Monday, April 03, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
China presses Japan to change course on chip export curbs
Analyst Comments: The ongoing US-China tensions over semiconductor-related exports have led to a fast-evolving geopolitical battle over access to the world's most advanced chips. This development demonstrates China's more active role in the face of a US sanctions regime that seeks to restrict global semiconductor-related exports to China. The comments also indicate the growing concern among Japanese companies as they fear that a spiraling chip war will make it harder for them to straddle the gulf between the US and China. Meanwhile, the review into imports from Micron Technologies on grounds of "national security" suggests China's potential to leverage its supply chains to achieve its national goals.
FROM THE MEDIA: China has cautioned Japan against implementing significant restrictions on semiconductor manufacturing equipment exports as part of the geopolitical battle for access to advanced chips. During a visit to Beijing by his Japanese counterpart, the Chinese foreign minister told him that the US had previously tried to "brutally suppress" Japan's semiconductor industry and was now "repeating its old tricks" against China. The export controls would affect a large number of Japanese companies, requiring producers of high-end equipment to obtain licenses for all regions. Meanwhile, China has launched a review into imports from Micron Technologies, based in Idaho, on grounds of "national security".
READ THE STORY: FT
DOJ appears willing to lean into transparency in surveillance fight
Analyst Comments: The DOJ's push to explain the benefits of the FISA Section 702 surveillance tool comes amid growing pressure to be more transparent about how data collected by the 702 programs are used in ongoing investigations. While some lawmakers have pushed for declassifying information about the program's use cases, others have called for reforms that require a warrant to search the 702 databases. With the controversy surrounding the FISA Section 702 program, it remains to be seen how effective the DOJ's efforts to reauthorize the program will be.
FROM THE MEDIA: Deputy Attorney General Lisa Monaco stated during the Verify Conference in Sausalito that the Department of Justice (DOJ) is prepared to share more with lawmakers about how Section 702 of the Foreign Intelligence Surveillance Act (FISA) assists the department's cyber investigations. Congress has until the end of the year to reauthorize Section 702, which allows intelligence agencies to collect warrantless surveillance of non-American citizens abroad. Monaco said the program has helped "prevent foreign ransomware attacks" on U.S. critical infrastructure. The DOJ has made improvements to the program in recent years, "that addressed very important and legitimate privacy and civil liberties concerns and issues" while also "preserving the efficacy," said Monaco.
READ THE STORY: AXIOS
How China is winning the race for Africa’s lithium
Analyst Comments: The US, EU, and other Western countries are concerned over China's dominant position in key minerals such as cobalt, lithium, and rare earth metals. With the rapid uptake of electric vehicles, securing a reliable lithium supply is becoming a challenge for carmakers. Africa is seen as a promising region for lithium production, but Chinese companies have already invested in many of the lithium mines there, building refineries at home to process their output. Western officials are now trying to pitch their investment offer to African countries as a more socially responsible alternative, but they face challenges on the ground, such as corruption and capricious politics.
FROM THE MEDIA: Chinese Foreign Minister Qin Gang has urged Japan not to impose large curbs on semiconductor manufacturing equipment exports, warning that such a blockade would only increase China's determination to become self-sufficient. The move comes amid an escalating geopolitical battle over access to the world's most advanced chips, with the US seeking to restrict global semiconductor-related exports to China. Japanese Foreign Minister Yoshimasa Hayashi's recent visit to China followed Japan's announcement of restrictions on exporting 23 different kinds of technology, including high-end equipment, to countries that could potentially produce high-end chips for military use in China and elsewhere. China is taking an increasingly active role amid its dominant position in minerals that are crucial for the energy transition, including cobalt, lithium, and rare earth metals.
A new private military company emerges in Crimea
Analyst Comments: The launch of a new private military company in Crimea, called “Convoy” (Конвой), is a significant development and shows Russia's efforts to replace Wagner units on the frontlines. The accusation of Moldovan authorities preparing a military provocation near the border of Transnistria may further escalate tensions in the region. The announcement of plans to deploy tactical nuclear weapons to Belarus after the news of the UK uranium-depleted ammo transfer is also a concerning development. The report also sheds light on the ongoing campaign of narratives that the Kremlin has utilized to justify its war on Ukraine. The emergence of new audio documenting Russian elites criticizing Putin for the war in Ukraine shows a possible internal struggle within the Russian leadership.
