Sunday, February 05, 2023 // (IG): BB // BSidesCharm// Coffee for Bob
Inside the ‘Wormhole,’ Relativity Space’s monster factory 3D-printing reusable rockets
FROM THE MEDIA: Relativity Space, an aerospace startup, is building its larger, reusable line of Terran R rockets in a more than 1-million-square-foot former Boeing facility called "The Wormhole." The company is using mostly 3D-printed structures and parts to create rockets in less than 60 days. CNBC recently toured the facility, where Relativity Space is utilizing about a third of the space with a dozen printers that can produce several Terran R rockets a year. The company aims to launch its first rocket, Terran 1, from Cape Canaveral in Florida this year.
READ THE STORY: CNBC
Telegram’s latest update adds real-time message translation
FROM THE MEDIA: Telegram is making it easier to communicate with people who don't speak the same language, adding a tool for turning stickers and emoji into profile pictures, organizing stickers into categories, and introducing new interactive emoji. It's also improving network usage tools, tweaking the automatic media download settings to support exceptions, and offering an annual subscription option for Premium users. In Russia, Telegram has become almost indispensable due to the government's clampdown on Western tech, but there are concerns about its capacity to share confidential information with authorities.
READ THE STORY: Engadget // Wired
Bermuda hit by major internet and power outage
FROM THE MEDIA: Bermuda experienced a widespread power outage Friday evening which impacted the island's internet and phone service. The government advised customers to unplug all sensitive electrical equipment as crews worked around the clock on restoration efforts. BELCO (Bermuda's sole electricity provider) reported 4,464 customers were out of power. By 11pm, internet traffic levels gradually returned to normal. Power surges that follow a power cut can be damaging to voltage-sensitive devices. The cause of this incident remains yet to be learned.
READ THE STORY: BleepingComputer
Europe’s decade of the spy
FROM THE MEDIA: Europe is seeing an unprecedented rise in espionage cases, with Russia being behind most of the spying but with China also on the rise. In the last decade, there have been 42 convictions for espionage across Europe, with 37 of those convicted spying for Russia. Many of these moles were in defense or intelligence agencies, and the number of cases is accelerating. As Western security officials shift their focus from counterterrorism to counterintelligence, they are increasingly worried about China’s long-term threat to Europe’s security. The 2020s could be Europe’s “decade of the spy” — with some of the spies becoming as infamous as their American counterparts in the 1980s.
READ THE STORY: Politico
India’s Largest Truck Brokerage Company Leaking 140GB of Data
FROM THE MEDIA: FR8, India's largest truck brokerage and freight delivery company, is facing a serious data leak problem. An IT security researcher has discovered that the company exposed more than 140 gigabytes of data to the public without any password or security authentication. The leaked data includes customer records, invoices, payment details, names, addresses, and contact numbers. FR8 has not responded to the alert and their only contact email address available to the public is bouncing back all emails. The misconfigured server is still live, thus exposing the data to misuse and abuse by third parties with malicious intent. Misconfigured databases have become a major privacy threat, and India is among the top 10 countries with the most database leaks due to misconfiguration in 2021.
READ THE STORY: HackRead
ChatGPT Releases New Tool to Identify AI Writing
FROM THE MEDIA: OpenAI, the maker of ChatGPT, has released a new tool called AI Text Classifier to help deal with concerns about how artificial intelligence (or AI) can be used to cheat in school. The tool is designed to identify writing that was produced not by students but by AI programs. Schools around the country are blocking its use in classrooms and on school devices, but some districts are using it as an educational tool. OpenAI warns that its detection tool will not always be accurate and should not be solely relied upon when making decisions. The company is also creating new recommendations to help educators use the technology responsibly.
READ THE STORY: VOA
AI threats and open-source vulnerabilities top host of security issues facing cloud-native community
FROM THE MEDIA: Security concerns in the cloud-native world look a lot like what’s keeping practitioners up at night in the rest of the technology ecosystem, such as implementation of zero-trust security in the enterprise, supply chain vulnerability, threats to cryptography from quantum computing, and the rise of powerful artificial intelligence engines such as OpenAI LLC’s ChatGPT. Additional concerns surrounding continued open-source security flaws paint an overall picture for cloud-native as a community under escalating attack. The need to protect cloud infrastructure is paramount, so the cloud-native security community is actively assessing where the most serious risks reside.
