Friday, November 25, 2022 // (IG): BB // Bubba3dPrints // Coffee for Bob
UK bans Chinese CCTV cameras on 'sensitive' government sites
FROM THE MEDIA: The United Kingdom has decided Chinese video cameras have no place in government facilities. "A review of the current and future possible security risks associated with the installation of visual surveillance systems on the government estate has concluded that, in light of the threat to the UK and the increasing capability and connectivity of these systems, additional controls are required," reads a statement from Oliver Dowden, Chancellor of the Duchy of Lancaster (the second-most senior minister in cabinet behind the PM).
READ THE STORY: The Register // Security Affairs
Russia's ongoing invasion of Ukraine is pushing out one of Russia's biggest tech giants
FROM THE MEDIA: Russia stands to lose its biggest tech company, which would throw a wrench in President Putin's plans to foster Russian-grown alternatives for Western technology. Yandex, often referred to as Russia's Google, is the country's largest internet business best known for its search browser and ride-hailing apps. But its Dutch-based parent company wants out of Russia because of the potential negative impact the Ukrainian invasion could have on its business, according to a New York Times report. The exit of Russia's biggest tech giant would deliver a blow to President Vladimir Putin, who has made a concerted effort to produce Russian technology and goods as sanctions cut access to Western suppliers.
READ THE STORY: Insider
Google Issues Emergency Chrome Security Update For All Users
FROM THE MEDIA: Google has confirmed the eighth zero-day exploit impacting the Chrome browser on Windows, Mac, Linux, and Android platforms. An emergency fix addressing this single issue is being rolled out now, but you can force-update your browser immediately. Other browser clients using the Chromium engine should also expect to see updates soon. It used to be a very rare event when a Google Chrome update addressed a single security issue, reserved for those occasions where a vulnerability was known to be under exploit by attackers in the wild before a fix was available. In 2022 there have now been updates covering a total of eight such zero-days.
READ THE STORY: Forbes
Musk recruits engineers for “Twitter 2.0” after mass layoffs and resignations
FROM THE MEDIA: Having gutted Twitter's staff, Elon Musk told remaining employees he plans to hire new engineers and salespeople, The Verge reported Monday. "During an all-hands meeting with Twitter employees today, Musk said that the company is done with layoffs and actively recruiting for roles in engineering and sales and that employees are encouraged to make referrals, according to two people who attended and a partial recording obtained by The Verge," the report said. Musk completed his $44 billion purchase of Twitter on October 27 and laid off about half of the company's 7,500 employees.
READ THE STORY: HITB
Vulnerability in AWS AppSync allowed unauthorized access to cloud resources
FROM THE MEDIA: A vulnerability in Amazon Web Services (AWS) AppSync enabled unauthorized cross-account access to AWS resources, according to the findings of security researchers. AppSync is a service that allows developers to create serverless GraphQL and Pub/Sub APIs. When creating GraphQL API with AppSync, developers must specify the data source that stores or has access to the data the API will interact with, such as Lambda functions, DynamoDB, RDS, and external APIs.
READ THE STORY: Portswigger
Elon Musk to abused Twitter users: Your tormentors are coming back
FROM THE MEDIA: Twitter CEO Elon Musk has decided to allow suspended accounts back onto the micro-blogging service. Musk used the same process for this decision as he did when restoring access to a Florida Man who once held high elected office in the US – an utterly unscientific and easy to manipulate poll of Twitter users. The phrase Musk uses at the end of the tweet above – "Vox Populi, Vox Dei" – translates from Latin as "Voice of the people, voice of God". It's a quote from Machiavelli, which in context is warning against listening to people who say "the voice of the people is the voice of God".
READ THE STORY: The Register // Asianet Newsable
An international police operation dismantled the spoofing service iSpoof
FROM THE MEDIA: An international law enforcement operation that was conducted by authorities in Europe, Australia, the United States, Ukraine, and Canada, with the support of Europol, has dismantled online phone number spoofing service called iSpoof. The iSpoof service allowed fraudsters to impersonate trusted corporations or contacts in an attempt to gain access to sensitive information from victims. Threat actors used the service to trick victims into disclosing financial or private information or transferring money.
