Saturday, November 05, 2022 // (IG): BB // Bubba3dPrints // Coffee for Bob
Putin knows that undersea cables are the west’s Achilles heel
FROM THE MEDIA: Late last month, the undersea cable that supplies internet to the Shetland Islands was cut in two places. Such incidents are usually accidents, but the presence of a Russian underwater research ship, and the recent trio of underwater explosions that severed the Nordstream gas pipeline, make Moscow sabotage far more plausible. Ever since the collapse of the Soviet Union, the west has been able to luxuriate in security through technical superiority. Nato comprehensively outcompeted the Warsaw Pact.
READ THE STORY: FT
Review Of “Chip War: The Fight For The World’s Most Critical Technology”
FROM THE MEDIA: From COVID-related microchip shortages, to the recently-passed CHIPS Act, to the latest round of Commerce Department export controls targeting China, the topic of semiconductors – and who makes them – is more relevant than ever. Many are familiar with the importance of the global chip ecosystem, and how it impacts their lives. But few know the remarkable history surrounding the semiconductor industry, and the trajectory of where it could be going. Enter Chip War, a fascinating new book by Chris Miller, a professor at Tufts University’s Fletcher School and a fellow at the American Enterprise Institute.
READ THE STORY: Forbes
Microsoft accuses China of abusing vulnerability disclosure requirements
FROM THE MEDIA: Microsoft on Friday accused state-backed hackers in China of abusing the country’s vulnerability disclosure requirements in an effort to discover and develop zero-day exploits. In July 2021, the Cyberspace Administration of China (CAC) issued stricter rules around disclosing vulnerabilities for companies operating within its borders. Concerns that the Chinese military would exploit vulnerabilities before reporting them more broadly was an integral part of the investigation into the handling of the widespread Log4j vulnerability.
READ THE STORY: The Record
Russian missile strikes overshadow cyberattacks as Ukraine reels from blackouts
FROM THE MEDIA: Russia has pummeled Ukrainian cities with missile and drone strikes for much of the past month, targeting civilians and large swaths of the country’s critical infrastructure. By Monday, 40% of Kyiv residents were left without water, and widespread power outages were reported across the country. On Thursday, Ukrainian President Volodymyr Zelensky accused Russia of ‘energy terrorism’ and said that about 4.5 million Ukrainian consumers were temporarily disconnected from the power supply.
READ THE STORY: CNN
Biden’s hugely consequential high-tech export ban on China, explained by an expert
FROM THE MEDIA: One month ago, the US Commerce Department issued an exceptionally broad set of prohibitions on exports to China of semiconductor chips and other high-tech equipment. The very technical nature of the export controls might obscure just how consequential this new policy could be — perhaps among the most important of this administration. The new rules appear to mark a major shift in the Biden administration’s China strategy, and present a substantial threat to high-tech industries in China, including military technology and artificial intelligence.
READ THE STORY: VOX
Weary of crackdown, Iran's regime takes on citizen journalists
FROM THE MEDIA: Covering the anti-regime protests in Iran has taken a heavy toll on journalists across the country, as the Islamic Republic wages a ruthless crackdown. Since the protest movement erupted in September, when 22-year-old Mahsa Amini died in police custody after being arrested for breaching Iran's strict dress code for women, Iranian authorities have detained, injured, and killed hundreds of protesters in an effort to snuff out the demonstrations. They have also targeted journalists and the free flow of information.
READ THE STORY: ABC NEWS
Cyberattack Disrupts Trains in Denmark
FROM THE MEDIA: According to Danish broadcaster DR, all trains operated by DSB, the largest train operating company in the country, came to a standstill on Saturday morning and could not resume their journey for several hours. While this may sound like the work of a sophisticated threat actor that targeted operational technology (OT) systems in an effort to cause disruption, it was actually the result of a security incident at Supeo, a Danish company that provides enterprise asset management solutions to railway companies, transportation infrastructure operators and public passenger authorities.
READ THE STORY: Data Breaches
RomCom RAT targets Ukraine and possibly English-speaking countries
FROM THE MEDIA: Researchers on Wednesday reported that the RomCom threat group has been running a series of new attacks via a remote access trojan (RAT) that leverage the brands of SolarWinds, KeePass, and PDF Technologies. In a blog post, BlackBerry researchers said while RomCom has primarily been targeting Ukraine, they believe that some English-speaking countries have been targeted, including the United Kingdom.
