Monday, Aug 08, 2022 // (IG): BB //Sponsor: Zanes Hand Made
Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account
FROM THE MEDIA: Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. The news is that Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account.
“Politicians on both sides of the Atlantic are discussing stronger antitrust legislation to regulate Big Tech – and such laws are badly needed as the blocking of Tutanota users from Microsoft Teams demonstrates. Big Tech companies have the market power to harm smaller competitors with some very easy steps like refusing smaller companies’ customers from using their own services.” reads a comment shared by the German email service provider. “Currently, Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. This severe anti-competitive practice forces our customers to register a second email address – possibly one from Microsoft themselves – to create a Teams account.”
READ THE STORY: Security Affairs
Zero-Day Bug Responsible for Massive Twitter Breach
FROM THE MEDIA: A zero-day vulnerability in Twitter’s code base was responsible for a major data breach that is thought to have affected 5.4 million users, the social media firm has revealed. The threat actor was hoping to sell the profile data for $30,000 on a cybercrime site. Some information was scraped from public Twitter profiles, including location and image URL. However, they were crucially able to link account emails and phone numbers with account IDs by leveraging the vulnerability. “In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter's systems.
READ THE STORY: InfoSec Mag
Entrust cyber attack: Hackers accessed cyber security vendor's internal network
FROM THE MEDIA: In a statement shared with media agencies, Entrust said that it identified the breach in its internal network on 18th June. The company immediately launched an investigation with assistance from a leading third-party cyber security company to understand the scope of the breach. The company has so far not found evidence of any sensitive customer data being compromised. Ken Kadet, the vice president of communications at Entrust, said, “We promptly began an investigation with the assistance of a leading third-party cybersecurity firm and have informed law enforcement. “While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate, air-gapped environments from our internal systems and are fully operational.”
READ THE STORY: TEISS
Architecture firm Sheppard Robson suffers a ransomware attack; perpetrators unknown
FROM THE MEDIA: Founded in 1938 by Sir Richard Herbert Sheppard, Sheppard Robson is headquartered in London and has offices in Manchester and Glasgow. The firm is best known for pioneering the use of concrete shell structures in the 1960s for building the UK’s first net zero carbon house in 2007. In a statement published on Friday, the 5th of August, Sheppard Robson confirmed that it noticed unusual activity on its network on the 24th of July. Upon identifying the suspicious activity, the firm immediately disconnected its internal IT network from the Internet and shut down all systems that were still operating. The firm also determined quickly enough that it was a victim of a ransomware attack.
READ THE STORY: TEISS
Cyber attack on software supplier causes "major outage" across the NHS
FROM THE MEDIA: A software supplier to the UK’s National Health Service (NHS) has reportedly been the victim of a cyber attack leaving many services disrupted. Emergency prescription services, ambulance dispatching systems, and the non-emergency 111 line, among others, are thought to be affected. The attack has been confirmed by software supplier Advanced. The company told IT Pro that the incident was first spotted on Thursday morning and resulted in a loss of service. Only a small proportion of the supplier’s servers were affected, its CEO Simon Short said, and all health and care environments were isolated as a precaution.
READ THE STORY: ITPRO
Cyberattacks on healthcare organizations negatively impact patient care
FROM THE MEDIA: Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple alarming trends. Among other things, the survey has also revealed that almost half of hospitals have been attacked with ransomware, and that 76% of victimized hospitals were attacked 3 or more times. The Insecurity of Connected Devices in HealthCare 2022 Report surveyed 517 experts in leadership positions at hospitals, clinics, healthcare service providers, and healthcare systems throughout the United States.
READ THE STORY: Helpnet Security
Deepfakes Pose a Growing Danger, New Research Says
FROM THE MEDIA: Deepfakes are increasingly being used in cyberattacks, a new report said, as the threat of the technology moves from hypothetical harms to real ones. Reports of attacks using the face- and voice-altering technology jumped 13% last year, according to VMware's annual Global Incident Response Threat Report, which was released Monday. In addition, 66% of the cybersecurity professionals surveyed for this year's report said they had spotted one in the past year.
READ THE STORY: CNET
Dark Utilities C2 service draws thousands of cyber criminals
FROM THE MEDIA: A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launching earlier this year, and will likely expand its client list in the coming months. Called Dark Utilities, the service provides a full range of C2 capabilities to give attackers an easier and inexpensive platform for launching remote access, command execution, cryptocurrency mining, and distributed denial-of-services (DDoS) attacks. The operators of the service also provide technical support and help for platform users via communities created on the Discord and Telegram messaging apps.
READ THE STORY: The Register
ESET Details How War in Ukraine has Changed the Threat Landscape
FROM THE MEDIA: The latest issue of the ESET Threat Report recounts the various cyberattacks connected to the ongoing war in Ukraine that ESET researchers analysed or helped to mitigate. This includes the resurrection of the infamous Industroyer malware, attempting to target high-voltage electrical substations. ESET telemetry also recorded other changes in the cyberthreat realm that might have a connection to the situation in Ukraine. The war has also been noticeably exploited by spam and phishing threats.
