Saturday, April 08, 2023 // (IG): BB // Financial Enabler // Coffee for Bob
Russia Threatens Black Sea Grain Deal
Analyst Comments: The situation in Ukraine remains fragile, with a range of issues threatening stability in the region. Leaked war documents could damage trust between allies, and the ongoing conflict between Russia and Ukraine is unlikely to be resolved soon. The charges against a Wall Street Journal reporter are a concerning development for press freedom in Russia, and the Nord Stream pipeline attacks suggest that state-sponsored groups may be involved. The potential collapse of the Black Sea Grain Initiative threatens to harm Ukraine's economy, while protests by farmers in central and eastern Europe add to regional tensions. Overall, the situation in Ukraine requires continued monitoring and diplomatic efforts to maintain stability and prevent further escalation of conflicts.
FROM THE MEDIA: The news articles suggest that tensions continue to mount between Russia and Ukraine. Classified U.S. and NATO documents containing plans to build up Ukraine's military have been leaked on social media, potentially harming trust between allies. Meanwhile, a Swedish prosecutor believes a state-sponsored group was responsible for the Nord Stream pipeline attacks, and Russian investigators have charged a Wall Street Journal reporter with espionage. Russia has warned that it will not renew the Black Sea Grain Initiative unless its terms are met, which could impact Ukraine's position as a top grain exporter. Farmers in central and eastern Europe have protested the influx of cheap Ukrainian grain imports. French President Emmanuel Macron has urged Chinese President Xi Jinping to use China's relationship with Russia to help end the war in Ukraine.
READ THE STORY: VOA
Keeping Cobalt Strike from abuse
Analyst Comments: The collaboration between Microsoft, Fortra, and Health-ISAC is a positive step in tackling the increasing use of legitimate security tools for malicious purposes. The disruption of illicit versions of the Cobalt Strike tool and abused Microsoft software is a significant move in combating ransomware attacks on healthcare institutions, which have a detrimental impact on critical patient care services. The use of a court order to disrupt malicious infrastructure is an important legal measure that can help to reduce the number and impact of such attacks.
FROM THE MEDIA: Microsoft’s Digital Crimes Unit (DCU) has partnered with cybersecurity firm Fortra and the Health Information Sharing and Analysis Center (Health-ISAC) to disrupt illicit versions of the Cobalt Strike pentesting tool and abused Microsoft software. This tool has been frequently used in ransomware attacks, with cracked versions linked to over 68 ransomware attacks on healthcare institutions globally, costing millions of dollars and impacting critical patient care services. Microsoft and its partners have been granted a court order to disrupt malicious infrastructure, notify relevant ISPs and computer emergency readiness teams (CERTs), and sever the connection between criminals and infected victim computers. The move aims to block the criminal abuse of legitimate security tools and make it harder for malicious actors to operate.
READ THE STORY: CW
Inviting the internet into our cars and security systems
Analyst Comments: The article highlights the risks of connecting security devices to the internet, which can create new vulnerabilities and result in unauthorized access to sensitive information. It also emphasizes the importance of taking physical security measures to prevent car theft, as even with the use of hacking devices, car thieves still need to make physical contact with the vehicle. The case of Tesla employees sharing images and videos collected from Tesla electric vehicles shows the importance of understanding how companies use customer data and the risks associated with connected devices.
FROM THE MEDIA: Car thieves are using hacking devices that exploit the controller area network (CAN) bus to start cars and open doors. According to SecurityWeek, these devices can be bought on the dark web for up to €5,000 ($5,500), but are specific to certain car brands. The hackers still need to physically access the vehicle to use the devices. Independent cyber security analyst Sam Sebetan has discovered critical vulnerabilities in Nexx’s smart device product line, which enables remote attackers to control smart garage door openers, alarms, and plugs for any customer. Nexx has not yet patched the vulnerabilities, and Sebetan advises users to deactivate their devices and request a fix from the company. Former Tesla employees have admitted to sharing images and videos collected from cameras installed in Tesla electric vehicles from 2019-2022. The media ranged from videos of naked Tesla owners to an image of Elon Musk’s garage. Reuters reports that the computer program used by the employees at work could show the location of recordings, which seems to provide less anonymity than customers might expect.
READ THE STORY: CW
16,000 student documents leaked by Clop ransomware group
Analyst Comments: The leak of sensitive documents from the Tasmanian government by the Clop ransomware group is a significant incident that could put the personal data of many people at risk. The situation has become a local political scandal, with opposition officials criticizing the government's handling of the incident. The government officials have denied downplaying the seriousness of the situation, but the leaked documents show that the breach is significant. The incident highlights the importance of proper cybersecurity measures, and companies need to ensure that their products are secure and adequately protected from ransomware attacks.
