Sunday, December 11, 2022 // (IG): BB // Bubba3dPrints // Coffee for Bob
US Keeps Eye on China's Space Activities for Potential Risks
Analyst Comment: China is progressing towards its national space strategy focusing on becoming a global leader by 2045 with hope of being there around 2030. The CCP appears to be politically committed to achieving this vision (435 launches as of 08DEC22).
FROM THE MEDIA: The U.S. is closely monitoring Chinese activities that potentially threaten American assets in space as debris rapidly accumulates in low Earth orbit, the head of United States military operations in space said Friday. Commander of U.S. Space Command Army Gen. James Dickinson also cheered the overwhelming passage in the United Nations of a resolution that countries not conduct direct-ascent antisatellite tests that create vast fields of space debris, which endanger satellites and space stations. Of the four countries that have conducted such ASAT tests, the United States was the only one that voted in favor, while China and Russia voted no and India abstained.
READ THE STORY: VOA
Blockchain Voting In India: Illusion Or Reality
FROM THE MEDIA: Recently, India saw two legislative elections and one local body election. Though there were fewer allegations regarding tampering of electronic voting machines (EVMs) in this election, EVMs’ vulnerability to hacking has always been a point of contention for the losing side. So what can make elections more transparent? The use of blockchain technology to make the election process more transparent is now being discussed globally. In October, it was reported that Greenland was exploring the feasibility of an online voting platform, possibly based on blockchain, reported Cointelegraph.
READ THE STORY: OUTLOOK
New Research Raises Alarm Against Advertising Tool That Exposes Users’ Data to Twitter
FROM THE MEDIA: A new advertising tool is wreaking havoc by exposing users’ data to Elon Musk’s Twitter platform. The news comes through a new study by researchers that have uncovered the ordeal which might be exposing the likes of various firms, governments, and even users to so many security risks linked to the digital social network. In October, we saw billionaire Elon Musk acquire the company for a staggering $44 billion and among the various other dilemmas that this deal brought forward, we were able to witness a resource that went unexplored.
READ THE STORY: DIW
Chinese newspaper accuses U.S. of stealing technology from "our Taiwan"
FROM THE MEDIA: An editorial printed in the Chinese tabloid called Global Times (via South China Morning Post) has attacked TSMC's plans to build two fabs in the United States. The first factory will go online in 2024 producing chips made using TSMC's 4nm process node. The second factory, announced just this past week, will produce 3nm chips for Apple and other companies starting in 2026. It is great news for the U.S. as it tries to become self-sufficient when it comes to producing chips. But the Global Times calls this a "dark turn" in the worldwide semiconductor industry and accuses the U.S. of tricking TSMC into building the new factories in Arizona.
READ THE STORY: Phone Arena
Apple says its new iMessage can send an alert if a state-sponsored hacker is spying on your conversation
FROM THE MEDIA: Apple said its new iMessage Contact Key Verification feature can notify people if their conversation is being breached by a state-sponsored hacker – but it only works if both people have it enabled. The iMessage feature will be available for people "who face extraordinary digital threats," like journalists, human rights activists, and politicians, Apple said in a press release. iMessages between two people who have the feature enabled will receive an automatic alert "if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications."
READ THE STORY: Business Insider (SA)
How the global spyware industry spiralled out of control
FROM THE MEDIA: The Biden administration took a public stand last year against the abuse of spyware to target human rights activists, dissidents and journalists: It blacklisted the most notorious maker of the hacking tools, Israeli firm NSO Group. But the global industry for commercial spyware — which allows governments to invade mobile phones and vacuum up data — continues to boom. Even the U.S. government is using it. The Drug Enforcement Administration is secretly deploying spyware from a different Israeli firm, according to five people familiar with the agency’s operations, in the first confirmed use of commercial spyware by the federal government.
