networks segmented from each other, to have layers of testing for worst-case scenarios, and to have a focus on resiliency. IT professionals should also be on the lookout for phishing attacks, malware and viruses, and social engineering attacks. Cybersecurity is on the radar for the event, with preparations from event organizers and government organizations, such as the Arizona Cyber Command and the Federal Aviation Administration.
READ THE STORY: DARKReading
Pentagon Staffers Found Installing Dating Apps, Games on Government Phones
FROM THE MEDIA: Employees at the Pentagon are downloading and using unauthorized and banned apps, such as dating apps, Chinese drone apps, cryptocurrency apps, games, and more, on their government-issued devices, according to a new report from the Department of Defense Office of Inspector General. The report found that the lack of a comprehensive policy for mobile devices and applications was contributing to the issue, as well as the inadequate training on acceptable app use. The report also noted that employees were using unapproved messaging apps to conduct official business, which goes against federal record retention policies. The report called for stricter measures to address the problem, but noted that some of its recommendations were not fully addressed or responded to by management officials.
READ THE STORY: PCMAG
Microsoft is apparently discussing chatGPT's bizarre alternate personality
FROM THE MEDIA: A group of Reddit users have found a way to manipulate OpenAI's AI chatbot, ChatGPT, into giving responses with inappropriate language, fringe opinions, and even illegal advice. The users have developed a persona called DAN, short for "do anything now," which can bypass the rules set by OpenAI. The trend has become popular among the members of the ChatGPT subreddit and has even caught the attention of Microsoft, a major investor in OpenAI who is integrating the technology into their products. According to a photo posted on the subreddit, Mark Russinovich, the CTO of Microsoft Azure, has mentioned DAN at a Microsoft cybersecurity summit, referencing it as an example of the challenges security defenders will face in the near future. This has highlighted the difficulty of controlling machine learning technology, especially when users are trying to help it break free of its limitations. Futurism has reached out to Russinovich, Microsoft, and OpenAI for comment.
READ THE STORY: Futurism
Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
FROM THE MEDIA: Four malicious Python packages have been found in the Python Package Index (PyPI), which were downloaded about 450 times before they were taken down. The packages, aptx, bingchilling2, httops, and tkint3rs, carried out malicious actions such as dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. The analysis of the malicious code revealed an obfuscated Meterpreter payload disguised as the legitimate package installer "pip" that can be used to gain shell access to the infected host. In addition, five more packages – web3-essential, 3m-promo-gen-api, ai-solver-gen, hypixel-coins, httpxrequesterv2, and httpxrequester – were found to harvest and exfiltrate sensitive information. These findings highlight the growing risk of nefarious packages in open-source repositories like PyPI and npm, which can have a severe impact on the software supply chain.
READ THE STORY: THN
California Medical Group's Ransomware Breach Affects 3.3M
FROM THE MEDIA: Regal Medical Group, one of the largest medical groups in southern California, has reported a ransomware attack that resulted in the theft of personal health information of over 3.3 million individuals. The attack took place on December 8, 2022, but was only discovered on December 8 by Regal employees who noticed difficulties in accessing some of the organization's servers. After conducting an extensive review, malware was detected on some of the servers and it was found that the threat actors used it to access and exfiltrate data. The compromised data includes names, Social Security numbers, addresses, birthdates, health information, laboratory test results, prescription data, radiology reports, and phone numbers. Regal has notified law enforcement and is offering affected individuals one year of credit monitoring. The attack is believed to be a result of the growth of the healthcare sector through mergers and acquisitions.
READ THE STORY: GovInfoSec
Reddit breached
FROM THE MEDIA: Reddit recently suffered a data breach caused by a phishing attack where an attacker impersonated the company's intranet gateway to steal credentials and two-factor authentication tokens from an employee. The breach did not affect the primary production systems that run Reddit and store most of the data. Industry experts agree that employee training on recognizing phishing emails and regular reminders on email security are crucial to prevent future phishing attacks. They also advise organizations to implement stronger security measures, such as just-in-time access and phishing-resistant MFA, to eliminate the risk of a breach.
