Sunday, December 25, 2022 // (IG): BB // THM:Windows RE // Coffee for Bob
Russia’s Electronic-Warfare Troops Knocked Out 90 Percent Of Ukraine’s Drones
FROM THE MEDIA: The Russian military’s failures in Russia’s wider war on Ukraine almost are too numerous to list. Too many attacks along too many sectors, which thinned out Russia’s best battalions. Too few infantry to screen the tanks. Inflexible air support. Artillery batteries that bombarded too many empty grid squares. And perhaps most importantly: inadequate logistics for what would become a long, grinding war. But it’s important to note where the Russians succeeded. If only to understand where Ukraine might need to improve its own forces. For a rare picture of Russian military competence, consider the Kremlin’s battlefield electronic-warfare troops. Amid the chaos of the Russian army’s initial push into Ukraine starting in late February, it took a few weeks for the Russians to deploy their extensive jamming infrastructure. But once they did, they began deafening and confusing the Ukrainians’ most sophisticated systems—in particular, their drones—in numbers that surely startled Ukrainian commanders.
READ THE STORY: Yahoo News
Google backed firm DeepMind trained AI to control nuclear fusion reaction
FROM THE MEDIA: Google-backed firm DeepMind made attempts to solve challenges in a donut-shaped vessel that will contain a nuclear fusion reaction. It presents a special kind of chaos where Hydrogen atoms are smashed together at high temperatures with rolling plasma hotter than the surface of the sun. The company was able to find a solution as it trans AI to control and confine that plasma to unlock the potential of nuclear fusion. At this point, the science underlying fusion seems sound, so what remains is an engineering challenge. “We need to be able to heat this matter up and hold it together for long enough for us to take energy out of it,” says Ambrogio Fasoli, director of the Swiss Plasma Center at École Polytechnique Fédérale de Lausanne in Switzerland.
READ THE STORY: TechStory
Latest Twitter Files shows CIA, FBI have spent years meddling in content moderation
FROM THE MEDIA: The CIA has been meddling in Twitter’s internal content moderation for years, according to the latest dispatches from Elon Musk’s “Twitter Files” — which also revealed “mountains of insistent moderation demands” from the Democratic National Committee, but not from the GOP. Two separate threads in the ongoing Elon Musk-sponsored deep dive into the social media’s internal documents were released Saturday by independent journalist Matt Taibbi, documenting how the platform has frequently bowed to government and political pressure. On June 29. 2020, Taibbi shows, the FBI’s Elvis Chan — who has played a starring role in past Twitter Files releases — asked company executives to “invite an OGA” to an upcoming conference.
READ THE STORY: NYPOST
Internet Outages Taking Heavy Toll on Iran’s Economy
FROM THE MEDIA: Iran launched an extensive shutdown in September in response to protests that drastically limited all digital communication in the country. Its campaigns to slow connectivity and access to popular services, including Meta's Instagram, are continuing. Dragging out the disruptions, though, is beginning to reveal the true economic toll, according to new assessments by the US Department of State (DOS). Iran is already a heavily sanctioned nation, yet the government has repeatedly imposed broad digital restrictions and shutdowns, including notable initiatives in 2017 and 2019. The cumulative impact of these crackdowns has affected the rights of more than 85 million people living in Iran and disrupted every aspect of Iranian society, including commerce, WIRED reported.
READ THE STORY: Financial Tribune
Hacker Claims to Have Scrapped 400M Twitter User Records
FROM THE MEDIA: A member of a criminal data breach forum claims to have obtained the emails and phone numbers of 400 million Twitter users in a posting that urges social media CEO Elon Musk to buy the data set for an unspecified price. The posting, apparently first noticed by Israeli cyber intelligence firm Hudson Rock, includes alleged private email addresses for three dozen well known personalities including New York Democratic Rep. Alexandria Ocasio Cortez, Ethereum cryptocurrency founder Vitalik Buterin and cybersecurity reporter Brian Krebs. The posting also includes a link to a spreadsheet with a thousand records, a handful of which belong to public institutions and whose listed email addresses appear legitimate. The poster, who uses a male avatar and goes by the handle "Ryushi," says the records were exposed for scrapping "via a vulnerability" and did not respond to a request for elaboration over his Telegram channel.
