Daily Drop: (442)
Sunday, March 26, 2023 // (IG): BB // Cyber-Roundup// Coffee for Bob
Seeing Japan – Indonesia Collaboration in Energy Transition Cooperation
Analyst Comments: The cooperation between Japan and Indonesia in achieving net zero emissions by 2060 has significant strategic and economic implications. Japan's assistance can help Indonesia transition from fossil fuels to renewable energy resources, reducing its dependence on coal and other fossil fuels. This transition could lead to a safer and more sustainable investment environment in Indonesia, attracting further investment from other countries. Moreover, the collaboration between the two countries could help Indonesia achieve its emissions targets, contributing to global efforts to combat climate change. The Jokowi administration's policy of subsidizing electric vehicles could also provide an entry point for continued collaboration between Indonesia and Japan in realizing the energy transition.
FROM THE MEDIA: Japan is actively establishing relations with Indonesia to achieve net zero emissions by 2060. Indonesia requires significant investment to transition from fossil fuels to renewable energy resources such as hydrogen and geothermal. Japan has shown a willingness to assist Indonesia in achieving its goal through environmentally friendly funding and technology assistance. The State Electricity Company of Indonesia plans to decrease its dependence on new coal by 2030, with power plants from renewable energies such as geothermal, solar, hydrogen, nuclear, and wind. Japan has also invested in Indonesia through the Sumitomo Mitsui Banking Corporation and other financial groups.
READ THE STORY: ModernDiplomacy
Keep Bitcoin mining in America
Analyst Comments: The industry's environmental impact is minimal, with nearly 60% of the energy coming from renewable sources. The US has a relatively clean energy grid, and Texas is a leader in Bitcoin mining. However, the proposal to limit access to power and impose high taxes on Bitcoin mining could have devastating effects on the environment, the economy, and US national security. Pushing Bitcoin mining offshore would mean the US will capture less of Bitcoin's value, and more mining will occur related to dirtier energy grids in more hostile parts of the world. Retaining Bitcoin mining in America would capture more value from highly regulated US companies and law-abiding individuals. The industry has created thousands of jobs, and any attempt to weaken it could have severe consequences for the US economy and national security.
FROM THE MEDIA: Bitcoin mining is a growing industry that provides a worldwide digital community for storing value without intermediaries. It is also an environmentally friendly industry that consumes less than 0.2% of the world's power production, with nearly 60% coming from renewable sources. The US has a relatively clean energy grid, and Texas is a leader in Bitcoin mining. However, critics are singling out Bitcoin mining by proposing high taxes and trying to limit access to power. Pushing Bitcoin mining offshore, under the guise of environmentalism, would mean the US will capture less of Bitcoin's value, and more mining will occur related to dirtier energy grids in more hostile parts of the world. Retaining Bitcoin mining in America would capture more value by highly regulated US companies and law-abiding individuals. Bitcoin mining has created thousands of jobs, including 500 jobs in Texas at Riot Platforms, Inc., the largest publicly traded Bitcoin mining enterprise in North America.
READ THE STORY: Crypto News BTC
Ukrainian refugees increasingly targeted for sexual exploitation, research finds
Analyst Comments: The report highlights a significant increase in the sexual exploitation and trafficking of Ukrainian refugees since the Russian invasion of Ukraine in February 2022. The increased interest in Ukrainian pornography may be encouraging traffickers to act more often and with greater impunity. The report calls for urgent action to strengthen protections to help keep Ukrainian women and children who are at risk from sexual exploitation safe. The Organisation for Security and Co-operation in Europe (OSCE) has partnered with Thomson Reuters to launch the "Be Safe" campaign to raise awareness about this sexual exploitation and encourage the global community to provide Ukrainians with safety information and to help them to spot the warning signs of traffickers.
FROM THE MEDIA: Research by Thomson Reuters has found that Ukrainian refugees are increasingly being targeted for sexual exploitation, with an increase in interest in pornography claiming to feature refugees from the war-torn country. Researchers analyzed global internet search engine traffic and identified an increased interest in Ukrainian pornography since Russia invaded Ukraine in February 2022. The analysis of internet search trends has found views of pornographic videos claiming to show Ukrainian refugees have exploded in the past six months. The increased interest online may be encouraging traffickers to act more often and with greater impunity. The organization has called for urgent action to strengthen protections to help keep Ukrainian women and children who are at risk of sexual exploitation safe.
