Monday, October 10, 2022 // (IG): BB // INTSUM // Coffee for Bob
South Korea relieved US China chip ban won't bite, as Beijing fumes
FROM THE MEDIA: South Korean chipmakers Samsung and SK hynix have reportedly reacted cautiously to the Biden administration's severe bans on certain chip tech reaching China. On Saturday the nation's Industry Ministry published an assessment of the bans and reasoned the impact on local companies should be limited. But the Ministry also noted that chip plants in China operated by South Korean giants Samsung and SK hynix are still subject to review under the United States' revised export controls, making it important to minimize uncertainty through ongoing consultation with US authorities to ensure Korean firms remain on the right side of regulations.
READ THE STORY: The Register // ET
Solana Phantom security update NFTs push password-stealing malware
FROM THE MEDIA: Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. This ongoing attack started two weeks ago, with NFTs titled 'PHANTOMUPDATE.COM' or 'UPDATEPHANTOM.COM' sent that claim to be warnings from the developers of Phantom.
READ THE STORY: Bleeping Computer
Ukraine and EU explore deeper cyber collaboration
FROM THE MEDIA: Officials from Ukrainian cyber agency the State Service of Special Communications and Information Protection (SSSCIP) and its European Union (EU) counterpart, the EU Agency for Cybersecurity (ENISA), have held high-level talks in Athens with the objective of developing deeper cooperation on cyber issues during the ongoing Russian invasion.
READ THE STORY: Computer Weekly
China's cyber assault on Taiwan
FROM THE MEDIA: In August, as China captured the world's attention with its large-scale military exercises off Taiwan, another offensive was taking place more subtly in the digital realm. Across social media, fabricated stories claimed that China was evacuating its citizens from Taiwan and missiles were targeting a local airport, just days after U.S. House Speaker Nancy Pelosi had arrived on the island. At the same time, messages appeared on hacked digital signage in 7-Eleven convenience stores throughout Taiwan that had been changed to read: "Warmonger Pelosi, get out of Taiwan!" At a train station in the southern port city of Kaohsiung, altered digital signs called Pelosi "an old witch."
READ THE STORY: CBS NEWS
Singtel-owned IT services provider Dialog hit by Windows ransomware
FROM THE MEDIA: Security sources have told iTWire that the attack on Dialog was carried out using the Agenda ransomware that runs only on Windows systems. This is the second breach in recent days to affect Singtel's properties. On 22 September, Optus, Australia's second biggest telco which is also owned by the Singapore firm, announced a massive breach that was initially said to affect nearly 10 million customers. On Monday morning, data stolen from Singtel on 20 January last year, during an attack through a file-sharing system from Accellion that was close to end-of-life at the time, surfaced on a forum on the clear Web.
READ THE STORY: iTwire
Mastercard moves to protect 'risky and frisky' crypto transactions
FROM THE MEDIA: Supposedly ingenious schemes to revolutionize the finance industry with crypto are not hard to find – nor are their failures. And scarcely a day passes on which a cryptocurrency venture's infosec is not found wanting. That sad situation is causing financial institutions sufficient pain that Mastercard thinks the time is ripe for a service that helps lenders to understand if their customers' crypto purchases are dangerous. MasterCard has named its effort Crypto Secure and says it "allows [card issuers] to better assess the risk profile of crypto exchanges or other providers."
READ THE STORY: The Register
Darkweb market BidenCash gives away 1.2 million credit cards for free
FROM THE MEDIA: A dark web carding market named 'BidenCash' has released a massive dump of 1,221,551 credit cards to promote their marketplace, allowing anyone to download them for free to conduct financial fraud. Carding is the trafficking and use of credit cards stolen through point-of-sale malware, magecart attacks on websites, or information-stealing malware. BidenCash is a stolen cards marketplace launched in June 2022, leaking a few thousand cards as a promotional move.
