Daily Drop (1199)

12-10-25

Dec 10, 2025

Wednesday, Dec 10, 2025 // (IG): BB // GITHUB // SN R&D

U.S. Drops Sanctions on China’s Spy Agency Over Cyberattacks, Prioritizing Trade Over Deterrence

Bottom Line Up Front (BLUF): The Trump administration has abandoned plans to sanction China’s Ministry of State Security (MSS) for its role in the Salt Typhoon cyber-espionage campaign, reportedly to preserve trade negotiations and rare earth mineral access. The decision has drawn sharp criticism from cybersecurity and geopolitical experts who argue it erodes U.S. deterrence and signals that nation-state cyberattacks are negotiable if the economics are favorable.

Analyst Comments: China’s MSS is credibly accused of hacking unencrypted communications of top U.S. officials—yet instead of punitive measures, it’s getting what amounts to a diplomatic free pass. The rationale? Protecting rare earth supply chains and maintaining trade leverage. This sets a dangerous precedent: cyber aggression can now be “priced” and waived for economic convenience. It dilutes the credibility of U.S. cyber policy and signals to adversaries—large and small—that state-sponsored cyber operations can be tolerated if timed strategically. Worse, it further normalizes China’s long-game infiltration strategy, where delayed or absent retaliation only encourages deeper access and longer dwell times.

READ THE STORY: National Interests

Pentagon “Overmatch Brief” Leaked: U.S. Forces May Lose in Taiwan War Scenario

Bottom Line Up Front (BLUF): A classified Pentagon war game simulation report—the “Overmatch Brief”—obtained by the New York Times concludes that China could overwhelm U.S. military forces in a Taiwan conflict, citing vulnerabilities in U.S. carriers, satellites, and reliance on outdated systems. The report asserts that even America’s most advanced naval assets, like the Gerald R. Ford-class carrier, would likely not survive a concentrated Chinese hypersonic strike.

Analyst Comments: The DoD has danced around this for years, but the Overmatch Brief finally lays it out—U.S. forces may not win a fight over Taiwan, and China has structured its arsenal to make sure of it. Hypersonic weapons, counter-satellite capabilities, and a layered, pre-planned counterstrategy make up a deadly anti-access/area denial (A2/AD) net that even the most advanced U.S. platforms aren’t built to penetrate. The implications go beyond naval readiness. If the U.S. can’t protect or even reach Taiwan in a war scenario, deterrence collapses, and allies across the Indo-Pacific take notice. Expect increased pressure on NATO and Indo-Pacific partners to boost defense spending, as well as growing calls to accelerate U.S. modernization efforts in space, AI, and cyber warfare. Bottom line: Taiwan’s security may now hinge as much on deterrence and alliances as on actual U.S. military capability.

READ THE STORY: The Chosun

Congress Fast-Tracks Telecom Preemption Bills, Undermining Local Oversight and Court Authority

Bottom Line Up Front (BLUF): Congress and federal agencies are advancing legislation and rulemaking to centralize control over wireless infrastructure deployment, effectively stripping local governments and courts of oversight. Chief among these is HR 2289, a bill that preempts local zoning laws and restricts judicial review, allowing telecom companies to install antennas and towers almost anywhere. Supported by the FCC and NTIA, this initiative is funded with more than $42 billion from the Infrastructure Investment and Jobs Act.

Analyst Comments: Local authorities will have minimal say over where cell towers go—even near homes, schools, or in historic districts. More concerning is HR 2289’s attempt to override the 2021 Loper Bright SCOTUS ruling, which limited judicial deference to federal agencies like the FCC. The telecom industry’s influence is evident in the bill’s structure: it begins with language ostensibly protecting local control, only to nullify that protection through carefully crafted exceptions. This signals not only regulatory capture but also a broader strategy to silence legal and public resistance by consolidating authority under federal agencies. Expect growing friction between federal mandates and local communities as awareness spreads.

READ THE STORY: Meryl’s Chaos letter

European Leaders Signal Progress on Using Frozen Russian Assets for Ukraine Aid

Bottom Line Up Front (BLUF): UK Prime Minister Keir Starmer, alongside French President Emmanuel Macron and German Chancellor Friedrich Merz, announced “positive progress” toward repurposing immobilized Russian sovereign assets to support Ukraine’s reconstruction. The move marks a significant step toward weaponizing economic leverage in a prolonged geopolitical conflict.

