Tuesday, April 04, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
China’s new laser space weapons alarm the US
Analyst Comments: It highlights how China's focus on military benefits from its space program could have significant consequences for other nations, particularly India. The article also provides insights into India's efforts to create its own space capabilities and to form partnerships with other nations. However, the article does not provide a balanced view of the benefits and risks associated with China's space program, and it could have benefited from a more nuanced analysis. Additionally, the article could have explored the impact of China's space program on global cooperation in space exploration and scientific advancements.
FROM THE MEDIA: China's space program has been largely linked to military benefits, with its space department functioning directly under the People’s Liberation Army (PLA). China's space program has grown rapidly since President Xi Jinping came to power in 2012, with a greater focus on military capabilities and the PLA devoting more attention to space and information capabilities. China's goal of becoming a world-class military power by 2027 is closely linked to the development of its space and counter-space capabilities. China has been conducting extensive space launches and has developed advanced technologies like the Relativistic Klystron Amplifier (RKA) and hypersonic missiles, which have raised concerns in the US. India, which is impacted by China's growing space power, is working to create its own space and counter-space capabilities to create a minimum deterrence. India is also exploring partnerships with other nations to counter China's dominance in space.
READ THE STORY: The Times of India
The UK company spreading Russian fake news to millions
Analyst Comments: Yala News is a UK-registered company operating out of Syria, which is accused of acting as a Kremlin loudspeaker in the Middle East, spreading propaganda through a third party. This is known as information laundering. The case of Yala News is also an example of how social media platforms can be used to spread disinformation to millions of people. Facebook has recently claimed to work with third-party fact-checkers to fight the spread of misinformation on its platforms, but this case indicates that more work needs to be done.
FROM THE MEDIA: BBC's Disinformation Team has revealed that Yala News, a UK-registered media company, is spreading Russian state disinformation to millions of people in the Arab-speaking world. Yala News claims to offer impartial news, but BBC analysis has shown most of its content directly mirrors stories on Russian state-backed media sites, and it actually operates out of Syria. Yala News has a strong social media presence and its Facebook pages are glossy and well-produced, with slick videos uploaded every couple of hours. Yala News has a huge following of three million Arabic-speaking followers. It has been accused of spreading propaganda on behalf of the Kremlin in the Middle East.
READ THE STORY: BBC
China’s battery king faces scrutiny over EV market dominance
Analyst Comments: The article highlights the concerns raised by US and Chinese regulators and political leaders over the dominance of CATL in the electric vehicle battery market. The article provides insight into CATL's history, growth, and strategy to become one of the world's most important manufacturing companies. The article also explores the potential risks facing CATL, including US-China tensions and being deemed a strategic threat by American officials. Overall, the article provides a comprehensive overview of the current situation surrounding CATL and its future prospects.
FROM THE MEDIA: Robin Zeng, the billionaire founder of China's Contemporary Amperex Technology (CATL), is under scrutiny by both US and Chinese regulators and political leaders due to his company's dominance of the electric vehicle battery market. CATL, which has cornered more than a third of the global EV battery market, is being criticized for receiving Beijing's support and blocking foreign suppliers. CATL has grown rapidly and supplies almost all major carmakers, including Tesla, BMW, and Volkswagen. CATL's cheaper lithium iron phosphate batteries represent stiff competition for nickel-rich chemistries produced by leading South Korean battery makers. However, last month, Xi Jinping, the Chinese president, led a rare direct intervention and urged CATL to rein in the pace of its expansion. Zeng's bold entrance into the US market has also caused concern in Washington, despite national security fears, with Marco Rubio criticizing the use of CATL technology in Ford's Michigan factory.
READ THE STORY: FT
Silicon Valley Is Beating Washington to China Decoupling
Analyst Comments: The decoupling of U.S. and Chinese investments in the tech sector is expected to continue as investors seek to minimize geopolitical and policy risks. Market forces and the geopolitical climate are driving investors to focus on domestic opportunities. However, opinions are divided on whether this trend will persist, with some believing that the two largest economies need to cooperate in the long run, while others predict the decoupling may last for the next 10 to 15 years.
FROM THE MEDIA: U.S. venture capitalists have considerably reduced their investments in China's tech sector, with deals dropping from $35.6 billion in 2018 to $7.2 billion in recent years. Factors driving this reduction include geopolitical tensions, investment restrictions in both countries and concerns over China's strict zero-COVID policy and supply chain issues. Despite the change in the U.S. administration, the Biden government has maintained a hard line on China, further impacting investments.