READ THE STORY: The Guardian
European investors bet on defense as a war creates opportunities for growth
Analyst Comments: The private investment surge in European companies specializing in defense and related technologies due to Russia's invasion of Ukraine is significant. The projected increase in military spending in France, Germany, Poland, and the UK presents potential growth opportunities, making private equity in the aerospace and defense industry an attractive investment. However, the long-term nature of defense contracts and national security concerns can deter private investors. Additionally, governments may restrict foreign takeovers to protect key strategic assets, making it difficult to exit.
FROM THE MEDIA: Private investors in European companies specializing in defense and related technologies are showing increasing interest due to Russia's invasion of Ukraine. Private equity firms, including Weinberg Capital Partners, have raised over €100mn for a new fund to invest in French defense companies, hoping to take advantage of the projected increase in military spending by the government. The aerospace and defense industry has seen a rise in private investment due to governments investing more in new capabilities, such as drones, sensors, cyber, and artificial intelligence, which have broader applications. The war in Ukraine has also sparked plans for a significant increase in military spending in countries such as France, Germany, Poland, and the UK, which private investors are eager to capitalize on. The significance of this event is the potential growth opportunities that the projected increase in military spending can offer, making private equity in the aerospace and defense industry an attractive investment.
READ THE STORY: FT
China’s opposition to TikTok sale complicates the picture — and relations with the US
Analyst Comments: The conflict between the U.S. and China over TikTok reflects the broader tensions between the two countries in areas such as technology, data security, and national security. This clash could potentially worsen the already strained relationship between the two nations and could have significant implications for the future of their relationship, particularly in the area of technology and data security.
FROM THE MEDIA: The U.S.-China clash over the popular social media app TikTok is likely to worsen the already-deteriorating relationship between the two countries. The Biden administration has demanded that the app be sold from Chinese ownership or face a possible ban in the U.S. TikTok CEO Shou Zi Chew underwent a bipartisan grilling by a House committee whose members asked pointed questions about data security, alleged racial bias toward content creators, and the platform’s mental health effects. Chinese Ministry of Commerce spokesperson Shu Jueting said China resolutely opposed demands from U.S. officials that TikTok be sold. China has taken measures to prevent TikTok and its underlying technology from being sold without its approval. The Biden administration may be left with few choices besides pursuing an outright ban on the app. The U.S. has already barred TikTok from being downloaded and used on some government devices because of national security concerns.
READ THE STORY: Lima Ohio
It’s time to amend the Espionage Act
Analyst Comments: The retention of classified documents by former presidents and vice presidents highlights the need for a review of the Espionage Act, an antiquated law that has been used against government leakers and publishers. Reforms to the act could safeguard genuine security secrets while protecting the First Amendment and keeping the law from being used as a weapon in partisan politics.
FROM THE MEDIA: The National Archives is asking former presidents and vice presidents to search their files for classified documents at their private homes after it was found that some former presidents and vice presidents have retained classified documents. This has prompted calls for a bipartisan review of the Espionage Act, an antiquated law that is doing the U.S. as much harm as good. The act has been used against government leakers to the media, such as Edward Snowden and Chelsea Manning, as well as publishers like Julian Assange. Numerous scholars argue that the act is both underinclusive and overbroad, and thus constitutionally vague. The act could be reformed by defining what is and what is not “national defense” information, creating a defense for the accused that the public interest in the disclosure of particular information outweighs any harm done to national security, and strengthening whistleblower protections in law for national security officials of the government.
READ THE STORY: The Hill
Russia’s Rostec allegedly can de-anonymize Telegram users
Analyst Comments: The acquisition of "Hunter" by Rostec is significant in terms of tactical and strategic significance. The tool is likely to be used to monitor the circulation of information within the country and to identify and arrest critical Telegram channel administrators who are critical of the Russian state. The acquisition would provide the government with the ability to monitor and track all online activities within the country and could be used to clamp down on free speech and dissenting opinions.
