Tuesday, Sept 06, 2022 // (IG): BB //Sponsor: ShadowNews
New Android Spyware found disguised as a book, likely to target Uyghur community
FROM THE MEDIA: “The China Freedom Trap” is a personal and political account of the president of the Uyghur Congress, Dolkun Isa, which details his experiences and struggles in fighting crimes against Uyghurs, currently recognized as one of the 55 officially recognized ethnic minorities. "In light of the ongoing conflict between the Government of the People’s Republic of China and the Uyghur community, the malware disguised as the book is a lucrative bait employed by threat actors (TAs) to spread malicious infection in the targeted community," said the security firm Cyble.
READ THE STORY: Times Now News // THN
Cyber-attacks in future will be about machine learning and automation around attacking and discovery of vulnerabilities - Asaf Hecht, CyberArk
FROM THE MEDIA: As technology moves ahead, the risk of cyber-attacks increases as well, to explain a bit more about the current cyber security scenario Siddharth Shankar from TimesNow speaks to Asaf Hecht, from CyberArk. Asaf manages one of the research groups in CyberArk Labs. He focuses on researching and discovering the latest attack techniques and applying lessons learned to improve cyber defenses. Prior to CyberArk, Asaf served for eight years in the Israeli Army, as a skilled helicopter pilot and as Team Leader for the advanced cyber-hunting team, an elite force that protects military top-secret networks and reveals APTs.
READ THE STORY: Times Now News
New EvilProxy service lets all hackers use advanced phishing tactics
FROM THE MEDIA: A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI. The service enables low-skill threat actors who don't know how to set up reverse proxies to steal online accounts that are otherwise well-protected. Reverse proxies are servers that sit between the targeted victim and a legitimate authentication endpoint, such as a company's login form.
READ THE STORY: BleepingComputer
TikTok denies suffering a breach after a hacker group claimed it stole 2 billion data records
FROM THE MEDIA: On Friday, AgainstTheWest, a well-known hacker group, posted on a hacking forum that it successfully breached TikTok and WeChat. The hackers posted screenshots of a database allegedly belonging to the two companies, stating that the information was accessed on an Alibaba cloud database containing data for both WeChat and TikTok users. AgainstTheWest claims that it has access to a massive 790 GB database with 2.05 billion records, including user data, platform statistics, software code, cookies, auth tokens, server info, and more.
READ THE STORY: TEISS
QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
FROM THE MEDIA: QNAP has issued a new advisory urging users of its network-attached storage (NAS) devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the attacks on September 3 and that "the campaign appears to target QNAP NAS devices running Photo Station with internet exposure."
READ THE STORY: THN
Los Angeles Unified School District confirms crippling ransomware attack
FROM THE MEDIA: The Los Angeles Unified School District confirmed late Monday that a major system outage that emerged over the weekend was due to a ransomware attack targeting its Information Technology infrastructure. “Since the identification of the incident, which is likely criminal in nature, we continue to assess the situation with law enforcement agencies,” the district said in a statement. The district said disruptions included access to email, computer systems, and applications. It did not reveal if the ransom was paid.
READ THE STORY: KTLA
How critical US sectors are coping with rising cyberattacks
FROM THE MEDIA: The rise in cyberattacks this year has forced many companies in critical sectors to make improvements to their cyber defenses in an effort to secure their networks from hacks. Such companies are increasing their investments in cybersecurity and seeking to hire more cyber professionals — a task proving to be challenging amid a shortage of cyber workers across industries. The Hill spoke to several security experts and industry leaders in the financial, health care and energy sectors to gauge how those critical industries are seeking to keep their networks secure amid the growing number of cyberattacks.
READ THE STORY: The Hill
Hacker group claims it accessed data from Israeli education sites
FROM THE MEDIA: A hacker group called "The Generous Thief" claimed on Monday that it had stolen the data of millions of former and current Israeli students and teachers, providing Excel files with addresses, ID numbers, emails and more. The hackers claimed to have hacked the Center for Educational Technology (CET) and the National Digital Affairs Directorate's Campus.il website, accessing educational files and personal information of millions of users.