READ THE STORY: FP
N. Korean hacking group Kimsuky funds Pyongyang's espionage operations through cybercrimes
Analyst Comments: The use of cyber attacks and other illicit activities to fund North Korea's nuclear weapons program is not new, but the report sheds light on the extent to which the country's state-backed hacking groups are involved in these activities. The targeting of cryptocurrency and pharmaceutical firms during the pandemic highlights the group's opportunistic and versatile approach to cybercrime. The report also underscores the need for continued vigilance against North Korean cyber threats, as the country continues to develop its weapons program and conduct military provocations.
FROM THE MEDIA: North Korean state-backed hacking group Kimsuky, also known as APT43, has been found to have committed cybercrimes to fund the country's nuclear weapons program, according to a report by Google's cybersecurity unit Mandiant. The report says that the group has tracked APT43's activity over the past five years, which has included targeting cryptocurrency to support the program. The group also approached pharmaceutical firms for information on COVID-19 vaccines and treatment during the pandemic and has sent spear-phishing emails to policymakers or researchers in South Korea and the United States to ask for an analysis of North Korean issues. Mandiant believes APT43 is part of the Reconnaissance General Bureau (RGB) in the North Korean government, which shares malware and hacking codes to fund the weapons program.
READ THE STORY: YNA
CONTI Hacker Group: The Young “For-Profit” Super-Cybercriminal Threat
Analyst Comments: The group's aggressive tactics and willingness to target organizations in a wide range of industries make it likely to pose a significant risk for years to come. Understanding the behavior, targeting, tactics, and motivation of adversarial hacking groups like CONTI can guide organizations in designing strong cybersecurity strategies. To mitigate the threat posed by CONTI and other hacking groups, businesses and organizations need to have a multi-layered security program that includes endpoint protection, continuous user awareness and training, vulnerability assessments, incident response planning, and collaboration with other organizations and industry groups.
FROM THE MEDIA: The CONTI hacker group, which emerged in late 2020, is a relatively new player in the world of cybercrime. It has developed a reputation for using aggressive tactics and demanding higher-than-average ransom payments. CONTI's malware is known for its ability to evade detection by antivirus software and to spread rapidly through an organization's network. The group uses double extortion tactics, encrypting the victim's data and also stealing sensitive information such as financial data, intellectual property, or personally identifiable information (PII). They then threaten to release this information publicly if the victim does not pay the ransom. CONTI is thought to be operating for members' profit while also supporting the Russian invasion of Ukraine.
READ THE STORY: Forbes
UK says its offensive cyber operations are ‘accountable, precise, and calibrated’
Analyst Comments: The NCF's claim that its cyber operations are different from those of its adversaries is consistent with the principles of just war theory. The agency's emphasis on transparency, accountability, and precision suggests that it seeks to limit the impact of its operations on innocent third parties and avoid collateral damage. The NCF's commitment to transparency is noteworthy, as it seeks to reassure the public and other nations that it is not engaged in reckless or malicious cyber activities. However, the lack of specific examples of the NCF's activities in the published paper may undermine its credibility and raise questions about the ethical considerations involved in operational planning.
FROM THE MEDIA: The National Cyber Force (NCF) in the United Kingdom claims that its offensive hacking activities are fundamentally different from those of its adversaries, Russia and China. According to the NCF, its cyber operations are "accountable," "precise," and "calibrated," in contrast to the "reckless" cyberattacks conducted by other nations. The agency aims to demonstrate the UK's commitment to being a responsible and democratic cyber power by offering greater transparency about its activities. As part of this effort, the NCF published a paper on Tuesday offering the most detailed explanation of Britain's offensive cyber capability to date. However, the document was criticized for lacking specific examples of the NCF's activities and the ethical considerations involved in operational planning.
READ THE STORY: The Record
SanDisk maker announces ongoing cyberattack after data stolen by hackers
Analyst Comments: The network security incident at Western Digital highlights the continued threat posed by cyber-attacks to companies and their data. The company's response to the incident, including taking systems and services offline and coordinating with law enforcement authorities, suggests that it is taking the attack seriously and prioritizing the security of its systems and data. However, the lack of information about the extent of the data that was stolen and the specific nature of the attack may cause concern among customers and other stakeholders.