READ THE STORY: Money Control
MuddyWater APT group is back with updated TTPs
FROM THE MEDIA: Deep Instinct’s Threat Research team uncovered a new campaign conducted by the MuddyWater APT (aka SeedWorm, TEMP.Zagros, and Static Kitten) that was targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and United Arab Emirates. The experts pointed out that the campaign exhibits updated TTPs. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. The group evolved over the years by adding new attack techniques to its arsenal. Over the years the APT group also has also targeted European and North American nations. In January, US Cyber Command (USCYBERCOM) officially linked the MuddyWater APT group to Iran’s Ministry of Intelligence and Security (MOIS).
READ THE STORY: Security Affairs
Malaysia Launches Investigation Into AirAsia Ransomware Attack
FROM THE MEDIA: Last month, a ransomware attack compromised the personal data of approximately five million passengers and all AirAsia employees. Although it has been more than a month since the initial attacks, Malaysian authorities are still investigating the source and the overall impact but have gathered few leads so far. The cyber attacks happened on November 11th and 12th when samples of the stolen personal data were found leaked to the dark web approximately a week later. The posted samples contained varying degrees of sensitive information, such as employees' personal data, passenger booking information, and even photos, to name a few.
READ THE STORY: Simple Flying
How to Geolocate IP Addresses on Linux Using geoiplookup
FROM THE MEDIA: Have you ever wondered where a website is actually hosting its content from? You can geolocate domain names and IP addresses right from the Linux command line with geoiplookup. Here's how to use it. Geoiplookup is a command-line utility that uses MaxMind's geolocation database to find the country where an IP address or domain name is hosted. It queries a local file, typically stored in the /usr/share/GeoIP directory.
READ THE STORY: MUO
China buys $1.8 billion worth of gold in reserves, reduces USD assets
FROM THE MEDIA: Early this year, countries all across the world went on a gold-purchasing binge, which many believe may be a sign of escalating economic turmoil. Long used as currency, gold is valued for maintaining its worth despite the ups and downs of capitalism. It also has significant industrial applications, though. China's State Administration of Foreign Exchange recently disclosed statistics showing that it just made its first gold purchase for its reserves in three years. China now has 63.67 million ounces of total gold reserves, or nearly $112 billion, up from 62.64 million ounces before the purchase. It holds the sixth-largest gold reserve in the world, behind the US, Germany, Italy, France, and Russia.
READ THE STORY: Almayadeen
Antenna maker Anywaves plots aggressive US expansion
FROM THE MEDIA: French satellite antenna maker Anywaves said Dec. 8 it has raised around $3 million to help capture more business from U.S. customers. Anywaves CEO Nicolas Capet said the funds from French investor Ylliade Groupe enable the company to accelerate sales and marketing efforts in the United States, where only 10% of its customers are currently based. The majority of customers, about 80%, are based in Europe and the remaining 10% are from other countries including Australia and India. “Our objective is to balance this mix,” Capet told SpaceNews via email.
READ THE STORY: SN
Russia promises US and allies ‘legal consequences’ for helping Ukraine to pinpoint targets
FROM THE MEDIA: Vasily Nebenzya, the Russian Permanent Representative to the UN, on Friday, December 9, accused the United States and its allies of helping Ukraine to pinpoint targets for its weapons. Speaking at a meeting convened at the request of Moscow, he promised that ‘legal consequences’ would occur as a result. He particularly accused the Americans of being involved in the work of HIMARS, and that targeting is carried out using US military satellites. Nebenzya also claimed that the Russian strategic airfields of Dyagilevo and Engels were recently attacked by drones using American satellite data.
READ THE STORY: EuroWeekly
At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet
FROM THE MEDIA: Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. Over the years, researchers disclosed several severe vulnerabilities in the server software, in April of 2021, CISA published a report warning of the exploitation of Pulse Connect secure flaws. Now Censys researchers discovered that 4,460 Pulse Connect Secure hosts out of 30,266 installs, which are exposed to the Internet, lack of security patches. “In total, Censys has found 30,266 Pulse Connect Secure hosts running on the internet.” reads the post published by Censys. “One of the easiest ways to find these running using Censys is to search for a specific URI that can be found in the HTTP response body of a Pulse Connect Secure web service.