FROM THE MEDIA: Russia's state-owned tech and defense systems corporation, Rostec, has reportedly acquired a product developed by a subsidiary named "Avtomatika" that can identify anonymous users on Telegram. The tool is called "Okhotnik" (Охотник) and uses over 700 data points to unmask otherwise anonymous Telegram users. Rostec is reportedly planning to sell "Hunter" to all departments of the Russian Ministry of Internal Affairs and operational and technical units of the country's federal security service (FSB) within 2023. The acquisition is likely to be used to tamp down on unfavorable news out of the country. However, an IT expert from a Russian digital protection rights organization, Roskomsvoboda, commented that the tool cannot possibly identify Telegram channel owners using only data points and that there might be a zero-day vulnerability in the platform or cooperation with someone with administrative access to the messenger servers.
READ THE STORY: Bleeping Computer
Family tree: DLL-sideloading cases may be related
Analyst Comments: The attacks using DLL sideloading techniques to target government organizations in Asia are significant in terms of tactical and strategic significance. These techniques are commonly used by Chinese-based APT groups, and understanding how these cases are related helps defenders prioritize analysis and defense for the best results. These attacks are likely to be part of a larger campaign aimed at stealing sensitive data from government organizations in the region. The use of USB worms as a method of infection and data exfiltration highlights the sophistication of the attackers and their determination to achieve their objectives.
FROM THE MEDIA: Multiple attacks targeting government organizations in Asia have been observed, all involving DLL sideloading techniques. In the most interesting of the five cases, a USB worm infected organizations in Southeast Asia, copying components of other APT attacks by Mustang Panda and LuminousMoth. The case involving the USB worm has significant overlap with the other four cases observed, including loader DLLs using the same kind of code flow obfuscation and identical loader shellcode. Although it is unclear whether it's the same threat actor behind both the USB worm case and the other attacks, the similarities are compelling. The article provides extended step-by-step breakdowns of seven scenarios associated with these cases and indicators of compromise on GitHub.
READ THE STORY: SCMAG
Copper price to surge to record high this year, Trafigura forecasts
Analyst Comments: The surge in copper prices to record highs is significant, indicating a potential supply deficit and impact on multiple sectors reliant on copper, including renewable energy and power cable industries. The depletion of global copper stockpiles could create volatile prices, causing problems for producers, traders, and consumers. With the demand for copper set to increase significantly due to decarbonization efforts, the impact on the industry could be strategic, requiring a focus on supply chain management, innovation, and long-term planning to ensure stable supply and pricing.
FROM THE MEDIA: According to Trafigura, copper prices are expected to surge to record highs this year due to a rebound in Chinese demand and low global stockpiles. Global inventories of copper have decreased rapidly to their lowest seasonal level since 2008, with Goldman Sachs predicting that visible copper inventories could run out by the third quarter of this year if Chinese demand continues to grow. Copper prices are currently trading at $9,000 a tonne, with Kostas Bintas, co-head of metals and minerals at Trafigura, forecasting that prices could surpass the previous peak of $10,845 a tonne achieved in March 2022 and even hit $12,000 a tonne. Copper is crucial to decarbonization, which has accelerated demand, and with declining grades, mining executives state it is becoming increasingly difficult to boost new supplies.
READ THE STORY: FT
I Saw the Face of God in a Semiconductor Factory
Analyst Comments: Its ability to produce the most advanced chips used in weapons, planes, submarines, and hypersonic missiles, and its production of a third of all the world's silicon chips, including those used in iPhones and Macs, make TSMC a vital player in the international balance of hard power. Moreover, TSMC's collaborative business model that involves producing bespoke chips for customer companies and relying on other countries' resources makes it an essential part of Silicon Shield that protects democratic countries. The loss of TSMC would be catastrophic and render defense and technological operations inoperable.
FROM THE MEDIA: The article discusses the importance of Taiwan Semiconductor Manufacturing Company (TSMC) in the global economy, specifically in the semiconductor industry. TSMC is the world's largest semiconductor company and produces the most advanced chips used in weapons, planes, submarines, and hypersonic missiles. The company also produces a third of all the world's silicon chips, including those used in iPhones and Macs. The article highlights TSMC's importance as a defense against cross-strait tensions, euphemizing the threat from China towards Taiwan. TSMC's success is attributed to its collaborative business model that involves producing bespoke chips for customer companies, relying on other countries resources, and being an essential part of the Silicon Shield that protects democratic countries. Despite its importance, TSMC operates discreetly, with a recessive business model and no employees swanning around in leather and overbuilt bodies.