READ THE STORY: Security Affairs // Heimdal
Ukraine becomes dark patch in night satellite images as Russia crushes its energy grid
FROM THE MEDIA: Ukraine has become a dark patch on the globe at night, images released by US space agency Nasa show, as repeated Russian missile strikes cripple the country’s energy network. The images, taken from space, show Ukraine in total darkness, surrounded by bright spots coming from other countries. Since October, Russia has launched regular strikes with the aim of destroying the Ukrainian power grid. Ukraine's President Volodymyr Zelenskyy told the Financial Times that this week's strikes had created a situation not seen for 80 or 90 years ― "a country on the European continent where there was totally no light."
READ THE STORY: UK
Rise of Luna Moth’s Malware-Free Extortion Campaign
FROM THE MEDIA: A group of security researchers has discovered that a threat actor has managed to extort hundreds of thousands of dollars from mostly small and midsized businesses over the last few months without using any encryption tools or malware. A group of attackers, known as Luna Moth (also called the "Silent" ransomware group), has been using an array of legitimate tools and a method of extortion known as "call-back phishing" to target victims. Later, they use sensitive data as leverage over them to take control of their finances.
READ THE STORY: Cysecurity
Australian Government is looking to hire hackers for it’s “Hack Back” program to disrupt ransomware gangs
FROM THE MEDIA: Recent data breaches have driven fast reforms to Australia’s cybersecurity and data protection rules, and the most recent development looks to be the formation of a cyber task force that will “hack back” and aggressively pursue what Minister for Home Affairs Clare O’Neil termed “scumbags.” Due to the fact that millions of Australian citizens have had sensitive personal data stolen from a variety of major companies and that long lines have formed to have compromised personal identification re-issued, the Department of Home Affairs has promised a new policy that will be “tough on crime” regarding cyber incidents and data leaks. The Australian Federal Police (AFP) and the Australian Signals Directorate will work together to form a joint task force of around one hundred personnel, according to the announcement made by the agency.
READ THE STORY: Security Newspaper
European Parliament declares Russia a terrorism sponsor, then its site goes down
FROM THE MEDIA: The European Parliament website was knocked offline for several hours on Wednesday by a distributed denial-of-service (DDoS) attack that started shortly after the governing body voted to declare the Russian government a state sponsor of terrorism. European Parliament President Roberta Metsola confirmed the attack on Wednesday afternoon European time, while the site was still down. “A pro-Kremlin group has claimed responsibility,” she wrote on Twitter. “Our IT experts are pushing back against it & protecting our systems. This, after we proclaimed Russia as a State-sponsor of terrorism.”
READ THE STORY: HITB // HackRead
Details on Interpol seizing $130m from cyber criminals and details on Pig Butchering
FROM THE MEDIA: NTERPOL has announced that its cyber operation codenamed “Haechi III” has turned into an immense success as the law enforcement agency seized $130,000,000 worth money and virtual assets from cyber criminals and money laundering scams and succeeded in arresting over 1000 of suspects. According to a press update released by the ‘International Crime Police Organization’, most of the amount seized was related to romance scams, phishing, se$tortion, investment frauds, cryptocurrency scams and money laundering linked to illegal online gaming and betting.
READ THE STORY: Cyber Security Insider
Experts Find 1600+ Malicious Docker Hub Images
FROM THE MEDIA: Security researchers have warned developers of the dangers of using shared container images, after finding 1652 on Docker Hub hiding nefarious content. Containers are increasingly popular among the developer community as they’re lightweight, and easy to deploy and scale across different computing environments. As with the use of open source code repositories, DevOps teams often use publicly available container images that have been shared by others, to speed up time-to-market. The most popular free container registry is Docker Hub.
READ THE STORY: InfoSec Mag
Real estate company Sonder loses customers' PII & payment data to a cyber attack
FROM THE MEDIA: Founded in 2014, Sonder Holdings Inc. is a San Francisco-based real estate company with a presence in over 35 cities in 10 countries in North America, Europe, and the Middle East. The company has approximately 6,300 units live worldwide and has serviced over a million customers. In a recent cybersecurity incident notification, Sonder confirmed that it identified unauthorized access to one of its systems on November 14. Upon discovering the intrusion, the company took prompt action to contain it and made sure that the threat actor no longer had access to internal systems. It also verified if the unauthorized access impacted its daily operations.
