Sunday, March 12, 2023 // (IG): BB // Cyber-Roundup// Coffee for Bob
China’s ‘Digital Silk Road’ in Africa Raises Questions
Analyst Comments: The resolution introduced by U.S. lawmakers criticizing South Africa’s government for its close relations with Beijing, including its use of Chinese technology, is significant in a strategic sense as it highlights the growing competition between the U.S. and China in the tech industry and their attempts to exert influence in Africa. While the U.S. faces an uphill battle in vying for telecommunications influence in Africa, China's investment in digital infrastructure is seen as a cheaper path to greater connectivity by most African governments. However, the adoption of new technologies on the continent is rarely accompanied by the implementation of robust regulatory frameworks, and there are concerns that African regimes with undemocratic tendencies could adopt not just Chinese tech but the way China uses it to monitor dissent.
FROM THE MEDIA: A group of U.S. lawmakers recently drafted a resolution criticizing South Africa’s government for its close relations with Beijing, including its use of Chinese technology, and called on President Joe Biden to review American’s relationship with Pretoria. The U.S. resolution mentioned two South African companies with links to Chinese tech that the lawmakers felt were of concern. The U.S. concern is Vumacam “has partnered with Chinese company Hikvision for the cameras’ hardware,” the resolution said. The sale of Hikvision products was also recently banned in the U.S. Telkom, South Africa’s partly state-owned telecom operator, “launched its 5G network throughout the country in October 2022 using technologies from Huawei technologies.” Across the continent, Huawei dominates: Its subsidiaries own up to 70% of all 4G networks. Digital watchdogs, however, often label China as one of the worst abusers of internet freedoms domestically, and observers from the West worry that African regimes with undemocratic tendencies could adopt not just Chinese tech but the way China uses it to monitor dissent. China also made headlines in 2018 with reports of Beijing having bugged the Chinese-built African Union headquarters in Addis Ababa.
READ THE STORY: VOA
TikTok ban and AI
Analyst Comments: China's history of espionage and human rights violations, coupled with its use of proxies for execution and advanced technology for intelligence gathering, poses a significant national security threat. It is crucial to exercise caution when dealing with Chinese-backed companies, as their track record highlights the potential risks and vulnerabilities that could compromise sensitive information and assets. The data collected by TikTok could be used to train China's AI, and the app's facial recognition capabilities could be used to surveil Uyghur concentration camps, which is concerning given the ongoing genocide of the Uyghurs. A ban on TikTok would be legally defensible, and the US should take measures to ensure that Chinese-backed companies do not pose a threat to national security. A national privacy law would not be sufficient to address the national security risks posed by TikTok and other Chinese-backed companies.
FROM THE MEDIA: Critics of a potential ban on the Chinese-owned social media app TikTok allege that it would violate the First Amendment. However, experts warn that TikTok poses a significant national security threat as it has been caught using its network to spy on journalists and monitor users' keystrokes and taps. China can use TikTok for espionage operations, and the app provides China with massive data to train its AI, which poses a unique national security concern. Additionally, TikTok's facial recognition capabilities could be used to surveil Uyghur concentration camps, and any advances in facial recognition could be deadly for Uyghurs. The US has previously banned Chinese telecommunications equipment made by Huawei and ZTE due to national security concerns, and a ban on TikTok would legally be most similar to that case. Experts caution that even with new privacy rules, a CCP-backed company like TikTok cannot be trusted to follow them, and the app poses a significant national security threat.
READ THE STORY: The Hill
Chinese satellite gathering intel for Pearl Harbor-style hypersonic missile attack by using green lasers claim experts
Analyst Comments: Chinese activity in Hawaii has raised concerns about China's intentions towards the US military presence in Hawaii, given the large US military presence there. It also shows that China continues to employ a "whole of society" approach to espionage, as warned by Nicholas Eftimiades, a retired veteran US Department of Defense intelligence official and a visiting senior research fellow at King’s College London. The significance of the event lies in the potential for a repeat surprise attack on the US, as China has been building up a vast arsenal of hypersonic missiles aimed at neutralizing the power of the US Navy and attacking American facilities in the Pacific. This Chinese activity indicates the dual use of civilian technology that also serves military missions and raises concerns about China's intentions towards the US.
