Sunday, Sept 11, 2022 // (IG): BB //Sponsor: VetSec
I'm reminded of 'The Early Bird", 'cept your posts are seemingly on semantically-enhanced steroids. - 2600hz
Albania blames Iran for second cyberattack since July
FROM THE MEDIA: Albania blamed the Iranian government Saturday for a cyberattack against computer systems used by Albanian state police — just days after the White House condemned Tehran for a hack that disrupted Albanian government services in July. The latest hack forced Albanian officials to temporarily take offline its Total Information Management System (TIMS), a system for tracking the data of those entering and leaving Albania, according to a statement from Albania’s interior ministry. The cyberattack was the work of the “same aggressors” that carried out the July hack, Albanian Prime Minister Edi Rama alleged in a tweet. The hack occurred on Friday, according to the interior ministry, and by early Saturday evening, the ministry said it expected to have all aspects of the TIMS restored soon.
READ THE STORY: CNN
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
FROM THE MEDIA: A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. Cybersecurity firm Mandiant said the group operates as the intelligence gathering arm of Iran's Islamic Revolutionary Guard Corps (IRGC), not to mention shares partial overlaps with another cluster called APT35, which is also known as Charming Kitten, Cobalt Illusion, ITG18, Phosphorus, TA453, and Yellow Garuda.
READ THE STORY: THN
It’s Not Just the Airport: GPS Jamming Is Affecting People All Over Israel
ANALYST NOTES: The reported jamming is claimed to be from Russia: AA // MEMO
FROM THE MEDIA: While Israel is at the global center of GPS blocking and disruption, as reported in a recent Haaretz article, the issue rarely made the headlines before – even though it dramatically affects thousands of Israelis. For many professionals, such as farmers and drone operators, the disruptions to the Global Positioning System satellite navigation system could very well cost them days of work, damage equipment worth tens of thousands of shekels or even put human lives at risk.
READ THE STORY: Haaretz
Global Pressure Mounts on Cambodia Over Foreign-Run Trafficking, Scamming Rings
FROM THE MEDIA: Cambodia has long had a problem with its own citizens being trafficked into nearby countries such as Thailand and Indonesia, where they work in slave-like conditions. But stamping out foreign-run trafficking rings within its borders is a new phenomenon, and Phnom Penh's ability to disrupt the criminal networks could have wide-reaching consequences for its regional standing, experts told VOA Khmer.
READ THE STORY: VOA
Sharing secrets has been ‘effective’ against Russia, but the tactic has limits, CIA chief says
FROM THE MEDIA: Declassifying intelligence to defuse Russian narratives has “played a very effective role” in the months-long war in Ukraine, according to the head of the Central Intelligence Agency, particularly when it’s part of a broader strategy. But its usefulness has limits when it comes to cyber threat intelligence. “The decisions to declassify intelligence are always very complicated ones, but I think when President [Joe] Biden has decided very carefully and very selectively to make public some of our secrets, it’s played a very effective role over the course of the last six months, and I think it can continue to—again, if we make it the exception, not the rule,” William Burns, the director of the CIA, said during a keynote at the Billington Cybersecurity Summit on Thursday.
READ THE STORY: The Paradise
Ukraine is fighting both a physical and cyber war against Russia
FROM THE MEDIA: Today, Ukrainian forces entered a key transportation and supply hub for the Russian military, a move even Russia's defense ministry confirmed. It follows a rapid advance by Ukrainian forces to retake ground in the northeastern part of the country. It could signal an important turning point in this six-month-old conflict, where Ukraine has been forced to defend itself against both conventional warfare and a more recent phenomenon, cyberattack. That's where we turn now.
READ THE STORY: NPR
Can Russia take advantage of the Weaknesses of BiH System to influence the Election Result
FROM THE MEDIA: Six months since the beginning of the Russian invasion of Ukraine, there is increased concern within NATO and the European Union (EU) that Bosnia and Herzegovina (BiH) could be the target of Russian cyber and other attacks, said the interlocutors during the interview for the new show TV Justice, which analyzes the ways and the real possibility of Russian influence during a sensitive election period. A series of current geopolitical circumstances suggest that there may be grounds for increased concern about Russian interference in BiH in the coming weeks, stated Director of NATO’s Strategic Communications Center of Excellence Janis Sarts for the Balkan Investigative Reporting Network (BIRN)BiH.