FROM THE MEDIA: The Digital Forensic Research Lab (DFRLab) of the Atlantic Council presents the latest installment of the Russian War Report. The report covers various issues, including Russia's escalating attacks in Avdiivka and the launch of a new private military company in Crimea, Russia and its political allies in Moldova inflaming the information space around Transnistria, Putin, and Lukashenka announcing plans to deploy tactical nuclear weapons to Belarus after the news of the UK uranium-depleted ammo transfer, Kremlin accusing NATO of being a party to the conflict in Ukraine, and new audio allegedly documenting Russian elites criticizing Putin for the war in Ukraine.
READ THE STORY: Atlantic Council
Pro-Islam 'Anonymous Sudan' Hacktivists Likely a Front for Russia's Killnet Operation
Analyst Comments: Anonymous Sudan's alleged connection to Killnet is concerning, as the latter is known for making exaggerated claims of its successes and attempting to position itself as a corporate entity with subgroups taking care of various tasks. The recent DDoS attack against Air France and the threat to sell its data, which it may or may not have, could indicate an escalation in motivation and attack type. While Anonymous Sudan and Killnet pose a medium-level threat at worst, their attacks should not be ignored.
FROM THE MEDIA: A pro-Islamic hacktivist group known as "Anonymous Sudan" has claimed responsibility for several recent DDoS attacks in France, Germany, the Netherlands, and Sweden, allegedly in retaliation for perceived anti-Islamic activities. However, researchers from Trustwave have found evidence suggesting that the group is, in fact, a subgroup of the Russian hacktivist collective known as Killnet. Killnet has been targeting organizations worldwide in DDoS attacks since Russia's invasion of Ukraine. Anonymous Sudan and Killnet share similarities in tactics, techniques, and procedures and have targeted organizations in countries opposed to Russia's invasion of Ukraine or supporting Ukraine. The group has a low to medium sophistication level, mainly launching DDoS attacks and threatening extortion with data they may or may not have.
READ THE STORY: DarkReading
The Unbelievable Zombie Comeback of Analog Computing
Analyst Comments: The article provides a detailed and informative overview of the history of analog computing and its potential for a comeback. The author uses examples and interviews with experts to support their argument, and their writing style is engaging and accessible. The article raises interesting questions about the future of computing and the role of analog computation in addressing the challenges of modeling the complexity of the physical world. Overall, it is a well-researched and thought-provoking piece.
FROM THE MEDIA: Analog computers were used in the past to simulate real-world conditions but were limited in accuracy and were eventually replaced by digital computers. However, modern analog computers are much more advanced than their historic ancestors and could be making a comeback. Many Silicon Valley companies have secret projects doing analog chips that could be used in applications that model the complexity of the physical world. Analog computation requires a math background, but financial incentives could overcome resistance to change. If power consumption and heat dissipation become expensive problems, shunting some of the digital load into miniaturized analog coprocessors could be significantly cheaper.
READ THE STORY: Wired
Graphcore says £900mn UK supercomputer should use its chips
Analyst Comments: Graphcore is making an ambitious demand to the UK government to allocate a significant portion of its new supercomputer project budget to UK-based companies, including Graphcore, to ensure the country's tech sovereignty. While the company faces stiff competition from the likes of US chipmaker Nvidia, Graphcore's AI chips are unique and provide the UK with a significant opportunity to compete in the global AI chip market. The company's demand comes amid concerns that it may lose its tech sovereignty if the government fails to include homegrown AI technology companies in its funding commitment. While Graphcore's concern is valid, the government must weigh the pros and cons of the request before deciding on the matter. If the government agrees to Graphcore's demand, it could help boost the UK's technology industry and improve the country's global competitiveness.
FROM THE MEDIA: UK-based tech startup Graphcore is urging the UK government to allocate a "meaningful" part of its new £900m ($1.2bn) supercomputer project to use its chips. Graphcore is reportedly concerned that the deal is critical at a time when its Silicon Valley investors are pushing the firm to consider moving to America and benefiting from US semiconductor subsidies. The company is demanding a "large percentage" of the budget for the project to be reserved for "homegrown UK technology companies", including Graphcore, to ensure that the funding commitment is not consumed by large US digital giants like Nvidia. Graphcore's AI chips have been designed specifically for AI applications and have been used by customers and researchers in finance, manufacturing, pharmaceuticals, automotive, and US government research centers.