READ THE STORY: Security Affairs
Japan eyeing introduction of ‘active cyber defense’ measures
FROM THE MEDIA: Negotiations between the Japanese government and the country's ruling Liberal Democratic Party (LDP) will begin in 2023 to amend the country's laws to allow local experts to conduct "active cyber defense," according to sources cited by The Nikkei newspaper. Under the pretext of safeguarding the infrastructure of the private sector, the Japanese government wants to create a system that will allow law enforcement to monitor and hack into "intruders'" systems even before they engage in suspicious activity. Next week, the National Security Strategy and two other security-related documents will be updated, and this initiative will be reflected in them.
READ THE STORY: Almayadeen
Xi proposes eight major initiatives on China-Arab practical cooperation
Analyst Comment: In proper BRI fashion - China aims to expand its trade with Arab states to 430 billion dollars by 2027. This push at a China-Arab union is to further their persistence in the region.
FROM THE MEDIA: Chinese President Xi Jinping on Friday proposed eight major initiatives on China-Arab practical cooperation at the first China-Arab States Summit held here at the King Abdul Aziz International Conference Center. The details are as follows: First, cooperation initiative on development support. China will discuss with the Arab side the implementation of assistance projects worth 5 billion yuan (about 719 million U.S. dollars) in development cooperation, and include 30 eligible Arab projects in the Global Development Initiative project pool.
READ THE STORY: CCTV
India's Digital Currency Will 'Finally' Replace Bank Notes
FROM THE MEDIA: As in the case of paper currency, the digital rupee would be distributed through banks. Currently, four banks have been selected - State Bank of India, ICICI Bank, IDFC First Bank and Yes Bank. Users must have a digital wallet through a participating bank, which would be stored on their mobile phone or other electronic device. Payments to merchants can be made using QR codes displayed at merchant locations. These four banks are expected to invite merchants and customers who would be part of the pilot project in the coming weeks which will help to build an ecosystem. It is expected that the digital rupee will eventually replace the use of currency notes. The pilot project will be implemented in thirteen cities in India. The digital currency will have denominations like regular currency and will also have images with serial numbers.
READ THE STORY: MENAFN
Australia announces ‘Magnitsky’ sanctions against targets in Russia and Iran
FROM THE MEDIA: Foreign Affairs Minister Penny Wong chose Human Rights Day to announce Magnitsky-style sanctions against 13 Russian and Iranian individuals and two entities, in response to egregious human rights abuses. Wong has described these sanctions as a means of holding human rights abusers to account, in situations where dialogue has proven ineffective. Magnitsky sanctions are named after Sergei Magnitsky, a Russian lawyer who was killed in prison for exposing corruption. Unlike more traditional sanctions targeting nation states, Magnitsky sanctions freeze the assets of targeted individuals and prevent them from travelling freely.
READ THE STORY: The Conversation
Freed Russian Arms Dealer Viktor Bout Would 'Volunteer' In Putin's War
FROM THE MEDIA: Viktor Bout, the notorious arm dealer who was freed by the U.S. in a high-profile prisoner exchange with Russia this week, was reported by Moscow-based news site Gazeta.ru as saying that he would volunteer to fight in Ukraine if possible. On Saturday, Gazeta—whose holding company Rambler Media Group passed under the sole ownership of state-owned company Sberbank in 2020—wrote on Twitter that Bout had said about the "special operation" in Ukraine: "If I had the opportunity and the necessary skills, I would, of course, volunteer."
READ THE STORY: NEWSWEEK
Australia's Telstra suffers privacy breach, 132,000 customers impacted
FROM THE MEDIA: Australia's largest telecoms firm Telstra Corp Ltd (TLS.AX) said on Sunday that 132,000 customers were impacted by an internal error that led to disclosure of customer details. Telstra, which has 18.8 million customer accounts equivalent to three-quarters of Australia's population, said an internal review found the details were made publicly available due to "a misalignment of databases". Telstra referred Reuters to a company blog post, issued on Friday, that said "some customers’ names, numbers and addresses" were listed when they should not have been.