READ THE STORY: BankInfoSec
FBI 'doorman to social media censorship, surveillance', reveal Twitter Files
FROM THE MEDIA: Mentioning that FBI did not refute the previous claims about how it benefited from the social media platform, which had basically asserted that the FBI moderates the Twitter, journalist Matt Taibbi said on Twitter that the bureau shared a statement on Wednesday, saying: “The men and women of the FBI work every day to protect the American public…” “It is unfortunate that conspiracy theorists and others are feeding the American public misinformation with the sole purpose of attempting to discredit the agency,” the FBI added. Taibbi said: “The files show the FBI acting as doorman to a vast program of social media surveillance and censorship, encompassing agencies across the federal government – from the State Department to the Pentagon to the CIA.” “The operation is far bigger than the reported 80 members of the Foreign Influence Task Force (FITF), which also facilitates requests from a wide array of smaller actors - from local cops to media to state governments,” he said in a series of tweets.
READ THE STORY: Tribune (PK)
GCHQ code-cracking Christmas cards - test whether you've got what it takes to be a spy
FROM THE MEDIA: Everyone can have a go at code-cracking this Christmas with the UK spy agency GCHQ's Christmas card puzzle. Active spies who work for GCHQ and codecrackers put together to test a range of skills required to succeed in a career with the intelligence services. The card was sent out by the Government Communications Headquarters boss Sir Jeremy Fleming to his contacts all over the world. It was also sent to secondary schools in the UK in the hope it would give them a chance for them to test whether they've got what it takes to become a spy at GCHQ. Chief Sir Jeremy said:: "This year’s GCHQ Christmas Card Challenge gives an insight into the skills we need every day as part of our mission – from languages to coding. He added: "From breaking Enigma to harnessing the latest cutting edge technology, our brilliant people have worked together throughout our history to help keep the country safe. "But skills alone won’t be enough to crack this one. Puzzlers need to combine a mix of minds to solve the seemingly impossible".
READ THE STORY: Cambridge Shire Live
China’s ‘heavenly palace’ space station releases small satellite into orbit
FROM THE MEDIA: China deployed a mini satellite into low-earth orbit from its Tiangong (“Heavenly Palace”) space station, which was completed in October this year. The 12-kilogram satellite was developed by the China Academy of Space Technology and is called the Macao Student Science Satellite 1, according to China Daily. The Chinese Communist Party-run publication says the satellite is designed to help students in Macao learn about Erth imaging, radio communication and other spaceflight activities, quoting the China Manned Space Agency. The satellite was carried on the Tianzhou 5 cargo spacecraft to the space station. According to China Daily, scientists have used the Tianhou-series cargo ships to transport many payloads of scientific equipment and mini-satellites to orbit to make the best use of their äbundant carrying capacity.”
READ THE STORY: Indian Express
Alphabet reshuffles to meet ChatGPT threat and Sundar's not having a happy holiday
FROM THE MEDIA: Sundar Pichai is apparently all in a pickle over OpenAI's ChatGPT engine, and is gearing up Google to meet the perceived threat. According to an internal memo seen by the New York Times, Pichai has "upended the work of numerous groups inside the company to respond to the threat that ChatGPT," and is plucking staff from other divisions to meet the threat to the OpenAI's plans. It's reportedly considered a "Code Red" for the Chocolate Factory. At issue is whether Google's core product, search, will be displaced by AI systems that can give more accurate research results, and that's a big if, for the moment at least. "No company is invincible; all are vulnerable," said Margaret O'Mara, a professor at the University of Washington. "For companies that have become extraordinarily successful doing one market-defining thing, it is hard to have a second act with something entirely different."
READ THE STORY: The Register
Google AI Propose A Novel Generative Modeling Framework Called ‘EHR-Safe’ For Generating Highly Realistic And Privacy-Preserving Synthetic EHR Data
FROM THE MEDIA: The potential of EHR to improve patient care, integrate performance measurements into clinical practice, and streamline clinical research is enormous. Diseases may be diagnosed using statistical estimation or machine learning models trained on electronic health record data (such as diabetes, tracking patient wellness, and predicting how patients respond to specific drugs). Both academics and industry professionals require access to data to construct such models. However, a key obstacle to data access remains data privacy concerns and patient confidentiality restrictions. Traditional approaches to data anonymization are time-consuming and expensive. Even when the de-identification procedure is performed in line with established standards, they might distort essential information from the original dataset. This drastically reduces the data’s utility, making it vulnerable to privacy threats.
