Monday, July 04, 2022 // (IG): BB //Weekly Sponsor: Zanes Hand Made (leather works)
British Army hit by cyberattack as Twitter and YouTube accounts hacked
FROM THE MEDIA: The British Army has confirmed a "breach" of its Twitter and YouTube accounts. The Ministry of Defense said an investigation is under way after both official sites appeared to have been hacked. The Army's YouTube channel features videos on cryptocurrency and images of billionaire businessman Elon Musk, while its official Twitter account retweeted a number of posts appearing to relate to crypto assets known as NFTs.
The profile picture on its twitter page was changed numerous times during the hack, and at one point showed a monkey wearing face paint. The bio was replaced with the message: “We all have a dark side. What will yours look like?”
READ THE STORY: telegraph // Dailymail
How China is Weaponizing its BRI Investments
FROM THE MEDIA: Along with its island reclamation and militarization activities, China is increasingly using maritime militia to dominate the South China Sea. It is rapidly equipping itself with anti-access/area denial (A2/AD) capabilities in its so-called first island chain which includes Okinawa (Japan), Taiwan, and the Philippines within the wider East and South China Seas. With the use of swarms and advances made in artificial intelligence in military warfare, China is trying to establish its domination over pockets of the South China Sea region.
On the economic side, and politico-strategic projection of trade, investment and economic aspects, the central piece of China’s power projection through greater regional and international presence has been its Belt and Road Initiative. According to the Green Finance & Development Center, of Shanghai’s Fudan University, 147 countries have so far agreed to collaborate with China’s Belt and Road Initiative projects. This, by no means, is a small number. Through its investments, loans, and grants, China has built stronger ties with countries across continents.
READ THE STORY: News 18
Hackers claim to steal personal data of over a billion people in China
FROM THE MEDIA: Hackers have reportedly stolen the data of around one billion Chinese citizens from a Shanghai police database, in what experts are calling the largest cyber security breach in the country's history. The unidentified attackers, who have claimed they are responsible for the attack, have offered to sell over 23 terabytes of stolen data, as reported by Bloomberg.
This includes names, addresses, birthplaces, national IDs, phone numbers and criminal case information, the attackers revealed in an anonymous post on an online forum last week. The hackers were also asking for 10 bitcoin, worth around $19,000 (£15,600).
Zhao Changpen, founder and CEO of Binance, tweeted today that the company detected a breach of one billion resident records for sale on the dark web from one Asian country, although didn’t specify which country. He said that this was likely due to a bug in an ElasticSearch deployment by a government agency. As a result, Binance has increased its security verification procedures for users who have been affected.
READ THE STORY: ITPRO
Dozens of Russian Weapons Tycoons Have Faced No Western Sanctions
FROM THE MEDIA: As Russia's military continues to pound Ukraine with missiles and other lethal weapons, Western nations have responded in part by targeting Russia's defense industry with sanctions. The latest round came on Tuesday, when the United States issued new sanctions on some arms makers and executives at the heart of what it dubbed Russian President Vladimir Putin's "war machine."
But a Reuters examination of companies, executives and investors underpinning Russia's defense sector shows a sizable number of players have yet to pay a price: Nearly three dozen leaders of Russian weapons firms and at least 14 defense companies have not been sanctioned by the United States, the European Union or the United Kingdom. In addition, sanctions on Russia's arms makers and tycoons have been applied inconsistently by these NATO allies, with some governments levying penalties and others not, the Reuters review showed.
READ THE STORY: VOA NEWS
Hacktivist Group Targets Iran’s Government Organization
FROM THE MEDIA: Iranian hacktivist group ‘Uprising till Overthrow' says it has hacked the website and portals of Iran’s Islamic Culture and Communication Organization. The hacking group, reportedly affiliated with the Albania-based opposition Mujahideen-e Khalq (MEK) group, said on Sunday that they put photos of the leaders of the group Massoud and Maryam Rajavi on the organization’s website.
The website of the organization, run under the Ministry of Culture and Islamic Guidance, is down at the moment, therefore it is not clear for how long it was displaying photos of the MEK leaders and slogans in support for the group.
READ THE STORY: Iran International
HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
FROM THE MEDIA: Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain.
"The person anonymously disclosed this vulnerability information outside the HackerOne platform with the goal of claiming additional bounties," it said. "In under 24 hours, we worked quickly to contain the incident by identifying the then-employee and cutting off access to data."
The employee, who had access to HackerOne systems between April 4 and June 23, 2022, for triaging vulnerability disclosures associated with different customer programs, has since been terminated by the San Francisco-headquartered company as of June 30.
READ THE STORY: THN
Privacy protection agency seizes servers of hacked travel company
FROM THE MEDIA: The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals.
