Sunday, Sept 18, 2022 // (IG): BB // Sponsor: Shadow News
India - How to raise funds? A successful semiconductor design start-up founder shares tips
FROM THE MEDIA: Founded in 2007, Saankhya Labs is one of the few Indian fabless companies that has managed to steer through tough times. With 73 international patents to its credit, Saankhya has been developing chips, building software-defined radio (SDRs) chipsets, and it was the only non-telecom service provider to be allotted a 5G spectrum to conduct trials. And recently, its majority stake (64.40%) was acquired by Tejas Networks, a prominent Indian optical vendor that is a part of the Tata Group, for Rs 283.94 crore in cash.
READ THE STORY: Business Today
A new threat from China faces Taiwan’s military: Trolls with drones
FROM THE MEDIA: Dressed casually in jeans and T-shirts, shorts and sandals, and chatting jovially in Mandarin as they hunch over a controller and screen, it’s hard to believe they could be up to anything shady — until one of them shouts excitedly, “I got a tank!” But these men aren’t playing a computer game. They are flying drones over a military site on a nearby Taiwan-controlled island. The 15-second video clip is among a number of videos that have popped up recently on the Chinese social media site Weibo and show what appear to be civilian-grade drones trolling Taiwan’s military. The island’s military later confirmed these mysterious menaces are indeed civilian drones from mainland China.
READ THE STORY: AOA Daily
China’s IP theft: Boon or bane?
FROM THE MEDIA: China is accused of stealing Intellectual Property (IP) worth trillions of dollars from multinational corporations. The Communist regime is hounding global corporations operating in different parts of the country. Today Washington is targeting Beijing for continuing this trick. Besides the US, the European Union (EU) is harshly labelling China as top offender for IP breaches.
READ THE STORY: The Daily Pioneer
Uber responding to “cyber security incident” following reports of significant data breach
FROM THE MEDIA: In a statement on Twitter, Uber wrote “We are currently responding to a cyber security incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee’s Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.
READ THE STORY: Channel Asia
Iran’s Regime Continues Its Internet Restriction Project
FROM THE MEDIA: This is part of the outlook of a document by the Iranian regime’s Supreme Council of Cyberspace, which has been delivered to its supreme leader Ali Khamenei and approved by him. On August 30, the Supreme Council of Cyberspace finally unveiled the ‘Strategic Document of the Islamic Republic of Iran in Cyberspace in Horizon of 2031’ and notified all the institutions of the regime of its implementation, including the President, Ebrahim Raisi.
READ THE STORY: Iran Focus
LastPass revealed that intruders had internal access for four days during the August hack
FROM THE MEDIA: Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days in August 2022. LastPass CEO Karim Toubba explained that there is no evidence that the attackers had access to customer data.
READ THE STORY: Security Affairs
Vindictive’ couple deleted hotel chain data for fun
FROM THE MEDIA: Hackers have told the BBC they carried out a destructive cyber-attack against Holiday Inn owner Intercontinental Hotels Group (IHG) “for fun”. Describing themselves as a couple from Vietnam, they say they first tried a ransomware attack, then deleted large amounts of data when they were foiled. They accessed the FTSE 100 firm’s databases thanks to an easily found and weak password, Qwerty1234. An expert says the case highlights the vindictive side of criminal hackers. UK-based IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands.
READ THE STORY: The Nation (PK)
Chinese state-backed hackers target PMOs, heads of nations
FROM THE MEDIA: Chinese state-backed hackers have targeted computer systems used by “Heads of government”, Prime Minister’s Office, government institutions linked to finance, aerospace, defence companies, telecom companies, IT organizations and media companies in multiple countries in an intelligence gathering operation that has been in motion since 2021. This has been unearthed by researchers of Broadcom Inc, a Delaware-based corporation headquartered in San Jose, California, United States.
READ THE STORY: TSG
Ukraine war has started a new era of global security: Adm. Bauer
FROM THE MEDIA: The Chair of the NATO Military Committee Adm. Rob Bauer said Saturday that the Ukraine war has started a new era of global security and underlined the Alliance’s continued support to Ukraine. “Without a doubt a new era for global security has begun. It is crystal clear that this conflict is bigger than Ukraine,” he told a press conference at the end of the 2-day meeting held in Tallinn, Estonia, this afternoon.