READ THE STORY: FT
China’s top lenders tout limited exposure to the western banking crisis
Analyst Comments: The article reports that China's largest banks remain unscathed from the recent financial crisis in the US and Europe. They have reported strong earnings, and stress-testing against a potential minefield of new risks that includes exposure to European and regional US banks found only limited exposure. However, Zhang Yi, vice president of the Bank of China, has revealed that the bank still plans to adjust offshore assets and deposits. The banks are reporting to regulators about stress-testing against potential new risks, indicating that there is ongoing vigilance against any potential issues.
FROM THE MEDIA: China's largest banks have reported that they have not been affected by the recent financial crisis in the US and Europe, following the collapse of Silicon Valley Bank and Credit Suisse. The top four Chinese lenders, including the Industrial and Commercial Bank of China, China Construction Bank, Agricultural Bank of China, and Bank of China, all confirmed that they have not suffered any direct damage from last month's emergency rescue of Credit Suisse by UBS and the US banking sector's failures. Staff carrying out stress tests on China's banks found only limited exposure. However, Zhang Yi, vice president of the Bank of China, has revealed that the bank still plans to adjust offshore assets and deposits. The banks are still reporting to regulators about stress-testing against a potential minefield of new risks that includes exposure to European and regional US banks.
READ THE STORY: FT
Ukrainian Hacktivists Trick Russian Military Wives for Personal Info
Analyst Comments: This incident highlights the potential risks associated with social engineering tactics used by hackers to extract sensitive information from targeted individuals. It also raises concerns about the vulnerability of military personnel and their families to such attacks. The use of personal and intimate photos to blackmail individuals and their families is a worrying trend. It is important that individuals take steps to protect their personal information, and organizations must educate their employees about the risks associated with social engineering tactics. The incident also highlights the ongoing tensions between Ukraine and Russia and the use of cyber operations in this conflict.
FROM THE MEDIA: Ukrainian hacktivist group Cyber Resistance reportedly tricked the wife of a serving colonel in the Russian military into participating in a patriotic photo shoot, during which they extracted personal and sensitive information. The hacktivists targeted the colonel for his involvement in the bombing of a civilian-packed theater in Mariupol in March 2022. The group convinced the colonel's wife to take part in the photoshoot, under the pretext that the photos would be featured in a pin-up calendar to increase morale among the Russian military. The other officers were also involved in the attack. The hacktivists obtained sufficient professional data from the target's uniform and used his COVID-19 vaccination records to locate his current home, duty station, and other details. They hacked into the Russian Ministry of Defense website portal to hack email and get details on his salary.
READ THE STORY: HackRead
$18 billion revenue Western Digital hacked
Analyst Comments: The cyberattack on Western Digital highlights the ongoing threat of ransomware and cyberattacks to businesses of all sizes. The fact that the attacker had access to the company's systems suggests that Western Digital's cybersecurity measures may not have been sufficient to prevent the breach. The incident also serves as a reminder of the importance of backups and the need to test recovery plans to ensure that they can be executed effectively. The impact of the outage on Western Digital's customers is a concern and highlights the potential knock-on effects of a successful cyberattack.
FROM THE MEDIA: Data storage company Western Digital has suffered a cyberattack, with an authorized third-party accessing "a number of the company's systems." This has resulted in a major outage of the company's storage services, including products such as My Cloud and SanDisk ibi. The attack may have been a ransomware incident, although Western Digital has not confirmed this. The company has taken proactive measures to secure its systems and is working to restore impacted infrastructure and services. Meanwhile, customers are facing sweeping service outages. This incident serves as a reminder that restoring from backups can be complex and time-consuming, even when backups are intact.
READ THE STORY: The Stack
Phishing in the South China Sea
Analyst Comments: The targeted phishing campaign against offshore energy companies in the Kasawari gas field highlights the increasing cyber threats that countries and companies face, particularly in strategic areas such as the South China Sea. The alleged involvement of Chinese cyber espionage group APT40 also underscores the potential security risks of China's ambition to establish a blue-water navy, as noted by researchers at cybersecurity firm Mandiant. While Malaysia's muted response may reflect its non-confrontational policy towards China, it is important for countries to remain vigilant and proactive in defending against cyber attacks, particularly as oil and gas development in the South China Sea continues to be a primary flashpoint in the disputes.
