Sunday, July 10, 2022 // (IG): BB //Weekly Sponsor: The Fintel Brief
Rogers CEO apologizes for massive service outage, blames maintenance update
FROM THE MEDIA: The fallout from a massive network outage at Rogers Communications that shut down mobile and internet services across much of Canada continued to come into focus on Saturday, even as the company restored most services and began offering an explanation as to what happened. A B.C. freelance technology journalist gave his thoughts on the massive Rogers’ service failure. Andy Baryer, the former host and producer for GetConnected, Canada’s longest-running technology show, said the Rogers’ service failure highlights many concerns experts have. “It’s been about 24 hours and we still don’t know what the cause was,” Baryer told Global News on Saturday morning. “On Friday, I suspected it was a cyber attack, but it doesn’t look like that’s the case (now).” He continued, “a company called Cloudflare, which manages internet traffic across the world, suspects it’s an internal error.”
READ THE STORY: GlobalNews // CBC
GitLab Patched Multiple Security Bugs, Including A Critical RCE, With Latest Releases
FROM THE MEDIA: According to a recent advisory, GitLab has addressed 16 security bugs with the latest releases 15.1.1, 15.0.4, and 14.10.5. The most important of these patches addressed a critical remote execution vulnerability affecting the Project Import feature. An adversary could exploit the bug via a maliciously crafted project to execute arbitrary codes. This vulnerability first caught the attention of the security researcher William Bowling, who then reported it to GitLab via their bug bounty program. GitLab assigned this bug, CVE-2022-2185, a severity score of 9.9.
READ THE STORY: LHN
Hackers Used Fake LinkedIn Job Offer to Hack Off $625M from Axie Infinity
FROM THE MEDIA: In an advert on a criminal forum, later removed, the user said the data was stolen from Shanghai National Police. The hacker claims the information includes names, addresses, National ID numbers and mobile phone numbers. Cyber-security experts have verified that at least some of a small sample of the data offered is real. The 23 terabytes of data is thought to be the largest ever sale of data on record and was being offered for $200,000 (£166,000) until the post was removed on Friday.
READ THE STORY: Hackread
Here's how North Korean operatives are trying to infiltrate US crypto firms
FROM THE MEDIA: Devin, the founder of a cryptocurrency startup based in San Francisco, woke up one day in February to the most bizarre phone call of his life. The man on the other end, an FBI agent, told Devin that the seemingly legitimate software developer he'd hired the previous summer was a North Korean operative who'd sent tens of thousands of dollars of his salary to the country's authoritarian regime. Stunned, Devin hung up and immediately cut the employee off from company accounts, he said. "He was a good contributor," Devin lamented, puzzled by the man who had claimed to be Chinese and passed multiple rounds of interviews to get hired. (CNN is using a pseudonym for Devin to protect the identity of his company).
READ THE STORY: Kake
China luring students, job seekers into spying operations against western targets
FROM THE MEDIA: China is actively recruiting university students for spying operations against western targets. According to the details, Hainan Xiandun, a Chinese technology company, is looking out for students as English language translators even after US law enforcement agencies accused Beijing of setting up such companies as a "front" for spying operations against western targets. Hackers with suspected links to China's intelligence agencies are still advertising for new recruits to work on cyber espionage, even after the Federal Bureau of Investigation (FBI) indicted the perpetrators in an effort to disrupt their activities.
READ THE STORY: India TV News
How Conti ransomware group crippled Costa Rica — then fell apart
FROM THE MEDIA: Jorge Mora, Costa Rica’s digital governance chief, received a message in April from one of his officials: “We couldn’t contain it and they’ve encrypted the servers. We’ve disconnected the entire ministry.” He was being updated on a harrowing cyber-assault by a notorious Russian ransomware group called Conti, which started at the Central American country’s ministry of finance and eventually ensnared 27 different ministries in a series of interlinked attacks that unfurled over weeks.
READ THE STORY: FT
Microsoft delays policy that blocks macros in Office documents from the Internet
FROM THE MEDIA: The extensive capabilities of macros have been used by malicious actors to attack computer systems. Victims just need to run Office files with malicious macros to initiate the attack on the local machine. The Office documents are spread using various channels, including by email, on websites, or through sophisticated targeted attacks. Microsoft has been working for some time on improving the security of systems in regards to Office macros. The company announced plans to block macros in Office documents by default, if the documents were downloaded from the Internet.
VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. Therefore, to help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet.
READ THE STORY: GHACKS
Chinese Police Exposed 1 Billion People's Data in Unprecedented Leak
FROM THE MEDIA: In one of the most expansive and impactful breaches of personal data of all time, attackers grabbed data of almost 1 billion Chinese citizens from a Shanghai police database and attempted to extort the department for about $200,000. The trove of data contains names, phone numbers, government ID numbers, and police reports. Researchers found that the database itself was secure, but that a management dashboard was publicly accessible from the open internet, allowing anyone with basic technical skills to grab the information without needing a password. The scale of the breach is immense and it is the first of this size to hit the Chinese government, which is notorious for hoarding massive amounts of data, not only about its own citizens, but about people all over the world. China was memorably responsible for the United States Office of Personnel Management breach and Equifax credit bureau breach, among many others worldwide.