At least 10 websites managed by Gol Tours LTD in Israel have been been shut down following a notification from the agency about fixing the security vulnerabilities that allowed hackers to steal personal information and credit card data belonging to customers.
READ THE STORY: BleepingComputer
Backdoor targets governments and NGOs in Middle East, Turkey and Africa
FROM THE MEDIA: Kaspersky experts have brought to light a poorly detected SessionManager backdoor that was set up as a malicious module within the Internet Information Services (IIS), a popular web server edited by Microsoft.
Once propagated, SessionManager enables a wide range of malicious activities, starting from collecting emails to complete control over the victim’s infrastructure.
First leveraged in late March 2021, the newly discovered backdoor has hit governmental institutions and NGOs across the globe with victims in eight countries from the Middle East, Turkey and Africa region, including Kuwait, Saudi Arabia, Nigeria, Kenya and Turkey.
READ THE STORY: IT ONLINE
Group-IB Unveils Unified Risk Platform
FROM THE MEDIA: Group-IB, one of the global leaders in cybersecurity headquartered in Singapore, has today unveiled the Unified Risk Platform, an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in realtime. Every product and service in Group-IB’s now consolidated security suite is enriched with information from aSingle Data Lake, which contains 60 types of sources of adversary intelligence. The Unified Risk Platform automatically configures your Group-IB defenses with the precise insights needed to provide the best possible defense against targeted attackson the infrastructure and endpoints, breaches, fraud, brand and IP abuse.
READ THE STORY: MENAFN
Ransomware attacks target El Paso businesses
FROM THE MEDIA: Cyberattacks are a constant issue for El Paso businesses big and small, and to combat them, the FBI in El Paso is asking businesses to help in the fight against cybercrime.
“I don’t know any other way to describe it; this is a war, and it’s a cyber war that’s being raised in our country,” said Jeffrey Downey, the special agent in charge of the FBI’s El Paso Field Office.
The FBI’s Internet Complaint Center reported more than 1,700 cyber-related crimes in El Paso from June 24, 2021, to June 24, 2022. The victims reported a loss of more than $20 million from cyberattacks, including data breaches, business email compromises and ransomware.
READ THE STORY: El Paso inc
Geographic Solutions Ransomware, Experts Weigh In
FROM THE MEDIA: This attack on Geographic Solutions (GSI), which forty states and Washington DC use for their HiRE websites, is another example of how cyberattacks can affect vital aspects of providing services. In this case, the estimated restoration time is within the next 72 hours and unemployment payments, at least in Louisiana, will be delayed two days before the 1st of the month when rent and other bills will be due for many Americans. Tennessee is suspending payments to at least 12,000 individuals because the Department of Labor and Workforce Development cannot access jobless claims data until the Geographic Solutions website is restored. Many other states including Nebraska, Iowa, Texas, and California have reported disruptions in work search capabilities or filing a claim online.
READ THE STORY: Information Security Buzz
Dutch university gets cyber ransom money back with interest
FROM THE MEDIA: A Dutch university that fell victim to a massive ransomware attack has partly received back its stolen money... which in the meantime more than doubled in value, a news report said on Saturday.
The southern Maastricht University in 2019 was hit by a large cyberattack in which criminals used ransomware, a type of malicious software that locks valuable data and can only be accessed once the victim pays a ransom amount.
"The criminals had encrypted hundreds of Windows servers and backup systems, preventing 25,000 students and employees from accessing scientific data, library and mail," the daily De Volkskrant said.
READ THE STORY: ABS CBN
Laava’s Smart Fingerprint technology eliminates product counterfeiting for Reid Fruits
FROM THE MEDIA: “Counterfeiting is a massive issue for us, as well as for countless other Australian fresh fruit producers,” said Reid Fruits managing director Tim Reid. “The Smart Fingerprint technology offers a level of secure authentication that will make it extremely difficult for counterfeiters to replicate.”
Reid Fruits has been applying Laava’s patented Smart Fingerprint technology on its cherry boxes for 20 export markets from the 2019-20 picking season. The grower went from experiencing potentially thousands of counterfeits per season to having 10 cases automatically stopped by the Laava platform in 2019-20, and only three in 2020-21 – a 60% reduction over the previous year.
"The fact that Reid Fruits has experienced such a dramatic decline in product counterfeiting activity demonstrates the direct benefit of the Smart Fingerprint technology. Not only does this identify instances of fraudulent activity, but counterfeiters soon realise that their actions will not go unnoticed if they try to copy Reid Fruits packaging to leverage their strong market reputation with a substituted and inferior product," said Laava CEO Gavin Ger.