FROM THE MEDIA: Data storage company Western Digital has suffered a network security incident that began last week, in which hackers gained access to the company's systems and data. Although the extent of the data that was stolen has not been disclosed, Western Digital confirmed that an "unauthorized third party" breached its systems. The company is still determining how much data was taken and is working to restore affected network infrastructure while continuing its investigation with law enforcement authorities. Users of Western Digital's My Cloud service have reported issues accessing their accounts since the attack began.
READ THE STORY: The Record
Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks
Analyst Comments: The ongoing cyberattacks by Arid Viper/Mantis highlight the continued threat posed by advanced persistent threat (APT) groups to sensitive organizations and national security interests. The group's use of homemade malware tools across multiple platforms and its careful targeting of victims through spear-phishing emails and social engineering tactics demonstrate the need for organizations to implement strong cybersecurity measures and employee awareness training. The group's persistence and willingness to put time and effort into maximizing its chances of success, including extensive malware rewriting and compartmentalizing attacks to reduce detection chances, make it a determined adversary. The links to the cyber warfare division of Hamas suggest that the group may be motivated by political or ideological objectives.
FROM THE MEDIA: Security firm Symantec has reported that a threat actor known as Arid Viper, or Mantis, has been using refreshed versions of its malware toolkit to target Palestinian entities since September 2022. The group has been linked to attacks aimed at Palestine and the Middle East since at least 2014 and is believed to be a native Arabic speaker and based in Palestine, Egypt, and Turkey, with links to the cyber warfare division of Hamas. Mantis is using homemade malware tools such as ViperRat, FrozenCell, and Micropsia to execute and conceal its campaigns across Windows, Android, and iOS platforms. The group employs spear-phishing emails and fake social credentials to lure targets into installing malware on their devices. The most recent attacks by Mantis involve the use of updated versions of Micropsia and Arid Gopher implants to breach targets and engage in credential theft and data exfiltration.
READ THE STORY: THN
Russia complains its journalists are under attack and facing 'witch hunts' just days after arresting an American reporter
Analyst Comments: Zakharova's comments regarding discrimination against Russian journalists are ironic, given the country's track record of silencing criticisms or observations outside the official narrative and the treatment of journalists in Russia, including the recent detention of an American reporter for alleged espionage. The blame game and finger-pointing by Russian officials following Tatarsky's death and the arrest of Gershkovich further indicate the country's disregard for media freedom and international norms.
FROM THE MEDIA: Russian Foreign Ministry spokesperson, Maria Zakharova, claimed that Russian journalists face discrimination and "witch hunts" following the death of pro-Kremlin military blogger Vladlen Tatarsky in an explosion at a cafe in St. Petersburg. The spokesperson praised the blogger and blamed Ukraine, despite the country denying any involvement. Tatarsky had gained popularity for his pro-war blogging on his Telegram channel and was linked to Russia's offensives in the Donbas region in 2014 and an assault in Mariupol last year. Zakharova's comments about Russian journalists being stigmatized with special markings on digital platforms and subjected to "witch hunts" in the Western media sharply contrast with the treatment of journalists in Russia, where reporters have been killed or jailed. The comments came just days after the widely-condemned arrest of Wall Street Journal reporter Evan Gershkovich by Russian authorities for alleged espionage, marking the first time Russia has brought a spy case against a foreign journalist since the Cold War.
READ THE STORY: INSIDER
Universities express doubt over tool to detect AI-powered plagiarism
Analyst Comments: The launch of the new service by Turnitin to detect AI-generated text has sparked concerns among universities, with some opting out of the new service. The concerns of false accusations of cheating and privacy issues are legitimate and require close attention from universities before opting for such systems. The rapid development of AI requires a much more sophisticated approach to academic integrity than just detection tools, as suggested by some academics and higher education consultants. Turnitin should address the concerns raised by universities and ensure that the new service is transparent and fair to students.
FROM THE MEDIA: Turnitin, a popular plagiarism detection software used by more than 10,000 educational institutions worldwide, has launched a new service that can identify AI-generated text with 98% confidence. However, the launch of the new system has raised concerns among universities regarding false accusations, handing student data to a private company, and preventing experimentation with new technologies such as generative AI. Cambridge and other members of the Russell Group have already said they will opt out of the new service, according to sources familiar with the decision. In addition, the UCISA, the UK membership body supporting technology in education, has worked with Turnitin to ensure universities have the option to temporarily opt out of the feature.