READ THE STORY: Sarajevo Times
Cyber Chief: Ireland's position in the world does not protect it from attacks by other countries
FROM THE MEDIA: ONE HUNDRED YEARS of a benign relationship with foreign powers has left Ireland vulnerable to cyber attacks, the State’s Cyber Chief has said. It is rare to see National Cyber Security Centre director Dr Richard Browne out in public – the long term civil servant is notoriously secretive. His journey to one of the most important jobs in Irish national security began in the early 2000s. Starting his career in the civil service.
READ THE STORY: The Journal
Bitcoin ATMs are spreading. They’re legal but can be tools for cyber crooks
FROM THE MEDIA: Walk into a smoke shop or small convenience store in South Florida — anywhere from Homestead to Boynton Beach — and you might find not one, but two, ATM machines. Look closely before you try to get cash because there’s a big difference. One dispenses paper bills, greenbacks to spend. The other spits out a paper receipt for Bitcoin, far and away the most popular crypto currency. Nothing wrong with that if you’re comfortable with converting your honestly earned dollars into crypto.
READ THE STORY: Miami Herald
Privacy tops convenience in AI use
FROM THE MEDIA: Two-thirds of the people surveyed in India said they would pick privacy over convenience emanating from use of artificial intelligence (AI) because they don’t want their personal data to be captured by AI.
Conducted by data privacy and cyber security provider Tsaaro along with Fractal, the survey, AI’s Race for Responsibility and Privacy, covered over 1,000 people who use or work with AI in their daily lives in India. When questioned about the government and its agencies’ unbridled powers under the new bill to process citizen’s data without consent, 55% of the respondents upheld the citizen’s right to be informed and right to consent in these situations while 27% had no qualms about the government’s power. Only 61% of the participants are aware of what bias in AI is and only 7% said that India had enough safeguards to handle privacy violations.
READ THE STORY: ET
Five years on: The shadow of WannaCry and NotPetya
FROM THE MEDIA: Cyber risk is not new, or stationary, it is complex and evolving. But for all its complexity, like most things human, cyber risk follows a cyclical pattern. New risks may emerge, but the vast majority of risks are just old threats re-imagined for a new age. WannaCry and NotPetya still cast a heavy shadow over us five years on but older readers will agree these are mere shadows compared to the chaos caused by Conficker, Melissa, ILOVEYOU and SQL Slammer in the early 2000s. This older generation of malware worms was significantly more potent but came at a time when both their recognition and insurable impact were considerably moderated as corporate and business processes were far less digitized – in an age before the evolution of cyber insurance.
READ THE STORY: The Insurer
Australian - Cyberark explains what the critical infrastructure protection act means for you
FROM THE MEDIA: The Australian Parliament passed the Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 earlier this year with mandatory periods for critical infrastructure cyber security incidents to be reported, but what does it mean for you in practice? CyberArk solutions engineering manager Andrew Slavkovic spoke to iTWire to explain. This new mandate came into existence earlier this year, completing the final package of amendments to the existing Security of the Critical Infrastructure Act 2018 (Cht) (SOCI Act). The Act is designed to improve the cyber security posture of Australia’s critical infrastructure assets and systems of national significance. It takes into consideration the changing threat landscape caused by several global events and accelerated digital transformation activities.
READ THE STORY: ITwire
SEC to address growing crypto issuer filings with specialized offices
FROM THE MEDIA: In light of the influx of filings from cryptocurrency issuers in the United States, the Securities and Exchange Commission (SEC) decided to set up two new offices this fall to provide specialized support to the seven offices currently responsible for reviewing issuer filings. Under the Division of Corporation Finance's Disclosure Review Program (DRP), the SEC announced plans to add two offices — an Office of Crypto Assets and an Office of Industrial Applications and Services — purely focused on dealing with crypto assets and industrial applications and services, respectively.
READ THE STORY: CoinTelegraph
Ransomware Groups are Adopting ‘Intermittent Encryption’ for Better Results
FROM THE MEDIA: Researchers at Sentinel Labs has noted a pattern of adoption of new encryption technique by ransomware groups – called intermittent encryption – which may make their campaign more successful. Upon adoption, the malware of ransomware groups is tuned to encrypt only parts of targeted files, thereby reducing the encrypting time – while also making the files useless with half corruption and decryptable only with a specific key. With several advantages, researchers warn that more ransomware groups may adopt them for better operations.