READ THE STORY: SiliconAngle
Amazon Still Selling T95 TV Box with Pre-Installed Malware
FROM THE MEDIA: A Canadian developer and security systems consultant discovered pre-installed malware on the T95 TV box available on Amazon. After further investigation by Malwarebytes mobile malware researcher Nathan Collier, it was determined that the malicious traffic was caused by DGBLuancher, an APK loading and running Corejava classes.dex. Collier recommends a factory reset before proceeding to fix the issue and installing adb onto a Linux, Windows, or Mac environment and putting the box into Developer Mode.
READ THE STORY: HackRead
Finish Him!’ US Kills Huawei With Final Tech Ban
FROM THE MEDIA: The US government has cut off Huawei’s last sources of technology, refusing to grant export licenses for chips and other tech components. The move is expected to reflect the Biden administration’s tightening of policy on Huawei over the past year, and will have serious consequences for the company’s phone business. The reasons behind the move are disputed, with some suggesting that it is an attempt to protect American interests and others arguing that it is a form of market intervention.
READ THE STORY: Security Boulevard
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
FROM THE MEDIA: Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) are warning that attackers are actively targeting VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy a new ESXiArgs ransomware. The vulnerability is tracked as CVE-2021-21974 and affects the following systems: ESXi versions 7.x prior to ESXi70U1c-17325551; ESXi versions 6.7.x prior to ESXi670-202102401-SG; and ESXi versions 6.5.x prior to ESXi650-202102101-SG. To protect against these attacks, admins have to disable the vulnerable Service Location Protocol (SLP) service on ESXi hypervisors that haven't yet been updated and apply the patch as soon as possible. Analysis of the encryptor reveals that it is likely based on leaked Babuk source code and uses RSA encryption, making it difficult to decrypt without paying the ransom.
READ THE STORY: BleepingComputer
NY attorney general forces spyware vendor to alert victims
FROM THE MEDIA: The New York attorney general's office has announced a $410,000 fine for Patrick Hinchy, a stalkerware developer who used 16 companies to promote surveillance tools illegally. The agreement also requires him to alert his customers' victims that their phones are being monitored using one of his multiple apps. In recent years, the U.S. Federal Trade Commission has taken action against several other stalkerware makers and Google has now banned advertising for spyware and surveillance tech globally.
READ THE STORY: BleepingComputer
Feds Confirm Cyberattack Caused Nation’s Critical Suicide Helpline Outage
FROM THE MEDIA: Federal officials have confirmed that a cyberattack caused a nearly day-long outage of the United States’s 988 mental health helpline on December 1st, 2020. Intrado, the telecommunications provider for the helpline, is currently working with a third-party assessor to investigate the incident and law enforcement agencies have been notified. In light of the attack, Democrat Rep. Tony Cárdenas and Republican Rep. Jay Obernolte have introduced a bill calling for better coordination and reporting around cyberattacks on the 988 system in order to mitigate the risks of future disruptions to the service.
READ THE STORY: CircleID
‘0ktapus’ hackers are back and targeting tech and gaming companies, says leaked report
FROM THE MEDIA: Hackers known as "Scattered Spider" have targeted several tech and video game companies, according to a report from cybersecurity firm CrowdStrike. Reports suggest that this is the same group as "Roasted 0ktapus," which stole credentials from 10,000 employees last year. The hackers have been deploying numerous phishing pages, including ones designed to mimic Okta login portals and Microsoft services. Companies such as Riot Games, Roblox, Zynga, Mailchimp, Intuit, Salesforce, Comcast, and Grubhub were on the list of targets. It's unclear if any of the companies have been affected by the attacks.
READ THE STORY: Business Ghana
Elon Musk says Twitter will provide a free write-only API to bots providing ‘good’ content
FROM THE MEDIA: Twitter has announced that it is shutting down free access to its APIs starting February 9th. However, Elon Musk said yesterday that after getting feedback from developers, Twitter will provide a write-only API for "bots providing good content that is free". This announcement is still very unclear and the details on what constitutes "good content" and how bots will be able to make money off of this are yet to be seen. There are many developers and researchers who rely on the free APIs and they may not have a budget to pay a monthly fee. Additionally, it might be difficult to weed out spam, as some don't use the official API.