READ THE STORY: Bleeping Computer
Intel Confirms Alder Lake BIOS Source Code Leak, New Details Emerge
FROM THE MEDIA: We recently broke the news that Intel's Alder Lake BIOS source code had been leaked to 4chan and Github, with the 6GB file containing tools and code for building and optimizing BIOS/UEFI images. We reported the leak within hours of the initial occurrence, so we didn't yet have confirmation from Intel that the leak was genuine.
READ THE STORY: TH
Pinnacle attack a reminder cyber-crime here to stay
FROM THE MEDIA: Kiwis, Australians and Americans have received fresh wake-up calls over the dangers posed by cyber-attacks. Primary health provider Pinnacle Health, which runs dozens of general practices in Waikato and the Bay of Plenty, confirmed on Wednesday that hackers had managed to steal personal information supplied by some of its patients. The incident bore the hallmarks of a ransomware attack, though Pinnacle did not immediately confirm that.
READ THE STORY: STUFF
Taiwanese chipmaker ADATA refutes RansomHouse gang's data theft claim
FROM THE MEDIA: ADATA Technology Co. Ltd. is a leading Taiwanese memory and storage chip maker, primarily manufacturing DRAM modules, USB Flash drives, hard disk drives, solid-state drives, memory cards, and mobile accessories. In the last quarter, sales of DRAM modules and SSD products accounted for 45% and 34.8% of its overall sales, respectively. The RansomHouse gang recently listed ADATA as its latest victim, claiming that it stole about 1 TB of data from the company’s servers in a recent hack. While the gang did not clarify the nature of the stolen information, the sample data posted online suggests that the data is related to the company’s research.
READ THE STORY: TEISS
What Is the Wacatac.B!ml Trojan? How to Remove It From Windows
FROM THE MEDIA: Did Windows Defender warn you during a routine security scan that it detected a threat named Trojan:Script/Wacatac.B!ml? Is it stating that Windows Defender has attempted to remediate the threat but that it was not successful, and further action is required? If so, your computer has been infected with the Wacatac Trojan, which Windows Defender has been unable to remove automatically. In this article, we will discuss the Trojan in more detail, how it infects your computer, and what you should do when it shows up.
READ THE STORY: MUO
Recent software supply chain cyber incidents linked to LofyGang
FROM THE MEDIA: Several recent software supply chain cyber incidents have been linked to the LofyGang threat group by researchers at leading software security company Checkmarx. The researchers discovered around 200 malicious packages and several classes of malicious payloads, general password stealers, and Discord–specific persistent malware, with thousands of installations linked to LofyGang, which has been operating for over a year. According to Checkmarx, some were integrated into the package, and others downloaded the malicious payload from c2 servers while running. Sonatype, Jfrog, and Securelist discovered that some of those packages had been noted in three distinct incident reports this year.
READ THE STORY: TEISS
Why Russia is cheering on the Burkina Faso coup
FROM THE MEDIA: Although fairly small in number, it has prompted speculation that there may have been some Russian involvement in the events that saw Captain Ibrahim Traoré seize power in a nation beset by growing jihadist violence. Yevgeny Prigozhin, an oligarch close to Russian President Vladimir Putin and the founder of the Wagner Group - a shadowy mercenary organisation active in several African countries - congratulated the young junta leader, describing him as "a truly worthy and courageous son of his motherland".
READ THE STORY: BBC
Explained: What is Quantum technology? How it promises to reinforce cyber security?
FROM THE MEDIA: Experts say that quantum technology will reinforce cyber safety, enhance health services, secure our financial transactions and above all will bring superfast computing capability in our system which is currently present only in huge supercomputers. Termed as the future of the Internet, scientists are looking at quantum technology as one with potential of providing enormous computational power. This year’s Nobel Prize for Physics went to the trio of Alain Aspect, John F. Clauser and Anton Zeilinger for their research into the rapidly emerging technology.
READ THE STORY: HT
Australian fruit company Costa Group experiences ‘malicious’ cyberattack
FROM THE MEDIA: Another Australian company has been targeted in a “malicious” cyberattack with fears sensitive information about potentially several thousand employees has been leaked. Avocado and berry grower Costa Group said there was a “risk that personal sensitive information of workers on Costa’s Australian berry farms may have been accessed”, including passport, bank account and superannuation details, as well as tax file numbers. The ASX-listed horticulture business is the latest Australian company to become a casualty of a cyberattack, warning it had experienced “a malicious and sophisticated” phishing attack on its server, which holds data for the company’s berry operations.
