Monday, Sept 19, 2022 // (IG): BB // Sponsor: Shadow News
Uber Hacker Claims To Have Hacked Rockstar Games, Releases GTA 6 Videos
FROM THE MEDIA: Hot on the heels of the Uber hacking incident last week, someone claiming to be the hacker behind it now says Rockstar Games has been hacked. As evidence of this, videos of Grand Theft Auto (GTA) 6, which is still in the early stages of development, have been leaked and published online. The hacker, using a handle of teapotuberhacker and posting to the GTAForums fan forum, claimed to have gained access to Rockstar Games' Slack server and also its team-working Confluence wiki.
READ THE STORY: Forbes
TeamTNT is back and targets servers to run Bitcoin encryption solvers
FROM THE MEDIA: In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August 2020 experts from Cado Security discovered that botnet is also able to target misconfigured Kubernetes installations.
READ THE STORY: Security Affairs
Pentagon opens sweeping review of clandestine psychological operations
FROM THE MEDIA: The Pentagon has ordered a sweeping audit of how it conducts clandestine information warfare after major social media companies identified and took offline fake accounts suspected of being run by the U.S. military in violation of the platforms’ rules. Colin Kahl, the undersecretary of defense for policy, last week instructed the military commands that engage in psychological operations online to provide a full accounting of their activities by next month after the White House and some federal agencies expressed mounting concerns over the Defense Department’s attempted manipulation of audiences overseas.
READ THE STORY: Washington Post
Social media platforms’ ‘flawed policies’ amplify election fraud claims
FROM THE MEDIA: Social media companies have weak policies on misinformation and have failed to enforce them consistently ahead of the 2022 midterms, according to a new report released Monday. The report, from New York University’s Stern Center for Business and Human Rights, faults Meta, Twitter, YouTube and TikTok for not taking a proactive approach to address misinformation, including a growing trend of election denialism and false claims of fraud. They say the lack of a proactive approach threatens the approaching election.
READ THE STORY: The Hill
Pelosi condemns Azerbaijan's attacks on Armenia
FROM THE MEDIA: U.S. House of Representatives Speaker Nancy Pelosi on Sunday strongly condemned what she said were “illegal” border attacks by Azerbaijan on Armenia, using a visit to the Russian ally to pledge American support for its sovereignty. Pelosi cast her trip to Armenia, a sliver of land the size of U.S. state of Maryland that is wedged between Azerbaijan, Georgia, Turkey and Iran, as an attempt to strengthen support for what she cast as a beacon of democracy.
READ THE STORY: Euronews
The impact of location-based fraud
FROM THE MEDIA: In this Help Net Security video, André Ferraz, CEO at Incognia, talks about the impact of location-based fraud, which is more prevalent than one would imagine, and it impacts different industries in many different ways. Fraudsters simply don’t want to reveal their physical location since this would make them susceptible to identification, therefore they spoof location signals. There are many types of location-based fraud, one example being fraud farms.
READ THE STORY: HelpNetSecurity
China Is Cranking Up Its Global Propaganda Machine
FROM THE MEDIA: Next month Xi Jinping will receive a third term as China's top leader and Beijing's purveyors of propaganda are determined to shape how you think about that. In a recent essay, Fu Hua, editor-in-chief of Xinhua, China's largest and most influential state news agency, outlined how he and others like him can crank up the "volume of China" and dominate the global public opinion debate.
READ THE STORY: Bloomberg
Food Supply Disruption Is Another Front for Russian Falsehoods
FROM THE MEDIA: When the Dutch government announced plans in June to reduce certain greenhouse gas emissions by as much as 70 percent, farmers erupted in protest, saying the move would in effect, force them out of business. They clogged traffic on highways with their tractors, dumped manure in the streets and set bales of hay on fire. The demonstrations were covered extensively by the conservative news media in the United States, with outlets like Breitbart and Fox News describing how the farmers were staging their own versions of this year’s “freedom convoys”.
READ THE STORY: The New York Times
Taiwan’s amateur fact-checkers wage war on fake news from China
FROM THE MEDIA: As China flexed its muscles with large-scale military exercises off Taiwan last month, Billion Lee was busy countering an onslaught taking place against her home online. False stories claiming that the United States was preparing for war with China, that China was evacuating its citizens from Taiwan, or that Taiwan had paid millions lobbying for US House Speaker Nancy Pelosi’s recent visit to the island spread across popular social media platforms Facebook and LINE.