FROM THE MEDIA: The satellite was discovered to be measuring the density of the atmosphere and could detect different wind directions, which are data required for China to accurately target small multiple reentry vehicles nuclear warheads or hypersonic glide vehicle warheads. Experts have warned that this activity could pave the way for a surprise attack on the US. China has been building up a huge arsenal of hypersonic missiles aimed at neutralizing the power of the US Navy and attacking American facilities in the Pacific. Its hypersonic missiles have been described as “game changers” by Western experts. The Chinese activity also comes after a separate scandal over reports of Chinese spy balloons being shot down over the US.
READ THE STORY: The U.S. Sun
Draining talent: The consequences and solution of Brain Drain Pakistan
Analyst Comments: Brain drain is a significant issue for Pakistan as it impedes the nation’s growth and development by robbing it of the capacity to innovate and contend in the international market. Additionally, it has negative impacts on the country’s healthcare and education systems. Without addressing this issue, Pakistan will continue to lose its best and brightest minds to other nations, hindering its progress and development. Therefore, it is crucial for the government to take action to counter this problem by fostering economic opportunity, addressing security concerns, improving healthcare and education systems, and adopting policies to encourage emigrants to return to the country.
FROM THE MEDIA: Pakistan has been struggling with brain drain for decades, which is the phenomenon of highly educated and competent people leaving the country in search of better opportunities overseas. The causes of brain drain in Pakistan are complex, including economic prospects, political instability, social unrest, and lack of security. The effects of brain drain are extensive and negative, as it impedes the nation’s growth and development by robbing it of the capacity to innovate and contend in the international market. Additionally, brain drain also has negative impacts on the country’s healthcare and education systems. To address this issue, Pakistan needs to take a multi-pronged approach, including expanding economic opportunities, addressing security concerns, improving healthcare and education systems, and adopting policies to encourage emigrants to return to the country.
READ THE STORY: Modern Diplomacy
U.K.’s Royal Navy, Ukraine Jointly Repel Simulated, Russian Cyberattack on National Infrastructure
Analyst Comments: The Defence Cyber Marvel 2 exercise was a significant event in a strategic sense. Cyber threats are an increasing concern worldwide, and cyber defense skills must be continually tested and improved to keep pace with emerging threats. The exercise provided an opportunity for allies and partners to learn from each other and sharpen their skills together, increasing the collective cyber defense capability. The simulated cyber threats were based on real-world events, providing a chance to prepare for future attacks. The results of the exercise showed that the Royal Navy and Ukrainian cyber teams were the most improved, indicating the exercise's success in enhancing their cyber defense skills.
FROM THE MEDIA: The Royal Navy's cyber operations specialists based in Portsmouth joined forces with a Ukrainian cyber unit to respond to simulated cyber threats, including attacks on networks, industry control systems, and unmanned robotic systems, simulating some of the tactics Russia used to disrupt Ukrainian cyberspace during the early days of the invasion one year ago. The teams successfully defended against virtual attacks on national infrastructure, and the Royal Navy and Ukraine teams were declared the most improved at the end of the week-long exercises, which were run as a competition with participants judged on their effectiveness and speed.
READ THE STORY: MSSP Alert
Starfish Space raises $14 million to create cheap satellite servicing
Analyst Comments: The $14M Series A funding round is significant for Starfish Space as it provides the company with additional capital to accelerate the development of its satellite servicing spacecraft. The successful demonstration of the Otter Pup mission could mark a significant milestone in the development of an economy in Earth orbit where satellites can be fully serviced and refueled as needed, and for cheap. The funding round also demonstrates investor interest in the growing satellite servicing industry, which is expected to grow significantly in the coming years.
FROM THE MEDIA: The funding round was led by Munich Re Ventures and included participation from Toyota Ventures, PSL Ventures, NFX, and MaC VC. Starfish Space aims to develop an economy in Earth orbit where satellites can be fully serviced and refueled as needed and for cheap. The company's first on-orbit demonstration, Otter Pup, is scheduled to launch this summer, and the spacecraft will deploy from Launcher's Orbiter and perform a series of docking maneuvers. If successful, the mission would mark the first docking between two commercial satellites in orbit. Starfish Space plans to use the funds raised to accelerate the development of the first commercial Otter vehicles and expects to raise further capital in the future to support the ongoing manufacturing and launch of commercial Otter vehicles.