READ THE STORY: FT
Russia's Invasion of Ukraine Heralds New Era of Warfare
Analyst Comments: The concerns raised by top U.S. military and intelligence officials about the possible erosion of the line between virtual and real-life battlefields and the possibility of adversaries using cyberattacks as the best first-strike option appear to be valid. Russia’s use of cyberattacks in Ukraine, coupled with the increase in the pace of such attacks, underscores the need for greater vigilance and preparedness among U.S. officials. Furthermore, the possibility of China learning from Russia’s cyber failures as it prepares for future military confrontation is a cause for concern. The warning from U.S. officials that the first indication of a Chinese attack on Taiwan could come in cyberspace is a reflection of the evolving nature of modern warfare, where cyberattacks can serve as an effective precursor to conventional military operations.
FROM THE MEDIA: Top U.S. military and intelligence officials have raised concerns about Russia’s use of cyberattacks during the ongoing conflict in Ukraine, warning that it could be a precursor for a new era of combat in which the line between virtual and real-life battlefields is blurred. The officials have cautioned that adversaries of the U.S. may look at Russia’s efforts to topple Kyiv and conclude that a cyberattack may be the best first-strike option. Russia has been using its Kinzhal hypersonic missile, among other advanced weaponry, to take out Ukrainian power plants and other critical infrastructure, and the pace of cyberattacks has increased in recent times, according to Ukrainian officials. The officials have also warned that U.S. adversaries such as China may be learning from Russia’s cyber failures as they prepare for future military confrontation, including potential plans to retake Taiwan.
READ THE STORY: VOA
‘Undersea Battle’ Erupts Between US & China As Both Look To Gain Supremacy In Controlling Global Comm Lines
Analyst Comments: The article provides an insightful overview of the US-China competition to control global communications through undersea fiber-optic cables. It highlights the vulnerability of the undersea cables to espionage and sabotage attacks and the potential for them to be used for surveillance by intelligence agencies. The article also discusses the efforts made by the US to counter China's growing influence in the undersea cable space and convince its allies to steer clear of Chinese-made undersea cables. Overall, the article is well-researched and provides a detailed analysis of the undersea cable industry and its significance in the US-China tech war.
FROM THE MEDIA: The US and China are competing to control global communications through undersea fiber-optic cables, which carry the majority of international internet traffic. The US has been using its leverage with its allies to snag key undersea cable-laying contracts away from Chinese firms like HMN Technologies. On the other hand, China has been investing heavily in undersea cables, particularly in its Belt and Road Initiative, to gain an edge over the US. The US has been working to counter China's growing influence in the undersea cable space and convince its allies to steer clear of Chinese-made undersea cables, warning that they could be used to spy on their communications. The stakes are high as both countries jostle for dominance in the digital age.
READ THE STORY: The EurAsian Times
Legend of the Chinese 'Cyber Prometheus' of China's Great Firewall
Analyst Comments: The article provides a detailed account of the circumstances surrounding Ruan's arrest and sentencing. It highlights the importance of Ruan's work in teaching Chinese netizens how to bypass online censorship and protect their anonymity. The article also raises important questions about the CCP's efforts to control the internet and the potential for dissent within the Party. However, it should be noted that the article takes a critical stance toward the CCP and may not present a balanced view of the situation in China. Additionally, as an AI language model, ChatGPT cannot verify the accuracy of the information presented in the article.
FROM THE MEDIA: The article discusses the recent revelation of the identity of the anonymous blogger, "Program-think," who taught Chinese netizens how to bypass the "Great Firewall" of online censorship in China. The blogger, whose real name is Ruan Xiaohuan, was also the Chief Engineer of the information security system for the 2008 Beijing Olympics. Ruan was taken away by Chinese police on May 10, 2021, and was sentenced to seven years in prison for "subversion of state power" on February 10, 2023. Ruan's wife, Bei, is helping him appeal his sentence.
READ THE STORY: JAPANForward
Micron Says China Operations Normal Despite Government Review
Analyst Comments: The review of Micron's products in China is part of a broader cybersecurity campaign being led by the country's regulators, which has intensified in recent years, particularly against foreign companies. While Micron has said that its operations are not impacted, this could change if the review leads to tighter restrictions on the company's products. The move also highlights the tension between the US and China over the tech industry, with US firms feeling the effects of Chinese regulators' scrutiny over a range of issues, including cybersecurity and data privacy. As China seeks to reduce its dependence on foreign technology, US chipmakers are at risk of being shut out of a crucial market, which could lead to significant financial losses.