READ THE STORY: Techdator
Minecraft, the most used video game to distribute malware in the world
FROM THE MEDIA: It is no secret to anyone that the world of video games has gained a significant boom in recent years, with which we see more and more brands trying to capitalize on gaming interest. However, this interest is not only used for good, and cybercriminals have found a way to undermine this industry with their bad practices. Minecraft is in the crosshairs. At least this is evidenced by a new report delivered by Kaspersky, which has revealed which are the 10 most used video games in the world to distribute malware.
READ THE STORY: Gear Rice
Ukraine’s southern offensive ‘was designed to trick Russia’
FROM THE MEDIA: The much-publicized Ukrainian southern offensive was a disinformation campaign to distract Russia from the real one being prepared in the Kharkiv region, Ukraine’s special forces have said. Ukrainian forces are continuing to make unexpected, rapid advances in the north-east of the country, retaking more than a third of the occupied Kharkiv region in three days. Much of Ukraine’s territorial gains were confirmed by Russia’s defense ministry on Saturday.
READ THE STORY: The Guardian
TikTok users targeting migrants with misinformation
FROM THE MEDIA: Videos aimed at desperate migrants are making their way across social media platforms, including TikTok. One in particular shows a user telling Venezuelans they can migrate to the U.S. without getting a visa. “It broke my heart because you can see the hope coming through in these comments,” Adriana Rivera, who works for the Florida Immigrant Coalition, told NewsNation’s “Rush Hour” on Friday.
READ THE STORY: FOX4
How to tell fact from fiction, when so many are out to manipulate you: Leslie Kouba
FROM THE MEDIA: I’m convinced we’re swimming in the most dangerous waters, yet. The abundance of misinformation and disinformation swirling around us is increasing, especially in politics and social justice. If we aren’t careful, it can swallow us like a riptide. Let’s start with definitions, so we can be on the same page. Misinformation is false info, created and shared with no intent of harm. Some of this is satire. Sometimes it’s shared innocently because the sharer thought it would be helpful, not knowing it’s untrue. Disinformation is false info intentionally crafted to harm, hinder, or harness and works to mislead, deceive or agitate. Typically, disinformation is designed to push an agenda.
READ THE STORY: Cleveland
Cybersecurity expert: Even if you debunk it, people believe the deepfake
FROM THE MEDIA: Imagine in our military that you have a military leader, that it looks so convincing. They say, "Hey, look, we're going to go blow up X." And now people believe that. And the problem is, even if you prove it's not true later, there will still be a percentage of people — to this day, there are still people who think 9/11 is an inside job, that Bush did it. You will still have a certain percentage of people that even if you debunk it and disprove it, they'll believe the deepfake.
READ THE STORY: FOX News
Putin's army on brink of collapse after Ukraine deploys 'brilliant combined arms' move
FROM THE MEDIA: The Russian President has been rocked by Kyiv's stunning counterattack along the Kharkiv front line in Ukraine's northeast. Ukraine's army has regained more than 772 square miles (2,000 square kilometres) from the Russian occupiers within a matter of a few days, sending shock waves through the Kremlin. The strategically important cities of Kupiansk and Izyum are now believed to be under the control of Kyiv once again.
READ THE STORY: Express
Crypto Enthusiasts Look to Profit From Queen’s Death
FROM THE MEDIA: As the U.K. mourns the loss of its 96-year-old monarch, Web 3 enthusiasts capitalized on the global attention to launch a dizzying array of algorithmically generated, Queen-themed nonfungible tokens, as well as a slew of cryptocurrency tokens such as Queen Elizabeth Inu, QueenDoge, and London Bridge Is Down on Binance Smart Chain and Ethereum.