READ THE STORY: news.com.au
Weaponizing a partnership: A more aggressive China is making Pentagon more willing to open Armory for India
FROM THE MEDIA: The China challenge is proving to be the X factor in bringing India and the US closer, especially in terms of defense cooperation. Despite concerns over the US' recent $450 million F-16 package to Pakistan, if all goes well, military officials will be discussing and collaborating in areas deemed verboten just a year ago - cyber and space defense, and artificial intelligence (AI). The Pentagon has proposed a comprehensive 'India-US Emerging Defense Capability Dialogue', which will combine different dialogues to create one talk shop with a clear, definite direction.
READ THE STORY: ET
Experts: Russia has ways to spread propaganda
FROM THE MEDIA: Russia has devised yet another way to spread disinformation about its invasion of Ukraine, using digital tricks that allow its war propaganda videos to evade restrictions imposed by governments and tech companies. Accounts linked to Russian state-controlled media have used the new method to spread dozens of videos in 18 languages, all without leaving telltale signs that would give away the source, researchers at Nisos, a U.S.-based intelligence firm that tracks disinformation and other cyber threats, said in a new report.
READ THE STORY: Kearney Hub
Pro-Russian hacker group Killnet targeting the websites of US state governments
FROM THE MEDIA: The Killnet hacker group has claimed responsibility for temporarily disabling websites run by the governments of Colorado, Connecticut, Kentucky, Mississippi, and Missouri. Among these is the Kentucky Board of Elections’ website which provides information on how to register to vote.
In a statement shared with CNN, Carlos Luna, the general manager of Kentucky Interactive, a contractor that manages Kentucky government websites, said, “Some Kentucky.gov state websites have been experiencing abnormal traffic, resulting in intermittent interruptions. We continue to investigate and are working with the Commonwealth to mitigate the issue.”
READ THE STORY: TEISS
Jam, spoof and spy: US Army looks to energize electronic warfare
FROM THE MEDIA: The U.S. Army is looking to air- and ground-launched platforms, such as drones, to more effectively wage electronic warfare, amid a Pentagon push to modernize arsenals and the expectation that long-held technology investments are set to pay off. Officials involved in the effort point to two experiments: air-launched effects, or ALE; and ground-launched effects, or GLE. By outfitting them with kit capable of jamming, spoofing or collecting intelligence, the platforms could help deter and neutralize technologically advanced adversaries, such as China and Russia, during a conflict.
READ THE STORY: Yahoo News
Starlink Terminals May Provide Internet Uplink via Cell Towers for More to Connect in Ukraine
FROM THE MEDIA: Elon Musk wants to help Ukraine, and the tech CEO has been contemplating how to do it over the weekend as he revealed it to the world, with one of its services, Starlink, already running in the country. There is only an approximation of 25,000 terminals of Starlink present in Ukraine now, but Musk suggests a way to expand the experience for more to utilize. Despite only owning one Starlink terminal for an area, many will be able to use it via an internet uplink using a cell tower.
READ THE STORY: TECH Times
Taiwan’s president calls for unity to tackle Chinese disinformation ahead of elections
FROM THE MEDIA: Taiwan’s president has called for domestic political unity to combat Chinese disinformation and cyberwarfare destabilizing society ahead of next month’s local elections. Addressing crowds at Taiwan’s de facto national day on Monday, Tsai Ing-wen said Taiwan had to grow its resilience and international standing in the face of China’s growing authoritarianism. She warned Beijing that Taiwan would not give up its democracy or sovereignty, but she remained willing to restart communications – which China cut off after her election in 2016.