FROM THE MEDIA: A phishing campaign targeted offshore energy companies operating in the Kasawari gas field off the coast of Sarawak, Malaysia. The campaign ran from March 2021 to June 2022 and involved emails containing links to a seemingly legitimate Australian news website, which activated a malware called ScanBox upon clicking. The attackers, suspected to be Chinese cyber espionage group TA423/Red Ladon or APT40, allegedly targeted the project as a high-priority area of interest, given its strategic and economic importance, and also conducted monitoring activities in the area. Despite the attack, Malaysia remained relatively muted in its response, potentially reflecting its policy of non-confrontation with China regarding the South China Sea issue.
READ THE STORY: The Diplomat
How New Technology Will Disrupt The Oil And Gas Industry
Analyst Comments: The oil and natural gas industry is facing significant headwinds and has been forced to transform itself by cutting costs and streamlining operations. To achieve this, the industry is turning towards tech giants for help with moving IT infrastructure to the cloud and adopting BPM systems. The adoption of digital solutions such as AI and blockchain technology can also make grids smarter and more reliable and help the energy sector to smoothly transition to renewable energy. The adoption of these digital solutions by the industry can lead to significant cost savings and result in a leaner and more agile organizational model.
FROM THE MEDIA: The oil and natural gas industry is facing a moment of transformation as it tries to cut costs and streamline operations due to increasing competition, changing consumer preferences, and government policies. To achieve this, companies in the industry are turning towards tech giants such as Microsoft, Google, and Amazon for help with moving their IT infrastructure to the cloud and adopting business process management (BPM) systems, resulting in a leaner and more agile organizational model with significant cost savings. The upstream market digital services industry is estimated to grow from less than $5 billion in 2020 to more than $30 billion by 2025, enabling oil producers to save up to $150 billion annually. The adoption of digital solutions such as artificial intelligence (AI) and blockchain technology can also make grids smarter and more reliable, and help the energy sector to smoothly transition to renewable energy.
READ THE STORY: Yahoo Finance
China's loans to Africa worry World Bank President David Malpass
Analyst Comments: The concerns raised by the President of the World Bank highlight the potential negative impact of China's lending practices in African economies. The lack of transparency in loan terms and conditions is problematic, and it is essential to ensure that developing economies are not saddled with excessive debt burdens that could hinder their growth prospects. By improving the quality of lending, as suggested by Mr. Malpass, there may be an opportunity to address this issue effectively. However, this would require the cooperation of all parties involved, and it remains to be seen whether China would be willing to adopt such a change. The concerns about higher food, fertilizer, and energy prices are also significant, as they could deepen the economic challenges faced by developing economies already struggling to recover from the pandemic.
FROM THE MEDIA: The President of the World Bank, David Malpass, has expressed his concerns about the transparency of China's loans to developing African economies. This comes amid fears that countries such as Ghana and Zambia may be struggling to repay their debts to Beijing, as steep increases in interest rates in the US and other major economies make loan repayments more expensive for developing economies. The World Bank hopes to address this issue by improving the quality of lending, with Mr. Malpass suggesting unbundling the loan to arrange financing separately from investment projects. Additionally, the World Bank is concerned about higher food, fertilizer, and energy prices sapping government budgets in poorer countries, which could deepen the economic challenges they face.
READ THE STORY: BBC NEWS
Growing Nation-State Alliances Increase U.S. Cyber Risks
Analyst Comments: This article provides valuable information about the increasing threat of nation-state cyber attacks against NATO countries, and how the collaboration between Russia, China, and Iran in cyberspace is posing a significant risk to their cybersecurity. The report highlights the historical and recent strategic and tactical steps taken by these countries to strengthen their technology and cybersecurity cooperation. Additionally, the article provides recommendations to state and local governments on how to protect themselves against cyber threats. Overall, this report is insightful and provides essential information on the challenges and potential dangers faced by NATO countries in cyberspace.
FROM THE MEDIA: NATO countries are facing a growing number of cyber attacks by nation-states, with Russia, China, and Iran increasing military cooperation in cyberspace. These nations' collaboration, which has been ongoing for several years, threatens NATO countries' cyber defenses. For example, Russia is said to be supplying Iran with advanced digital surveillance capabilities as part of their growing military alliance, which the US considers a threat. The countries have long collaborated in cyberspace, with Russia and China signing a cybersecurity agreement two years ago. NATO countries have been hit with unprecedented cyber-attacks, and this trend is rapidly accelerating due to a more coordinated effort from NATO's enemies.