READ THE STORY: Mark Tech Post
DPRK hackers behind attacks on S. Korean security experts
FROM THE MEDIA: Police said Friday that a North Korean hacker group was behind a series of phishing attacks this year targeting security experts in South Korea by sending them emails and inviting them to click on links to fake websites. The scam, which took place between April and October, involved faking the identity of local reporters covering national security and an assistant to Rep. Tae Yong-ho, a former North Korean diplomat who defected to the South and is now a ruling party lawmaker. Of the 892 people who received such emails, 49 had unwittingly given away their passwords. But none among those tricked were government employees, according to police, who noted the hackers compromised 326 computer servers scattered in 26 countries to mask the source of traffic.
READ THE STORY: The Korea Herald // KT
Twitter Queried in the EU for Data Leak of 5.4 Million Users
FROM THE MEDIA: More than 5.4 million Twitter users were impacted by this leak, which contained both public data scraped from the website and private phone numbers and email addresses. The information was accessed via taking advantage of an API flaw that Twitter rectified a few months back. Following news allegations of a significant Twitter data leak last month, the Irish Data Protection Commission (DPC) has opened an investigation. It is not taking this likely with Elon Musk’s Twitter Inc. A revelation that one or more datasets containing user personal information “had been made public on the internet” prompted Ireland’s Data Protection Commission to announce Friday that it had decided to launch an investigation.
READ THE STORY: InfoSecBuzz
Lastpass Data Breach Frightens Users, Some Say Hack ‘May Be Worse Than They Are Letting on’
FROM THE MEDIA: On Dec. 22, 2022, the password management firm Lastpass disclosed that an “unknown threat actor” managed to breach the firm’s cloud-based storage environment in or around Aug. 2022. As soon as the news was published, the Lastpass data leak has been a topical discussion on social media and forums. A great number of people believe that Lastpass’ situation “may be worse than they are letting on.” “Based on our investigation to date, we have learned that an unknown threat actor accessed a cloud-based storage environment leveraging information obtained from the incident we previously disclosed in August of 2022,” Lastpass disclosed. Lastpass insists the encrypted fields are secure with 256-bit AES encryption and the info can only be decrypted by leveraging each user’s master password using the firm’s zero-knowledge architecture. “As a reminder, the master password is never known to Lastpass and is not stored or maintained by Lastpass,” the company detailed.
READ THE STORY: BITCOIN
The famous British newspaper The Guardian victim of ransomware
FROM THE MEDIA: Highly reputable British daily, The Guardian is currently going through an area of turbulence. Indeed, the editorial staff explained that they had suffered “ a serious computer incident on December 21. The company’s technology infrastructure appears to have been severely impacted by this attack which has yet to be claimed. The managing director of Guardian Media Group provided some additional explanations. In her statement, Anna Bateson mentions the fact that the offensive was carried out by ransomware. The network and the computer system of the group have therefore been compromised even if there is obviously no danger in delay. Indeed, the technical teams are working to correct the problem and the editors are able to continue their activities normally. In the press release posted by the player, we also learn that the journalists have been placed in telework and can publish their articles as if nothing had happened (or almost). Note that staff working from home will be maintained for as long as necessary. In addition, the paper version of the daily could also be published normally. Thus, subscribers should not be aware of the attack suffered by the site.
READ THE STORY: HITECH Wiki
The FBI Says You Need to Use an Ad Blocker on Google and Bing
Analyst Comments: Due to the use of digital advertising platforms to spread malware or introduce redirections for exploitation it wise to utilize blocking tech.
FROM THE MEDIA: The Federal Bureau of Investigation took a break from hunting serial killers this week to release a public service Notice: If you don’t use an ad blocker, what do you do?? According to the Internet Crime Complaint Center, criminals use ads in search engine results like Google and Bing to imitate brands. These ads redirect unsuspecting users to fake websites that look identical to the pages users are actually looking for, where they are then exposed to ransomware or phishing attacks. The bureau says an ad blocker can help. While the government doesn’t recommend a specific ad blocker, I just tested uBlock Origin with some of my favorite Google searches and didn’t see a single ad in the results. An ad blocker is also a great solution if you find yourself in the comments section of this article with a bizarre impulse to complain about the ads on Gizmodo, a beautiful, perfect website.
READ THE STORY: US Times Post
How the FBI Used Twitter to Lie to You
Analyst Comments: This is an OPED… take the authors views with grain of salt.
