Sunday, November 20, 2022 // (IG): BB // Bubba3dPrints // Coffee for Bob
A Destabilizing Hack-and-Leak Operation Hits Moldova
FROM THE MEDIA: It was a truly wild week in the tech industry as new details emerged about the FTX cryptocurrency exchange's collapse and Elon Musk drove an ever-increasing number of Twitter employees out of the company. Cryptocurrency tracers have been scrambling to understand what happened to nearly half a billion dollars worth of cryptocurrency that was pulled out of FTX last weekend. It seems that some of it may have been seized by government authorities in the Bahamas, but the mystery is still unraveling.
READ THE STORY: Wired
The flood of online misinformation calls for some deliberate ignorance
FROM THE MEDIA: Eyeballs. That’s what everyone on the internet seems to want — eyeballs. It’s getting your eyeballs pointed at whatever content they produce — their game, their app, their news story, whatever — and however many ad units they can squeeze into your field of view. Your attention is literally up for auction hundreds or thousands of times a day — your asset is constantly sold by one group of third parties to another group of third parties. The result is information overabundance. There is literally, as Ann Blair once put it, too much to know. And what share of that overabundance hits your corneas is largely determined by others — what your friends share and what platforms’ algorithms slot into view.
READ THE STORY: Mail & Guardian
Lithuanians have already raised money for the second marine drone for Ukraine and started for the third one
FROM THE MEDIA: Lithuanians have already raised money for the second marine drone for Ukraine worth $250,000 and started fundraising for the third one, Lithuanian journalist and writer Andrius Tapinas informed. They named the second drone “Yes to peace” or “PEACE Да,” (which would be an abusive word if the “peace” part is transliterated into Russian). The first word was named in similar way as PEACE Дец which, transliterated into Russian would be an abusive word loosely translated as “terrible end.”
READ THE STORY: Euromaidan Press
Royal Navy foils Russian plot as ship spotted spying on UK's new hi-tech missile launcher
FROM THE MEDIA: A Russian surveillance ship has attempted to spy on some of the Royal Navy's latest autonomous vessels, sources said on Saturday night. It comes with Moscow still reeling over a successful Ukrainian attack using autonomous vessels on Sevastopol last month, where Russia bases its Black Fleet. The Admiral Vladimirskiy is ostensibly a scientific research vessel. In reality, however, the 6,600-tonne ship - which includes 20 linguists among its 176-strong crew - has the capacity to conduct covert underwater reconnaissance as part of the Russian Navy’s project 852, and reports directly to both the Main Directorate for Deep Sea Research (GUGI) and the GRU foreign intelligence agency.
READ THE STORY: Express (UK)
US intel says Iran agreed to help Russia build more drones
FROM THE MEDIA: Russia's unprovoked war on Ukraine has persisted since February, despite Russian forces retreating from areas in the southern in recent weeks. Over the course of the last nine months, reports of war crimes, including rape and torture, against Ukrainian civilians have surfaced, with suicide drones being used to spread "terror and chaos," experts have said. Russia has used more than 400 Iranian-made drones in its war against Ukraine, according to The Post. While Russia has not officially confirmed the allegations that its using Iranian drones, Ruslan Pukhov, an advisor to Russia's defense ministry, seemingly mistakenly said it on air in October.
READ THE STORY: Business Insider Africa // JP // WP
Agency overseeing cybersecurity for offshore energy falling short
FROM THE MEDIA: The federal enforcement office that oversees more than 1,600 offshore oil and gas facilities has done little to address growing cybersecurity risks, according to a watchdog report released on Thursday. The Government Accountability Office said that the Department of Interior’s Bureau of Safety and Environmental Enforcement has taken “few actions” to address cybersecurity risks since the agency first planned to address the issue in 2015, noting that an attack on an offshore oil and gas rig could be catastrophic.
READ THE STORY: Cyberscoop
E. Asia chipmakers see high-tech decoupling with China inevitable
FROM THE MEDIA: Major players in the semiconductor supply chain in East Asia appear to be seeing it as inevitable for them to decouple with China in advanced industries involving sensitive technology, given concerns about the rapid pace of Beijing's military modernization. The United States is taking the lead in building a "Chip 4" alliance with Taiwan, South Korea and Japan for increased economic security over a possible global chip crunch in the event of a contingency between Taiwan and China. Japan -- once the frontrunner in the global semiconductor industry but now trailing leading chip producers like Taiwan and South Korea -- eyes manufacturing and selling 2-nanometer generation chips at Rapidus Corp., a new consortium involving Toyota Motor Corp., Sony Group Corp. and six other leading companies.