FROM THE MEDIA: Micron Technology has confirmed that its business operations in China are unaffected and operating as normal, while it cooperates with the country’s cyber-security review of its products. Last week, China's Cyberspace Administration said it would undertake a security review of Micron’s products sold in the country, and the company is said to derive about 10% of its revenue from China. The development comes amid the deepening rift between the US and China over chip technology that has left companies caught in the crossfire. Micron is the only US-based player in the global market for memory chips and is constructing a new $15bn factory in upstate New York.
READ THE STORY: AF
Russia’s shadow war: Vulkan files leak show how Putin’s regime weaponizes cyberspace
Analyst Comments: The article provides a comprehensive overview of Russia's cyber capabilities and strategies, as revealed by the recent leak of documents. It is notable that Western intelligence agencies have confirmed the documents appear genuine. The article also effectively illustrates how cyber attacks can be used to target a range of sectors and social pressure points, making them particularly effective in attacking democracies. However, it is important to exercise caution before accepting claims about cyber capabilities and to consider potential biases in the sources of information. Overall, the article provides valuable insight into Russia's cyber warfare capabilities and highlights the need for increased resilience and defense against such attacks.
FROM THE MEDIA: A recent leak of more than 5,000 documents provides insight into Russia's cyber capabilities and strategies. The documents reveal details about hacking tools, disinformation campaigns, and ways to monitor potential threats to the regime. Western intelligence agencies have confirmed that the documents appear genuine, which corroborates the view that the Russian government regards offensive cyber capabilities as part of a holistic effort to degrade its enemies. The leak also highlights the long list of enemies identified by the Russian government, including the United States, Ukraine, every NATO and European Union member, and several other states. Russia uses groups attached to official agencies such as the GRU and FSB for prominent cyber attacks on a range of targets. Russian information operations regularly use armies of bots and trolls, as well as unsuspecting “citizen curators”, to spread false narratives. The leak also adds more detail to what is known about Russian methods, tactics, and targets in cyberspace.
READ THE STORY: The Conversation
Back-door cyber threat leaving supply chains exposed
Analyst Comments: It is clear that businesses need to take the issue of supply chain security seriously, especially given that the majority of cyber risks in the digital supply chain go undetected for long periods. The article provides valuable insights into the risks that businesses face, the challenges of monitoring all suppliers, and the importance of using advanced AI-powered options to manage alerts arising from vendor monitoring. Companies should look for solutions capable of scaling, covering all suppliers, and aiming for continuous monitoring to limit the attackers' window of opportunity. While the article's perspective is from a cybersecurity firm, it offers valuable information to help organizations protect their supply chains from cyberattacks.
FROM THE MEDIA: Cybersecurity firms are warning that the rising number of cyberattacks on supply chains requires businesses to take immediate action. Cybercriminals often target suppliers as a way of gaining access to larger companies - the so-called backdoor attack. Hackers frequently use suppliers as entry points for malware, ransomware, or denial-of-service attacks that then move upstream or downstream to the larger organization. Cybersecurity companies are warning that businesses need to take this problem seriously as it can quickly impact business continuity. The largest cybersecurity threats come from suppliers or third parties who have access to an organization's IT networks. Despite the high-tech world we live in, much of cybersecurity is down to sound housekeeping and well-managed communications, both in-house and external. Cybersecurity company BlueVoyant UK found that although most organizations took steps to mitigate third-party cybersecurity risks, over one-third of them only reassessed that risk every six months, while just 3% monitored the risk daily or in real-time.
READ THE STORY: SupplyChain
Ransomware Groups Attacking Satellite and Space Industry
Analyst Comments: The article highlights the growing threat of cyber attacks on the space and SATCOM industry, which can cause severe economic and security impacts. The article provides detailed information on the types of attacks and vulnerabilities associated with GNSS receivers and satellite modems. It also offers recommendations to protect SATCOM systems from unauthorized access and to address known vulnerabilities. The article emphasizes the importance of conducting regular security training for staff and updating security policies and procedures regularly.