READ THE STORY: TC
Why Are US Legislators Still Using Apps That Can Collect Data For Foreign Governments
FROM THE MEDIA: 32 elected officials in the US Congress have been found to be using the social media app TikTok, despite security concerns posed by foreign governments collecting data. These members of Congress are particularly worrying given that many hold positions in committees responsible for foreign affairs, military matters, or national security. The US Government has already taken steps to protect against these types of threats, such as banning the use of Kaspersky software on government computers. It is incumbent upon these officials to exercise caution and delete their TikTok accounts to avoid exposing classified information to potential cyber-security threats.
READ THE STORY: Rebellion Research
Why FAA denying exemption for Percepto drones is a good thing
FROM THE MEDIA: The FAA has denied Percepto's latest exemption request, allowing the company to operate drones beyond visual line of sight (BVLOS) without a flight crew on-site. This is a breakthrough ruling for Percepto and the entire drone industry, as it will lead to more streamlined applications and approvals for BVLOS operations. Percepto has implemented processes that exceed the pre-flight inspection requirements set out in Part 107, which convinced the FAA to deny its exemption request.
READ THE STORY: DroneDJ
Ukraine power substation fire leaves Odesa’s grid on the brink
FROM THE MEDIA: Prime Minister Denys Shmyal has said the "magnitude of the accident is very important" after a fire at a power plant in Odesa left nearly 500,000 people without power. The fire was caused by Russian rebels attacking the power grid and repairs could take weeks. The government has asked Turkey to send heavy ships with electricity to support the city and will send stocks of high-energy electricity from the Ministry of Energy. Kudrytskyi said that most important places in the city are being supplied with energy.
READ THE STORY: Legacy Medi4
A Shadowy Secret: Intelligence Infiltration of Web3 Projects
FROM THE MEDIA: CertiK recently uncovered indications that Iranian intelligence operatives could be actively attempting to infiltrate some crypto projects early in their development phase. Our team of former law enforcement investigators and intelligence analysts shared their findings and gave expert takeaways on how to preserve the integrity of the Web3 industry. We recommend that organizations seeking to engage with Web3 projects deploy due diligence efforts proportional to the cyber risks at stake, such as comprehensive risk assessments, tailored technical audits, on-chain monitoring, penetration testing, bug bounty programs, and cyber-incident management programs.
READ THE STORY: BSC News
BongDAO Suffers Oracle Hack; loses $120 Million
FROM THE MEDIA: Over the past two years, the crypto sector has experienced multiple cyber attacks, resulting in a huge loss of crypto assets. On Feb 2, BonqDAO reported an oracle hack which resulted in the minting of 120 million BEUR tokens and triggered liquidation of ALBT troves. Peckshield estimated a $120 million loss in the hack. AllianceBlock announced that hackers manipulated nearly $5 million worth of ALBT tokens on Bonq. Crypto investors are advised to check smart contract approvals and revoke access regularly. In 2021, scammers have hacked nearly $14 billion worth of assets and 2020 saw 79% rise in losses from crypto-related attacks.
READ THE STORY: The Coin Republic
Biden appoints new supply chain risk cyber chief
FROM THE MEDIA: The US Government's Cybersecurity and Infrastructure Security Agency (CISA) is launching a new office to help federal agencies, industry and other partners navigate the complex IT supply chain risk management landscape. The office is led by Shon Lyublanovits, and will be responsible for helping agencies implement supply chain security practices enshrined in law, as well as developing government-wide criteria for federal supply chain risk management program. It will also provide training courses, host roundtable events and coordinate best-practice guidance from agencies like NASA and the National Institute for Standards and Technology (NIST). CISA's efforts are aimed at protecting the country against malware when procuring IT services.