READ THE STORY: SCMAG
TikTok Admits Staff in China Can Access Europeans’ Data
FROM THE MEDIA: Open internet proponents were relieved last month when an American candidate beat a Russian challenger in an election to run the International Telecommunications Union, an important international standards body tasked with cross-boundary communications. Meanwhile, though, we took a look at the fragility of the world’s internet infrastructure and the vulnerability of crucial undersea cables.
READ THE STORY: Wired
IRGC test-launches satellite carrier into suborbital space
FROM THE MEDIA: The test-launch was carried out in the presence of the Commander of the Aerospace Force of the Islamic Revolution Guards Corps (IRGC) Brigadier General Amir Ali Hajizadeh and a group of officials of the country's armed forces on Saturday. 'Ghaem 100' three-stage solid fuel carrier is capable of placing satellites weighing 80 kg into orbit 500 kilometers from the earth's surface.
READ THE STORY: MEHR News Agency
W4SP Stealer Stings Python Developers in Supply Chain Attack
FROM THE MEDIA: Attackers continue to create fake Python packages and use rudimentary obfuscation techniques in an attempt to infect developers' systems with the W4SP Stealer, a Trojan designed to steal cryptocurrency information, exfiltrate sensitive data, and collect credentials from developers' systems. According to an advisory published this week by software supply chain firm Phylum.
READ THE STORY: DarkReading
RomCom Malware Woos Victims With 'Wrapped' SolarWinds, KeePass Software
FROM THE MEDIA: The RomCom threat group is actively using trojanized versions of popular software products, including SolarWinds Network Performance Monitor, KeePass Open-Source Password Manager, and PDF Reader Pro, to target various English-speaking countries — especially the UK — with a remote access Trojan (RAT). It's a departure in tactics, techniques, and procedures for the advanced persistent threat (APT).
READ THE STORY: DarkReading
Israeli Pegasus spyware maker scrambles to survive global scandal
FROM THE MEDIA: Pegasus spyware manufacturer, NSO Group, takes extreme measures while awaiting a worldwide political controversy that threatens its future, to appease creditors holding around $400 million in debt. According to a source with knowledge on the matter, the Israeli company cut 15% of its workforce and raised prices by about 20% to stem a cash bleed that is expected to run into the tens of millions of dollars this year.
READ THE STORY: Almayadeen
Emotet malware operation reemerges from hiatus
FROM THE MEDIA: BleepingComputer reports that the Emotet malware operation has launched new email campaigns spamming email addresses around the world, indicating the botnet's reemergence following a nearly five-month hiatus. Stolen email reply chains have been leveraged by Emotet in the latest email campaign to facilitate malicious Excel attachment distribution, according to Proofpoint threat researcher and Cryptolaemus member Tommy Madjar.
READ THE STORY: SCMAG
Black Basta Ransomware Attacks Linked to FIN7 Threat Actor
FROM THE MEDIA: The individuals behind the Black Basta ransomware have been linked to hacking operations conducted by the FIN7 threat actors. According to a new advisory by SentinelLabs, Black Basta actors have used a custom defense impairment tool (found exclusively in incidents by this specific threat actor) in several instances. "Our investigation led us to a further custom tool [...] an executable packed with UPX [Ultimate Packer for Executables]," SentinelLabs wrote.
READ THE STORY: InfoSecMag
FTC Action Against Drizly and CEO Provides Insight Into Its Security Expectations
FROM THE MEDIA: The FTC recently took action against the online alcohol marketplace company Drizly and its CEO for alleged security failures. The case arose from a 2018 data breach which was caused – according to the FTC – by poor security measures stemming from the company’s alleged failure to devote sufficient resources or attention to data security. According to the FTC, Drizly stored a variety of personal information in its production database.
READ THE STORY: JDSUPRA
Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics
FROM THE MEDIA: Enterprise security executives that perceive nation-state-backed cyber groups as a distant threat might want to revisit that assumption, and in a hurry. Several recent geopolitical events around the world over the past year have spurred a sharp increase in nation-state activity against critical targets, such as port authorities, IT companies, government agencies, news organizations, cryptocurrency firms, and religious groups.