READ THE STORY: Wired
US Treasury Delivers Crypto Framework to Biden as Directed in Executive Order
FROM THE MEDIA: The U.S. Department of the Treasury published a fact sheet titled “Framework for International Engagement on Digital Assets” Thursday. It states that the Secretary of the Treasury has delivered to President Joe Biden “a framework for interagency engagement with foreign counterparts and in international fora as directed in the President’s executive order on Ensuring Responsible Development of Digital Assets.” Biden’s executive order on crypto regulation was issued on March 9.
READ THE STORY: The Paradise
"Without a free Ukraine, there is no chance for a free independent Belarus," say hacktivists Belarusian Cyber Partisans
FROM THE MEDIA: Hours after Russia launched its full-scale invasion of Ukraine on February 24, an unexpected announcement was released online: a special hacker unit called "Tactical group of Belarus" had formed and was joining the fight against Russia. Making the announcement was a hacktivist collective called Belarusian Cyber Partisans (BCP) who emerged during Belarus’ violent protests in response to President Aleksandr Lukashenko’s fraudulent election. The group was already well established and previously worked with the investigative team Bellingcat and the Organized Crime and Corruption Reporting Project, identifying special forces and police informants working with Lukashenko’s regime as well as corrupt government officials.
READ THE STORY: BNE
4chan users claim to have hacked Hunter Biden’s iCloud account
FROM THE MEDIA: The contents of Hunter Biden's iCloud account have allegedly been hacked by users of the 4chan community, where screenshots purporting to be from his phone and computer were being posted on their main political forum late Saturday night. Administrators on the imageboard site moved quickly in the hours after the content was posted to pull down threads that included materials from the alleged leak, leaving many on the site, which is known for featuring some of the most salacious subject matter on the internet, furious.
READ THE STORY: Washington Examiner
Russia has clear capacity for intelligence operations in Ireland, Nato official warns
FROM THE MEDIA: Russia has a clear capacity to engage in serious intelligence operations in all countries, including Ireland, a senior US official to NATO has warned. David F Helvey, Deputy Defense Advisor for the US Mission to the military alliance, said the threats include disinformation campaigns, political interference, and cyber attacks. He said Russia has also been creating food and energy insecurity in countries and pointed out that borders offered no protection to Russian agents engaging in chemical attacks against fellow citizens living in European countries.
READ THE STORY: Irish Examiner
Russia’s Conti Cybercrime Group Belongs on the U.S. Terror List
FROM THE MEDIA: In May, Costa Rica came under attack from a foreign terrorist organization. Costa Rican president Rodrigo Chaves declared a national emergency and stated that his country was “at war.” The government seemed to be on the brink of collapse. Chaves called the attacker an “international terrorist group.” However, this was not a typical terrorist attack. There were no bombings, shootings, or plane hijackings. This terrorist attack on a democratic nation came from cyberspace.
READ THE STORY: National Interest
Russia, China, North Korea and Iran lead in supporting aggressive cyber attackers, says HolistiCyber CEO
FROM THE MEDIA: Nation state-backed cyber attacks have gained currency and notoriety over the past couple of years, with Russia, China, North Korea and Iran taking the lead in actively supporting aggressive cyber attackers, according to Israeli cyber defence firm HolistiCyber CEO Ran Shahor who had started the first cyber attack programme of the Intelligence branch of Israeli Defense Forces (IDF) 26 years ago.
READ THE STORY: Times of India
What Is the Lazarus Group? Is It Really Comprised of North Korean Hackers?
FROM THE MEDIA: North Korea has returned to the headlines with cybersecurity due to its ties to the Lazarus Group as it conducts another successful cyber heist. This time the infamous Lazarus Group—a highly suspected North Korean state-sponsored hacker group founded around 2007 to 2009—stole 100 million dollars worth of Harmony cryptocurrency. Believe it or not, this is not this mysterious group's most famous heist, as it has already been involved with attacks on Sony and viruses like WannaCry. So, why is the Lazarus Group so successful? Let's find out below.
READ THE STORY: MUO
FBI Director Concludes Meetings with U.K. Partners
FROM THE MEDIA: FBI Director Christopher Wray concluded several days of meetings with law enforcement partners in the United Kingdom on Friday, noting that the FBI is celebrating the 80th year of operations in London, where the FBI maintains a legal attaché office. In remarks to members of the news media, Director Wray said the relationship between the U.S. and U.K. has evolved as the threat picture has evolved into “one in which travel and technology have blurred the lines between foreign and domestic threats.” Among the complex issues facing the two nations are international and domestic terrorism, including the increase in racially and ethnically motivated violent extremism.