READ THE STORY: Fast Company
Melting Ice & Undersea Cables: How the Arctic Is Getting Fast Internet
Analyst Comments: The expansion of fiber-optic cables in the Arctic has significant tactical and strategic implications. On a tactical level, it has improved the quality of life for individuals in remote communities by enabling better access to education, healthcare, and research. It has also facilitated faster communication during emergencies, potentially saving lives. On a strategic level, it has opened up the Arctic region for increased economic and geopolitical activity, as well as facilitating climate change research. However, the high cost of access to fiber-optic internet remains a significant barrier for many individuals and households in these remote communities.
FROM THE MEDIA: Melting sea ice in the Arctic is opening up new opportunities for high-speed internet in remote areas that have long relied on satellite connectivity. The Arctic region has been hampered by poor internet connectivity due to the lack of fiber-optic cables in the region. However, as the sea ice melts, companies are now racing to lay new undersea cables, which will bring faster and more reliable connectivity to the area. This new connectivity has many implications for Arctic communities, including access to better healthcare, education, and research opportunities. Companies such as Quintillion have already laid a fiber-optic cable around part of Alaska's coastline, which has made a significant impact on local communities. While the cost of this new connectivity can be high, it is seen as a vital investment for the future of the Arctic.
READ THE STORY: WSJ
The Hubble Space Telescope’s Orbit Has Fallen To Dangerously Low Levels
Analyst Comments: The impact of satellite constellations on astronomy is a significant event in a strategic sense. The increasing number of satellites in Earth's orbit is threatening astronomical viewing using ground-based observatories and even impacting the Hubble Space Telescope. The issue highlights the need for scientists and industry leaders to work together to mitigate the effects of satellites on astronomical research while maintaining their benefits to society. It is a matter of balancing technological advancements and scientific progress while respecting the scientific community's needs. The impact on astronomy is expected to grow in the upcoming years, so it is essential to address the issue before it becomes irreversible.
FROM THE MEDIA: The increasing number of satellites in Earth's orbit is threatening astronomical viewing using ground-based observatories. A team of astronomers led by Sandor Kruk from the Max Planck Institute for Extraterrestrial Physics demonstrated that even the Hubble Space Telescope is impacted by satellite trails, and their effect is expected to grow in the upcoming years. Hubble's orbit is degrading, and the increasing number of satellites in Earth's orbit is making it more sensitive to satellite trails.
READ THE STORY: WE
New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
Analyst Comments: The Prometei botnet attack is significant in both tactical and strategic senses. On a tactical level, the attack has infected over 10,000 systems worldwide and poses a threat to sensitive data and systems. The botnet's updated features and use of a domain generation algorithm to build out its command-and-control infrastructure make it challenging to detect and defend against. On a strategic level, the attack underscores the continued threat of botnets and the need for proactive measures to mitigate their impact. The attack's financial motivation highlights the increasing trend of cybercriminals using cryptocurrency mining and credential harvesting as a means of profiting from their activities.
FROM THE MEDIA: Prometei is a modular botnet that features a large repertoire of components and several proliferation methods, including exploiting ProxyLogon Microsoft Exchange Server flaws. The latest version, Prometei v3, improves upon existing features to challenge forensic analysis and further burrow its access on victim machines. The botnet deploys an Apache web server and a PHP-based web shell to execute Base64-encoded commands and carry out file uploads.
READ THE STORY: THN
BlackLotus Secure Boot Bypass Malware Set to Ramp Up
Analyst Comments: On a tactical level, the attack has bypassed a fundamental Windows security feature and poses a threat to the integrity of servers, laptops, and workstations. The bootkit's easy deployment and crimeware groups' capabilities for spreading malware using their botnets make the threat even more concerning. On a strategic level, the attack underscores the increasing trend of threat actors targeting firmware implementations and highlights the need for increased efforts to validate the integrity of systems. The vulnerability in the interface code allows attackers to execute malware before any other software can detect it, ensuring the implantation of persistent malware that normal security agents will not detect.