READ THE STORY: DarkReading
How a hacker who stole dat of millions of people was tracked & arrested because picture on Instagram
FROM THE MEDIA: The United States Department of Justice has announced that a Ukrainian programmer has been charged, among other things, with computer and bank fraud in the United States. This is Mark Sokolovsky, one of the key figures behind Raccoon Infostealer, a well-known malware capable of infecting millions of computers. This malware was rented to cybercriminals for $200 per month, paid in cryptocurrency, and installed on victims’ computers through various well-known techniques, including phishing emails. Once inside, the malware stole personal data – email addresses, bank accounts and credit card numbers – to commit financial crimes. The authorities have stated that it is one of the biggest cases of cybercrime in recent years.
READ THE STORY: Security Newspaper
This sneaky hijack malware replaces your crypto addresses with lookalikes
FROM THE MEDIA: A brand new clipper malware has been found taking the theft of cryptocurrency to a whole new level, researchers have claimed. Clippers are a well-known security threat, as they are malware variants that monitor the clipboard of a Windows-powered endpoint(opens in new tab), and when they see that a user copied a cryptocurrency wallet address to the clipboard, they’ll replace it with an address belonging to the attacker.
READ THE STORY: Techradar
Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup
FROM THE MEDIA: The settlement last week in a $100 million lawsuit over whether insurance giant Zurich should cover losses Mondelez International suffered from NotPetya may very well reshape the entire cyber insurance marketplace. Zurich initially denied claims from Mondelez after the malware, which experts estimate caused some $10 billion in damages globally, wreaked havoc on its computer networks.
READ THE STORY: Cyberscoop
Russian missile strikes overshadow cyberattacks as Ukraine reels from blackouts
FROM THE MEDIA: Russia has pummeled Ukrainian cities with missile and drone strikes for much of the past month, targeting civilians and large swaths of the country's critical infrastructure. By Monday, 40% of Kyiv residents were left without water, and widespread power outages were reported across the country. On Thursday, Ukrainian President Volodymyr Zelensky accused Russia of 'energy terrorism' and said that about 4.5 million Ukrainian consumers were temporarily disconnected from the power supply.
READ THE STORY: KTEN
'Monkey Drainer' Steals $800K in CryptoPunks, Otherside Ethereum NFTs
FROM THE MEDIA: Amid a rash of crypto scams that have pilfered millions of dollars’ worth of Ethereum NFTs from unsuspecting users’ wallets, the unknown pseudonymous entity referred to as “Monkey Drainer” has claimed a fresh cache of valuable CryptoPunks and Otherside NFTs. Self-described “on-chain sleuth” ZachXBT—a pseudonymous Twitter user with a history of publishing data on crypto scams and controversial figures.
READ THE STORY: DECRYPT
Binance Accused of Helping Iranian Exchange Bypass Sanctions to the Tune of $8B
FROM THE MEDIA: Binance may have breached money-laundering regulations after data by Chainalysis showed that the world’s biggest crypto exchange has processed around $8 billion in crypto transactions with US-sanctioned Iran. Nearly all of the funds have been traded between Binance and Iran’s biggest crypto bourse, Nobitex. Binance handled around $8 billion in crypto transactions with Iran since 2018, according to blockchain research firm Chainalysis. Almost all of those funds, roughly $7.8 billion, have been exchanged between Binance and Nobitex, the largest crypto exchange in Iran.
READ THE STORY: 24/7 Wallstreet
Former U.S. military pilot arrested in Australia listed same Beijing address as Chinese hacker
FROM THE MEDIA: A former U.S. military pilot arrested in Australia and facing likely extradition to the United States on undisclosed charges listed the same Beijing address as a Chinese businessman jailed in the United States for conspiring to hack U.S. defence contractors' computers, documents show. The Beijing address is listed in Australian company filings for the pilot and a U.S. blacklisting for the Chinese businessman, however, it was unclear whether they used the Beijing address at the same time.
READ THE STORY: Street Insider
Germany Can Afford to Spurn China
FROM THE MEDIA: German Chancellor Olaf Scholz’s visit to Beijing this week has sparked fierce debate over whether Germany is a reliable partner in the West’s strategic competition with China. On both sides of the Atlantic, many see Germany’s export-driven economy as simply too dependent on the Chinese market to strongly confront Beijing on its unfair trade practices, industrial espionage, and human rights abuses. Even hawkish voices in the German parliament view this reliance as rendering Berlin “helpless” in joining any sanctions deployed by the United States and its allies in response to a possible Chinese invasion of Taiwan.
