Sunday, Sept 25, 2022 // (IG): BB // Sponsor: Buy me a whiskey
US and Russia engage in a digital battle for hearts and minds
FROM THE MEDIA: New York, Sep 25 (The Conversation) The battle over Ukraine extends across the world: Information warfare is quickly evolving as key nations seek to influence public opinion and gain political support. As during the Cold War, Russia and the United States are the two main combatants. Some efforts are clandestine, but plenty of material is broadcast to the public as each country attempts to, in the words of political linguists, “constrain the power and influence of the other … and win ‘hearts and minds’ … around the world”.
READ THE STORY: The Print
Threat Actors Attack Telecom, ISP, & Universities Using Cross-platform Malware
FROM THE MEDIA: There have been multiple reports of attacks targeting multiple sectors of the Middle East and Africa by an unknown threat actor that has previously gone undocumented and whose origin is unknown. As part of its pursuit of espionage interests, the threat actor has mostly focused on developing cross-platform malware for the purpose of obtaining information. Moreover, long-term access and a limited number of intrusions are hallmarks of the campaign.
READ THE STORY: Cyber Security News
Multi-Factor Authentication Fatigue Key Factor in Uber Breach
FROM THE MEDIA: Earlier this week, Uber disclosed that the recent breach it suffered was made possible through a multi-factor authentication (MFA) fatigue attack where the attacker disguised themselves as Uber IT. MFA attacks are a form of social engineering consisting in spamming a target with repeated MFA requests until they eventually authorize access. This kind of attacks is possible when the threat actor has gained access to corporate login credentials but cannot access the account due to multi-factor authentication.
READ THE STORY: InfoQ
Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
FROM THE MEDIA: Crooks spreading the Noberus ransomware are adding weapons to their malware to steal data and credentials from compromised networks. An extensively updated version of the Exmatter data exfiltration tool was seen last month being used with Noberus in ransomware infections, and at least one affiliate using Noberus was detected using Eamfo, the info-stealing malware that connects to the SQL database where a victim's Veeam backup software installation stores credentials, according to researchers in Symantec's Threat Hunting Team.
READ THE STORY: The Register
Personal data of celebrities including Jeremy Clarkson, the Duchess of York, and Sir David Attenborough is leaked on the dark web after Russian ransomware attack on luxury organic farm shop
FROM THE MEDIA: The personal details of the Duchess of York, Jeremy Clarkson and Sir David Attenborough have been leaked by Russian criminals who hacked into the database of luxury food firm Daylesford, The Mail on Sunday can reveal. The King’s cousin Lady Sarah Chatto, Tim Henman and snooker star Ronnie O’Sullivan are among the other celebrity clients whose details have been posted on the so-called dark web – a hidden part of the internet used by criminals. Experts warned the hack was ‘a wake-up call’ amid growing concern about Kremlin cyber attacks on Britain.
READ THE STORY: Daily Mail
In a first, Quad moves to act against cyberattacks coming from China-led axis
FROM THE MEDIA: Targeting state-sponsored cybercrime emanating from China, Russia and Iran, Foreign Ministers of the Quad grouping have come out with a joint “statement on ransomware” — a first of its kind — announcing that they have decided to act against malicious cyber activity against critical infrastructure. The joint statement was issued after External Affairs Minister S Jaishankar met counterparts Antony Blinken of the US, Penny Wong of Australia and Hayashi Yoshimasa of Japan on the sidelines of the UN General Assembly session in New York Friday.
READ THE STORY: Indian Express
FBI Busts Russian-Linked Cybercrime Group Behind Colonial Pipeline Attack
FROM THE MEDIA: The FBI has recognized the guilty party behind the ransomware assault against Pilgrim Pipeline The agency had the option to do it with the assistance of Chainalysis’ crypto-tracer programming Chainalysis has been working with the public authority in settling crypto violations The U.S.Federal Bureau of Investigation (FBI), with the assistance of blockchain examination firm Chainalysis, has at long last busted the group behind the Pilgrim Pipeline ransomware assault in May 2021, which ended up being the Russian-connected cybercrime bunch DarkSide.
READ THE STORY: The Coin Republic
Uber and Rockstar – has a LAPSUS$ linchpin just been busted (again)
FROM THE MEDIA: The name was somewhat unusual for a cybercrime crew, who commonly adopt soubriquets that sound edgy and destructive, such as DEADBOLT, Satan, Darkside, and REvil. As we mentioned back in March, however, lapsus is as good a modern Latin word as any for “data breach”, and the trailing dollar sign signifies both financial value and programming, being the traditional way of denoting that BASIC variable is a text string, not a number. The gang, team, crew, posse, collective, gaggle, call it what you will, of attackers apparently presented a similar sort of ambiguity in their cybercriminality.