READ THE STORY: KYODONEWS
Australian Army preps to train Ukrainian volunteers
FROM THE MEDIA: Defense minister Richard Marles may have declared an official crisis in defense recruitment in Australia, but our top brass has been dispatched on a mission to find out how droves of Ukrainian volunteers are urgently being taught soldiering skills Defense has revealed chief of army Lieutenant General Simon Stuart has made an advanced reconnaissance mission to the UK’s training facility for Ukrainian army recruits, which will start to use Australian personnel to teach combat skills from January 2023. The rotation of around 70 Australian trainers comes as part of a bilateral exchange between commonwealth allied forces that already has Kiwis on the ground on British bases putting Ukrainian recruits through their paces before returning to defend their nation.
READ THE STORY: The Mandarin
We're learning the wrong lessons from Putin’s defeats
FROM THE MEDIA: With Kyiv crippling Russian supply lines and driving back their forces in the east and south, and with Moscow’s missile blitz against Ukrainian cities, both sides are bracing for a tough winter. Right now, the initiative is still with Ukraine, but as Russia redeploys its forces and continues mobilizing, the outcome remains in the balance. This is no time for equivocation. Yet that is what we are seeing, with reaction in the West switching bafflingly between defeatism and triumphalism. The defeatists are at it again, with rumors that the Americans are engaged in talks with Russia and getting ready to pressure Ukraine into making concessions.
READ THE STORY: Telegraph
China Uses All Tactics to Gain Access to Defense Technologies
FROM THE MEDIA: China's president and People's Liberation Army head Xi Jinping is going all out to increase the military's might and the country has not spared any effort to gain access to defense technologies from across the world by any means, Policy Research Group reported. China has built its military strength on stolen and copied technologies from various countries, not only the United States and other European countries. It has not even hesitated to copy technologies from Russia.
READ THE STORY: Latesly
Private Indian hackers launched over a thousand cyberattacks on Pak military
FROM THE MEDIA: SideWinder, aka Rattlesnake, has hijacked, stolen or modified content in the intended computer systems of Pakistan government, military and business cyber assets. Earlier, only Pakistan and China-based entities would indulge in cyber espionage and disruption of Indian critical assets. Assets of critical Pakistan government agencies, some of which are affiliated to the military, have been facing persistent cyberattacks from a group, which domestic and international experts claim, is based in India.
READ THE STORY: TSG
China sets up 'overseas police stations' across five continents - Which countries are affected and what has been the response
FROM THE MEDIA: As China continues to cement its position in world politics, there are now allegations that the Xi Jinping-led administration is running 'overseas police stations' in more than two dozen countries. The allegations have fueled outrage from several quarters with at least 14 nations now investigating the matter. While Beijing recently acknowledged the existence of 'volunteer-run sites' in the United States it has repeatedly rebutted the 'groundless' claims. According to a September report by Europe-based human rights organization Safeguard Defenders, there are dozens of Chinese police "service stations" in major cities around the world.
READ THE STORY: Times Now News
Log4Shell – Iranian Hackers Accessed Domain Controller of US Federal Network
FROM THE MEDIA: In December last year, it was reported that Iranian and Chinese hackers were exploiting the Log4Shell vulnerability in the wild. Now, according to the US CISA (Cyber security infrastructure and security Agency), an advanced persistent threat (APT) group sponsored by the Iranian government compromised the network of a U.S. federal agency. The attack, according to authorities, was launched on the Federal Civilian Executive Branch (FCEB). CISA revealed that the hackers used the Log4Shell vulnerability, tracked as CVE-2021-44228, in the unpatched VMware Horizon server to compromise the network and gain control of the organization’s domain controller (DC).
READ THE STORY: HackRead
Research sector targeted in new spear phishing attack using Google Drive
FROM THE MEDIA: The US Departments of Defense (DoD) and State have been engaged in a tug-of-war over which branch has the authority to conduct cyber operations, and sources say the DoD has won. According to CyberScoop, sources familiar with the matter say the DoD will be retaining the majority of the authorities it was granted by the Trump administration in 2018. An anonymous senior administration official says the State Department won some concessions as part of the revised policy document, and that the final version of the policy memorandum will require the DoD to share cyber.
READ THE STORY: HackRead
Black Friday and Cyber Monday, crooks are already at work
FROM THE MEDIA: Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday. The experts noticed that between October 26 and November 6, the rate of unsolicited Black Friday emails peaked on Nov 9, when reached 26% of all Black Friday-related messages. The experts pointed out that the majority of all Black Friday spam (by volume) (56%) received in the same period was marked as a scam. Approximately one out of four (27%) of all Black Friday spam emails (by volume) targeted online users in the US and in Ireland (24%).