READ THE STORY: GT
‘Tactical Octopus’ hackers using tax-related phishing scams to spread malware
Analyst Comments: The TACTICAL#OCTOPUS phishing campaign highlights the ongoing threat of cybercriminals using the tax season as an opportunity to steal personal information and data. The attack is a reminder of the importance of protecting oneself from malicious emails and attachments, particularly during tax season. Businesses and individuals need to be cautious when opening tax-related emails, and they should ensure that their email accounts are secured with strong passwords and multi-factor authentication to prevent unauthorized access. In addition, users should be cautious when downloading and sending their tax documents, ensuring that they are password-protected and that they are sent only to trusted parties. As the phishing campaign is still ongoing
FROM THE MEDIA: Cybersecurity researchers from Securonix have uncovered a new tax-related phishing scam operated by a group of hackers known as TACTICAL#OCTOPUS. The group is using tax-related email lures with seemingly valid employee W-2 tax documents, I-9 forms, and real estate purchase contracts, all with the intent of getting people to download malware. The hackers have created complex, password-protected .zip files with tax-related names like “TitleContractDocs.zip” or “JRCLIENTCOPY3122.zip.” Once a user downloads and opens the files, the malware spreads throughout the victim’s device, giving the hackers broad access to the system. The researchers have identified two of the IP addresses being used as belonging to Russia, but it is possible that this is a false flag operation. The phishing campaign is part of a yearly trend that ramps up at the beginning of each year, with the IRS identifying $5.7 billion in tax fraud schemes last year, more than twice the amount reported in 2021.
READ THE STORY: The Record
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
Analyst Comments: The discovery of OpcJacker highlights the ongoing threat of malware attacks, particularly as they relate to financial gain. The malware's sophistication and versatility make it an effective tool for cybercriminals seeking to access sensitive data, including cryptocurrency. The use of malvertising campaigns to distribute OpcJacker underscores the importance of user vigilance when browsing the internet and downloading software. Additionally, the use of fake websites to lure users underscores the importance of verifying the authenticity of websites and software before downloading or installing them. As such, individuals and organizations must remain vigilant and ensure that their systems are protected by strong security measures, such as anti-virus and anti-malware software, firewalls, and up-to-date software patches.
FROM THE MEDIA: OpcJacker, a new information-stealing malware has been found in the wild in the second half of 2022 as part of a malvertising campaign. The malware is capable of keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for hijacking purposes. The initial vector of the campaign involves a network of fake websites advertising innocuous software and cryptocurrency-related applications, with the February 2023 campaign specifically targeting users in Iran under the pretext of offering a VPN service. OpcJacker is concealed using a cryptr known as Babadeda and is capable of delivering next-stage payloads such as NetSupport RAT and a hidden virtual network computing (hVNC) variant for remote access. Given the malware's ability to steal crypto funds from wallets, the campaigns are suspected to be financially motivated.
READ THE STORY: THN
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
Analyst Comments: The misconfiguration vulnerability in the Azure Active Directory identity and access management service is a serious issue that could have led to unauthorized access to several high-impact applications. It is concerning that some of Microsoft's own internal apps were found to be susceptible to the vulnerability. However, it is reassuring that Microsoft took swift action to fix the vulnerability and awarded a bug bounty to Wiz for reporting it. It is also good to note that Microsoft found no evidence that the misconfigurations were exploited in the wild. Nonetheless, this incident highlights the importance of regular vulnerability assessments and prompt patching of any identified vulnerabilities to prevent unauthorized access.
FROM THE MEDIA: Microsoft has fixed a misconfiguration vulnerability affecting the Azure Active Directory (AAD) identity and access management service that exposed several high-impact applications to unauthorized access. The vulnerability was discovered and reported by cybersecurity firm Wiz, which received a $40,000 bug bounty for its discovery. The vulnerability was found to stem from a "Shared Responsibility confusion" issue that led to unintended access by allowing users from any Microsoft tenant. Several of Microsoft's own internal apps, including the Bing Trivia app, were also found to be susceptible to the vulnerability.