FROM THE MEDIA: BlackLotus bootkit malware has bypassed UEFI Secure Boot, the lowest level of firmware on a system responsible for the booting-up process. Finding a vulnerability in the interface code allows an attacker to execute malware before the operating system kernel, security apps, and any other software can swing into action, ensuring the implantation of persistent malware that normal security agents will not detect. BlackLotus is available in an easy-to-use bootkit on the Dark Web, inspiring firmware attackers to increase their activity.
READ THE STORY: DARKReading
Hadoken Security Group Upgrades Xenomorph Mobile Malware
Analyst Comments: The malware can start specified applications, show push notifications, steal cookies, and forward calls, among other functions. The sample configurations include more than 400 banking and financial institutions, including several cryptocurrency wallets, representing a sixfold increase in targets compared to previous variants. Hadoken Security Group's establishment of a website to advertise Xenomorph.C indicates clear intentions of entering the Malware-as-a-Service landscape and starting large-scale distribution, a typical functionality of more advanced malware families. On a strategic level, the attack highlights the increasing trend of threat actors targeting the financial sector and the need for increased efforts to prevent and mitigate these attacks.
FROM THE MEDIA: The Xenomorph.C variant is a substantial upgrade from the malware previously observed by ThreatFabric security researchers. The new version adds many new capabilities, most notably the introduction of a very extensive runtime engine powered by Accessibility services, which is used by actors to implement a complete Automated Transfer Systems (ATS) framework. Xenomorph.C can start specified applications, show push notifications, steal cookies, forward calls, and perform the whole fraud chain, including infection, automated transfer using ATS, and PII exfiltration using keylogging and overlay attacks. The samples identified by ThreatFabric featured configurations with target lists made of more than 400 banking and financial institutions, including several cryptocurrency wallets. Hadoken Security Group established a website to advertise Xenomorph.C, indicating clear intentions of entering the Malware-as-a-Service (MaaS) landscape and starting large-scale distribution.
READ THE STORY: InfoSecMag
North Korean hackers target security researchers with convincing fake profiles
Analyst Comments: The campaign has shifted from email to LinkedIn and WhatsApp and uses customized Microsoft Word documents embedded with macros that pull malware from a remote server. The hackers made an effort to infect targets with three new malware families, demonstrating new capabilities to counter endpoint detection tools while operating within the cloud environments of their targets. On a strategic level, the attack highlights the increasing sophistication of North Korean government-affiliated hackers and the need for increased efforts to prevent and mitigate these attacks. The shift to targeting security researchers specifically may indicate a shift in strategy or an expansion of its operations.
FROM THE MEDIA: North Korean government-affiliated hackers have been targeting workers in a variety of industries, posing as recruiters with offers of extravagant jobs at big-name firms with massive salaries. This phishing campaign has mostly been carried out via email in the past few years but has now shifted to LinkedIn and WhatsApp. The hackers made convincing fake profiles on LinkedIn and then reached out to people with phony job offers, asking the victims to move the conversation to WhatsApp. They then sent a phishing payload disguised as a job description, primarily in the form of customized Microsoft Word documents embedded with macros that would pull malware from a remote server. The hackers made an effort to infect targets with three new malware families, Touchmove, Sideshow, and Touchshift, and demonstrated new capabilities to counter endpoint detection tools while operating within the cloud environments of their targets.
READ THE STORY: MSN
Hunting Emotet: How Behavioural Hunting Trumps IOC Detection Every Time
Analyst Comments: While IOC-based detection has been the traditional approach to detecting malware, it is becoming increasingly ineffective as cybercriminals evolve their tactics. On the other hand, behavioral analysis is a much more effective and proactive approach to detecting malware and is much less prone to false positives. By focusing on behavioral analysis, organizations are much more likely to detect new and emerging threats and take the necessary steps to protect themselves. This shift in focus is significant as organizations need to adapt to emerging threats, and investing in the necessary tools and training to ensure that their threat hunters have the skills and expertise to carry out effective behavioral analysis is essential.