READ THE STORY: Reuters
The metaverse will have its zombies — and yes, they can get you IRL
FROM THE MEDIA: Many of us have seen this scene in so many zombie movies: A howling horde advances on the outpost in the form of one roaring, crawling pile of plagued flesh. “There’s too many of ‘em! Fall back!..” Gunfire, now stuttering and distant. A crazed staccato of the last survivor’s hectic run-for-it… Then, finally, silence. Mēris (Latvian for “plague”), a modified version of the infamous Mirai botnet, brought some 250,000 “zombies,” or compromised devices, to the party last summer, and the assault they put up would have put the above scene to shame. According to researchers, the botnet was able to throw as many as 21.8 million requests per second at its victims, crashing their overloaded servers in a major Decentralized Denial-of-Service (DDoS) attack.
READ THE STORY: VB
Elon Musk says his politics are in the center but extremism experts say he's using Twitter to increasingly empower right-wing viewpoints
FROM THE MEDIA: Though he has long touted himself as "somewhere in the middle" on politics, Elon Musk has been sharing increasingly more conservative political views on Twitter since he first showed interest in purchasing the platform, and is now regularly amplifying anti-Democratic conspiracy theories while endorsing Republican candidates across the country. "In the past I voted Democrat, because they were (mostly) the kindness party," Musk wrote in a tweet this May. He then bashed the Democratic Party, adding: "But they have become the party of division & hate, so I can no longer support them and will vote Republican."
READ THE STORY: INSIDER
Elon Musk’s Twitter won’t censor hate speech but won’t boost it either
FROM THE MEDIA: Twitter revealed new rules on its treatment of hateful speech Saturday, part of new owner Elon Musk’s vow to make the social-media giant a transparent bastion of free expression. “People will still see slur words in Tweets when they follow an account that uses them,” according to a post from Twitter Safety’s official account. “However, we will not amplify Tweets containing slurs or hate speech, and we will not serve ads adjacent to those Tweets.” The account explained that blanket removal or suppression of tweets containing hateful comments will not be an option.
READ THE STORY: NYPOST
Generative AI may be the magic potion small marketing agencies have been waiting for
FROM THE MEDIA: Gartner recently released its list of 7 Technology Disruptions That Will Impact Sales Through 2027. One was generative Artificial Intelligence. Gartner defined generative AI as AI that “learns from existing content artifacts to generate new, realistic artifacts that reflect the characteristics of the training data, but do not repeat it.” In simple terms, it can produce entirely new content, like images, videos, text and code, with very simple inputs.
READ THE STORY: VB
Items of interest
Armenia and Iran combine forces against Azerbaijan
FROM THE MEDIA: In early December, the Azerbaijani media reported about free of charge military supplies of Iran to Armenia amidst the growing tensions between Azerbaijan and Islamic Republic. According to the reports, Islamic Revolutionary Guard Corps (IRGC) provided 500 units of the Dehlavieh anti-tank missile system and 100 units of Almas system to Armenia at the end of October. These supplies took place amidst the military exercises the Iranian army carried out along the borders with Azerbaijan for the second time since the end of the Second Karabakh War of 2020 – Iran never conducted military drills along the Azerbaijani borders before this war. Along with these, Azerbaijani media published evidence confirming that Iran also sends military personnel to the separatist Armenian forces in the Karabakh region of Azerbaijan that is currently under the temporary control of the Russian peacekeeping units. They are reportedly supposed to train the Armenian separatist forces who regularly carry out terrorist and sabotage attacks against the Azerbaijani army.
READ THE STORY: Modern Diplomacy
Coffeezilla: SBF, FTX, Fraud, Scams, Fake Gurus, Money, Fame, and Power (Video)
FROM THE MEDIA: Coffeezilla is a journalist and investigator on YouTube.
Top Cybersecurity job interview tips (Video)
FROM THE MEDIA: Never make this mistake in the job interview process! Make sure you know how to negotiate for more money in 2023.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com