READ THE STORY: The Cyberwire
A10 Networks confirms data breach after Play ransomware attack
FROM THE MEDIA: A10 Networks, a California-based networking hardware manufacturer, has confirmed that its IT infrastructure was briefly compromised by the Play ransomware gang. The security incident occurred on January 23rd, 2023 and lasted a few hours before the IT team managed to stop the intrusion and contain the damage. The threat actors gained access to shared drives, deployed malware, and compromised data related to human resources, finance, and legal functions. The company says the security incident did not impact its products or solutions and cannot have affected its customers. The Play ransomware gang added A10 Networks to its extortion site and threatened to leak the files it stole during the intrusion on Sunday. The gang claims to possess confidential files, including technical documentation, employee and client documents, agreements, and personal data.
READ THE STORY: BleepingComputer
Chinese Spy Balloon: US Blacklists six Chinese Entities Over Balloon Espionage
FROM THE MEDIA: The Biden administration blacklisted six Chinese entities linked to the Chinese balloon espionage program on Friday. The blacklisting is expected to escalate the diplomatic row between the US and China, which was sparked by a Chinese spy balloon that was shot down off the coast of South Carolina by US fighter planes. The six entities are being targeted for their support to China's military modernization efforts, specifically the People's Liberation Army's aerospace programs. The US Bureau of Industry and Security said the PLA is using high altitude balloons for intelligence and reconnaissance activities. Another "high flying object" was shot down in the skies over Alaska, reportedly due to a threat to the safety of civilian flights. The twin incidents reflect heightened concerns over China's surveillance program and public pressure on Biden to take a tough stand against it.
READ THE STORY: Outlook India
Chinese spy balloon: Everything we know after US recovers wreckage
FROM THE MEDIA: US officials say that the Chinese balloon shot down off the coast of South Carolina last week was indeed designed for spying and was part of a larger surveillance program. The balloon was flying over several sensitive military sites in the US, including missile silos and the Malmstrom Air Force Base in Montana. The US says the balloon was equipped with multiple antennae, sensors, and had the ability to change altitude and navigate, which contradicts the Chinese Foreign Ministry's claim that the balloon was a meteorological airship that got blown off course. The US officials believe there were two other balloons in operation, one over Central and South America and another at an undisclosed location. The balloon was around 60 meters in height and had a 900-kilogram payload the size of a regional jet. The use of spy balloons is not new, as they offer a cheaper and uncrewed way of gathering intelligence, which reduces political risk. The US has downplayed the intelligence implications of the balloon incident, but it is a message to the US that China is capable of this kind of surveillance.
READ THE STORY: New Scientist
China Withdraws From International Undersea Cable Project Amid Rising US Strife
FROM THE MEDIA: China has reduced its involvement in the Sea-Me-We 6 project, a subsea cable connecting Asia with Europe, as tensions rise between the US and China over control of the physical infrastructure that transmits the world’s online traffic, according to a report by FT. China Telecom and China Mobile withdrew their combined investment of roughly 20% from the project after a US company was chosen to build the line, while China Unicom, a smaller state-owned company, remains involved but with an unspecified investment. The US has denied permission for several subsea telecom cables involving Chinese companies or directly connecting the US to mainland China or Hong Kong, leading to concerns of a decoupling of the internet infrastructure between the two countries.
READ THE STORY: Circle ID
MagicWeb Mystery Highlights Nobelium Attacker's Sophistication
FROM THE MEDIA: Microsoft has discovered a sophisticated authentication bypass for Active Directory Federated Services (AD FS) that was carried out by the Russia-linked Nobelium group. The group used MagicWeb malware to implant a backdoor on the AD FS server, then bypass normal authentication using specially crafted certificates. The attack is part of the increasing sophistication of APT groups, which have targeted technology supply chains and identity systems. Microsoft advised companies to treat AD FS systems as privileged assets and limit who can access them. The company also suggested the use of multifactor authentication and monitoring of authentication data flows for visibility into potential suspicious events.