READ THE STORY: TechEconomy
North Korean hackers behind DeBridge Finance attack: Co-founder
FROM THE MEDIA: The infamous North Korean Lazarus hacker group responsible for several high-profile attacks reportedly made a quick attempt on Debridge Finance. Alex Smirnov, co-founder and project lead at DeBridge Finance disclosed this on Friday. The company is known for providing cross-chain interoperability and liquidity protocol used for transferring data and assets between blockchains. According to Smirnov, the Lazarus hacker group tried using several team members of the company to launch the attack by sending spoofed emails containing a PDF file named “New Salary Adjustments.”
READ THE STORY: Crypto News Flash
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
FROM THE MEDIA: “Due to a possible cyber attack, the IHK organization has shut down its IT systems as a precautionary measure for security reasons . We are currently working intensively on a solution and defense. The IT systems are successively started up after testing, so that the services are then available again for companies.” reads the announcement published by the German Chambers of Industry and Commerce (DIHK). DIHK states that phone and fax are the only channels to use to contact it. Michael Bergmann, chief executive of DIHK, defined the attack as serious and massive, it also added that the organization was not able to estimate how long its systems will be down.
READ THE STORY: Security Affairs
North Korean hackers are using never-before-seen tools to hack Gmail
FROM THE MEDIA: According to reports, cybersecurity firm Volexity has detected North Korean hackers using simple browser extensions to gain access to individuals' Gmail accounts. The cybersecurity firm has warned that the malware is different from the usual "spear phishing" techniques that would require users to agree to download infected software, as the new malware is capable of downloading itself on an individual's PC without the user even knowing its happening.
READ THE STORY: TweakTown
Fake Coinbase Job Offers are Used by North Korean Hackers to Target Fintech Employees
FROM THE MEDIA: The well-known North Korean hacking group Lazarus has been found to be pretending to be Coinbase in order to target workers in the fintech industry. The hacking group uses it to approach targets over LinkedIn to present a job offer and hold a preliminary discussion as part of a social engineering attack. Since they are using Coinbase, one of the world's most popular cryptocurrency platforms, Lazarus was able to lure in interest with the offer. A Twitter user named Jazi posted a screenshot of the sample email that was sent by the actors. The email states that Coinbase is looking for candidates that will thrive in a culture like theirs; people they can trust; people who can embrace feedback; and people excited to learn.
READ THE STORY: ITechpost
Attackers abuse open redirects in Snapchat and Amex in phishing attacks
FROM THE MEDIA: The term Open URL redirection, open redirects, refers to a security issue that makes it easier for attackers to direct users to malicious resources under the control of the attackers. Open redirect occurs when a website fails to validate user input, allowing attackers to manipulate the URLs of high reputation domains to redirect victims to malicious sites. Victims will trust the link because the first domain name in the manipulated link is a trusted domain like American Express and Snapchat.
READ THE STORY: Security Affairs
The Expanding Internet of Things (IoT) Creates More Opportunities for Cybercrime
FROM THE MEDIA: The Internet of Things (IoT) has become the fastest growing technology, with a tremendous impact on social life and corporate environments due to its quick development and ability to offer numerous services. IoT has overtaken all sectors of modern human life, including education, healthcare, and business, involving the storing of sensitive information about persons and corporations, financial data transactions, product development, and marketing. However, in today’s context, the success of IoT cannot be overlooked, as assaults and threats against IoT devices and facilities are on the rise. Cyber-attacks have become a part of IoT, endangering user data and digital societies.
READ THE STORY: CXO TODAY
Chinese Hackers Attack National Taiwan University's Website; Warn Of More Cyber-strikes
FROM THE MEDIA: With Chinese military drills taking place in the background, Taiwan has seen an increase in cyberattacks, with National Taiwan University (NTU) being the most recent victim. CNA reported, according to the most recent response from the school, hackers also infiltrated the Office of Academic Affairs. The University has urgently activated the emergency response procedures, according to the R&D Office's homepage. NTU, a renowned university in Taiwan, declared that it had taken action to address the breaches and that services for the two websites would be temporarily suspended while the problems were fixed.
READ THE STORY: RepublicWorld
China unveils game-changing electronic warfare drones
FROM THE MEDIA: China’s homemade FH-95 electronic warfare and armed reconnaissance drone recently passed a milestone performance test, providing a new dimension to the nation’s electronic warfare capabilities, according to the Communist Party-run Global Times. Citing the Beijing-based magazine Unmanned Vehicles, the Global Times report said that the FH-95, manufactured by Aerospace Times Feihong Technology Corporation (ATFTC) under the state-owned China Aerospace Science and Technology Corporation, last month completed a successful test at an undisclosed air base.
READ THE STORY: Asia Times
Hypersonic Threat Spurs Investment in Space-Based Missile Tracking
FROM THE MEDIA: The Space Force is racing against the clock to prepare for the rapidly advancing Chinese and Russian missile technology that could evade the Pentagon’s existing ground and space-based missile-detection systems. While many defense agencies have their own ideas for warning-and-tracking satellites and space architecture, they need to integrate their visions to ensure the Defense Department has time to react to a potential missile attack, experts said. The Russian invasion of Ukraine and ongoing operations in the region reinforces that “the era of missile warfare is definitely upon us,” said Chris Stone, the author of a recent policy paper from the Mitchell Institute for Aerospace Studies.