READ THE STORY: Wired
Inaudible ultrasound attack can stealthily control your phone, smart speaker
Analyst Comments: The NUIT attack represents a significant threat to devices powered by voice assistants such as smartphones, smart speakers, and other IoTs, as it can be used to silently send malicious commands to these devices, potentially enabling attackers to unlock doors or disable home alarms, among other things. The attack can be launched using a website or malicious media, making it easy to trick victims through social engineering. The fact that the attack can be carried out using a robot-generated voice increases its potential impact. However, Apple's Siri requires emulating or stealing the target's voice to accept commands, making it less vulnerable to attack. Overall, the NUIT attack is a significant tactical threat that requires attention from device manufacturers, security professionals, and end-users to mitigate its impact.
FROM THE MEDIA: A team of researchers from the University of Texas in San Antonio (UTSA) and the University of Colorado (UCCS) has developed a new attack called "Near-Ultrasound Inaudible Trojan" (NUIT) that can silently launch attacks on devices powered by voice assistants such as smartphones, smart speakers, and other IoTs. NUIT works by exploiting the fact that microphones in smart devices can respond to near-ultrasound waves that the human ear cannot hear, making the attack difficult to detect. The researchers demonstrated NUIT attacks on popular voice assistants including Apple's Siri, Google's Assistant, Microsoft's Cortana, and Amazon's Alexa, showing the ability to send malicious commands to those devices. NUIT can be incorporated into websites that play media or YouTube videos, making it easy to trick targets into visiting these sites or playing malicious media on trustworthy sites through social engineering.
READ THE STORY: Bleeping Computer
A crypto industry poised for clash with the government over the crackdown
Analyst Comments: The de-banking concerns of the cryptocurrency industry are not baseless, as regulators have been warning banks about the risks of crypto and financial institutions have been pulling back from the asset class. The collapse of crypto-friendly banks, including Silvergate Capital and Signature Bank, has added to the industry's woes. While it is unlikely that banks will completely turn away from crypto, given the potential profits, the crypto industry may face a period of reduced access to banking services. However, the fact that lawmakers and industry groups are fighting back suggests that they believe that the existential threat to the industry can be averted.
FROM THE MEDIA: Crypto businesses are launching a lobbying campaign against regulators they say are forcing them out of the US. Federal Reserve and other top regulators are advising banks about the risks of crypto, while the SEC is threatening to sue the biggest digital asset exchange. Meanwhile, White House officials have recently questioned the "fundamental value" of digital tokens. Cryptocurrency executives claim that regulators are "de-banking" digital asset businesses, and warn of an existential threat to their industry. The industry is fighting back, with the Blockchain Association vowing to investigate the de-banking allegations, while Republican lawmakers allied with the industry are also taking up the cause. While banks have yet to confirm a coordinated campaign to force them to turn away crypto depositors, they appear to be reducing their risk exposure to the sector.
READ THE STORY: Politico
Venezuela shuts down crypto mining facilities, exchanges amid corruption probe
Analyst Comments: The shutdown of crypto mining facilities and exchanges is significant for the Venezuelan government's ongoing corruption investigations involving the oil company PDVSA and the national crypto department. The arrest of the crypto department's leader and his alleged connections with suspected narcotic kingpins, including the former vice president, highlight the severity of the issue. The reorganization of the National Superintendency of Crypto Assets is a tactical move to protect the country's citizens from economic sanctions, indicating the importance of cryptocurrency in the country's economy.
FROM THE MEDIA: Venezuela's energy supplier has closed down various crypto mining facilities in the states of Lara, Carabobo, and Bolívar, along with some crypto exchanges as part of a reorganization of the national crypto department. The closure of mining facilities is suspected to be part of an ongoing investigation of corruption involving Venezuela's oil company PDVSA and the national crypto department. At least ten people have been arrested, including Joselit Ramirez Camacho, who was arrested on March 17 during the investigation. Since June 2020, Camacho has been listed on the United States Most Wanted List. Venezuela's president Nicolás Maduro announced the reorganization of the National Superintendency of Crypto Assets to protect the country's citizens from the negative effects of economic sanctions.
READ THE STORY: Coin Telegraph
New Dark Power ransomware claims 10 victims in its first month
Analyst Comments: The emergence of Dark Power is significant, as it demonstrates the continuous evolution of ransomware operations. The use of a relatively obscure programming language like Nim makes it more challenging to detect the attack. The targeting of organizations globally and the relatively low ransom demand suggest that the operation is opportunistic and aims to target a broad range of victims. The group's ability to exfiltrate data and double-extort victims adds to the severity of the threat. The Dark Power ransomware operation has the potential to cause significant damage to organizations globally.