READ THE STORY: TEISS
Hamas’ cyber terror is a test case for other non-state players
FROM THE MEDIA: Iranian-backed Palestinian terror group Hamas, the de facto rulers of the impoverished Gaza Strip, is stepping up its cyber activities against Israel. And it’s time for Western nations, including the U.S., to take such threats more seriously, a report published recently by Washington-based think tank the Atlantic Council has found. According to the report authored by non-resident fellow Simon Handler, while the U.S. overwhelmingly focuses its cybersecurity concerns on the “big four” nation-state adversaries — China, Russia, Iran and North Korea — non-state actors are becoming increasingly organized and efficient in cyber warfare.
READ THE STORY: WFIN
Operation across Africa identifies cyber-criminals and at-risk online infrastructure
FROM THE MEDIA: Law enforcement officials from 27 INTERPOL countries joined forces in the Africa Cyber Surge Operation to counter cybercrime across the continent. Against the backdrop of the huge financial losses suffered by companies, businesses and individuals, the four-month operation (July to November 2022) saw officers detect, investigate and disrupt cybercrime through coordinated law enforcement activities utilizing INTERPOL platforms, tools and channels, in close cooperation with AFRIPOL.
READ THE STORY: Interpol
'This is necessary to restore public trust': Elon Musk says he will reveal all secret documents about Twitter's decision to ban Hunter Biden laptop story
FROM THE MEDIA: Elon Musk has promised to fully disclose what led to Twitter's decision to censor the Hunter Biden laptop story, 20 months after DailyMail.com authenticated its contents with top experts. Billionaire Musk responded to a user who demanded the social media giant get to the bottom of why the laptop was blacklisted from the site - which occurred before he bought Twitter. In an act of 'politically motivated censorship', Twitter deliberately prevented users from sharing a link to a front-page newspaper article about Hunter Biden's private life and his controversial business ties to Ukraine in the run-up to the 2020 Election between Biden's father and Trump.
READ THE STORY: Dailymail
China’s digital influence in Africa: The case of Zambia and Zim
FROM THE MEDIA: China’s relationship with the two countries, along with its own ambitions to dominate the manufacture and supply of technologies globally, have created fertile ground for China to supply surveillance technologies to the southern African countries, which are comparatively cheaper than those from other parts of the world. Over the past decade, a number of media reports have chronicled the adoption and rollout of Chinese sourced technologies in the telecommunications industries of these two countries, although these have tended not to examine how the different layers of Chinese technologies may be used by the Zambian and Zimbabwean governments to carry out targeted and mass surveillance.
READ THE STORY: Newsday
Threat actors extend attack techniques to new enterprise apps and services
FROM THE MEDIA: Perception Point announced the publication of a report, “The Rise of Cyber Threats Against Email, Browsers and Emerging Cloud-Based Channels“, which evaluates the responses of security and IT decision-makers at large enterprises and reveals numerous significant findings about today’s enterprise threat landscape. One key takeaway is that organizations are paying a hefty $1,197 per employee each year to address successful cyber incidents across email services, cloud collaboration apps or services, and web browsers, meaning that a 500-employee company spends on average $600,000 on an annual basis.
READ THE STORY: HelpNetSecurity
RansomExx Ransomware upgrades to Rust programming language
FROM THE MEDIA: The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language. The move follows the decision of other ransomware gangs, like Hive, Blackcat, and Luna, of rewriting their ransomware into Rust programming language. The main reason to rewrite malware in Rust is to have lower AV detection rates, compared to malware written in more common languages.
READ THE STORY: Security Affairs
RCMP use of spyware warrants update to Canada's privacy laws
FROM THE MEDIA: Canada should update its privacy laws in the wake of revelations that the country’s national police force uses spyware to hack mobile devices, a parliamentary committee says. The House of Commons ethics committee is recommending the federal government require privacy assessments for the use of “high-risk technological tools” that collect personal data, according to a report tabled Wednesday. The report, which received all-party support, also says Ottawa should make a list of banned spyware vendors and set “clear rules on export controls over surveillance technologies.” However, it does not recommend a moratorium on the use of spyware by police.