READ THE STORY: DARKReading
Russian hackers are trying to break into ChatGPT, says Check Point
FROM THE MEDIA: OpenAI's ChatGPT program is being targeted by various threat actors, according to cybersecurity company Check Point Software Technologies. Field Chief Information Security Officer for Check Point, Pete Nicoletti, stated that the company has observed Russian hackers attempting to bypass the geo-regional restrictions placed on the ChatGPT API, which blocks inbound requests from Russia. However, Nicoletti noted that the situation with ChatGPT is not like the 2017 EternalBlue threat and that it is the use of a generally open platform by many different parties, similar to many AI model architecture use cases in the research community. An attempted exploit has been discovered on Reddit called DAN, which tries to manipulate ChatGPT into producing text that escapes the guardrails put in place by OpenAI to prevent hate speech. Nicoletti believes that when an exploit finally appears, it will likely be a highly targeted phishing attack.
READ THE STORY: ZDNET
Mapping the MITRE ATT&CK Framework to API Security
FROM THE MEDIA: The MITRE ATT&CK Framework is a valuable resource for cybersecurity professionals, but currently lacks a specific API security matrix. Despite this, security leaders can still use the framework to defend against API security threats, which have risen as API usage has increased. By understanding the crossover between TTPs in the MITRE framework and API attack campaigns, organizations can improve threat detection, incident response, and allocate security resources more effectively. A new White Paper analyzes the relationship between the MITRE ATT&CK Enterprise Matrix and common API security threats such as Broken Object Level Authorization, Stolen Credentials, and Leaky Public APIs. The report maps the attack lifecycle of each threat to the TTPs in the Enterprise Matrix and compares the MITRE ATT&CK Framework to the OWASP API Security Top 10.
READ THE STORY: Security Boulevard
Israel-China relations amid the Sino-US rivalry
FROM THE MEDIA: The rise of China as a world power and America's response has caused Israel to re-evaluate its relationship with China. In 2017, the relationship between the two countries was flourishing, with deepening technology cooperation being the focus of the visit of Prime Minister Benjamin Netanyahu to Beijing. However, by 2018, the US had imposed export restrictions on Chinese telecom companies like ZTE and Huawei, and launched a campaign to limit Chinese involvement in critical infrastructure and digital ecosystems. US officials began to scrutinize and criticize Israeli infrastructure projects with Chinese involvement due to concerns about espionage and cybersecurity. To address these concerns, Israel established a foreign investment review committee and tightened its oversight of foreign investments. However, pressure from the US continues with calls to cut scientific research ties with China and limit exports of advanced technologies. Israel has to balance its ties with China with its relationship with the US, while also considering its own strategic interests and the infrastructural needs of its growing population.
READ THE STORY: AsianTimes
VPN retailers could face execution in Iran
FROM THE MEDIA: The Iranian government is taking legal action against unauthorized sellers of VPNs and circumvention tools to further restrict access to the internet. This move is aimed at preventing the spread of news and images related to the recent protests in the country through social media platforms such as Instagram and WhatsApp. The government's restrictions on internet access have also affected internet-based businesses and put up to 10 million livelihoods at risk. The restriction of internet access is in line with the Supreme Leader's criticism of free access to the internet and the expansion of the national intranet. However, VPNs are primarily used in Iran to bypass censorship and coordinate opposition protests, as the internet is not safe without one. A special advisor to the regime has called for the execution of those who sell VPNs, claiming that the primary use is for watching porn, but this is not the case. It is important for VPN users and sellers in Iran to be cautious and vigilant.