Analyst Comments: This announcement, while still framed diplomatically, suggests Europe is edging closer to legal and political consensus on unlocking those funds. Expect legal pushback from Russia, possible countermeasures targeting Western assets, and friction in international financial law. However, if operationalized, this would set a precedent for future economic warfare strategies, making sovereign reserves less inviolable in the context of aggressive state behavior. Cyber retaliation by Russian actors should be considered a likely response vector, especially targeting financial institutions involved in the transfer mechanisms.

READ THE STORY: Reuters

Chinese MSS-Linked React2Shell Exploits Hit Dozens of Orgs, With Critical Bug Now Under Active Mass Scanning

Bottom Line Up Front (BLUF): React2Shell (CVE-2025-55182) is being actively exploited by threat actors tied to China’s Ministry of State Security (MSS). The flaw affects a popular open-source component widely embedded in web-facing systems. At least 30 organizations have been confirmed to have been compromised, with attackers leveraging Snowlight and Vshell malware—previously linked to Chinese contractors—to steal AWS credentials and deploy second-stage payloads. CISA has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog and mandated patching by December 26 for U.S. federal systems.

Analyst Comments: The zero-click RCE, rated 10.0 on the CVSS scale, exposes everything from SaaS frontends to internal admin portals, often without operators knowing the feature is enabled. The campaign attributed to Chinese MSS-linked actors follows a now-familiar pattern: early-access brokers exploit edge systems, deploy tooling such as Snowlight/Vshell, and then pass persistence to nation-state teams. What’s new here is the speed and scale: the bug was disclosed publicly on Wednesday, and nation-state exploitation was confirmed by the weekend.

READ THE STORY: The Record

U.S. and Canadian Agencies Warn of Long-Term BRICKSTORM Espionage Campaign by Chinese Hackers

Bottom Line Up Front (BLUF): Security researchers have identified serious flaws in Sipeed’s NanoKVM, a Chinese-made remote management device. The hardware, marketed as a budget KVM-over-IP tool, was found to contain an undocumented microphone, default SSH credentials, and network activity connecting to Chinese infrastructure. These vulnerabilities raise significant concerns about its use in secure or enterprise environments, particularly given the risk of audio surveillance and unauthorized remote access.

Analyst Comments: A joint advisory from CISA, NSA, and the Canadian Centre for Cyber Security confirms that Chinese state-sponsored hackers are deploying a stealthy, persistent malware framework called BRICKSTORM to target public sector organizations, IT providers, and critical infrastructure. The campaign has reportedly been active since at least 2022, with average dwell time exceeding 390 days. Attackers are exploiting VMware environments, creating hidden virtual machines, and leveraging Golang-based implants to maintain long-term, near-invisible access.

READ THE STORY: CPO MAG

Operation Gatekeeper Exposes $160M Nvidia GPU Smuggling Ring to China

Bottom Line Up Front (BLUF): U.S. federal prosecutors have charged multiple individuals in a large-scale smuggling operation involving the illegal export of more than $160 million worth of restricted Nvidia AI processors to China. The scheme—uncovered as part of Operation Gatekeeper—involved falsified shipping records, shell companies, and deliberate relabeling of hardware to bypass export controls. The exposure comes as President Trump lifts certain chip export restrictions, raising national security and supply chain concerns.

Analyst Comments: It’s not just about economic theft—AI chips like the H100/H200 are dual-use and foundational for both generative AI and advanced military applications. Smuggling them to strategic competitors isn’t corporate espionage—it’s strategic leakage. The rebranding, fake intermediaries, and use of Hong Kong-based logistics fronts mirror techniques seen in sanctions evasion and nation-state procurement operations, making this far more than just a tech export crime. With Trump reauthorizing sales of H200 chips to China (including profit-sharing clauses), the lines between official policy and enforcement risk are blurring. Expect increased scrutiny of U.S.-China trade, AI hardware supply chains, and export compliance programs in the wake of this case.

READ THE STORY: Bank Info Sec

Western Universities Linked to Chinese Surveillance State Through AI Research, New Report Finds

Bottom Line Up Front (BLUF): Stealth aircraft don’t rely on invisibility—they rely on geometry. The core principle, as detailed in The Linchpin’s explainer, is that radar stealth hinges on shaping an aircraft to deflect radar waves away from the receiver, not absorb or block them. By engineering aircraft surfaces as a series of angled flat planes rather than curves, designers dramatically reduce the radar cross-section (RCS), effectively “hiding” the aircraft from radar despite its physical size.