READ THE STORY: Aljazeera
Disinformation on the rise, targets Russian travel restrictions – Lithuanian army
FROM THE MEDIA: Lithuanian army analysts have noted a growing flow of disinformation, with Lithuania's proposal to stop issuing tourist visas to Russian citizens and decisions EU defense ministers being one of the main topics of such reports, the Lithuanian army said on Monday. A total of 505 unique cases of negative information activity were identified in August, compared to 463 in July. Army analysts say the propaganda spread by hostile sources in August focused exclusively on Lithuanian-Russian relations, with Lithuania's alleged anti-Russian sentiment and hostile actions towards Russia dominating the flow.
READ THE STORY: The Baltic Times
Cybersecurity: CISA warning of high-severity PAN-OS DDoS flaw
FROM THE MEDIA: A recent CISA advisory of a high-severity PAN-OS DDoS flaw found in Palo Alto Networks’ PAN-OS has been announced. This warning has led to the flaw being added to the list of exploited vulnerabilities and allows a remote threat actor to deploy reflected and amplified denial-of-service (DoS) attacks without having to authenticate. Looking into this issue for Digital Journal is Terry Olaes, Director of Sales Engineering at Skybox Security. Olaes begins by charting the background to the security vulnerability and its discovery, noting: “Skybox Research Lab found that new vulnerabilities in the wild rose by 24 percent in 2022.”
READ THE STORY: The Digital Jounal
LastPass says password vaults untouched in security breach
FROM THE MEDIA: LastPass says the attacker responsible for a security incident in August 2022 only has access to its systems for four days. The company added that the incident was limited to the LastPass development environment, which has no direct connectivity to its production environment. “We have completed the investigation and forensics process in partnership with Mandiant,” LastPass said. “Our investigation revealed that the threat actor’s activity was limited to a four-day period in August 2022.”
READ THE STORY: Mybroadband
TeamTNT Hackers are Now Targeting Top Crypto Through Hijacking Servers to Solve for Encryption
FROM THE MEDIA: While Bitcoin is often referred to as safe because of its encryption, hackers are trying to put this to the test. TeamTNT is trying to hijack servers in order for them to run Bitcoin encryption solvers. One argument as to why cryptocurrency is a viable option for the future is because of its encryption and how it cannot be hacked. What hackers are trying to do, however, is to hijack servers in order for them to run encryption solvers on a larger scale.
READ THE STORY: TechTimes
Cisco admits that the Yanluowang ransomware gang stole data from its network
FROM THE MEDIA: Cisco confirmed that on 24th May, it became aware of a potential network breach that involved hackers trying to gain unauthorised access to the company’s internal network. The company immediately launched an investigation and found that a Cisco employee’s credentials were compromised after an attacker gained control of their personal Google account. Cisco Security Incident Response (CSIRT) and Cisco Talos further stated that the hacker wasn’t able to gain access to critical internal systems, such as those related to product development, code signing, etc. Cisco also confirmed that the only data that was exfiltrated was a Box folder that was associated with a compromised employee’s account and was not sensitive in nature.
READ THE STORY: TEISS
INTERPOL Working Group highlights cyber threats across the Americas
FROM THE MEDIA: Buenos Aires, Argentina - The evolving digital landscape in the Americas has increased the challenges and vulnerabilities regarding cybersecurity. Countries across the region now face cybercrime attacks ranging from Business Email Compromise and online scams to ransomware and money laundering. Financially motivated groups have not only targeted organizations across Latin America, primarily with ransomware, but they have also broadened the scope of their operations.
READ THE STORY: INTERPOL
RiskLens Fast Facts on Cyber Risk in Manufacturing
FROM THE MEDIA: BRP, Inc., best known as the maker of Ski-Doo snowmobiles, reported a cyber attack in August, 2022, that forced production shutdowns at factories in four countries for about a week after a malware infiltration from a third-party service. The company said that some information about employees and suppliers had been compromised but characterized the loss as minor. In a press release, BRP said it was working to “restore all internal systems from its back-up repositories,” suggesting this wasn’t a catastrophic ransomware attack.
READ THE STORY: Security Boulevard
Emotet and other malware delivery systems
FROM THE MEDIA: Researchers at AdvIntel have observed more than 1.2 million Emotet infections since the beginning of 2022. Most of the infections (35.7%) are located in the United States. The researchers also warn that the Quantum and BlackCat ransomware groups are now using the malware distribution botnet following the breakup of Conti in June 2022: “The observed botnet taxonomy attacker flow for Emotet is Emotet -> Cobalt Strike -> Ransomware Operation. What this means is that currently, the way that threat actors primarily utilize Emotet is as a dropper, or downloader for a Cobalt Strike beacon, which deploys a payload allowing threat actors to take over networks and execute ransomware operations.”