FROM THE MEDIA: The article explains the benefits and limitations of using Indicators of Compromise (IOC) and behavioral analysis to hunt Emotet malware. While IOC-based detection has been the traditional approach, it can quickly become ineffective as cybercriminals evolve their tactics, and new strains of malware emerge. The behavioral analysis focuses on the behavior of the malware, making it a more effective and proactive approach to detecting malware, especially when it comes to new strains that may not be recognized by traditional IOC-based detection methods.
READ THE STORY: Security Boulevard
US cyber strategy is missing accountability and a ransomware moonshot
Analyst Comments: National Cybersecurity Strategy fails to address the current threat landscape's severity and urgency and is insufficient in mitigating cyber threats, especially ransomware attacks. It is crucial to have a crisis response to stop cyber criminals from profiting from ransomware attacks and to protect everyday lives, such as healthcare systems, food chains, and financial institutions. The strategy needs bold ideas, clear and actionable objectives, and funding with commitment from both Congress and the industry to achieve significant changes in national cybersecurity posture. Without immediate action, the situation will worsen, and catastrophic breaches like the Colonial Pipeline attack will continue to impact day-to-day life. The federal government needs to lead by example and drive changes in the national cybersecurity posture by investing in people, granting resources, and holding themselves accountable with more realistic and aggressive timelines.
FROM THE MEDIA: The National Cybersecurity Strategy fails to have an immediate impact and accountability on cyber threats and falls short of detailing tactics, resources, and timing for implementation to show how objectives can be accomplished. The strategy also lacks specific, actionable, and time-bound goals and objectives that need to be executed to mitigate cyber threats, especially ransomware attacks.
READ THE STORY: The Hill
Intelligent mining digs up new security threats
Analyst Comments: Intelligent mining operations have become the target of cybercriminals, who are using various tactics, including stealing intellectual property and ransomware attacks, to cause disruptions in the industry. The mining industry is transitioning from traditional mining practices to intelligent mining, which is exposing it to a new frontier of cyber threats. Businesses need to adopt a three-pronged approach to cybersecurity, focusing on people, processes, and technologies, to mitigate risks and secure critical business systems. With a rising number of cyberattacks on industrial control systems, businesses need to take immediate steps to protect themselves, including separating OT from IT systems, securing protocols wherever there is a connection to the internet, and ensuring real-time monitoring and investigation.
FROM THE MEDIA: Transition from traditional mining practices to intelligent mining, increase in cyber-attacks on mining companies, targeting of Industrial Control Systems (ICS), attempts to steal intellectual property, threats via devices connected to the Internet of Things (IoT), rising geopolitical risks and on-off tensions between countries, competition with mines around the world
READ THE STORY: IT-ONLINE
How Beijing Boxed America Out of the South China Sea
Analyst Comments: China’s gradualist approach to becoming the dominant force in the region has confounded opponents, leaving them uncertain about whether, when, and how strongly to respond without escalating tensions. The islands China has turned into military bases in the South China Sea present additional potential threats for the U.S. military to track and counter, with three of them hosting airfields, surface-to-air and anti-ship missiles, radars, and sensors that allow China to see and hear almost everything that happens in the area. The U.S. maintains an active military presence in the South China Sea through strategic patrols, and combined and multinational exercises, and is upgrading its force posture in the Indo-Pacific to build a more dynamic and flexible forward presence in the region.