FROM THE MEDIA: A new ransomware operation called "Dark Power" has emerged, with its first victims already listed on a dark web data leak site. The ransomware is targeting organizations worldwide, demanding a relatively small ransom of $10,000. It was written in Nim, a programming language that is considered a niche choice, making it unlikely to be detected by defense tools. The ransomware terminates specific services and processes on the victim's machine, stops the Volume Shadow Copy Service, data backup services, and anti-malware products. System-critical files are excluded from encryption to keep the infected computer operational. The ransom note is an 8-page PDF document containing information about the attack and how to contact the attackers over the qTox messenger. The Dark Power group has already targeted ten victims worldwide, claiming to have stolen data from their networks and threatening to publish it if the ransom is not paid.
READ THE STORY: Bleeping Computer
Cardano Creator Charles Hoskinson Says US Government Waging War on Crypto, Urges Industry Leaders To Step Up
Analyst Comments: Hoskinson's call for action against the US government's anti-crypto moves is significant as it highlights the challenges that the crypto industry is facing. The government's actions, including the denial of Custodia's application, could stifle innovation and growth in the industry. Hoskinson's call for leaders to take direct action and voice their opinions is a tactical move to push back against government overreach. The legislative branch's response to Hoskinson's call for restraint and effective crypto legislation will determine the future of the industry in the US.
FROM THE MEDIA: Cardano (ADA) creator Charles Hoskinson is urging crypto leaders to take action against what he sees as the US government's "war" on virtual assets. Hoskinson is critical of the government's actions, including the recent Wells notice sent to Coinbase and the denial of Custodia's application to become a member bank. He calls on the legislative branch to pass legislation to restrain the government's overreach. Hoskinson praises Messari CEO Ryan Selkis for his recent letter to the US House and Financial Services Committee in support of effective crypto legislation and calls on other leaders to take direct action and voice their opinions.
READ THE STORY: DailyHodl
Ukraine war turns Russia into a nation of gold bugs
Analyst Comments: The surge in demand for gold in Russia is a response to geopolitical instability and a short supply of foreign currency. The Russian government's encouragement of gold purchases by scrapping VAT on gold bar purchases is an effort to reduce reliance on the dollar and support the national currency. However, the under-developed infrastructure for retail gold investment in Russia may dampen public enthusiasm, and storing gold poses challenges due to the risk of damage and theft.
FROM THE MEDIA: Data from the World Gold Council shows that demand for gold bars and coins in Russia grew nearly five times in 2022 compared to the previous year, making Russia the fastest-growing gold market in the world. Retail investors in Russia have historically shunned the metal due to a 20% value-added tax on purchases of bars, but geopolitical instability and a short supply of foreign currency have made gold a popular alternative. The switch to gold has been strongly encouraged by the Russian government, which scrapped VAT on gold bar purchases, leading to a surge in buying.
READ THE STORY: FT
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
Analyst Comments: The creation of fake DDoS-for-hire websites by the NCA, as part of an international joint effort, is significant in terms of both tactical and strategic implications. Tactically, the move will disrupt criminal DDoS-for-hire infrastructures and limit their effectiveness, making it more difficult for criminals to launch DDoS attacks. Strategically, the move sends a message to cybercriminals that law enforcement agencies are capable of infiltrating and disrupting their operations, which could deter them from engaging in such activities. The use of fake services by law enforcement agencies is becoming more common, and it may be a sign of increasing effectiveness in combating cybercrime.
FROM THE MEDIA: The U.K. National Crime Agency (NCA) has revealed that it created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground as part of an ongoing international joint effort called Operation PowerOFF in collaboration with authorities from the U.S., the Netherlands, Germany, Poland, and Europol aimed at dismantling criminal DDoS-for-hire infrastructures worldwide. The NCA-run sites, accessed by several thousand people, are designed to look like they offer tools and services that enable cybercriminals to execute these attacks. However, after registration, the user data is collated by investigators. The use of such fake services is an attempt to combat the illegal platforms that offer a range of membership options, charging their clientele between $10 to $2,500 per month. The NCA considers booter services a key enabler of cybercrime, and their ease of access means that individuals with little technical ability can commit cyber offenses with ease.