FROM THE MEDIA: The space industry and SATCOM networks have become an essential part of critical infrastructure for many nations, and any disruptions could have significant impacts on the economy and security of the nation. Cyble Research Intelligence Labs (CRIL) has reported an increase in ransomware attacks on the space sector due to recent geopolitical developments. GNSS receivers and satellite modems have been targeted by ransomware groups and hacktivists such as GhostSec, who have been actively involved in exploiting satellite receivers. Vulnerabilities have been found in internet-exposed GNSS systems, and Newtec Satellite modems are also exposed to the internet. Lockbit 3.0 is also a prevalent threat to the satellite and space industry, targeting and compromising several companies related to this industry.
READ THE STORY: CyberSecurityNews
Italian Watchdog Bans OpenAI's ChatGPT Over Data Protection Concerns
Analyst Comments: The temporary ban on OpenAI's ChatGPT service by Italy's data protection watchdog comes amid growing concerns about the protection of personal data by AI-focused companies. The lack of age verification and accuracy of information are indeed legitimate concerns, and OpenAI's response of blocking access to Italian IP addresses and issuing refunds to subscribers of ChatGPT Plus is commendable. The company now has 20 days to notify the Garante of the measures it has taken to comply with GDPR laws or risk facing fines. Nevertheless, the ban is unlikely to impact applications from other companies that use OpenAI's technology to augment their services. The regulatory scrutiny of AI-focused companies is expected to increase in the coming years as the use of AI grows in various sectors.
FROM THE MEDIA: Italy's data protection watchdog, Garante has imposed a temporary ban on OpenAI's ChatGPT service in the country, citing concerns about data protection. The company has been ordered to stop processing users' data with immediate effect, and the Garante has said it intends to investigate whether the firm is unlawfully processing personal data in violation of GDPR laws. The regulator has pointed to the lack of any age verification system to prevent minors from accessing the service and the accuracy of the information surfaced by ChatGPT. OpenAI has blocked its generative AI chatbot from being accessed by users with an Italian IP address and is issuing refunds to subscribers of ChatGPT Plus, in addition to pausing subscription renewals.
READ THE STORY: THN
Capita, a company providing UK’s nuclear submarine training, confirms ‘cyber incident’
Analyst Comments: Capita's statement did not provide details about the nature of the incident or whether the investigation is ongoing. While financially motivated ransomware attacks are prevalent in the UK, Capita provides services to the British government that may be of interest to state-sponsored espionage groups. Capita has numerous contracts, including several with the Ministry of Defence, and last year took control of engineering and maintenance support of training simulators for the Royal Navy's nuclear-powered ballistic missile submarines used as part of the UK's nuclear deterrent. The company said there was no evidence of customer, supplier, or colleague data having been compromised.
FROM THE MEDIA: Capita, the UK's largest outsourcing company has confirmed that the IT outage that locked some staff out of their accounts on Friday was caused by a cyber incident. According to reports, staff attempting to log in were told their usual passwords were "incorrect", fueling speculation that a cyberattack was to blame. The company's update said it "experienced a cyber incident primarily impacting access to internal Microsoft Office 365 applications." It confirmed that the issue was limited to parts of its network, some services provided to clients were disrupted, and it has restored access to Microsoft Office 365.
READ THE STORY: The Record
Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack
Analyst Comments: The deployment of a second-stage implant targeting a small number of cryptocurrency companies further confirms the involvement of the Lazarus Group in the 3CX supply chain attack. The group has a history of targeting financial institutions, particularly cryptocurrency exchanges, to fund the North Korean regime. It is unclear if the ultimate goal of the campaign was to infect targets with the full-fledged modular backdoor, but the possibility of using ICONIC Stealer as a reconnaissance tool to identify targets of interest for follow-on exploitation remains. The fact that the infection rate has been the highest in Brazil, Germany, Italy, and France raises concerns as these countries are major economic hubs in Europe and South America.
FROM THE MEDIA: Russian cybersecurity firm Kaspersky has reported that the cybercriminals behind the supply chain attack on 3CX, a provider of unified communication solutions, have deployed a second-stage implant targeting a small number of cryptocurrency companies. Kaspersky has been internally tracking the versatile backdoor under the name Gopuram since 2020. The backdoor’s links to North Korea come from the fact that it "co-existed on victim machines with AppleJeus, a backdoor attributed to the Korean-speaking threat actor Lazarus," detailing an attack on an unnamed crypto firm located in Southeast Asia in 2020. The targeting of cryptocurrency companies is another telltale sign of the Lazarus Group's involvement, given the threat actor's recurring focus on the financial industry to generate illicit profits for the sanctions-hit nation.