READ THE STORY: JPOST
Interpol dismantles sextortion ring, warns of increased attacks
FROM THE MEDIA: A transnational sextortion ring was uncovered and dismantled following a joint investigation between Interpol's cybercrime division and police in Singapore and Hong Kong. Interpol says that 12 suspects believed to be core members of this criminal organization were arrested in July and August after investigators found that they asked potential victims via online sex and dating platforms to download a malicious mobile app to engage in "naked chats." However, their targets didn't know this app was designed to steal the contents of their phones' contact lists which the cybercriminals would use to blackmail the victims, threatening to share their nude videos with relatives and friends in their address books.
READ THE STORY: BleepingComputer
Will Russian Criminal Mastermind & Crypto Launderer Be Part Of Brittney Griner Prisoner Swap
FROM THE MEDIA: The lawyer for Russian criminal mastermind Alexander Vinnik, accused of laundering more than $4 billion through the digital currency bitcoin (BTC/USD), urged Moscow on Monday to begin negotiations with the United States and to include his client in a potential prisoner swap. In a letter seen by Reuters, a lawyer for Vinnik, who was extradited last month to the U.S. to face money laundering charges, called on Russian Foreign Minister Sergei Lavrov to begin swap negotiations with Washington.
READ THE STORY: Investing
U.S. Launches BEARS Locator for Public Services
FROM THE MEDIA: To assist people in locating government benefits and services catered to significant life events, the US government recently established a new online locator tool known as the Benefits Eligibility Awareness Resource Service (BEARS). The loss of a loved one is the first life-event covered by BEARS. A person can utilize the locator to determine the benefits they could be qualified for, such as survivor payments, military funerals, and housing assistance, after losing a family member. They will receive a personalized list of prospective federal benefits from several agencies after responding to a few straightforward questions, and they will learn how to apply.
READ THE STORY: OpenGov Asia
Moldovans Face Bomb Threats and Cyberattacks
FROM THE MEDIA: On July 5, the Moldovan authorities were alerted via email that bombs had been set at more than 50 state institutions that day, including Chisinau International Airport, the capital’s city council, the parliament and various ministries.
It was a hoax, and not the first nor the last. Moldova, a country of 2.6 million that shares a 1,222 kilometer border with war-torn Ukraine, has been experiencing a summer plagued by bomb threats. Since the beginning of the year, security agencies have recorded 148 bomb alerts against 885 state institutions: 124 were reported in July and August alone. None of them turned out to be real, no explosives have been discovered and no one has yet been charged.
READ THE STORY: IWPR
India - Email malware evolving into a dangerous attack source: what your organization needs to know
FROM THE MEDIA: It may come as a surprise that most burglars gain access to victims’ homes by walking through the front door. This is because every home has one, and very often, they are left unlocked. For many years, Microsoft Office documents have been our digital front doors. Almost all of us will have used Office docs at some point, be it Word, PowerPoint or Excel, and everyday thousands of emails are exchanged with these types of documents attached. Most of the time, we don’t even question their source, making them a very wide-open door indeed.
READ THE STORY: CRN
A new ransomware called “Agenda” has been found on Dark Web
FROM THE MEDIA: Agenda is a brand-new targeted malware that Trend Micro researchers have just discovered. Using the Go programming language, Agenda was produced. The ransomware attack was directed against one of the company’s customers. The results of the incident investigation revealed that a public-facing Citrix server was used by the threat actor to access the victim’s network. They most likely made lateral moves inside the victim’s network using a genuine account to gain access to this server.
READ THE STORY: The Tech Outlook
What’s polluting your data lake
FROM THE MEDIA: A data lake is a large system of files and unstructured data collected from many, untrusted sources, stored and dispensed for business services, and is susceptible to malware pollution. As enterprises continue to produce, collect, and store more data, there is greater potential for costly cyber risks. Every time you send an email or text you are producing data. Every business service your organization has deployed is generating and exchanging data from third-party partners and supply chain providers.