READ THE STORY: The Cyberwire
US Puts Various Sanctions On Hacking Group Connected To IRGC
FROM THE MEDIA: Multiple sanctions were imposed as a result of the accused’s ransomware operations in a recent action taken by the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury. Ten people and two shell organizations that have a history of extorting US firms and infrastructure providers have been sanctioned, making it illegal to conduct any transaction with them, whether in bitcoin or not.
READ THE STORY: The Coin Republic
International cooperation is key to fighting threat actors and cybercrime
FROM THE MEDIA: In this era of cybersecurity, when nation-state digital attacks and cybercrime quickly cut across country borders and create global crises, international cooperation has become an urgent priority. The need for global collaboration to cope with various pressing threats, from electronic espionage to ransomware attacks on critical infrastructure, is imperative to prevent economic and social disasters, top cybersecurity professionals and government officials say.
READ THE STORY: CSO
Employees exposed to rogue apps & BOTS daily
FROM THE MEDIA: Cybercriminals deploy rogue applications and BOTS that look and feel like corporate applications to steal employee credentials and gain access to sensitive classified information stores and their backups. The fraudulent apps impersonate legitimate programs by copying the names, logos, and other details to direct people to malicious portals and websites that look and feel like original brands. One unsuspecting employee can make way for the loss of sensitive, classified, or personally identifiable information. In several cases, the criminals succeed in ransomware and seek to damage the reputation of the brands.
READ THE STORY: Newswires
India must condemn Uyghur genocide by China
FROM THE MEDIA: Expressing deep concerns over rising human rights violations in China, Human Rights activists globally have urged democracies, including India, to condemn and impose sanctions on Communist China and its leadership for its unabated genocide of and persecution of Uyghurs in East Turkistan, called Xinjiang. At an online event organized by Delhi-based think-tank Law and Society Alliance, the activists also criticized former High Commissioner of the United Nations Human Rights Office Michele Bachelet for protecting the Chinese administration from criticism over such violations during her tenure that ended on August 31.
READ THE STORY: Asianet Newsable
Activists fear rising surveillance from Asia's Digital Silk Road
FROM THE MEDIA: The drones were hard to avoid: they buzzed low over the crowd of protesters holding banners and shouting slogans outside the NagaWorld casino in the Cambodian city of Phnom Penh, then hovered above each of the speakers as they called for justice. As hundreds of workers went on strike outside the glass and chrome towers of the firm's hotel and casino complex, demanding the reinstatement of nearly 400 employees who were laid off last year, armed riot police and surveillance cameras kept watch.
READ THE STORY: The Hindu
Items of interest
Escalation Management and Nuclear Employment in Russian Military Strategy
FROM THE MEDIA: Editor’s Note: After the Russian military collapse in and around Kharkiv Oblast, there is now renewed concern that Russian leaders could behave unpredictably and use nuclear weapons to halt the Ukrainian offensive, or to intimidate the leadership in Kyiv to settle the conflict on terms favorable to Moscow. In June 2020, Anya Fink and Michael Kofman took to our pages to explain Russian nuclear doctrine, including how strategists in Moscow view the use of strategic and nonstrategic weapons to terminate a conflict, or to deter NATO intervention in a regional war. This is a lightly revised and updated version of that article. Don’t miss our members-only podcast with Dr. Fink and ourcomprehensive guide to Russia’s war against Ukraine.
Academics and arms control wonks are poring over the painfully worded text of a new Russian policy, reading the tea leaves for insights into Russian nuclear strategy. But don’t mistake this new policy document for revelations of plans, or a disclosure on the nuances of Russian nuclear strategy. Declaratory policies should be taken for the contrived signaling documents that they are, seeking to deter with ambiguity.
On June 2 Russia released the Principles of State Policy of the Russian Federation in the Sphere of Nuclear Deterrence. Characteristically, the long and awkwardly worded title preceded a brief six-page declaratory policy that is intentionally ambiguous on key considerations, substantiating a spectrum of nuclear employment options and strategies. True to its word, the policy offers some basic principles, wrapped in normative language to forearm Russian arms control negotiators, but its contents will not settle the debate on Russian nuclear strategy anytime soon.
READ THE STORY: War On the Rocks
Sim Swapping Attacks & How to Avoid Them (Video)
FROM THE MEDIA: In this episode, we explore what a sim swap attack is and how to prevent them!
Is Skynet watching you already? (Video)
FROM THE MEDIA: The machines are already tracking and watching you. And they're influencing you. The future looks bleak. Do you really want to live in a Skynet world?
se open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com