FROM THE MEDIA: China has advanced step-by-step over the past decade to become the dominant force in the South China Sea, which sees trillions of dollars in trade each year. Through incremental moves that stay below the threshold of provoking conflict, China has gradually changed both the geography and balance of power in the area. The disputed sea is ringed by China, Taiwan, and Southeast Asian nations, but Beijing claims nearly all of it. It has turned reefs into artificial islands, then into military bases, with missiles, radar systems, and airstrips that are a problem for the U.S. Navy. It has built a large coast guard that among other things harasses offshore oil-and-gas operations of Southeast Asian nations and a fishing militia that swarms the rich fishing waters, lingering for days. PERSONS: Retired Adm. Harry B. Harris Jr., who long was a senior naval officer in the region and led the U.S. Pacific Command from 2015 to 2018
READ THE STORY: WSJ
China is ‘Big Threat’ to US Energy Industry, Cybersecurity Official Says
Analyst Comments: According to Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, China poses a more pressing threat to the US energy industry than Russia, particularly amid security concerns in East Asia regarding a potential invasion of Taiwan. This comes as intelligence officials identified China as the top threat to the country. To address this threat, Easterly called on energy firms to build redundancies and manual overrides, and for executives to prioritize national security as a matter of corporate governance. Meanwhile, Exelon Corp is seeking to implement such measures in response to a planned attack by a neo-Nazi couple on the company's Baltimore power grid.
FROM THE MEDIA: Jen Easterly warned that the US energy industry needs to prioritize protection against cyberattacks from China over those from Russia, as China poses a bigger threat to US infrastructure. She also stated that a key lesson from the situation in Ukraine is that China would need to put American infrastructure at risk to increase its chances of success against Taiwan. Meanwhile, Exelon Corp is seeking to implement national security as a matter of corporate governance, with a focus on physical attacks.
READ THE STORY: Bloomberg
US-sanctioned general to become the public face of China's growing military
Analyst Comments: General Li Shangfu's appointment as China's new defense minister is a significant event in a tactical and strategic sense. Li's background and ties to President Xi Jinping make him a valuable asset in meeting the interim targets of President Xi's goals for the PLA to become a world-class military by 2049. However, his appointment also adds a potential complication due to the sanctions imposed by the U.S. State Department over the purchase of weapons from Russia. As defense minister, Li is expected to be closely involved with military relations in Asia, attending events such as meetings of Asian defense leaders and the informal Shangri-La Dialogue on security in Singapore. His role is critical in shaping China's defense strategy and policies, as well as strengthening China's military relations with its neighbors in Asia. The appointment is closely watched by regional diplomats given the geopolitical rivalries between China and the West.
FROM THE MEDIA: General Li Shangfu is a veteran of the People's Liberation Army's modernization effort and is known for his aerospace engineering background. His appointment is closely watched given his background and the fact that the PLA aims to become a world-class military by 2049. Li's term starts as the United States pushes to restore military dialogue and communications that soured as Beijing reacted angrily to the August visit to Taiwan by then-U.S. House of Representatives Speaker Nancy Pelosi. As director of the Equipment Development Department of the Central Military Commission, he was named in sanctions imposed by the U.S. State Department in September 2018 over the purchase of weapons from Russia. Some security scholars note that the sanctions add a potential complication, and could provide China's military leadership with leverage. As defense minister, Li is likely to be closely involved with military relations in Asia, attending events such as meetings of Asian defense leaders and the informal Shangri-La Dialogue on security in Singapore.
READ THE STORY: Reuters
Blackbaud to pay $3 million settlement to SEC over ‘misleading’ ransomware disclosure
Analyst Comments: This settlement is a significant step towards holding companies accountable for failing to properly disclose cyberattacks. While this is the first known action by the agency related to ransomware attacks, it has issued fines following cyberattacks. The SEC's action sends a message that companies must accurately report cyberattacks involving customer information.
FROM THE MEDIA: On July 16, 2020, Blackbaud announced that a ransomware attack did not grant access to donor bank account information or Social Security numbers, which was later proven to be false. The company's IT staff did not inform senior management when they realized their mistake, and the company did not disclose this information in its quarterly report to the SEC the following month.
READ THE STORY: The Record
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
Analyst Comments: BATLOADER's use of software impersonation tactics for malware delivery poses a serious threat to enterprises, as it targets popular applications commonly found in business networks, yielding more valuable footholds for monetization via fraud or hands-on-keyboard intrusions. The research highlights the need for companies to build better defenses against these types of attacks and emphasizes the importance of employee education and awareness training to prevent them.