READ THE STORY: Naked Security
Covid antigen test results of 1.7m Indian and foreign nationals leaked online
FROM THE MEDIA: An Elasticsearch server belonging to a healthcare software provider in India is currently exposing the Covid antigen test results of Indians and foreign nationals who traveled to or from India in the last couple of years. It is worth noting that these tests were taken through a rapid antigen kit known as Covi-Catch. Covi-Catch is an Indian Council of Medical Research (ICMR) approved self-testing kit for COVID-19.
READ THE STORY: HackRead
Optus Cyber Attack Potentially Exposes Sensitive Customer Information
FROM THE MEDIA: Optus, owned by Singapore Telecommunications Limited (STL) says that it’s own mobile and broadband services were not hacked in the incident, but some customer information was leaked. Emsisoft threat analyst Brett Callow posted a screenshot on Twitter showing what he said was a database of 1.1 million Optus customers’ names, email addresses, and mobile numbers. According to Optus CEO Kelly Bayer Rosmarin the telco took steps to block the attack and begin an immediate investigation as soon as it became aware of the breach and is now cooperating with the Australian Cyber Security Centre to safeguard its customers.
READ THE STORY: Tech Business News
Teen arrested over Rockstar intrusion had prior hacking charges
FROM THE MEDIA: A British teenager who was arrested over criminal hacking allegations on Thursday had been charged with criminal computer-related activity earlier this year, The Desk has learned. The 17-year-old, whom The Desk is only identifying by his initials “A.K.” because of his age, was detained at his home in Oxfordshire late Thursday evening. He is being held in custody on suspicion of a massive cyber intrusion against video game developers Rockstar Games and Take Two Interactive that saw material related to a forthcoming “Grand Theft Auto” game leaked on the Internet.
READ THE STORY: The Desk
Quad nations vow to assist each other in action against malicious cyber activities
FROM THE MEDIA: The leaders of India, the United States, Japan and Australia collectively called Quad took a vow on Saturday to assist each other in ensuring the security and resilience of regional cyber infrastructure. he leaders of the four countries issued a joint statement on the matter after holding a meeting on the sidelines of the UN General Assembly session in New York. The statement was issued by External affairs minister S Jaishankar and his counterparts Penny Wong of Australia, Hayashi Yoshimasa of Japan and US Secretary of State Tony Blinken called on states to take reasonable steps to address ransomware operations emanating from within their territory.
READ THE STORY: India Today
ISC fixed high-severity flaws in the BIND DNS software
FROM THE MEDIA: The Internet Systems Consortium (ISC) this week released security patches to address six remotely exploitable vulnerabilities in BIND DNS software. Four out of six flaws, all denial-of-service (DoS) issue, have been rated as ‘high’ severity. One of the issues, tracked as CVE-2022-2906 (CVSS score 7.5), is a memory leak in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only). Another flaw, tracked as CVE-2022-38177, is a memory leak in ECDSA DNSSEC verification code. An attacker can trigger the vulnerability through a signature length mismatch.
READ THE STORY: Security Affairs
The SBU exposed FSB agents in the Donetsk region and Dnipro: one of them was working for the enemy from prison
FROM THE MEDIA: In the course of a multi-stage special operation, the Security Service neutralized another interregional agent network of the Russian Federation, which was correcting enemy fire in the front-line areas of eastern and southern Ukraine. For example, in the Donetsk region, two Russian agents handed over to the occupiers the locations of the units of the Armed Forces of Ukraine, including the location of the combat positions of the HIMARS reactive artillery systems. It is established that FSB representatives recruited the informants after a full-scale invasion. They came to the attention of the special services of the Russian Federation because of their pro-Kremlin views, which they repeatedly “advertised” among those around them.
READ THE STORY: Odessa Journal
Murky web of online and offline ‘regime change’ plotters targeting Iran
FROM THE MEDIA: Believing the prospect to be a major risk in the near future, as part of this joint effort, the Chinese leader offered to train 2,000 specialist police officers at a regional training center in order to “strengthen law enforcement capacity building” among member nations. His comments were eerily serendipitous, for, within hours, hordes of demonstrators took to the streets of Tehran and other major Iranian cities, indulging in violence and vandalism. A week on, despite several million-strong counter-demonstrations by government supporters and arrests of key agitators, the unruly and directionless protests show little sign of abating.
READ THE STORY: PressTV
The Development of Artificial Intelligence in China: Advantages and terms of development
FROM THE MEDIA: Artificial intelligence in China is facing unprecedented development opportunities and has many advantages in terms of development. Let us make a few considerations in this regard. Significant progress has been made in the IT environment and the technological level of human society between big data, cloud computing and the Internet, which are closely related to AI and have developed quickly. AI has started to have a significant impact on the structure of human society and the dual human-machine environment is gradually developing into the third human-machine-intelligent machine environment. The cooperation and coexistence of humans, machines and intelligent machines will become the new normal of the social structure. Such harmonious coexistence is hopefully not only a need for social development, but also provides a distinct place for AI.