READ THE STORY: HelpNetSecurity
Critical infrastructure cyberattacks: What are the implications of their increasing prevalence
FROM THE MEDIA: Over the past couple of years, there have been a growing number of cyber attacks on critical infrastructure around the world. Most recently, Estonia was subjected to its most extensive cyberattack since 2007, apparently in retaliation to the country removing Soviet-era monuments from public places. Earlier this year, Costa Rica had to declare a state of emergency after a Russian-speaking ransomware gang threatened to overthrow the government in the wake of two cyberattacks. In July last year, South Africa’s ports were almost totally shut down after a ransomware attack.
READ THE STORY: BETA NEWS
Ukrainian hackers created fake profiles of attractive women to trick Russian soldiers into sharing their location, report says. Days later, the base was blown up
FROM THE MEDIA: Ukrainian hackers set up fake accounts of attractive women to trick Russian soldiers into sending them photos, which they located and passed to the Ukrainian military, the Financial Times reported. Nikita Knysh, a 30-year-old IT professional from Kharkiv, told the FT that when Russia's invasion began in February this year, he wanted to use his hacking skills to help his country. He recruited other hackers and founded a group nicknamed Hackyourmom, which now consists of 30 hackers from across the country, he told the FT.
READ THE STORY: Business Insider
Iran equips 51 cities with civil defense systems
FROM THE MEDIA: Iran equipped 51 cities and towns with civil defense systems to thwart any possible foreign attack, a senior defense official of the Islamic Republic said Saturday, amid an escalation of tensions with Israel and the United States. The civil defense equipment enables Iran’s armed forces to “identify and monitor threats by using round-the-clock software according to the type of the threat and risk,” Deputy Defense Minister General Mehdi Farahi was quoted as saying by Iranian media.
READ THE STORY: i24
Unraveling How Cybercriminals Extort Businesses Worldwide
FROM THE MEDIA: The paper, “An Anatomy of Crypto-Enabled Cybercrimes,” takes a detailed look at how highly sophisticated criminal organizations, mainly based in Russia and North Korea, extort money from corporations worldwide. The majority of these victimized firms are in the United States. “This was actually a difficult decision to do this paper because there’s a substantial probability that I will be targeted,” Harvey said. “But we want academics to do basic research like this because it is important that policymakers make the right decisions” regarding cryptocurrency, such as bitcoin.
READ THE STORY: OODALOOP
Items of interest
Russia To Help Iran In Developing Crucial Gas Reserves
FROM THE MEDIA: Along with the (recently achieved) completion of the crucial Goreh-Jask pipeline oil export route, the (ongoing) ramping up of production from its hugely oil-rich West Karoun cluster of oil fields to at least 1 million barrels per day (bpd) within the next two years, and the (continuing) building out of its value-added petrochemicals production to at least 100 million metric tons per year by 2022, optimising gas production from its supergiant South Pars gas field is a top priority for Iran. In the current global gas market, characterised by questions over future supplies, it is currently perhaps the very top priority for Iran, and the Islamic Republic has brought in Russia to help it expedite and increase gas production from the perennially controversial Phase 11 of South Pars. With an estimated 14.2 trillion cubic metres (Tcm) of gas reserves in place plus 18 billion barrels of gas condensate, South Pars already accounts for around 40 percent of Iran’s total estimated 33.8 tcm of gas reserves – mostly located in the southern Fars, Bushehr, and Hormozgan regions – and about 80 percent of its gas production. The 3,700-square kilometre (sq.km) South Pars sector of the 9,700-square km basin shared with Qatar (in the form of the 6,000-square km North Dome) is also critical to Iran’s overall strategy to sustain natural gas production across the country of at least 1 billion cubic metres per day (Bcm/d).
READ THE STORY: Oilprice
Propaganda - EDWARD BERNAYS (Video)
FROM THE MEDIA: This is an animated book summary video of Propaganda written by Edward Bernays. He was Sigmund Freud's nephew and is seen by many as the father of public relations. Many prominent politicians, including Donald Trump have used Bernays theories to spread their message to the masses using mainstream media and alternative media.
Edward Bernays and Group Psychology: Manipulating the Masses (Video)
FROM THE MEDIA: In this video we look at the ideas of Edward Bernays, nephew of Sigmund Freud and a pioneering mind behind the field of public relations and modern propaganda - particularly his ideas on how group psychology can be used to manipulate the masses.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com