READ THE STORY: Saudi Gazette
Sharing is key to combating cyberthreats
FROM THE MEDIA: As cyberthreats to the auto trade develop, corporations want to enhance communication and cooperation to keep away from hacks that would grind enterprise to a halt, executives and regulators mentioned on the Auto-ISAC cybersecurity summit in Dearborn, Mich. “Hackers thrive when corporations aren’t sharing info, when colleagues do not discuss and when personal and public sectors do not talk,” mentioned Faye Francy, govt director of Automotive Info Sharing and Evaluation Middle, organizer of the summit.
READ THE STORY: Auto Recent
Zelensky and NATO plan to transform post-war Ukraine into ‘a big Israel’
FROM THE MEDIA: Just forty days after Russia’s military campaign began inside Ukraine, Ukrainian President Vlodymyr Zelensky told reporters that in the future, his country would be like “a big Israel.” The following day, one of Israel’s top promoters in the Democratic Party published an op-ed in NATO’s official think tank exploring how that could be executed.
READ THE STORY: The GrayZone
US Sanctions IRGC-Affiliated Hackers on Ransomware Charges
FROM THE MEDIA: In a new move carried out by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), multiple sanctions were handed out due to the accused’s ransomware activities. Ten Individuals and two shell companies known for extorting US businesses and infrastructure providers have been sanctioned, prohibiting all commercial activities with the designated parties – in cryptocurrency or otherwise. In tandem, the DOJ has also launched criminal charges against three named persons in absentia.
READ THE STORY: Crypto Potato
Bell Subsidiary Hacked, Employee and Customer Data Stolen
FROM THE MEDIA: Bell Technical Solutions (BTS), a subsidiary of national telecom operator Bell, fell victim to a ransomware attack that accessed some customer data, in addition to “operational” and “employee information” — reports Bleeping Computer. BTS has more than 4,500 employees and mainly focuses on installing Bell services for residential and small business customers in Ontario and Quebec. The attack was orchestrated by the infamous Hive group on August 20, but BTS or its parent company did not disclose it.
READ THE STORY: Iphone in Canada
Hunt on for Bjorka, hacker who leaked over one billion Indonesians' data and taunted officials
FROM THE MEDIA: Indonesia's newly formed data protection task force is chasing down a hacker behind a series of data leaks related to 1.3 billion registered mobile phone numbers and 105 million voters, and a log of the President's correspondence, among others. The hacker, who goes by the pseudonym of Bjorka and claims to be based in Warsaw, Poland, has been selling stolen data, including that from Indonesian state-owned enterprises, mobile phone operators and general election commission, on hacking forum BreachForums in the past few weeks.
READ THE STORY: The Straits Times
The surveillance industry is heading towards a squeeze
FROM THE MEDIA: "The industry is heading towards a squeeze. Revenue is declining over time and the cost of exploit is going up until an inflection point is reached at which point the industry is no longer profitable,” said Dr. Bill Marczak, Research Scientist at ICSI and Research Fellow at Citizen Lab. Marczak’s presentation at Calcalist’s Mind the Tech conference in New York was titled “Facing the Pegasus Scandals: What's Next for the Surveillance Industry?”
READ THE STORY: CTECH
New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems
FROM THE MEDIA: Hackers associated with North Korea are using trojanized versions of the PuTTY SSH open-source terminal emulator to install backdoors on victims' devices. Discovered by Mandiant, the threat actor responsible for this campaign would be 'UNC4034' (also known as Temp.Hermit or Labyrinth Chollima). "Mandiant identified several overlaps between UNC4034 and threat clusters we suspect have a North Korean nexus," reads an advisory published by the company on Wednesday. The methodology used by UNC4034 would now be evolving, according to Mandiant.
READ THE STORY: InfoSecMag
After this latest defeat, can Russia even be considered a second-rate military power
FROM THE MEDIA: ‘You may not be interested in war, but war is interested in you.” So said Leon Trotsky, the military leader of the murderous Red Army that brought the Bolsheviks to power in Russia. We in Europe have in recent months been given several sharp reminders of the truth of that statement. This is because Vladimir Putin’s war on Ukraine is a version of unrestricted warfare — a modern form of military combat that is multidimensional. It includes cyber attacks, information wars, economic assaults and, of course, kinetic warfare of the traditional battlefield type.