READ THE STORY: Modern Diplomacy
Biggest psy-ops in recent times: Why Xi Jinping's 'house arrest' trended on Twitter
FROM THE MEDIA: This was psychological warfare at its best. The world found Xi Jinping trending on Twitter on Saturday (the third top trend in India), albeit for reasons that did not make the Chinese happy. Twitter was full of unverified rumours about Xi being placed under house arrest in a palace coup. The reports said the Chinese president was detained after CCP seniors removed him as head of the People's Liberation Army (PLA). The coup reports emerged after Xi’s return from Samarkand in Uzbekistan for the Shanghai Cooperation Summit (SCO).
READ THE STORY: The Week
Russia had ‘no choice’ but to launch ‘special military operation’ in Ukraine, Lavrov tells UN
FROM THE MEDIA: The operation launched on 24 February had been carried out to protect Russians living in Ukraine’s Donetsk and Luhansk regions, and eliminate threats to Russian security, said Mr. Lavrov, that the EU and United States-led NATO military alliance had consistently created in the territory, since what he described as the “bloody coup” by the current “Kyiv regime”, in 2014. “I am convinced that any sovereign, self-respecting State would do the same in our stead, which understands its responsibility to its own people.”
READ THE STORY: UN
Shanghai Cooperation Organization summit could herald an approaching cold war
FROM THE MEDIA: Formed in 2001, the Shanghai Cooperation Organization (SCO) is an economic and political partnership helmed by China and Russia, and at the SCO summit last week, several countries including Iran, Turkey, and Myanmar announced their plans to join the partnership. With two major authoritarian governments at the wheel, the SCO promotes political and infrastructural strategies to maintain a protectionist attitude toward trade and social control over the countries’ citizens, and, as MIT Technology Review explains, this includes the use of technology that supports what experts call “digital authoritarianism.”
READ THE STORY: The Cyberwire
In Moscow, Putin’s ‘invisible war’ is now impossible to hide
FROM THE MEDIA: Until this week, Vladimir Putin’s Ukraine war had been almost completely invisible to most Muscovites. Prominent ‘Z’ signs – the war’s symbol – had disappeared from awnings, shop windows and even private cars in Russia’s capital by April. Closed-down branches of McDonald’s and Starbucks were replaced by local lookalike clones. Restaurants, cafes and nightclubs continued a roaring trade.
READ THE STORY: The Telegraph
The latest numbers on the microchip shortage: Automakers cut back
FROM THE MEDIA: Unrelenting microchip shortages have taken 96,700 more vehicles out of automaker production schedules around the industry. According to the newest estimate by AutoForecast Solutions, plants in every region of the world are sharing the pinch at the moment, including China, which had largely managed to steer through the crisis earlier in the year. Chinese plants trimmed 8,200 vehicles out of their schedules for the week, according to AFS, bringing their total lost production for the year so far to 167,600 vehicles. But in the same period of 2021, China had lost 10 times that number.
READ THE STORY: Autozone News (SN)
New security measures to be unveiled following massive Optus data
FROM THE MEDIA: On Saturday, Clare O’Neil and several of her federal ministerial colleagues met with the Australian Signals Directorate and the Cyber Security Centre to discuss the fallout from the devastating cyber-hack. Under the changes to be announced in coming days, banks and other institutions would be informed much faster when a data breach occurs at a company like Optus, so personal data can’t be used to access accounts. The ABC has been told the first step to occur will be directing Optus to hand over customer data to the banks so financial institutions can upgrade security and monitor customers who’ve had their personal details stolen.
READ THE STORY: ABC AU (SN)
Items of interest
Optus hack is the new norm
FROM THE MEDIA: Recent Commonwealth government legislation relating to the security of critical national infrastructure is a positive step forward, but it is hardly a silver bullet that assures our national cyber security. We’ve had prime ministers, business leaders, senior bureaucrats and other commentators warn of the potential for serious cyber-attacks and encourage the implementation of cyber-security measures. There have been countless articles, discussion papers and other publications that recommend particular security methods, tools and techniques.
READ THE STORY: Financial Review (SN)
Why Corruption is China's Secret Weapon (Video)
FROM THE MEDIA: A huge part of this video is based on Yuen Yuen Ang’s great book “China's Gilded Age: The Paradox of Economic Boom and Vast Corruption”.
How To Build Community (Video)
FROM THE MEDIA: What are the business fundamentals to building an online community? How do you choose the right platform to grow in? How do you even begin growing your community?
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com