FROM THE MEDIA: Malware downloader BATLOADER is using Google Ads to deliver secondary payloads such as Vidar Stealer and Ursnif to infect users' systems. The malicious ads are impersonating legitimate apps and services such as Adobe, Spotify, and Zoom to spoof users. BATLOADER is responsible for distributing various next-stage malware, including banking malware, Cobalt Strike, ransomware, and information stealers. The malware is delivered through the use of lookalike websites hosting Windows installer files that trigger the infection sequence when a user clicks a rogue ad on the Google search results page. The MSI installer files, when launched, execute Python scripts containing the BATLOADER payload, which retrieves the next-stage malware from a remote server. BATLOADER has added capabilities that enable it to establish entrenched access to enterprise networks.
READ THE STORY: THN
Brazil seizing Flipper Zero shipments to prevent use in crime
Analyst Comments: Seizure of Flipper Zero purchases in Brazil is significant in terms of limiting security researchers' access to portable cybersecurity tools and negatively impacting the field. EFF argues that the creation, possession, or distribution of tools related to security research should not be criminalized or restricted. However, the use of Flipper Zero in facilitating criminal activities has fueled negative media attention, leading to the product's rejection by Anatel for certification.
FROM THE MEDIA: The Brazilian National Telecommunications Agency (Anatel) has seized incoming shipments of Flipper Zero, a portable multi-function cybersecurity tool, due to a lack of certification with the country's Radio Frequencies department. Additionally, Anatel has flagged the device as a tool used for criminal purposes, making its clearance complicated and preventing it from reaching its final destination.
READ THE STORY: Bleeping Computer
Items of interest
A Warming Arctic Emerges as a Route for Subsea Cables (June 15th, 2022)
Analyst Comments: Countries tap subsea cables and one of those major players happens to be Russia - caution needs to be taken in giving them access in their national waters. The race to build undersea communication cables through the Arctic is a significant event in a strategic sense. The cables represent an intelligent, strategic, and economic advantage, helping countries manage and intercept big data, better control space-based missile guidance systems and satellites, and deliver content and services as a means of global influence. As the Arctic's melting opens the region to economic opportunities, the area has become increasingly politicized and geo-economically competitive, heightening geopolitical rivalries between Russia and the West. The project has both positive and negative implications, as it promises faster communications and better internet access for communities living in the Arctic, but also heightens tensions and raises concerns about potential security threats.
FROM THE MEDIA: A group of Alaskan, Finnish, and Japanese companies, as well as the Russian government, are planning to build undersea communication cables to create better digital infrastructure in a fragile yet increasingly vital area for defense and scientific research. A cable through the Arctic would promise faster communications, as the geographical distance between continents is less at the Arctic than further south. The proposed Far North Fiber route by Far North Digital LLC aims to be operational by the end of 2026 and would travel approximately 14,000 kilometers, linking the Atlantic with the Pacific. The cost of the project is expected to be approximately 1 billion euros, or $1.04 billion.
READ THE STORY: WSJ
EP005: Project Zero | HACKING GOOGLE (Video)
FROM THE MEDIA: The video explores Project Zero, a team of elite hackers at Google responsible for finding and fixing zero-day vulnerabilities, which are weaknesses in code that have been discovered by attackers but not yet by those responsible for fixing them. The team's goal is to make the internet safer by looking at it through a hacker lens and trying to break it before fixing it. They focus on finding vulnerabilities in all Google products and much of the internet as the interconnected world we live in has made it difficult to defend. The team reports vulnerabilities to companies and puts a 90-day timer on fixing them. If the company does not fix the vulnerability in time, Project Zero makes it public. The team has found over 1,800 zero-day vulnerabilities to date and is constantly inspecting walls and testing vulnerabilities to prevent harm to users.
EP004: Bug Hunters | HACKING GOOGLE (Video)
FROM THE MEDIA: The video discusses how Google and other software companies incentivize bug hunters to find errors in their code. It highlights the story of Donald Knuth, a computer science pioneer who invited readers to point out errors in his book, and how that helped make it more perfect over time. The video then explores how Google's Bug Hunters program rewards individuals for finding security vulnerabilities in their software. It also discusses the challenges of maintaining secure software in the face of constantly changing code and the existence of a black market for bugs. The video concludes by highlighting the importance of community building, direct engineer-to-engineer interaction, and continual learning in creating more secure software.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.