Analyst Comments: The report, Shared Labs, Shared Harm, shows that elite Western universities have partnered on AI projects with two Chinese state-priority labs—Zhejiang Lab and SAIRI—despite both having close ties to China’s security services, including CETC, the conglomerate behind the Uyghur-targeting Integrated Joint Operations Platform (IJOP). These labs aren’t abstract research partners; they’re core components of China’s surveillance-industrial complex. One is run by a CETC veteran who designed military command-and-control systems and collaborates with firms sanctioned for their roles in Xinjiang.

READ THE STORY: The Bureau

Coordinated Hacktivist Offensive: ‘Project Kitten’ Targets Israel with Centralized Cyber Ops Platform

Bottom Line Up Front (BLUF): A pro-Iranian-aligned hacktivist initiative known as Project Kitten has emerged as a centralized operations platform for cyberattacks against Israel. Leveraging infrastructure hosted in Iran, the platform coordinates activity among multiple threat groups and has escalated from data leaks to targeting industrial control systems (ICS) and programmable logic controllers (PLCs).

Analyst Comments: Project Kitten blends ideological motivation with technical sophistication. It’s not just another Telegram channel or loose hacking collective. The technical backend—complete with structured APIs, authentication controls, and video streaming support—suggests mid-tier APT capabilities masquerading as grassroots activism. And while they claim independence, the Iranian infrastructure and overlap with known groups like Handala and CyberIsraelFront suggest direct or indirect state alignment. Defenders should watch for ICS/SCADA-targeted malware and prioritize monitoring Iranian ASN traffic.

READ THE STORY: Freebuf

Exposed GitHub PATs Open Direct Path to Cloud Breaches via Action Secrets

Bottom Line Up Front (BLUF): Security researchers at Wiz have uncovered active exploitation of GitHub Personal Access Tokens (PATs), enabling attackers to extract GitHub Action Secrets and pivot into enterprise cloud environments. These secrets often store AWS, Azure, or GCP credentials, effectively giving attackers direct access to cloud infrastructure. The attack vector is stealthy, difficult to detect, and increasingly widespread across organizations that rely on GitHub-hosted CI/CD workflows.

Analyst Comments: GitHub PATs—intended to streamline developer workflows—are being abused to access plaintext secrets embedded in YAML workflows. Once attackers get even basic read permissions, they can scrape secrets using GitHub’s API and impersonate legitimate users to breach cloud environments. The real kicker? Search API calls are not logged, and GitHub-hosted runners operate from shared, legitimate IP addresses, giving attackers stealth and persistence. This is a classic case of over-trusting the platform—developers assume private repositories are secure, but plaintext cloud keys on GitHub are now a liability.

READ THE STORY: CSO ONLINE

Radar Evasion by Design: The Elegantly Simple Physics Behind Stealth Aircraft

Analyst Comments: Despite its reputation for cutting-edge mystique, stealth is based on an almost childishly simple idea: bounce the signal somewhere else. Modern stealth aircraft, such as the F-117 Nighthawk and B-2 Spirit, are designed to reflect radar signals away from their source, leveraging the geometry of flat surfaces and carefully engineered edges. These design choices drastically reduce an aircraft’s detectability—but not to zero, and not under all circumstances.

READ THE STORY: The Linchpin

Akira Ransomware Group Hits Hyper-V and ESXi: Surge in Hypervisor-Layer Attacks Evades Traditional Defenses

Bottom Line Up Front (BLUF): Huntress has reported a sharp rise in ransomware attacks targeting hypervisors—specifically VMware ESXi and Microsoft Hyper-V—with the Akira group leading the charge. Leveraging CVE-2024-37085 and living-off-the-land techniques, attackers are bypassing endpoint defenses and encrypting entire virtual environments from the management plane.

Analyst Comments: Akira’s pivot to targeting hypervisors is both strategic and efficient—compromising a single host enables them to deploy ransomware across dozens or hundreds of VMs instantly. The use of built-in tools openssl for encryption avoids triggering traditional AV/EDR. The CVE-2024-37085 vulnerability—letting attackers recreate the ‘ESX Admins’ group via Active Directory—is particularly dangerous for hybrid identity environments. Many orgs still treat hypervisors as infrastructure, not endpoints. That mindset is now a liability.