READ THE STORY: The Guardian
Law and the killing of a Russian propagandist
FROM THE MEDIA: Can a person identified as a journalist or political commentator who nevertheless spreads hateful propaganda and disinformation be legally targeted in war? That is one of many questions to be considered following the recent killing of a Russian nationalist. Here’s the context: a front-page story in the October 5th edition of the New York Times alleges: United States intelligence agencies believe parts of the Ukrainian government authorized the car bomb attack near Moscow in August that killed Daria Dugina, the daughter of a prominent Russian nationalist, an element of a covert campaign that U.S. officials fear could widen the conflict.
READ THE STORY: Lawfire
Transit Swap ‘hacker’ returns lion’s share of $23M in stolen funds
FROM THE MEDIA: The TranitSwap hacker that got away with $23 million has returned 70% of the stolen funds. The return was possible due to quick actions from on-chain data analytic firms who managed to find the hacker’s IP address and other personal details. Another research report from Elliptic suggests that DeFi bridges and decentralized exchanges (DEX) have become a new frontier for crypto laundering. Bitcoin.com CEO Dennis Jarvis believes that Bitcoin can be a bridge that leads users to the decentralized finance space.
READ THE STORY: Investing
Iran State TV Is A Propaganda Machine, Says Critic In Tehran
FROM THE MEDIA: Amid ongoing crisis in Iran ‘reformist’ commentator Abbas Abdi has said in an interview that what Iran's state-run television broadcasts is sheer propaganda." Those who are looking for news in Iran will not turn to the state TV, Abdi argued. Ironically, when hackers interrupted the state TV news program October 8, playing a short clip, most Iranians found out about it through social media reports or on foreign-based satellite TV rather than watching the actual program on the state TV.
READ THE STORY: Iran International
Iran state TV hacked with image of supreme leader in crosshairs
FROM THE MEDIA: Hackers supporting Iran's wave of women-led protests interrupted a state TV news broadcast with an image of gun-sight crosshairs and flames over an image of Supreme Leader Ayatollah Ali Khamenei, in footage widely shared online on Sunday. In other anti-regime messages, activists have spray-painted "Death to Khamenei" and "The Police are the Murderers of the People" on billboards in Tehran.
READ THE STORY: Jordan Times
Internet Outages, Arrests, And Anger Overwhelm Iran
FROM THE MEDIA: Predominantly led by Iranian women and youth, protests have shaken the country for more than a month while government security forces allegedly arrest schoolchildren, hackers interrupt a TV news broadcast, and internet outages continue to disrupt daily life. The demonstrations, which emerged on September 17 in the wake of the death of 22-year-old Mahsa Amini, who died while in the custody of the nation’s morality police, have led to the deaths of nearly 200 people, at least 19 of whom were children, according to Iran Human Rights.
READ THE STORY: VanityFair
Items of interest
Who is Julian Assange and why does America hate him so much
FROM THE MEDIA: Over the weekend, here in Australia and in the UK, thousands of well-meaning protesters lined up to support calls for the release of a high-profile computer hacker named Julian Assange.
Assange has been an internationally renowned hacker, active since he was 16 years of age — using the ‘handle’ Mendax and pleading guilty in 1996 to 24 charges of hacking into the Melbourne computers of Canadian telecommunications company Nortel. He was fined and released on a good behavior bond. Assange has now spent three years in a British jail pending extradition to the US on hacking charges. Meanwhile, his public defense has been hijacked by political activists running a press freedom campaign. His celebrity lawyers have lost a series of court cases to stop his extradition.
READ THE STORY: TND
EP000: Operation Aurora (Video)
FROM THE MEDIA: An inside look at the historic attack where Google’s network was breached by a foreign government trying to access the Gmail accounts of human rights activists. In the wake of the breach, Google revolutionized its approach to security - overhauling everything and developing highly specialized teams of elite experts to stay ahead of the ever-evolving threat landscape.
EP001: Threat Analysis Group (Video)
FROM THE MEDIA: Equipped with custom Google Search algorithms and a digital library of the most malicious exploits, the Threat Analysis Group has helped stop some of the most insidious and consequential threats to Google, its users, and the internet at large. Their deep understanding of attackers helps keep billions of users safe.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com