Director Wray said he and his British counterparts spent a lot of their time discussing cyber threats. “Today we’re seeing attacks that are more pervasive, hit a wider variety of victims, and carry the potential for greater damage than ever before,” said Director Wray.
READ THE STORY: FBI
Beware of ‘PennyWise’ malware that steals digital assets data via YouTube
FROM THE MEDIA: Cyble Research Labs, a cyber intelligence and security company, has released the findings of its probe of a new strain of digital assets-stealing malware spreading on YouTube called PennyWise, which it first identified in May. According to a blog post by Cyble, the malware is an emerging threat to digital asset holders. It can steal digital assets-related data from users of over 30 Chromium and Mozilla-based browsers.
READ THE STORY: Coin Geek
There Is No Cyber Bullet
FROM THE MEDIA: To understand how to use cyber effects, commanders must first understand their limitations. Since the dawn of warfare, the prowess of combatants has been defined by how effectively they bring to bear the weapons of their time. Warriors hone their craft over years, their weapons becoming extensions of their own bodies. Whether these weapons be the sword, bow, musket, M-16, or F-35, they change little over the course of a warrior’s career. This, however, is not the case for the cyber warrior. This warrior wields instruments of amorphous design and exotic purpose, known to most as “cyber weapons.”
READ THE STORY: Real Clear Defense
Apple unveils new Lockdown Mode in iOS 16 to fight off state-sponsored cyber attacks
FROM THE MEDIA: Apple announced a security feature in its forthcoming software updates to help protect users from state-sponsored cyber attacks. Lockdown Mode — which Apple says is the first major capability of its kind — will be integrated into iOS 16, iPadOS 16 and macOS Ventura, which are expected to be launched in September along with the next iteration of the iPhone. The feature offers an optional but “extreme” level of security for the expected very few users who may be the targets of digital threats from companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode on iPhones, iPads or Macs will limit certain functions, reducing scope for vulnerability to an attack surface.
READ THE STORY: The National News
Aerojet Rocketdyne Agrees to Pay $9 Million to Resolve False Claims Act Allegations of Cybersecurity Violations in Federal Government Contracts
FROM THE MEDIA: Aerojet Rocketdyne Inc., headquartered in El Segundo, California, has agreed to pay $9 million to resolve allegations that it violated the False Claims Act by misrepresenting its compliance with cybersecurity requirements in certain federal government contracts, the Justice Department announced today. Aerojet provides propulsion and power systems for launch vehicles, missiles and satellites and other space vehicles to the Department of Defense, NASA and other federal agencies.
READ THE STORY: PARABOLIC ARC
Israel has given up on harming Iran’s uranium enrichment — report
FROM THE MEDIA: Israel has largely given up on further harming Iran’s uranium enrichment capabilities, Channel 12 news reported Saturday. “Iran already has enough enriched uranium [for one or more bombs],” the network said without citing a source. The network assessed that this was the reason for alleged Israeli attacks against other factors related to Iran’s nuclear programs, such as assassinations of scientists and strikes on missile development bases, and a focus on Iran’s weaponization program — the capacity to mount a bomb onto a missile.
READ THE STORY: Times of Israel
Items of interest
Here are four big questions about the massive Shanghai police leak
FROM THE MEDIA: Good morning and happy Wednesday! Make sure you tune in tomorrow, when our esteemed colleague Joe Menn will helm the newsletter – you won't want to miss it.
Below: Federal Trade Commission Chair Lina Khan is under pressure to investigate reports that U.S. user data on TikTok was repeatedly accessed in China, and Marriott acknowledges one of its computers was breached.
A potentially massive leak of data from police in China’s most populous city is heightening concerns that sensitive information on a billion Chinese citizens — yes, a billion — could be exposed.
The data includes personal information like phone numbers and birthdays. But, perhaps most troublingly, it includes reports about crimes like domestic violence and has data from 1995 to 2019, the Wall Street Journal reported.
READ THE STORY: Washington Post
Rogers service outage: What went wrong? (Video)
FROM THE MEDIA: Millions of customers and businesses were affected by Friday's service outage. Maleeha Sheikh takes a look at the impact and speaks to the Rogers CEO about what may have been behind the massive service disruption.
Dismaland Full Experience (Video)
FROM THE MEDIA: Are you looking for an alternative to the soulless sugar-coated banality of the average family day out? Or just somewhere cheaper. Then this is the place for you—a chaotic new world where you can escape from mindless escapism. Instead of a burger stall, we have a museum. In place of a gift shop we have a library, well, we have a gift shop as well. Bring the whole family to come and enjoy the latest addition to our chronic leisure surplus—a bemusement park. A theme park whose big theme is: theme parks should have bigger themes… This event contains adult themes, distressing imagery, extended use of strobe lighting, smoke effects and swearing. The following items are strictly prohibited: knives, spray cans, illegal drugs, and lawyers from the Walt Disney corporation.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com