READ THE STORY: FP
How Musk’s takeover might change Twitter: what researchers think
FROM THE MEDIA: When billionaire entrepreneur Elon Musk completed his purchase of Twitter and pledged that “the bird is freed” last week, Felix Ndahinda saw a threat rising on the horizon. Ndahinda has trained in international law and works in Tilburg, Netherlands as a consultant on issues pertaining to conflict and peace in the African Great Lakes region. He has already seen what a ‘free’ Twitter can do.
READ THE STORY: Nature
Red Cross Wants Shielding from Hacks via Digital Emblem
FROM THE MEDIA: The International Committee of the Red Cross (ICRC) is proposing a digital version of its eponymous logo. The idea is that websites and other digital services that sport the “emblem” would gain protection from hacking under international law. It might take the form of a DNS entry or digital signature. Codifying such a signal would make it a war crime to attack a service that legitimately advertised the emblem—just as it’s a war crime to attack vehicles and hospitals that fly a Red Cross flag.
READ THE STORY: Security Boulevard
Putin's time in the KGB taught him 'how to lie' and to think like a terrorist, ex-spies say
FROM THE MEDIA: Russian President Vladimir Putin has the world on edge. He's waging the first major war in Europe since 1945 that's sparked a global energy crisis and fears of a nuclear conflict. As Western intelligence agencies vie to stay two steps ahead of the Russian leader and get inside his head, peering into Putin's KGB past can offer clues on what he may do next. Long before he was a world leader, Putin was a mid-level KGB officer stationed in Dresden, East Germany towards the end of the Cold War.
READ THE STORY: MSN
Fourteen state National Guard cyber units activate ahead of election
FROM THE MEDIA: Fourteen states have activated cyber units in their National Guards to help protect election officials’ networks from malicious activity during next Tuesday’s midterm vote. The posture has become a familiar feature of election security activities since 2016, when Russian attempts to access some states’ voter registration systems set off new interest in the cybersecurity of voting technology.
READ THE STORY: StateScoop
Closing the barn door on ‘store now, decrypt later’ attacks
FROM THE MEDIA: The Biden administration’s new National Security Strategy and National Defense Strategy highlight how competitors are undermining the U.S. military’s operational, logistical and information advantages. The leading technological risks the United States faces are the ongoing need to develop national cyber resiliency, such as employing zero-trust architecture and quantum systems; building secure technological supply chains that promote global interoperability and vendor diversity; and managing the risk of escalation in cyber and information operations.
READ THE STORY: Yahoo
Floppy Or Not: AI Predicts Properties Of Complex Metamaterials
FROM THE MEDIA: Given a 3D piece of origami, can you flatten it without damaging it? Just by looking at the design, the answer is hard to predict, because each and every fold in the design has to be compatible with flattening. This is an example of a combinatorial problem. New research led by the UvA Institute of Physics and research institute AMOLF has demonstrated that machine learning algorithms can accurately and efficiently answer these kinds of questions.
READ THE STORY: Eurasia Review
Items of interest
India’s first ‘spy’ satellite that helped in planning surgical strikes, returns home after 13-year sentinel duty
FROM THE MEDIA: After serving as a sentinel for more than ten years, India's first "Eye in the Sky" makes its way back to the planet. In order to keep its borders and seas secure, India launched its first dedicated "spy" or reconnaissance satellite, ISRO's radar-imaging RISAT-2, soon after the 2008 Mumbai terrorist attacks. Its images were also used for launching surgical strikes twice in Pakistan. On October 30, RISAT-2 re-entered the Earth's atmosphere and splashed in the Indian Ocean near Jakarta.
For an initial design life of four years, RISAT-2 carried 30 kg of fuel. However, despite being designed for only four years, it served its function for 13.5 years, contributing significantly to various counterterrorism and anti-infiltration operations.
READ THE STORY: MSN
Russian Spy Ship Tapping Internet Cables (Video)
FROM THE MEDIA: Yantar, a Russian science ship is off the coast of Ireland operating remote submersibles over sub sea cables.
The Secret Mission to Tap Soviet Undersea Cables - Operation Ivy Bells (Video)
FROM THE MEDIA: Operation Ivy Bells challenged the U.S. Navy to use top of the line technology in order to wiretap underwater communication cables found within the USSR’s territorial waters.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com