FROM THE MEDIA: The Clop ransomware group has leaked over 16,000 sensitive documents belonging to the Tasmanian government following a data theft incident two weeks ago. The leaked data includes financial invoices, statements, and information related to student assistance applications. The government officials confirmed that the data was accessed through a third-party file transfer service, and there is no evidence that Tasmanian government IT systems have been breached. The Clop ransomware group used Fortra’s GoAnywhere managed file transfer product to infiltrate the government's network. The government has activated emergency management arrangements to manage the situation, and a hotline has been set up for concerned parents.
READ THE STORY: The Record
Opec’s gamble: can the global economy cope with higher oil prices
Analyst Comments: The cuts in crude oil supply announced by Saudi Arabia and its OPEC+ allies are a watershed moment, with significant economic and political implications. The move comes amid concerns about the global economy’s health and tensions between the West and Russia. The cuts may make it harder for central banks to cool inflation, and they may also compromise western countries’ efforts to restrict the flow of petrodollars into the Kremlin’s war chest. The latest cuts reveal yet more volatility in the geopolitics of energy, with power flooding back to Riyadh. However, if OPEC+ succeeds in keeping oil prices higher for longer, it may drag the whole world economy into a recession.
FROM THE MEDIA: Saudi Arabia and its OPEC+ allies have announced cuts in crude oil supply in an effort to boost oil prices, causing a surge in the market. The move comes amid concerns about the global economy’s health and the ongoing tension between the West and Russia. While the cuts were aimed at supporting the stability of the oil market, they have political and economic significance beyond oil markets. If the producer group succeeds in keeping oil prices higher for longer, it may compromise western countries’ efforts to restrict the flow of petrodollars into the Kremlin’s war chest. The latest cuts reveal yet more volatility in the geopolitics of energy, with power flooding back to Riyadh.
READ THE STORY: FT
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
Analyst Comments: The discovery of MuddyWater's latest attacks shows how the group has evolved and refined its tactics over the years. The fact that the attackers tried to pass themselves off as a ransomware group shows that they are attempting to diversify their tactics to evade detection. However, the involvement of a second activity cluster, DEV-1084, suggests that MuddyWater may be part of a larger, conglomerate-style group of Iranian threat actors with different skill sets and specialties. The attack also underscores the importance of keeping all software up to date with the latest security patches to prevent attackers from exploiting known vulnerabilities.
FROM THE MEDIA: Microsoft Threat Intelligence team has identified that Iranian nation-state group MuddyWater, which is connected to the country's Ministry of Intelligence and Security, has been carrying out destructive attacks on hybrid environments under the guise of ransomware campaigns. The group has been known to be active since at least 2017 and has primarily targeted Middle Eastern nations. In partnership with another activity cluster called DEV-1084, MuddyWater targeted on-premises and cloud infrastructures. While the attackers tried to make it appear like a standard ransomware operation, their actual aim was to cause destruction and disruption. DEV-1084 conducted the destructive actions after MuddyWater successfully gained access to the target environment by exploiting known vulnerabilities in unpatched applications. The two groups used highly privileged compromised credentials to perform encryption of on-premise devices and deletion of cloud resources, including server farms, virtual machines, storage accounts, and virtual networks. In addition, they gained full access to email inboxes and impersonated a high-ranking employee to send messages.
READ THE STORY: THN
German army goes full Darth Vader at space command launch
Analyst Comments: The article reports on the launch of the German army's space command headquarters, which includes characters from the Star Wars franchise. It provides information about the new building, its purpose, and NATO's designation of space as a theater of conflict. The article notes that other countries have incorporated cultural references into their space programs, such as the French air force and the US Space Force.
FROM THE MEDIA: The German army has launched its military space command headquarters featuring cosplay stormtroopers and Darth Vader from the Star Wars franchise. The new €40 million space command building has 122 offices and will consolidate Germany's two space assets under one roof. Major General Michael Traut, the chief of space command, said the move is an effort to open up military units to protect satellite assets in space. NATO has also designated space as its fifth theater of conflict. Other national armies, such as the French air force and the US Space Force, have also incorporated cultural references into their space programs.
READ THE STORY: Politico
ICE Is Grabbing Data From Schools and Abortion Clinics
Analyst Comments: This report raises serious concerns about the potential abuse of power by ICE agents using 1509 custom summonses to demand data from organizations with no apparent link to customs violations. Without judicial oversight, there is no way to verify whether the summonses are being used appropriately, and the large number of summonses issued suggests that the agency could be overreaching its legal authority. The fact that news organizations were targeted to reveal information about sources raises serious concerns about press freedom and government overreach. Further investigation and oversight are necessary to ensure that ICE is not abusing its authority to target individuals and organizations without due cause.