READ THE STORY: Security Affairs
‘Bitcoin rainbow’ indicator drops to all-time low; Can BTC slump to $10k
FROM THE MEDIA: After days of battling to contain further losses, Bitcoin (BTC) bulls have gained some ground stabilizing the price below $17,000. In the meantime, investors are looking for signals that can trigger Bitcoin’s price movement in either direction. Bitcoincenter’s rainbow price chart is one of the gauges leveraged by the market to determine the possible next Bitcoin price action. The tool uses color bands that follow a logarithmic regression and reviews past performance to provide a potential insight into its long-term movements.
READ THE STORY: FINBOLD
Ukraine's Power Boss Tells Citizens To Temporarily Leave Country Amid 'critical' Outages
FROM THE MEDIA: Amid incessant attacks by Russia on Ukrainian energy infrastructure, the head of Ukraine’s largest private energy company has suggested a way of solving the problem of insufficient power supply. In a conversation with the BBC, Maxim Timchenko, the chief of DTEK, urged Ukrainians to temporarily leave the country in order to help energy firms achieve a balance of demand and supply. "If they can find an alternative place to stay for another three or four months, it will be very helpful to the system," Timchenko said, while appealing for more resources.
READ THE STORY: RepublicWorld
German government and banks prepare for possible power outages
FROM THE MEDIA: The German government, the federal bank, and representatives of the financial industry have decided to prepare for possible power outages in the country this winter. As a result, they are developing possible scenarios to deal with such events, as reported today, Saturday, November 19, by Deutsche Wirtschafts Nachrichten. Among the possible measures will be a restriction on the issuance of cash to the population. In addition, a daily limit on the withdrawal of cash through terminals can be set. This must be done to avoid a shortage of cash in circulation.
READ THE STORY: Euroweekly News
‘Insider threat’: How an online date led to a ‘systemic’ failures investigation into American Express
FROM THE MEDIA: John Smith* had just moved to Sydney after more than a decade abroad when he met someone online last summer. Using the dating app Grindr, he started chatting with a man named Tahn Daniel Lee. Lee was isolating with COVID at the time, so they spoke online for a few weeks before meeting in Sydney’s Surry Hills for a first date – a Japanese dinner followed by Messina ice cream. The date would be one of many – in a relationship that moved quickly before taking a dark turn, when Smith started to suspect that Lee was monitoring his bank accounts.
READ THE STORY: The Sydney Morning Herald
Elon Musk restores Donald Trump’s Twitter account
FROM THE MEDIA: Former US President Donald Trump’s Twitter account has been reinstated on the platform. The account, which Twitter banned following the January 6, 2021, attack on the Capitol, was restored after Twitter CEO and new owner Elon Musk posted a poll on Twitter on Friday night asking the platform’s users if Trump should be reinstated. “The people have spoken. Trump will be reinstated,” Musk tweeted Saturday night. “Vox Populi, Vox Dei,” Latin for “the voice of the people is the voice of God.”
Satellite-Saving Robots Can Turn Killer, Too
FROM THE MEDIA: The most sophisticated satellites can cost more than $1 billion to build and launch. Yet all that money and technology hasn’t been able to buy something every car owner takes for granted: on-demand repairs and tune-ups. Now, thanks to years of development by governments and private companies, outer space satellite servicing is becoming a reality — and a business. Just this month, the US Defense Advanced Research Projects Agency, or DARPA, announced that a robotic repair arm it developed will be ready for launch in 2025. By then, it will be just the latest advance in satellite tune-ups, ready to help clear a path through the growing accumulation of space junk orbiting the earth.
READ THE STORY: The Washington Post
Trump tweet showed US spied on Iran via spacecraft USA 224
FROM THE MEDIA: Former US President Donald Trump published a tweet that showed a satellite picture of a rocket that exploded on a launch pad inside Iran, NPR reported on Saturday. The quality of the image was so clear that experts initially thought it is impossible for the picture to have been taken via satellite. "This picture is so exquisite, and you see so much detail," says Jeffrey Lewis, who studies satellite imagery at the Middlebury Institute of International Studies at Monterey. "At first, I thought it must have been taken by a drone or something."