READ THE STORY: THN
Jailed US reporter’s defense appeals his arrest in Russia on espionage charges
Analyst Comments: The arrest of Evan Gershkovich, an American journalist, on espionage charges in Russia is a concerning development. The charges against Gershkovich appear to be politically motivated, and his detention in Moscow's Lefortovo prison, which is notorious for its harsh conditions, raises serious concerns about his safety and well-being. The US has called for Gershkovich's release, but given the tense relationship between the US and Russia, it is unclear whether Russia will comply. The case highlights the increasing risks faced by journalists and other media professionals operating in authoritarian regimes, where press freedom is under threat, and journalists are increasingly being targeted.
FROM THE MEDIA: Lawyers representing Evan Gershkovich, an American reporter for The Wall Street Journal, who was arrested in Russia last week on espionage charges, have appealed his arrest. The appeal was filed by Gershkovich's defense team, but no date has been set for a hearing. Gershkovich, 31, was detained in Yekaterinburg, Russia's fourth-largest city, and is accused of trying to obtain classified information about a Russian arms factory. He has been placed in Moscow's Lefortovo prison, a prison that dates back to the czarist era and is known for being a symbol of repression since Soviet times. Gershkovich is in a double cell without a cellmate and is in quarantine while undergoing medical checks, according to Russian state prison monitor, Alexei Melnikov. Melnikov also wrote that Gershkovich had access to a TV, radio, and refrigerator, and was reading a book from a prison library. The US has demanded Gershkovich's release, and President Joe Biden himself urged Russia to let him go.
READ THE STORY: The Times of Israel
Items of interest
Satellite photos reveal China ‘Espionage’ Base on a tropical island
Analyst Comments: The report provides a clear analysis of the strategic importance of the Great Coco Island, and China's interest in its development. The report highlights the potential challenge China poses to India's Eastern Fleet, which has a commanding presence in the Bay of Bengal and controls over the Indian Ocean's approaches to the Strait of Malacca. Myanmar's investment in the remote island can be seen as a way to strengthen its ties with China and deepen its relationship with its military dictatorship. It is also an indication of China's determination to establish itself as a global superpower.
FROM THE MEDIA: Myanmar's investment in the development of a remote island in the Bay of Bengal, which includes upgrading the runway and military facilities, has raised questions about China's involvement. The Great Coco Island is only 55 km from an Indian military facility in the Andaman and Nicobar Island group, and 1200 km from the Strait of Malacca, a critical international sea line of communication. Recent satellite images show that China has built two new hangars, new accommodation facilities, and a new causeway on an island off Great Coco’s southernmost tip. The upgrade of the runway has also been extended from its original 1300m length to about 2300m. This development has been interpreted as China's plan to reduce its dependency on the Malacca Strait or maintain a credible presence in the Indian Ocean to secure SLOCs. The expansion and revitalization project in Myanmar is believed to be part of China's Belt and Road initiative to reshape global trade routes and assert its influence over other nations.
READ THE STORY: NZHearald
CHATGPT + WOLFRAM - THE FUTURE OF AI (Video)
FROM THE MEDIA: In an era of technology and innovation, few individuals have left as indelible a mark on the fabric of modern science as our esteemed guest, Dr. Steven Wolfram. Dr. Wolfram is a renowned polymath who has made significant contributions to the fields of physics, computer science, and mathematics. A prodigious young man too, Wolfram earned a Ph.D. in theoretical physics from the California Institute of Technology by the age of 20. He became the youngest recipient of the prestigious MacArthur Fellowship at the age of 21. Wolfram's groundbreaking computational tool, Mathematica, was launched in 1988 and has become a cornerstone for researchers and innovators worldwide. In 2002, he published "A New Kind of Science," a paradigm-shifting work that explores the foundations of science through the lens of computational systems.
Elon Musk's Neuralink: AI Expert Explains (Video)
FROM THE MEDIA: Neura Pod is a series covering topics related to Neuralink, Inc. In this particular episode, host Ryan Tanaka interviewed James Douma, a deep learning enthusiast, and discussed several topics related to Neuralink. They talked about Elon Musk's motivations for starting Neuralink, how Neuralinks will be implanted, things Neuralink will be able to do, and important takeaways from the latest Show and Tell event. They also briefly discussed the future topics they plan to cover in upcoming episodes.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.