READ THE STORY: Independent
Cybercriminals on the continent target East African firms most
FROM THE MEDIA: Businesses in East Africa have reported the highest number of cyber-attacks in Africa, implying the rising threats that come with massive digital transformation. A survey by audit firm KPMG focusing on 300 companies, both large corporations and small and medium-sized enterprises (SMEs), reveals that about three in 10 businesses in the region have fallen victim to cyber-attacks. The survey blames this on “rapid development and adoption of digital technology across business sectors with limited expertise and awareness around technology and digital infrastructure.”
READ THE STORY: The East African
Emotet botnet now pushes Quantum and BlackCat ransomware
FROM THE MEDIA: While monitoring the Emotet botnet's current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. This is an interesting development given that the Conti cybercrime syndicate was the one that previously used the botnet before shutting down in June. The Conti group was the one who orchestrated its comeback in November after an international law enforcement action took down Emotet's infrastructure at the beginning of 2021.
READ THE STORY: Bleeping Computer
U.S. GEOINT Is Clear Driver in Ukrainian Defense
FROM THE MEDIA: An unprecedented amount of U.S. commercial space-based intelligence for national security has helped the country of Ukraine defend itself for the last six months against the unprovoked invasion of Russia. The speed at which digital imagery and services came into the hands of Ukrainian warfighters was also outstanding, officials say, demonstrating the value of commercial geospatial intelligence, or GEOINT, during armed conflicts.
READ THE STORY: AFCEA
North Korea-linked groups target cryptos
FROM THE MEDIA: According to data from TradingPlatform.com, North Korea is responsible for the theft of almost $1-billion worth of cryptocurrencies in 2022. “There has been a series of attacks on DeFi platforms,” says TradingPlatform analyst, Edith Reads. “The attacks seem well organised and coordinated. However, there are measures in place by different players in the crypto space to overcome this. Thirty million dollars of stolen crypto recovered from North Korean hackers gives hope.
READ THE STORY: IT ONLINE
Transparency, disclosure key to fighting ransomware
FROM THE MEDIA: The profitability of cybercrime and the ease with which it can be executed means both public and private organizations need to not only remain vigilant in their security strategies but also be transparent about the types of attacks they're fighting against. Ransomware is rampant, and organizations need to become comfortable discussing failures and successes with security technology peers and the government to help anticipate and prevent future attacks, according to cybersecurity experts speaking at Wednesday's online Data Security Summit hosted by Rubrik, a data backup vendor.
READ THE STORY: TechTarget
Iranian hackers moonlight their expertise
FROM THE MEDIA: The Justice Department unsealed an indictment alleging that three Iranian men encrypted hundreds of systems around the world and demanded ransoms to unlock them. But the unsealed indictment said the men did so independently of the Iranian government, while the Treasury Department said they were linked to Iran’s Islamic Revolutionary Guard Corps (IRGC).
READ THE STORY: The Washington Post
A pro-China disinformation campaign is targeting rare earth miners
FROM THE MEDIA: Just when we thought the renewable energy supply chains couldn’t get more fraught, a sophisticated disinformation campaign has taken to social media to further complicate things. Known as Dragonbridge, the campaign has existed for at least three years, but in the last few months it has shifted its focus to target several mining companies “with negative messaging in response to potential or planned rare earths production activities.” It was initially uncovered by cybersecurity firm Mandiant and peddles narratives in the Chinese interest via its network of thousands of fake social media accounts.
READ THE STORY: Protocol
$1.13M stolen from Eagle Mountain City in ‘organized cybercrime’ scheme, officials say
FROM THE MEDIA: Eagle Mountain City discovered it was the victim of an “organized cybercrime” scheme resulting in the loss of $1.13 million, according to a Monday news release. Through the use of an email impersonation scheme, the thieves portrayed themselves as a vendor that is working with the city on a major infrastructure project, officials said, and received the money through an “automated clearing house” transfer, a type of electronic payment.