READ THE STORY: Almayadeen
New technology is making drug traffickers more efficient
FROM THE MEDIA: Shipments of illicit drug consignments are communicated by means of encrypted messages, electronic transfer of drug-sales proceeds are routed through different jurisdictions, using one-time passwords and codes, before final deposit in a tax haven. New technologies are enabling drug trafficking groups to commit traditional crimes, more efficiently, and with formidable secrecy. The modern day globalized economy is dependent on advanced telecommunication technologies for all operations. Many of these technologies have been adopted by drug traffickers to make their activities secure and confidential.
READ THE STORY: TSG
White House wants Twitter to explain how it’s protecting Americans’ data
FROM THE MEDIA: The White House called on Twitter to explain how it is protecting “the safety of Americans’ online data,” Oliver Darcy, a reporter for CNN, tweeted. He noted that a White House official told him, “Twitter should speak to how they are ensuring that happens.” Twitter’s former safety head, Yoel Roth, noted in a recent op-ed in the New York Times that Twitter was safer under Elon Musk than it was before. He wrote, “Before my departure, I shared data about Twitter’s enforcement of hateful conduct, showing that by some measures, Twitter was actually safer under Mr. Musk than it was before.”
READ THE STORY: TESLARATI
Regulating The Crypto Wild West
FROM THE MEDIA: A well-functioning financial system is a key component of any successful economy. Without efficient payments and broadly accessible financial services, people cannot engage easily in commerce, save for a rainy day, invest in new innovations and business models, or insure against risk. But precisely because the financial sector is so central, developments within it are highly consequential. If the digital revolution has shown us anything, it is that one seemingly minor innovation can upend or even eliminate entire industries.
READ THE STORY: MENAFN
More Medibank data leaked on dark web as standoff continues
FROM THE MEDIA: More files exfiltrated from medical insurer Medibank Group during a ransomware attack have been released on the dark web site of the attacker(s). Ransomware generally attacks only systems running Microsoft's Windows operating system. Three files that appear to contain details of people with mental health issues, HIV infections and viral hepatitis are among the material claimed to be released overnight. Data has been released in small amounts since 9 November. Earlier this week, the attacker(s) indicated there would be a pause in the release of data until the company's annual general meeting was held.
READ THE STORY: itWire // Riverine Herald // Perth Now
New attacks use Windows security bypass zero-day to drop malware
FROM THE MEDIA: New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings. When files are downloaded from an untrusted remote location, such as the Internet or an email attachment, Windows add a special attribute to the file called the Mark of the Web. This Mark of the Web (MoTW) is an alternate data stream that contains information about the file, such as the URL security zone the file originates from, its referrer, and its download URL.
READ THE STORY: Bleeping Computer
Research sector targeted in new spear phishing attack using Google Drive
FROM THE MEDIA: According to Trend Micro researchers, a Chinese government-sponsored advanced persistent threat (APT) group has launched spear-phishing attacks to target education, government, and research sectors worldwide. The report is unsurprising as earlier this year, researchers linked Google Drive to 50% of malicious MS Office document downloads. The attackers are delivering custom malware stored in Google Drive. The attacks were discovered between March and October 2022. The primary targets of the group were located in Japan, Australia, Myanmar, Taiwan, and the Philippines. For your information, the espionage group has been active since July 2018.
READ THE STORY: HackRead
Items of interest
The Stasi spies who traded sex for secrets
FROM THE MEDIA: In a rented apartment at a resort in the Swiss Alps, a gravely ill man lifts his gaze and looks his lover in the eyes. At first he seems unsure how to begin. During the war, he tells her, he was loosely involved in a plot to assassinate Hitler. Then, after the collapse of the Third Reich, he became an agent for the Red Army. But now he is so unwell that he must leave for the Soviet Union, where a specialist medical facility will give him the treatment he needs to survive. And she, a secretary in the office of the West German chancellor, is in deep trouble. What will her employers do when they find out he’s vanished and realize she has been sleeping with the enemy these past two years? No one will believe she didn’t know.
READ THE STORY: The Times
Beanie Babies Were the Gateway to a Life of Cyber Crime (Video)
FROM THE MEDIA: Brett Johnson, AKA Gollumfun, suffered horrendous abuse as a child, which led him down a dark criminal path. When the Internet came along, he realized he could scam anyone around the world. Counterfeit collectibles like Beanie Babies and autographed baseballs were just the beginning of a dangerous online crime spree, which birthed a massive community of fraudsters.
Asad Qureshi Using Open Source Intelligence to Investigate CryptoCurrency Cybercrime (Video)
FROM THE MEDIA: Hacktivity 16 2019 Hacking conference.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com