READ THE STORY: THN
Crypto’s dream of decentralization is dying
Analyst Comments: The legal challenges faced by the cryptocurrency exchanges highlight the paradox of the crypto economy, which was created as a tool for decentralized commerce and finance but primarily takes place on centralized exchanges. These exchanges are more centralized than traditional financial institutions, as they are the custodians of users' assets, place trades, and run the exchange where the trades take place. This status quo requires investors to trust these exchanges, assuming they execute trades at the best price, maintain enough capital on hand, and protect customer assets, despite being lightly regulated. The legal challenges to the exchanges may lead to greater scrutiny and regulation of the industry in the future.
FROM THE MEDIA: The world's largest cryptocurrency exchanges have faced a series of legal challenges in recent months, including indictments, lawsuits, and fines. FTX founder Sam Bankman-Fried was indicted on multiple charges, including fraud, following the collapse of the exchange. Kraken was sued by the Securities and Exchange Commission for failing to register its staking-as-a-service program and agreed to stop offering the service and pay a $30 million fine to settle the charges. Coinbase received a Wells Notice from the SEC, and Binance was sued by the Commodity Futures Trading Commission for violating US commodity regulations. The CFTC alleges that Binance violated know-your-customer and money-laundering regulations, solicited American customers to trade on its platform, and traded on its platform via accounts controlled by the company's CEO. Despite the legal challenges, the impact on the exchanges' businesses has been limited, with most experiencing only minor outflows.
READ THE STORY: FastCompany
Beijing’s Contradictory Signals May Deter Foreign Investment
Analyst Comments: China's contradictory messages are creating confusion among foreign companies, making it harder for them to do business in the country. China needs the private sector to lead the country's economic recovery, but recent events such as the arrests of employees of foreign companies have raised concerns about China's commitment to opening up to the world. While China's economy grew in 2022, it fell short of its target, indicating that the country still has work to do to recover from the pandemic. Furthermore, recent events have raised questions about whether China is trying to exert more control over the business sector, making it harder for foreign companies to operate in the country. If China continues to arrest employees of foreign firms, businesses may become warier, making it harder for China to recover economically.
FROM THE MEDIA: China is sending mixed signals to foreign companies, indicating that the country is reopening while arresting employees of foreign firms already operating in China. This is creating confusion among foreign companies, indicating that China is trying to recover economically from the pandemic while exerting control over the business sector. Despite China's economic growth in 2022, the country missed its 5.5% target, and the economy grew at 3%. Experts suggest that Chinese leaders perceive that China's economy needs a significant rebound in investment and consumption, and they need the private sector to lead that. Meanwhile, China's new premier, Li Qiang, said that China's economic recovery gained steam in March as he tried to reassure foreign companies that the country is committed to opening to the world. However, recent events, such as the arrests of employees of foreign companies, have raised concerns about whether geopolitical factors are involved.
READ THE STORY: VOA
Why a top US cyber spy urges: 'Get religion on backups
Analyst Comments: Joyce's comments underscore the importance of having a robust and tested cybersecurity strategy that includes the basics, such as backups, multi-factor authentication, and vulnerability scanning. As cyber-attacks continue to evolve, organizations must also be prepared to adapt their approach and have well-documented procedures in place for responding to security incidents. The lessons learned from Ukraine's experience highlight the value of practice and preparation in cybersecurity. Overall, Joyce's comments are a reminder that effective cybersecurity requires a multifaceted approach that includes both technical measures and effective planning and preparation.
FROM THE MEDIA: US National Security Agency's cybersecurity director, Rob Joyce, has urged businesses to focus on the basics of cybersecurity to fend off cyber attacks. Speaking at a recent Silverado Policy Accelerator summit, Joyce highlighted the importance of backups and of checking backup processes to ensure they work correctly. He also emphasized the value of practice, noting Ukraine's response to Russian cyber attacks, including the NotPetya and Bad Rabbit malware. Joyce recommended companies develop playbooks that outline responses and the roles of those involved in cyber security incidents.
READ THE STORY: The Register
The Lazarus Heist returns with more outlandish tales of fraud and skulduggery
Analyst Comments: The Lazarus Heist is a well-produced and engaging podcast that shines a light on the world of cybercrime. The storytelling can be a bit dense at times, but the series compensates for this with its remarkable cast of characters and intriguing narrative. The podcast highlights the dangers of cybercrime and underscores the need for robust security measures to protect against it. Overall, it is a fascinating exploration of an increasingly important issue in today’s digital age.