READ THE STORY: GBhackers

GeminiJack Zero-Click Exploit Bypasses Defenses to Leak Gmail, Docs, and Calendar Data via Google Gemini AI

Bottom Line Up Front (BLUF): Researchers at Noma Labs have disclosed GeminiJack, a critical zero-click vulnerability in Google Gemini Enterprise (formerly Vertex AI Search), allowing attackers to exfiltrate sensitive data from Gmail, Google Docs, and Calendar without user interaction. The flaw exploited Gemini’s RAG (Retrieval-Augmented Generation) to index and process content, enabling stealth prompt injections that triggered AI-driven data leaks via external image requests.

Analyst Comments: GeminiJack didn’t rely on malware or phishing—just AI behaving as designed. The attack was elegant and devastating: poison shared content with crafted prompts, waited for a legitimate employee to ask a routine question, and watched the AI hand over sensitive data. The vulnerability wasn’t a bug—it was a design oversight in how Gemini’s RAG system retrieved context from indexed Workspace data. That makes this an architecture-level risk that goes well beyond a single patch. Prompt injection here was used not to manipulate the AI’s response, but to weaponize the AI as an insider threat vector.

READ THE STORY: CSN

Fortinet SSO Bypass Vulnerability Puts FortiOS and Related Products at High Risk

Bottom Line Up Front (BLUF): FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager may allow unauthenticated attackers to bypass FortiCloud Single Sign-On (SSO) authentication and gain administrative access. The flaw (CWE-347: Improper Verification of Cryptographic Signature) was discovered internally and publicly disclosed on December 9, 2025. The root issue is an inadequate SAML message signature verification, affecting systems where FortiCloud SSO login was enabled by default during GUI registration.

Analyst Comments: Any attacker who can reach the affected Fortinet device could forge a SAML assertion and gain administrative access without valid credentials—essentially walking through the front door of enterprise firewalls, proxies, and web gateways. Although FortiCloud SSO isn’t enabled by default at the system level, the GUI registration flow enables it by default, which may catch many administrators by surprise. That design choice turns this into a silent, high-impact exposure for potentially thousands of deployed devices.

READ THE STORY: CSN

Cybersecurity Isn’t Just Hardware: Market Incentives Trap Vendors in “Sell Boxes, Forget Services” Cycle

Bottom Line Up Front (BLUF): A widely shared FreeBuf article challenges a core contradiction in the cybersecurity industry: while real-world defense demands strategy, training, and ongoing service, most security vendors still chase hardware sales for performance metrics. As incidents continue to expose gaps left by a “buy-a-box” mindset, the industry’s overreliance on product-based protection is being called out by practitioners and insiders alike.

Analyst Comments: This piece nails a truth many security leaders already know but struggle to act on: good cybersecurity is about process, people, and culture—not just products. Yet vendors, constrained by quota-driven business models, remain focused on shipping firewalls rather than building long-term risk-management strategies with clients. The KPI split (80% product, 20% services) means service teams get buried in low-margin, high-effort support while sales celebrate closing box deals. It’s not that vendors don’t know better—it’s that they’re financially punished for prioritizing anything but gear.

READ THE STORY: freebuf

Windows 0-Day in Cloud Files Driver Exploited in the Wild for SYSTEM Privileges

Analyst Comments: Microsoft confirmed that attackers are exploiting CVE-2025-62221, a Use-After-Free vulnerability in the Cloud Files Mini Filter Driver, a component that handles cloud-synced files as placeholders. The flaw allows a locally authenticated, low-privilege user to corrupt kernel memory and execute arbitrary code as SYSTEM. The vulnerability affects Windows 10 Version 1809 through Windows 11 25H2 and Windows Server 2025. Unlike remote exploits, this one typically occurs during post-exploitation phases, when threat actors already have local access and aim to disable security tools, steal credentials, or maintain persistence. There’s no workaround—patching is the only fix, and the updates are already live.

READ THE STORY: CSN

IBM Adds AI to Db2 Management Console, Chasing Relevance in Hybrid and AI-Driven Environments

Bottom Line Up Front (BLUF): IBM has upgraded its Db2 Intelligence Center console with AI-powered features to streamline management across on-prem, cloud, and containerized deployments. The update follows recent enhancements to Db2 12.1.3 and reflects IBM’s continued push to modernize the 42-year-old relational database for AI and hybrid data environments. Notably, IBM also signed a strategic deal with Cockroach Labs, signaling its intent to offer more flexible options for mission-critical workloads beyond mainframes.