READ THE STORY: THN
These Chinese-owned apps are dangerous — Get them off your phone
Analyst Comments: The security concerns raised by Pinduoduo and Temu highlight the potential risks of using Chinese e-commerce apps. The fact that these apps have been downloaded millions of times in the US underscores the need for vigilance when downloading apps, even from official app stores. The removal of Pinduoduo from the Google Play Store is significant, as it shows that tech companies are taking steps to address security concerns and protect their users. The warning about these Chinese e-commerce apps is also important for individuals and organizations that may use these apps for personal or business purposes, as they could be vulnerable to cyber attacks or data breaches.
FROM THE MEDIA: Pinduoduo, a Chinese e-commerce app, has been removed from Google Play Store due to security concerns. The app has been found to contain malware in off-Play versions, and Google advises anyone with the app to uninstall it immediately. Temu, another Chinese e-commerce app owned by PDD Holdings, has also raised alarm bells as it offers dirt-cheap electronics, which should raise suspicions about its legitimacy. Temu is the most downloaded shopping app in the US, with 24 million downloads since its launch in September. The Better Business Bureau has given the app an abysmal rating and customer reviews. It is recommended to utilize Google Play Protect and have antivirus software updated and running on all devices to avoid downloading malicious apps.
READ THE STORY: Komando
Items of interest
Warner, Blackburn, Colleagues Request Cybersecurity Analysis of Chinese-Made Drones
Analyst Comments: The concerns raised by the senators regarding the use of DJI drones in critical infrastructure and law enforcement settings underscore the potential risks of using Chinese-made technology. The fact that DJI has been identified as a “Chinese military company” highlights the need for vigilance when it comes to cybersecurity threats from foreign entities. The request for a complete analysis of the security risks posed by DJI drones to be conducted and made publicly available through the National Cyber Awareness System is an important step in ensuring that US national and cybersecurity is strengthened against hostile foreign governments.
FROM THE MEDIA: A bipartisan group of U.S. senators has requested that the Cybersecurity and Infrastructure Security Agency (CISA) evaluate the cybersecurity risks posed by the widespread use of drones manufactured by Shenzhen DJI Innovation Technology Co., Ltd. (DJI), a Chinese company with deep ties to the Chinese Communist Party. DJI has been identified as a “Chinese military company” by the Department of Defense, and its use in critical infrastructure and law enforcement settings may present an unacceptable security vulnerability. The senators are asking for a complete analysis of the security risks posed by DJI drones to be conducted and made publicly available through the National Cyber Awareness System. In 2019, CISA published an “industry alert” underscoring the federal government’s “strong concerns” with Chinese drones and warning entities to be “cautious” in purchasing them. The senators are concerned that the CCP may have access to a variety of proprietary information due to the widespread use of DJI drones in the US.
READ THE STORY: sUAS News
Reverse Engineered old Compression Algorithm for Frogger (Video)
FROM THE MEDIA: The video explores a compression algorithm used in the 1997 video game Frogger. The algorithm, called PP20, is an old file format designed for CDs that aligns different parts of the file to sectoral boundaries to make reading from CDs more efficient. The video goes into detail about how the decompression algorithm works, using the example of compressing and decompressing a string of letters. The algorithm is based on the lossless data compression algorithm, Lempel-Ziv-Storer-Szymanski (LZSS). The video also mentions a modding tool called Frog Lord that allows players to explore the game files and make modifications. The compression algorithm used in Frogger may have been used in the Amiga community and could have been known to the game developer. The video encourages viewers to try using the modding tool to modify the game levels and share their creations with the small Frogger community.
Reverse Engineered a Dangerous Virus and Found Something WEIRD (Video)
FROM THE MEDIA: The video is about a malware called "esxi args" that encrypts VMS maliciously of 500 hosts in France, Germany, UK, and US. The speaker does a malware deep dive and reverse engineers the malware. They analyze the malware binary and find that it generates a stream key for symmetric encryption and then encrypts it with RSA public key. They also find that the ransomware author leaves the victim with the decrypt binary but no key, which they have to buy from the author. The author left debug symbols in the binary, which the speaker used to analyze the malware. They also find that the encryption scheme is not compromised and is cryptographically secure. The speaker encourages the viewers to hit like, subscribe, and watch more of their videos on cybersecurity.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at email@example.com.