FROM THE MEDIA: The FBI we know is a creation of Hollywood. From the beginning, J. Edgar Hoover sought to insert the bureau into movies and TV shows, to portray the agency as grounded in American values, and special agents as righteous competence personified. Even on the far-out “X-Files,” with its hinting at nefarious government activities, Agent Mulder’s one flaw was idealism bordering on naivete. For over a century, Hollywood has upheld the belief that a federal law enforcement/internal quasi-spy agency is necessary for the safety of a free society and its citizens. This image of the FBI fails to highlight an important fact. The FBI is allowed to lie to you. They can lie to acquire information or encourage a confession. Unlike entertainment, agents don’t need a story to fill a certain screen time, or number of theater seats. They just need to convince a very small audience just dumb enough to reveal something incriminating to their new friends.
READ THE STORY: American Thinker
Cincinnati State data breach possibly exposed Social Security numbers, other information
FROM THE MEDIA: Cincinnati State Technical Community College says a cybersecurity breach potentially exposed personal information stored on its network. The Clifton-based college detected unauthorized access to the network on Nov. 2 and an investigation was launched in consultation with outside cybersecurity professionals, according to a notice posted to Cincinnati State's website on Friday. The incident was also reported to law enforcement, according to the notice. Following the investigation, Cincinnati State discovered certain files − containing personal information − were removed from portions of its network between Oct. 30 and Nov. 2, the notice states. The data included full names, addresses, dates of birth, Social Security numbers, driver’s licenses or state identification numbers, health insurance information, and financial account information, the notice states.
READ THE STORY: The Enquirer
Twitter Under Fire As Tweets From Newly Launched Blue Profiles Are Filled with Misinformation
FROM THE MEDIA: It’s been a really rocky start for Twitter this year. The app has acquired a new leadership and we’re not quite sure if that has worked out too well in its favor. Elon Musk’s major plans to rewrite the platform’s verification rules were seen as a way to combat the growing number of misleading profiles on the app. So many accounts failed to achieve authentic verification and impersonation was running at an all-time high on the platform as well. For a mere value of $8, we saw so many accounts get the verified badge on the app and there was no end to the dilemmas this brought along with it. Musk and his team’s executives knew something had to be done quickly and that’s why they set forth to pause the subscription and introduce another plan. A relaunch was done and more measures were taken to try and reduce this impersonation factor before it was too late.
READ THE STORY: DIW
Severe vulnerability, ENLBufferPwn, found in multiple Switch, 3DS, and Wii U games
FROM THE MEDIA: A severe vulnerability known as ENLBufferPwn has been found in various Switch, 3DS, and Wii U games. PabloMK7, Rambo6Glaz, Fishguy6564 were credited for the discovery. The vulnerability, first uncovered in 2021, was already reported to Nintendo. The exploit is especially significant since a victim’s device can be easily taken over. This can be done merely by having an online game session with an attacker. Given the 9.8/10 (Critical) score it received in the CVSS 3.1 calculator, that goes to show how serious it is. When paired with other OS exploits, the attacker could achieve full takeover of the system. They could also steal sensitive information or take audio / video recordings. Remember the version 1.2 update for Mario Kart 7 that just recently came out? Many were surprised that the game received a new patch after so many years. As it turns out, Nintendo was looking to fix the ENLBufferPwn exploit.
READ THE STORY: Nintendo Everything
Items of interest
Jack Sweeney brings back Elon Musk jet-tracking Twitter account — but there’s a catch
FROM THE MEDIA: A new Twitter account launched by suspended user Jack Sweeney that tracks Elon Musk’s private jet flights has been “search banned,” the mogul’s college-age tormentor told The Post on Friday. Sweeney, the 20-year-old University of Central Florida sophomore whose @Elonjet account was banned this month, returned to Twitter with @ElonJetNextDay, which goes by the name “ElonJet but Delayed.” Rather than having a bot provide same-day information about Musk’s private jet flights, Sweeney told The Post, he will manually upload the information after 24 hours. However, Sweeney claimed @ElonJetNextDay remains hard to find because it has been “search banned” — meaning it’s hidden as sensitive content and can only be found after adjusting Twitter’s search settings.
READ THE STORY: NYPOST
Malware Analysis In 5+ Hours - Full Course - Learn Practical Malware Analysis (Video)
FROM THE MEDIA: This is the first 5+ house of PMAT, which is my course that is available on TCM Security Academy. The full course is 9 hours of high quality videos, practical labs, and challenges to learn the art and science of malware analysis.
MALWARE ANALYSIS // How to get started with John Hammond (Video)
FROM THE MEDIA: The amazing John Hammond tells us how to get into Malware Analysis. Learn about jobs, what you need to know and much more.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com