Analyst Comments: IBM is racing to reposition Db2—once a flagship enterprise database—for a world dominated by cloud-native and AI-driven applications. The new AI-assisted Intelligence Center console offers a more unified, automated management experience, which is long overdue for an aging platform still widely used across sectors like finance. Banks still make up roughly 43% of the Db2 customer base.

READ THE STORY: The Register

Peripheral Asset Mapping Becomes Key to Modern Recon: Yuanlong Sec Highlights Hidden Entry Points

Bottom Line Up Front (BLUF): Yuanlong Sec Security Team published a detailed guide spotlighting the often-overlooked phase of information gathering in offensive security. The article emphasizes that success in penetration testing and red teaming now hinges on identifying peripheral and hidden assets—domains, IPs, and C-class ranges not directly tied to a company’s main infrastructure but still in scope. These areas are often where security blind spots—and real vulnerabilities—reside.

Analyst Comments: The key message is clear: if you’re only scanning what the target publishes on its website, you’re already behind. Mature red teams know the real action is in forgotten subdomains, misconfigured mini-programs, or IPs spun up by dev teams years ago and never shut down. The guide goes beyond theory, offering specific tooling and search queries (Fofa, crt.sh, ARL, QiChaCha) to identify assets companies often don’t know they still own. This is also where the most exploitable surfaces live—services with no WAF, legacy auth, or leftover admin panels. Corporate defenders should treat this not as a red-team tactic but as a defensive priority. If you can’t map your own asset footprint—including IPs, mini-program endpoints, and old certificates—you’re leaving doors wide open.

READ THE STORY: freebuf

GhostPenguin: AI Uncovers Four-Month Stealth Linux Backdoor with Zero Detection

Bottom Line Up Front (BLUF): Security researchers have identified GhostPenguin, a multi-threaded Linux backdoor that remained undetected by all VirusTotal engines for over four months. Discovered through AI-driven threat hunting, the malware uses encrypted UDP (RC5) communications on port 53 and a multi-stage architecture to evade detection. It supports over 40 commands and maintains stealth through heartbeat signals and minimal traffic patterns.

Analyst Comments: GhostPenguin is a backdoor written in C++ that targets Linux systems and uses a covert UDP-based command-and-control mechanism. It was identified via AI-based anomaly detection, with no hits on VirusTotal as of the detection date—indicating true zero-detection in the wild.

READ THE STORY: freebuf

Model Context Protocol (MCP) Cools Off Amid Practical Challenges

Bottom Line Up Front (BLUF): One year after its much-hyped launch, the Model Context Protocol (MCP)—a plug-and-play standard that enables AI agents to connect to external tools—has seen enthusiasm wane due to high operational costs, engineering complexity, and instability in real-world use. Chinese tech giants adopted MCP early, even before Google and OpenAI, but real-world deployment has exposed scalability and reliability limits2. MCP’s early hype underscores both the promise and the pitfalls of building standardized interfaces in modular AI ecosystems.

Analyst Comments: That vision attracted broad adoption, especially among Chinese AI leaders such as Baidu, Alibaba, and Tencent, eager to integrate their models into the global ecosystem. But a year in, developers are facing serious friction. Token usage is skyrocketing—just loading MCP tools (before generating output) can cost tens of thousands of tokens. GitHub’s MCP integration reportedly consumes 55,000 tokens for 93 tools—a non-starter at scale, especially with expensive models like Claude.

READ THE STORY: ChinAI Newsletter

The Strategic Model Behind Palantir (and Where Strategy Goes Next)

Bottom Line Up Front (BLUF): The true power of Palantir lies not in its software, but in its operational philosophy—what one might call embedded cognition. It’s a model that transcends conventional software delivery, where success hinges not on clean UI or robust backend systems, but on real-time situational understanding, active learning, and operational improvisation. Palantir sends its best people—Forward Deployed Engineers (FDEs)—directly into the chaotic interiors of large institutions. These aren’t consultants doing quarterly slide decks. They move in, live within the dysfunction, metabolize complexity, and build bespoke solutions based on revealed needs, not abstracted requirements.