FROM THE MEDIA: US Immigration and Customs Enforcement (ICE) agents have been using administrative subpoenas, known as 1509 custom summonses, to demand data from a wide range of organizations, including elementary schools, news organizations, and abortion clinics, according to an analysis by WIRED. The custom summonses, meant to be used only in criminal investigations related to customs violations, are issued without judicial oversight and have been used to target organizations that seemingly have little or nothing to do with customs violations. WIRED obtained the data through a Freedom of Information Act request, revealing that agents had issued more than 170,000 summonses from 2016 to mid-August 2022. While some argue that ICE could be using the custom summonses for permissible investigations under the law, others are concerned about the types of organizations being targeted.
READ THE STORY: Wired
U.S. Faces Challenge in Striking Prisoner Exchange Deals for Americans Held in Russia
Analyst Comments: The article provides a comprehensive overview of the challenges and complexities involved in international prisoner exchanges, particularly with Russia. It highlights the difficulty in finding suitable candidates for exchange and the political sensitivities surrounding such deals. The article also sheds light on the recent espionage charges against Russians in Slovenia and Brazil, which could potentially be used in exchange deals.
FROM THE MEDIA: The fate of an American journalist, Evan Gershkovich, detained in Russia on espionage charges, and other accused or convicted Russians, may be decided through international prisoner exchanges. The article discusses the difficulty in striking such deals and finding candidates who are valuable enough to Moscow but palatable to Washington. The recent exchanges involving two Americans for Russians convicted of crimes in the US, Trevor Reed and Brittney Griner, are cited as examples. The article also discusses other Russians held in the US, including cybercriminals Roman Seleznev, Vladislav Klyushin, and Alexander Vinnik, who have been accused or convicted of crimes, and who could be used in a possible exchange. Furthermore, recent arrests of Russians in Slovenia and Brazil on espionage charges may also be used as exchange collateral.
READ THE STORY: WSJ
Chinese ambassador to Japan says Beijing has solid evidence of spying by Astellas employee
Analyst Comments: The detention of the Japanese employee of Astellas Pharma in China, allegedly for espionage, marks a fresh development in the ongoing diplomatic tensions between the two countries. The fact that the Chinese authorities have claimed to have obtained solid evidence of espionage against the Japanese man indicates that they are unlikely to release him soon. The Japanese government has been trying to secure his release through diplomatic channels, but so far there has been no progress. The situation has the potential to escalate into a more serious diplomatic crisis if China refuses to release the man or if Japan takes retaliatory action.
FROM THE MEDIA: Chinese President Xi Jinping welcomed French President Emmanuel Macron and European Commission chief Ursula von der Leyen to Beijing this week, seeking to strengthen ties with Europe and prevent the EU from falling further under the influence of the United States. The move comes as the US is pursuing a more assertive policy to counter China’s geopolitical and military strength, and amid ongoing tensions between China and the West over issues including the treatment of protesters in Hong Kong, the treatment of Uyghur Muslims in Xinjiang, and China’s sanctions on European politicians. During the visit, Xi and Macron discussed “Sino-French, Sino-EU, international, and regional issues,” according to Chinese state media Xinhua.
READ THE STORY: JT
China launches military drills after Taiwan president Tsai Ing-wen’s US trip
Analyst Comments: China’s military manoeuvres around Taiwan represent another escalation in the conflict between Beijing and Taipei. The drills are also a signal to the US, which has increased support for Taiwan in recent years, including arms sales and high-level diplomatic exchanges. The move could be seen as a test for President Joe Biden’s stance on Taiwan, which has shifted towards a more proactive approach than his predecessor. Meanwhile, Taiwan’s President Tsai Ing-wen remains committed to engaging with the US and like-minded countries to defend Taiwan’s sovereignty and territorial integrity.
FROM THE MEDIA: China has launched military manoeuvres around Taiwan in response to President Tsai Ing-wen’s meeting with senior US lawmakers, including House Speaker Kevin McCarthy, in California. The People’s Liberation Army will conduct three days of drills, “conducting Taiwan encirclement combat readiness, patrol and joint sharp sword exercises” in the Taiwan Strait and waters and airspace north, south and east of Taiwan until Monday. According to Taiwan’s defence ministry, 71 Chinese military aircraft were detected, 45 of which crossed the unofficial Taiwan Strait median line or entered the country’s air defence identification zone. Beijing claims that Taiwan is part of its territory and has threatened to take it by force.