READ THE STORY: Be in Crypto
US sanctions Iranian firms over drone sales to Russia for use in invasion of Ukraine
FROM THE MEDIA: The US Treasury Department announced Thursday that it is levying sanctions against four Iranian companies that it says were involved in sending drones to Russia last month for use in Moscow’s war against Ukraine. Tehran-based Safiran Airport Services, Paravar Pars Company, Design and Manufacturing of Aircraft Engines, and Baharestan Kish Company were all hit with the new sanctions. “Russia is making increasingly desperate choices to continue its unprovoked war against Ukraine, particularly in the face of our unprecedented sanctions and export controls,”
READ THE STORY: Time of Israel
DEV-0270 Hacker Group Uses Windows BitLocker Feature to Encrypt Systems
FROM THE MEDIA: The DEV-0270 (aka Nemesis Kitten), an Iranian state-sponsored hacker group has been uncovered abusing a Windows feature known as BitLocker. While Nemesis Kitten is one of the sub-groups of the Iranian threat actor group known as, PHOSPHORUS. The threat intelligence team of Microsoft claims that as soon as new security vulnerabilities are disclosed, the group takes advantage of them as quickly as possible. The attacks made by this group utilize living-off-the-land binaries (LOLBINs) to the fullest extent possible.
READ THE STORY: GBHACKERS
Zelenskyy decorates CEO of Baykar, manufacturer of Bayraktar drones
FROM THE MEDIA: President Volodymyr Zelenskyy of Ukraine held a meeting with Haluk Bayraktar, the Chief Executive Officer of Baykar, a Turkish business that manufactures Bayraktar drones. Zelenskyy awarded Bayraktar the First Class Order of Merit [the state decoration; awarded to citizens for merits in various spheres of life. Zelenskyy and Bayraktar discussed future cooperation to strengthen the defense capabilities of the Armed Forces of Ukraine.
READ THE STORY: Yahoo
Meet The Phoenix Ghost Drone: Ukraine’s Missing Weapon
FROM THE MEDIA: A report from Insider this week noted how hundreds of Phoenix Ghost drones have been sent to Ukraine by the United States federal government but that the drones have rarely been documented in action in Ukraine. “As of September, the Pentagon has sent some 700 Phoenix Ghost drones to Ukraine,” the report claims. “However, despite the hundreds of drones in use in Ukraine and the world’s close observation of battlefields there, there have been few glimpses of the drone in action against Russian forces.”
READ THE STORY: 1945
Zelenskiy says Turkish drone maker to build Ukraine factory
FROM THE MEDIA: Ukrainian President Volodymyr Zelenskiy on Friday met with the head of Turkish defence firm Baykar and said the company would set up a factory in Ukraine to build unmanned aerial vehicles. Baykar's Bayraktar TB2 drone has been hugely popular in Ukraine, where it helped destroy many Russian artillery systems and armored vehicles. "We discussed the details of the construction of the Baykar factory in Ukraine and the production of new goods using Ukrainian components," Zelenskiy said in an online post after meeting Baykar Chief Executive Haluk Bayraktar in Kyiv.
READ THE STORY: Reuters
Items of interest
Threats from the Dark: A Review over Dark Web Investigation Research for Cyber Threat Intelligence
FROM THE MEDIA: From proactive detection of cyberattacks to the identification of key actors, analyzing contents of the Dark Web plays a significant role in deterring cybercrimes and understanding criminal minds. Researching in the Dark Web proved to be an essential step in fighting cybercrime, whether with a standalone investigation of the Dark Web solely or an integrated one that includes contents from the Surface Web and the Deep Web. In this review, we probe recent studies in the field of analyzing Dark Web content for Cyber Threat Intelligence (CTI), introducing a comprehensive analysis of their techniques, methods, tools, approaches, and results, and discussing their possible limitations. In this review, we demonstrate the significance of studying the contents of different platforms on the Dark Web, leading new researchers through state-of-the-art methodologies. Furthermore, we discuss the technical challenges, ethical considerations, and future directions in the domain.
READ THE STORY: Hindawi
Source Zero Con 2022: Advanced Database Testing (Video)
FROM THE MEDIA: A review of advance database testing techniques such as timing attacks to include a few real world findings that can be sanitized for the presentation where I successfully extracted PHI from a database through a web assessment using a database timing attack.
Hacker hunting with Wireshark (even if SSL encrypted!) (Video)
FROM THE MEDIA: The packets don't lie. You can hide processes or logs, but you cannot hide packets. Malware is a major problem in today's networks. Chris Greer is the Wireshark master. He shows us how to use Wireshark to find Malware and suspicious traffic in our networks.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com