READ THE STORY: Politico
Russian propaganda spreading fake allegation of Ukraine staging NPP shutdown to secure financial aid
FROM THE MEDIA: Russian propaganda manipulates the topic of restoring the energy infrastructure of Ukraine after repeated shelling, claiming that the shutdown of the nuclear power plants was staged by Ukraine itself for the sake of "another financial tranche". As reported by Ukrinform, the Center for Countering Disinformation under the National Security and Defense Council of Ukraine announced this on Telegram. The Russian media claimed that "the Ukrainian authorities have calculated how much money is needed to restore the energy infrastructure.
READ THE STORY: Ukrinform
Greek surveillance scandal bigger than Watergate
FROM THE MEDIA: The Greek surveillance scandal is bigger than the US Watergate scandal, according to the rapporteur for the European Parliament's Inquiry Committee into Pegasus and other spyware, local media reported Thursday. Although the conservative Nea Dimokratia (ND) government claims there is no tangible evidence proving that it was involved in the surveillance of dozens of politicians, businessmen and journalists, evidence is there, said Sophie in 't Veld, the Avgi daily reported, citing German public broadcaster DW.
READ THE STORY: AA
CCP creating ‘iron curtain between those within and outside Tibet’
FROM THE MEDIA: Tibetans are working for a political cause while facing consistent security challenges from the Chinese Communist Party (CCP). Being intimidated by CCP officials directly, Tibetans are unable to talk to their families who live in Tibet and their electronic devices are being hacked and monitored, Inkstick reported. As per the report, the Chinese Communist Party’s goal is to create “an iron curtain between those within and outside Tibet.” In order to fulfil its aim, the CCP has been taking several measures, including confiscating the passports of Tibetans in Tibet and the whole of China.
READ THE STORY: The Print
Hackers, ‘Choppers’, and Scammers The Cybercrime Era | What are my rights when my personal data is compromised
FROM THE MEDIA: Data is a commodity as valuable as any product or service in any industry. Data and information gathering is a multimillion-dollar business. From external cyberattacks such as malware, ransomware, and phishing, to internal vulnerabilities such as human error, system failure, lost or stolen devices, dangers that risk exposure of personal data can be found at every turn. With technology developing so quickly, cyberattacks are getting more sophisticated and are on the rise. In 2021 only, there was a 550% increase in reported cases of cyberattacks in the Caribbean according to a 2021 report by Mandiant Advantage.
READ THE STORY: Lexology
Branding Russia a ‘State Sponsor of Terrorism’ Won’t Stop the Missiles
FROM THE MEDIA: The EU parliament has declared Russia to be a state sponsor of terrorism. The largely symbolic resolution, which passed by a 494-58 vote on November 23, has no particular real-world consequences, but reflects MEPs’ condemnation of Russia’s “deliberate physical destruction of civilian infrastructure and mass murder of Ukrainian civilians with the aim of eliminating the Ukrainian people.” The parliament urged the European Union’s 27 member states to adopt the designation “with all the negative consequences this implies.”
READ THE STORY: International Policy Digest
Items of interest
How shunning Russia could offer the U.S. tech giants an easy win
FROM THE MEDIA: The U.S. tech giants are in an easier position than many other global businesses as pressure intensifies for corporations to sever ties with Russia over the war in Ukraine — and there’s a simple reason why. When it comes to money, Apple, Amazon, Meta and Google have relatively little on the line. The Russian market amounts to only a tiny fraction of the tech companies’ overall annual revenue, in contrast to oil, defense and financial services companies that stand to lose huge revenue streams and vital partners as they ax projects in Russia this week.
READ THE STORY: Politico
DIY Auto-Tracking Missile Turret (Video)
FROM THE MEDIA: I took my Raspberry Pi auto tracking turret and replaced the dart blaster with 100 firework rockets! This seems completely safe, OSHA-approved, and definitely won't land me on any sort of watch list. Since none of my friends are dumb enough to take this thing on, I pitted it against my worst drone, with surprising results.
Hacking Portable Satellite Dishes (Video)
FROM THE MEDIA: Some further experiments with self-contained portable satellite dishes. These are the type you'd find on the roof of an RV, a boat, or at a tailgate party. In this video I'm checking out two similar units, the Dish Tailgater and VuQube VQ1000.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com