READ THE STORY: Supply Chain Digital
Dynamic Approaches seen in AveMaria’s Distribution Strategy
FROM THE MEDIA: Zscaler’s ThreatLabz research team has identified seven case studies of the AveMaria infostealer attack chain over the past six months. AveMaria is a Remote Access Trojan (RAT) infostealer malware that targets sensitive data with added capabilities of remote camera control and privilege escalation. Attackers have been using phishing emails to deliver the malicious payloads, which are often disguised as meeting notices, tender invitations or invoice payments. The AveMaria attack chain techniques observed in these case studies include the use of .vhd(x) files, custom downloaders, type-casting, Autoit script and VBscript. The malware establishes communication with the attacker's Command-and-Control server on non-HTTP protocol, after decrypting its C2 connection using RC4 algorithm.
READ THE STORY: Security Boulevard
Google invests $300M in AI firm previously funded by SBF
FROM THE MEDIA: Google Cloud recently invested $300 million into AI startup Anthropic, which previously raised over $500 million from former FTX CEO Sam Bankman-Fried. The investment will help Anthropic utilize Google's GPU and TPU clusters to train and implement its AI chatbot, Claude. However, Bankman-Fried is currently under house arrest at his parent's California home due to eight fraud and conspiracy-based charges laid against him. It remains to be seen where the massive debt in the FTX bankruptcy case will be sourced from.
READ THE STORY: Coin Telegraph
The FBI Now Owns A Bored Ape! Here's How And Which One
FROM THE MEDIA: Recently, the FBI seized a Bored Ape Yacht Club NFT (#9658) and a Doodle NFT (#3114) from a scammer known as Horror. These two collections are among the most well-known in the world of NFTs. The floor price for Bored Apes is 70.95 ETH, or $117,100 at the time of writing. The floor price for Doodles is 6.25 ETH, or $10,315 at the time of writing. The NFTs are held in a wallet and will likely be monitored to see if the FBI ever sells them.
READ THE STORY: Investing
How Tim Ellis went from wannabe screenwriter to Elon Musk’s biggest space competitor
FROM THE MEDIA: Tim Ellis and his college friend Jordan Noone founded Relativity Space, a company that designs and builds 3D-printed rockets with the goal of eventually sending humans to Mars. After raising more than $1.3 billion from investors such as Mark Cuban, Black Rock, and Y Combinator, Relativity is now set to launch its first rocket, Terran 1, in February 2021. Ellis's technical vision involves fusing 3D printing, AI, robotics, and in-house manufacturing to craft rockets with one-tenth as many parts as conventionally-built ones. Ellis and Noone take a supportive managerial approach that values emotional intelligence, empathy, and connection. They hope their technology will help facilitate a human presence on Mars and create more sustainable living on Earth. Ellis believes they are creating real-life sci-fi and living out his dream of pushing boundaries and blowing people’s minds.
READ THE STORY: FastCompany
Items of interest
Iran: Another Ukraine
FROM THE MEDIA: The US and Israeli militaries have been carrying out joint military exercises simulating an attack on Iran, and Israel recently carried out a drone strike on Iran. These actions are being sold as attempts to "contain" Iran, but the country is already encircled by US bases, threatened by nuclear-armed powers, and suffering from crippling sanctions. The hypocrisy of these measures has not gone unnoticed, with countries in the Global South refusing to go along with US political and economic isolation of Russia due to its invasion of Ukraine. It is important that those in the US appalled by this situation do all they can to steer Biden away from making the same mistake.
READ THE STORY: The Hitavada
REveal: Unmasking Malware’s True Identity (Video)
FROM THE MEDIA: Brian and Scott discuss the day's events at ShmooCon, including a belay challenge. Scott also discusses Reveal, a malware analysis tool that he created to help reverse malware. Jordan speaks about the difficulty of accurately matching software binaries, and how to mitigate firmware vulnerabilities. The video also provides instructions on how to update firmware on a Linux system and protect against remote attacks.
The UEFI Threat — Or How I Can “Permanently” Brick Your Computer (Video)
FROM THE MEDIA: This video explains how to identify and mitigate security vulnerabilities in common protocols, as well as how to update firmware on a Linux system. Richard also talks about TPM, boot guard, and opt-inmanager, and how they can help detect and fix potential security issues. He also warns users of the dangers of remote firmware attacks.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.