READ THE STORY: ITwire
What Are Common Cyber Threats to Manufacturers and How Can They Secure Themselves
FROM THE MEDIA: Cyber threats come in many forms and can have a devastating impact on a company’s operations. Phishing emails, for example, can allow attackers to gain access to sensitive data, while ransomware can disable critical systems. The cyber attack on Colonial Pipeline is a prime example.
IoT attacks can jeopardize the safety of products, and supply chain attacks can disrupt the flow of goods. As manufacturing companies become more connected, they must adopt robust cybersecurity measures to protect themselves from these threats.
One of the first steps is to understand the risks the business faces. Different types of manufacturing businesses will have different vulnerabilities, so it’s important to conduct a comprehensive risk assessment.
READ THE STORY: HackRead
Lithuania hit with intense cyber-attack, President meets with Spanish King Felipe VI
FROM THE MEDIA: The insolvency administrator of Lithuania’s bankrupt bank Snoras and Swiss bank Julius Baer & Co. Ltd have amicably settled a legal dispute over the financial transactions made by Snoras’ former executives and shareholders when they transferred large amounts of money to foreign banks. Under the signed agreement, Julius Baer & Co Ltd will pay 105 million euros to Snoras, the bank said on Friday, 1 July. Gintaras Adomonis, Snoras’ administrator, says the amicable agreement marks the end of a very important stage in the former bank’s bankruptcy process.
READ THE STORY: BNN News
The War between China and the U.S. – The Normative Dimension
FROM THE MEDIA: The whole world is caught in a battle of giants with the U.S. on the one hand and China on the other. This confrontation takes place at different levels and through all forms and dimensions of power. The escalation towards war is at work. War is not inevitable, it is however likely. To best survive the escalation and possibly the war, we must understand its multiple aspects. State actors, for their part, should act according to their own national interest considering the forces at work.
READ THE STORY: Red Analysis
Putin's hackers could destroy UK economy - and British retaliation would 'escalate quickly
FROM THE MEDIA: VLADIMIR Putin could order hackers to destroy the UK economy in ‘supply-chain' cyber attacks that would cost billions of pounds, according to an expert. And any retaliation from Britain against attacks from hostile states like Russia would lead to serious consequences and ‘escalate quickly'.
Russia has been blamed for cyberattacks around the world for years, and last week it was accused of shutting down public and private websites in Norway. An attack on the UK could be imminent according to the National Cyber Security Centre (NCSC), potentially affecting millions of people and leading to the loss of money and sensitive information.
READ THE STORY: Express
Swiss foreign ministry allegedly attacked by computer hackers
FROM THE MEDIA: The National Cyber Security CentreExternal link (NCSC) said it had no knowledge of targeted cyberattacks against Swiss government units or critical infrastructure carried out in the context of the Russian invasion of Ukraine, the Keystone-SDA news agency reported on Sunday.
However, it added that the defense against so called phishing attacks using fraudulent email messages in to obtain sensitive information was part of the daily routine of the Swiss intelligence service.
READ THE STORY: Swiss Info
Items of interest
India’s internet shutdowns: Looking beyond J&K, Rajasthan the new hotbed
FROM THE MEDIA: Internet suspension following protests is not new to India. Internet services have been suspended in Rajasthan for the past six days in view of communal tension following the murder of a tailor in Udaipur. However, Jammu and Kashmir has witnessed the highest number of internet clampdowns ever.
The viral video of the brutal, cold-blooded beheading of tailor Kanhaiya Lal for supporting Nupur Sharma’s statement’s on Prophet Mohammed on social media led to the internet suspension in Rajasthan. The incident led to a boiling point in Udaipur as many gathered to protest in public places burning public property.
Section 144 was imposed in all districts of Rajasthan for a month and internet was shutdown immediately and it expanded to the entire state in less than 24 hours. However, now the shutdown remains only in Jaipur and Udaipur.
But this is not the first such instance of internet shutdown. A review of various reports on internet shutdowns in India shows that Rajasthan is now a hotbed of internet shutdowns after Jammu and Kashmir.
READ THE STORY: India Today
Inside the US-China Cyberwar (Video)
FROM THE MEDIA: The United States has a long history of cyberespionage. But since the late 1990s, the Chinese government has been increasing its economic, technological and military capabilities to become a leader in cyberwarfare.
Chinese Hackers Are Disseminating An SMS Bomber Tool That Contains Malware (Video)
FROM THE MEDIA: Web Warriors is a documentary that defines the conflict, establishes the stakes, and reveals the combatants in the escalating global battle taking place in cyber space. The film features computer hacker Michael Calce (aka Mafia Boy) who explains how as a 15 year old student he shut down Yahoo, Amazon, CNN, and Dell - from his bedroom.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com