Analyst Comments: As strategist Zoe Scaman describes, the model isn’t about service delivery—it’s about residency. Palantir teams don’t trust the client’s stated problems. They assume the organization is wrong about what’s broken—and they’re usually right. By fully embedding these operators, the strategic cycle—diagnosis, design, build, embed, iterate—becomes a single continuous loop. The result is not a generic platform, but a custom solution that works because it was forged inside the chaos, informed by tacit knowledge, internal politics, and unspoken power dynamics. And when something works, it’s abstracted, modularized, and folded into a growing internal library—a private pattern language of institutional dysfunction. This is Palantir’s real moat: not just software, but institutional memory, systematized.

READ THE STORY: Musings of a Wandering Mind

Tencent Pressures U.S. Cloud Host to Silence Anti-Censorship Archive, Raising Alarms About Transnational Censorship

Bottom Line Up Front (BLUF): Chinese tech giant Tencent successfully pressured U.S.-based cloud provider Vultr to suspend hosting for FreeWeChat, a censorship-tracking archive run by GreatFire.org. The takedown, initiated at the behest of the intermediary Group-IB, marks a concerning instance of transnational censorship, in which Chinese censorship norms were enforced on foreign infrastructure without a clear legal mandate.

Analyst Comments: Tencent’s approach—leveraging Group-IB to file legalistic complaints—demonstrates how authoritarian regimes can weaponize Western trust-and-safety systems to suppress dissenting or investigative content hosted abroad. Vultr’s failure to conduct a transparent review or meaningfully respond to counterclaims raises serious concerns about infrastructure-level censorship risks. The broader implication: Chinese censorship policies are not staying within China’s borders. They’re now enforced through Western service providers—often without due process. This poses a significant threat to open-source intelligence (OSINT), academic research, and digital rights initiatives tracking authoritarian suppression.

READ THE STORY: NetAskari

Chinese NanoKVM Device Found with Undocumented Microphone, Default Credentials, and Connections to China-Based Servers

Analyst Comments: The NanoKVM includes hardcoded encryption keys, lacks CSRF protection, and auto-connects to Chinese servers to retrieve unsigned, closed-source binaries. The presence of a hidden microphone, which can be remotely activated via ALSA tools, moves this beyond negligence and into espionage-related territory. While Sipeed has addressed some issues following disclosure, many units remain vulnerable in the wild. Devices still ship with weak configurations, making them ripe for compromise. The fact that this device is positioned to run with BIOS-level access on critical infrastructure, yet includes tools like tcpdump and aircrack—is unacceptable in any network concerned with operational security.

READ THE STORY: Tom's Hardware

Items of interest

Taiwan Strengthens Legal Defenses Against Submarine Cable Sabotage Amid Rising Maritime Threats

Bottom Line Up Front (BLUF): Taiwan passed new laws on December 9 that impose strict penalties—including up to seven years’ imprisonment and multimillion-dollar fines—for damaging critical undersea infrastructure, such as submarine cables, pipelines, and gas lines. The move follows a pattern of sabotage incidents allegedly involving Chinese-flagged or crewed vessels, and reflects growing concerns over Taiwan’s vulnerability to hybrid maritime threats.

Analyst Comments: Taiwan’s Legislative Yuan approved a set of amendments known as the “Seven Undersea Cable Laws”, targeting sabotage of submarine infrastructure. The new penalties apply to deliberate or negligent damage to electricity, gas, water, and telecommunications lines, and now mandate confiscation of vessels and machinery. The laws address recent incidents in which Chinese vessels reportedly severed communication cables, raising both operational and geopolitical alarms. Taiwan will also publish maps of undersea infrastructure to remove plausible deniability from vessel operators. Still, enforcement is hindered by the use of flags of convenience and foreign port escapes, with Taiwan calling for stronger international cooperation to identify and prosecute suspects—particularly when state-sponsored gray-zone tactics are suspected.

READ THE STORY: RHC

Undersea internet cables face new threats (Video)

FROM THE MEDIA: With undersea cables linking the world’s continents, recent incidents involving foreign vessels raise questions about their security. Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, weighs in on the growing threats.

Lawfare Daily: FCC’s New Submarine Cable Rules with Adam Chan (Video)

FROM THE MEDIA: Adam Chan, National Security Counsel at the Federal Communications Commission (FCC) and inaugural Director of the FCC’s new Council on National Security, joins Lawfare’s Justin Sherman to discuss the FCC’s rulemaking on submarine cables and national security.

The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.

Bob’s Newsletter

Discussion about this post

Ready for more?