READ THE STORY: National Defense Mag
Items of interest
AU : If China wants a wargame, let’s give it one
FROM THE MEDIA: Nobody wants a war over Taiwan. It’s a great power conflict so immense that it obviously invites the worst possible outcomes including losing.
But the free world can’t just let China have Taiwan, either. If it does, then it will be next stop IndoPacific as Beijing seeks to extend freedom-crushing Pax Sinovile as far as it can go.
So, as Beijing throws the toys out of the cot around Taiwan this week, let’s give it the wargame it so clearly wants.
No, I do not mean another carrier group from the US sailing the Straits.
What I do mean is to mock deploy the Russia/Ukraine response applied to China. NATO should resolve a package of mock sanctions, weaponized US dollar, and commodity blockades that will all but excise China from the global economy.
There is a lot to recommend this course of action:
It will prove that it can be done, as well as make clear to the CCP that if it wants to take Taiwan then it will be giving up its economy with obvious implications for its social contract to rule.
Equally, it will illustrate to global markets that it will be triggered in the event of an invasion and, so, become a self-fulfilling prophecy as risk premiums for China blow out forcing all manner of supply chains to reorient away from that country now instead of later.
In turn, this will bolster the resilience of the free world to Chinese economic coercion.
It will also help illustrate to all and sundry how infantile is Beijing and intensify the shift in global normatives from greed to fear around the CCP.
Finally, it will ensure that China grovellers, such as the Albanese Government, have nowhere to hide.
Funnily enough, for the wisdom of this course, we can turn to none other than our own disgraced Scott Morrison. Paul Kelly wrote up his first decent piece in years on the weekend, though he was paraphrasing others:
On April 20, 2020, then prime minister Scott Morrison told the national security committee of cabinet that Australia’s democratic system was being “infiltrated” by Beijing and that the government must become more strident in its language about China to signal its resistance.
“We need multiple points of pushback on this increasing aggression,” Morrison told his most senior ministers during the NSC meeting. The cabinet committee was meeting virtually but was provided with an oral update on the latest Chinese-sponsored cyber activity that was alarming the prime minister.
…Fresh details and insights into Morrison’s management of China’s coercion against Australia are contained in a new book, Plagued, by The Australian’s political editor Simon Benson and the paper’s chief political correspondent Geoff Chambers.
…The book reveals that at an earlier April 6 NSC meeting, the national security implications of Covid were laid out for the first time. The assessment from the nation’s intelligence community was that the pandemic would accelerate tensions in the region and that China could be expected to exploit the situation for its interests.
…This April 6 NSC meeting was a fortnight before Payne’s interview on Insiders, and the Benson/Chambers account captures the nature of warnings and discussions among senior ministers. Australia’s scepticism about China’s influence in the World Health Organisation was deep-seated, with Payne saying in her interview the WHO could not conduct the inquiry into the virus since it mixed being “poacher and gamekeeper”.
…The PM said he was fully aware that some agricultural industries would be exposed and their businesses risked becoming collateral damage from Australia’s strong stand against China. “We will cop some pain but we can’t let it undermine our national security,” Morrison told cabinet.
…Morrison had concluded the only way to counter China was through greater intelligence and strategic co-operation among aligned democracies. He moved to implement this view after Payne’s interview, and the April 20 NSC meeting ended with Morrison saying: “I’ll call the UK Prime Minister.”
…It was the next year during Morrison’s 2021 visit to Britain – where he attended the G7 meeting and had a three-way meeting with Boris Johnson and US President Joe Biden – that his global diplomacy reached its zenith. The three leaders laid the basis for the AUKUS agreement to provide Australia with nuclear-powered submarine technology.
In Morrison’s briefing to the G7, leaders he spoke to the 14 grievance points the Chinese embassy in Australia had released to the media. The Benson/Chambers account says Morrison made sure all the leaders had a copy of China’s grievances in front of them.
They report Morrison saying: “This is what they are doing. This is what we are dealing with.” He told the leaders Australia would not submit to such pressure and that if Australia did concede, China would then come after other countries.
READ THE STORY: MacroBusiness
Inside the Underground Markets For Your Stolen Credit Cards Darknet Diaries Ep. 32: The Carder (Video)
FROM THE MEDIA: The U.S. Secret Service mostly protects presidents and public officials, but they're also in charge of investigating financial crimes. This is the story of how they tracked one hacker who stole millions of cards around the world and back again.
How the FBI Investigated the First Bank Robbing Hacker | Darknet Diaries Ep. 23: Vladimir Levin (Video)
FROM THE MEDIA: When banks started coming online, they almost immediately started being targeted by hackers. Vladimir Levin was one of the first ever known hackers to try to rob a bank. He succeeded a little, and failed a lot. Vladimir would go down in the history books as one of the most notorious hackers of all time because of his attempted online bank robberies.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com