FROM THE MEDIA: The BBC World Service podcast “The Lazarus Heist” is back with its second season, exploring the world of cybercrime by focusing on jackpotting, a practice that uses malware to control ATM machines. The podcast tells the story of a global heist worth $2.1 billion and spanning 28 countries, allegedly conducted by the Lazarus Group, a shadowy cybercrime collective. The series opens with a breakdown of how the complex heist was pulled off, including the intricacies of banking systems, how law enforcement officials pieced together the scale of the crime and the machinations of the dark web. The storytelling can sometimes get bogged down in detail, but the podcast features an interesting cast of characters and a clear note of admiration for the operation, which White calls “an extraordinary global flash mob of crime”.
READ THE STORY: FT
Separating OSINT from the Secret World Strengthens Both
Analyst Comments: The article provides a clear argument for the establishment of a new agency dedicated solely to OSINT, highlighting the potential benefits of such a separation. The article acknowledges the challenges associated with ramping up OSINT efforts but argues that these are solvable problems that do not justify holding up the progress of the promising OSINT revolution. However, the article does not delve into the potential drawbacks or risks of separating OSINT from secret intelligence agencies, which would require a more nuanced analysis. Nonetheless, the article provides valuable insights into the growing importance of OSINT and the need to establish a dedicated agency to fully realize its potential.
FROM THE MEDIA: The article argues that a new agency dedicated solely to open-source intelligence (OSINT) should be established, separate from traditional intelligence agencies. With the explosive growth in publicly available information (PAI) spawned by the information technology revolution, separating OSINT from secret intelligence would reinvigorate both, according to the article. OSINT offers democracies a tremendous competitive advantage in their struggle against despotic regimes and violent movements. However, there are challenges that ramping up OSINT efforts would pose, such as verifying the provenance of data, assuring quality control in tradecraft and analysis, and finding the right balance between public and private efforts. Nevertheless, separating OSINT from secret intelligence would be beneficial to both, as secret intelligence agencies could then narrow their focus back to cracking the subset of intelligence problems and cultivating the complex, disciplined tradecraft and organizational culture needed to effectively practice these highly specialized arts.
READ THE STORY: The Cipher Brief
Items of interest
Crypto Whales Accumulating Ethereum Scaling Altcoin by the Millions, According to On-Chain Data
Analyst Comments: The report suggests that crypto whales are bullish on the native asset of Arbitrum, an Ethereum layer-2 project. The accumulation of ARB by whales is an indication of positive sentiment toward the project and could attract other investors to take a closer look. However, it is important to note that the crypto market is highly volatile and unpredictable, and any investment should be made with caution.
FROM THE MEDIA: Blockchain-tracking firm Lookonchain has reported that several crypto whales have been accumulating the native asset of Arbitrum (ARB), a hot Ethereum (ETH) layer-2 project. Digital asset manager Amber Group transferred 11.2 million ARB ($15.8 million), out of which 7.3 million ARB ($10.3 million) was sent to crypto exchanges OKX and Binance, where it could potentially be sold on the open market. Meanwhile, several crypto whales have been accumulating ARB, with one whale collecting a total of 4,048,947 ARB worth $5.7 million from OKX and Binance within the last 48 hours. Another whale received 4,099,517 ARB worth $5.78 million from OKX over the same timeframe, while a third crypto whale accumulated 1,003,798 ARB worth $1.41 million from Binance.
READ THE STORY: The Daily Hodl
Her Never-Ending Quest to make Zero Days Hard Darknet Diaries Ep. 127: Maddie (Video)
FROM THE MEDIA: Maddie Stone's day job at Google is to squash million-dollar bugs: The vulnerabilities that criminals and nation-states pay BIG bucks to know about and exploit. Her work protects activists, journalists — and ultimately everyone — from the malware lurking around every corner of the Internet.
The Layman's Guide to Zero-Day Engineering (Video)
FROM THE MEDIA: A demystification of the exploit development lifecycle There's a certain allure to zero-day exploits. At the apex of the security industry, these elusive technologies are engineered by a persistent few to open doors of software systems that were never meant to exist. We go behind the scenes to provide an inside look at the zero-day development lifecycle, breaking common misconceptions regarding this increasingly difficult tradecraft.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.