READ THE STORY: The Salt Lake Tribune
Turkey’s New Disinformation Bill: Disturbing Trend Toward Digital Authoritarianism
FROM THE MEDIA: In 2002, when President Recep Tayyip Erdogan and his Justice and Development Party (AKP) came to power in Turkey, defeating Kemalist hegemony, there was a glimmer of hope in the West for the overwhelmingly Muslim country. However, the experience of Turkey over the past 20 years is one descending into an authoritarian regime with clampdowns on free speech, curbs on dissent and increases in political persecutions. The freedom of the press in the country is systematically trampled with draconian laws and punitive measures, giving vague interpretations of national security and terrorism.
READ THE STORY: JURIST
Facebook's anti-vax carrot emoji, explained
FROM THE MEDIA: To avoid censorship for the spread of COVID-19 misinformation, anti-vax groups on Facebook have begun coding their messages with the carrot emoji, according to a report from the BBC. The emoji is used in place of the word "vaccine" to avoid the wrath of Facebook's automated moderator algorithms. The BBC reports that these groups often share unverified claims of people being killed or injured by the COVID-19 vaccine.
READ THE STORY: Mashable
A Disinformation Operation was the Trojan Horse for Ukraine to Weaken the Russian Army
FROM THE MEDIA: The Russian invasion in Ukraine exceeded 200 days; however, it seems that Vladimir Putin lost the battle after Volodimir Zelenski announced that his army had recovered kilometers of territory with a strategy that surprised the Russians. The Russian army was forced to retreat in eastern Ukraine, losing control of Balekleya, Kupiansk, and Izium, a strategic logistical area.
READ THE STORY: El American
How SOCs can identify the threat actors behind the threats
FROM THE MEDIA: Detecting threats is the primary function of a security operations center. Security tools, such as extended detection and response and SIEM, help identify and raise suspicious or malicious activity to SOC analysts, who then determine the validity and severity of the activity and define appropriate response actions. The effectiveness of these tasks determines a key security metric: mean time to detect.
READ THE STORY: TechTarget
Ukrainian soldiers are refurbishing abandoned Russian tanks and trucks
FROM THE MEDIA: It was an early and delightful symbol of underdog resistance. Dubbed the “John Deere Brigade,” Ukrainian tractors were shown all over social media lugging away hastily abandoned Russian military equipment, from tanks to self-propelled artillery systems to complicated air defense platforms, worth tens of millions of dollars. Western predictions that Ukraine would fall to its invaders in as little as three days proved wildly off base. The breadbasket of Europe could punch above its weight. And now it was in the repo business.
READ THE STORY: Yahoo News
YPG/PKK supporters distribute terror propaganda at cultural festival in Netherlands
FROM THE MEDIA: Supporters of the YPG/PKK terror organization in the Netherlands distributed terror propaganda at a so-called cultural festival. Supporters of the terror group gathered in Landgraaf in the Limburg region and spoke against Türkiye and chanted slogans. Carrying rags symbolizing the YPG/PKK and its leader, Abdullah Ocalan, they demanded Ocalan's release. Although the PKK is on the EU's terror list, it is noteworthy that its supporters can freely demonstrate in the Netherlands and clothing symbolizing the terror group and Ocalan are not prohibited.
READ THE STORY: AA
Items of interest
Tiny GPS Logger for the Internet of Animals
FROM THE MEDIA: The TickTag was designed with a LiPo battery specifically in mind and claims 10,000 GPS fixes from a 30mAh cell. Each unit is equipped with an L70B-M39 GPS module controlled by an Atmel ATTiny1626 microcontroller and sports a tiny AXE610124 0-pin connection header for programming and communication. GPS data is stored on a 128kB EEPROM chip with each GPS location fix using 25 bits for latitude, 26 bits for longitude, and 29 bits for a timestamp. All it all up and you get 10 bytes per GPS data point (25+26+29=80), giving the 10k GPS fix upper bound. To record higher quality data and extend battery life, the TickTag can be programmed to record GPS location data using variable frequency intervals or when geofencing bounds have been crossed.
READ THE STORY: Hackaday
Open-Source Intelligence (OSINT) in 5 Hours (Video)
FROM THE MEDIA: Open-Source Intelligence (OSINT) in 5 Hours.
Using Sock Puppets For Hacking: OSINT (Video)
FROM THE MEDIA: Understanding how to properly setup Sock Puppet accounts (alternate online personas) is an important component of OSINT - Open Source Intelligence.
se open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com