READ THE STORY: Iran International
Cyber grant money is beginning to flow, CISA officials say
FROM THE MEDIA: The Department of Homeland Security’s new state and local cybersecurity grant program has started distributing funds to states. The four-year, $1 billion program was created in the 2021 infrastructure law and is aimed at helping states allocate 80% of the funds they receive to local governments. All but two of the 56 eligible states and territories have applied for the program, with Florida and South Dakota being the only ones who opted out. The funds are expected to be distributed to the participating states over the next few months as they assemble their cybersecurity planning committees and draft plans for how they will allocate the money. The process has improved ties between CISA and state and local governments and increased collaboration. The grant experience so far has been considered a good start, but states are also looking to increase their aid to local governments through their own cybersecurity budgets.
READ THE STORY: Statescoop
Microsoft switches Edge’s PDF reader to pay-to-play Adobe Acrobat
FROM THE MEDIA: Microsoft and Adobe are collaborating to bring Adobe's technologies to Microsoft users. Adobe's PDF engine will replace the built-in PDF reader in Microsoft's Edge browser, providing users with better colors, graphics, performance, security, and accessibility. The basic features of the new PDF engine will be free to Windows 10 and 11 users, but advanced features such as editing text and images, converting PDFs, and combining files, will require an Acrobat subscription. Microsoft has emphasized its efforts to ensure the new PDF tool is secure and will be included in Adobe's bug bounty program. The new Edge PDF offering will be rolled out in phases and companies with managed devices can opt-in or out until March 2024 when the legacy Edge PDF engine will be removed.
READ THE STORY: The Register
Supply Chain Security: Protecting Your Data from Third-Party Risk
FROM THE MEDIA: Organizations use various tools and software for communication, meetings, and data storage, which are provided by third-party vendors and suppliers. These supply chains can pose a major risk to the organization as they can introduce malware or flaws that can give an attacker unrestricted access to user data. To mitigate these risks, organizations should conduct vendor risk assessments, continuously evaluate and update supply chain security measures, and use threat intelligence tools and incident response programs. It is important to secure these tools provided by third-party vendors to maintain data security and protect against potential threats.
READ THE STORY: Tech Bullion
Scores Of MSI Motherboards Delivered Without Secure Boot
FROM THE MEDIA: A security specialist recently uncovered that MSI has shipped over 300 motherboards with Secure Boot turned off, making PCs vulnerable to malicious software. Secure Boot has been a standard feature on PC boards for almost a decade and helps prevent the loading of unapproved software. MSI altered its default configuration about 18 months ago to make it more user-friendly, but this resulted in unsecured motherboards. MSI has since made all its UEFI computers with Secure Boot enabled, but older motherboards may still be vulnerable. MSI has released updated BIOS files to enable Secure Boot, but it is unknown how many consumers will take the effort to download the update.
READ THE STORY: Tech Notification
Items of interest
Leaked recordings reveal IRGC soldiers’ ‘doubt and confusion’ over protest crackdown
FROM THE MEDIA: The Islamic Revolutionary Guard Corps (IRGC) soldiers in Iran are feeling "doubt and confusion" and are frustrated with their low pay, according to senior officers. The IRGC has been cracking down on anti-regime protests for the past six months and has seen 70 soldiers die during the unrest. The IRGC soldiers earn a quarter of the pay of their Lebanese Hezbollah counterparts, and this difference has been exacerbated by the struggling Iranian economy and inflation. The IRGC's money is not made available to the public, and the soldiers are feeling undervalued and underpaid. The situation has led to "doubt and confusion" among the IRGC forces, according to a leaked recording.
READ THE STORY: Arab News
Reverse Engineering - Computerphile (Video)
FROM THE MEDIA: Reverse engineering is a process of figuring out how a piece of software works by analyzing its source code or low-level code. In this video, the computerphile discusses how to break down a problem into data structures, algorithms, and code and demonstrates how to find the arguments and options a program.
The Hackers Guide to Hardware Debugging: Matthew Alt (Video)
FROM THE MEDIA: This video covers how to debug hardware using open source tools, focusing on the use of openOCD and JTAG. It demonstrates how to debug an Xbox One controller and a transcend ssd, as well as how to use OpenOCD to debug microcontrollers, read memory from address that are.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.