READ THE STORY: FT
U.S. Treasury Statement On DeFi Emphasizes Anti-Money Laundering Rules
Analyst Comments: The report from the US Treasury is a significant step towards regulation of the DeFi industry. The report highlights the need for AML compliance in the DeFi industry, which is seen as a significant risk. The report emphasizes that the BSA applies to all financial services, whether centralized or decentralized, and makes no distinction between fully decentralized and DeFi-in-name-only services. The report also highlights the challenges that DeFi platforms may face while implementing AML compliance, given that DeFi platforms are governed by code and lack traditional responsible parties. The report may lead to guidance from regulators and industry engagement to ensure AML compliance in the DeFi industry.
FROM THE MEDIA: The US Treasury Department has released a report on decentralized finance (DeFi), highlighting the risks related to scams, hacks, ransomware, and money laundering. The report suggests that decentralized services should implement anti-money laundering (AML) controls under the existing Bank Secrecy Act (BSA) regime. The report emphasizes that DeFi services “should” implement AML controls under the current BSA obligations. The BSA requires financial institutions to maintain records, file transaction reports, and report suspicious activities that might indicate criminal activities such as money laundering, tax evasion, and others. The report indicates that despite DeFi's reliance on disintermediated software, compliance with traditional AML is necessary.
READ THE STORY: Forbes
Two Deep-Cover Russian Spies Led Double Lives In Brazil And Greece. They Mysteriously Vanished This Year
Analyst Comments: The recent disappearance of two deep-cover Russian spies has raised concerns about the possible deployment of a large number of "illegals" to various countries on espionage missions by Putin's regime amid Russia's invasion of Ukraine. The development also suggests that a defector may be providing intelligence to Western authorities, as at least half a dozen "illegal" spies have been exposed over the last year. While the Russian spies are usually married and assigned to an espionage mission abroad as a pair, the couple went to different countries. The US has been vocal about Russian cyberattacks and espionage, and the recent incident highlights the need for increased vigilance by governments around the world to identify and neutralize foreign agents and spies operating on their soil.
FROM THE MEDIA: Two Russian spies, Gerhard Daniel Campos Wittich and Maria Tsalla, who were allegedly working for Russian President Vladimir Putin’s intelligence service, have vanished under mysterious circumstances. The couple allegedly set up businesses abroad and began assimilating into their communities while living deep cover, even building romantic relationships with locals. However, those relationships led to their unmasking, although the Shmyrevs escaped before being caught. Campos Wittich was last heard of on January 9 after arriving at an airport in Malaysia via taxi, while Tsalla was last heard from at the end of January when she called her employee in Greece from a number registered to Kyrgyzstan. According to Greek officials, the two alleged spies have returned to Russia, although their whereabouts remain unknown.
READ THE STORY: Benzinga
Hackers use Rilide browser extension to bypass 2FA, steal crypto
Analyst Comments: Rilide is a new malicious browser extension that targets Chromium-based products and can monitor browser activity, take screenshots, and steal cryptocurrency through scripts injected into web pages. It disguises itself as benign Google Drive extensions and uses built-in Chrome functionalities to hide in plain sight. The malware has been distributed through two separate campaigns and is suspected to have been sold to cybercriminals. The ability of Rilide to bypass two-factor authentication and deceive users into entering their temporary codes is especially concerning. The malware highlights the growing sophistication of malicious browser extensions and the need for users to be vigilant when installing browser extensions. The roll-out of Manifest v3 on all Chromium-based browsers will improve resistance against malicious extensions, but it will not eliminate the problem entirely.
FROM THE MEDIA: Security researchers at Trustwave SpiderLabs have discovered a new malicious browser extension called Rilide, which targets Chromium-based products such as Google Chrome, Brave, Opera, and Microsoft Edge. The malware is designed to monitor browser activity, take screenshots, and steal cryptocurrency through scripts injected into web pages. Rilide mimics benign Google Drive extensions to hide in plain sight while abusing built-in Chrome functionalities. The cybersecurity company detected two separate campaigns that distributed Rilide: one used Google Ads and Aurora Stealer to load the extension, while the other distributed the malicious extension using the Ekipa remote access trojan (RAT). While the origin of the malware is unknown, portions of its code were recently leaked on an underground forum due to a dispute between cybercriminals over unresolved payment. Rilide showcases the growing sophistication of malicious browser extensions that come with live monitoring and automated money-stealing systems.
READ THE STORY: Bleeping Computer
Israel anticipates ‘Anonymous Sudan’ cyberattack
Analyst Comments: The DDoS attack by Anonymous Sudan against Israeli targets, likely with ties to the pro-Kremlin Killnet group, is a concerning development in the use of cyber warfare as a strategic method. While the attack is unlikely to cause lasting damage, it highlights the growing network of cyber mercenary outfits being utilized by the Kremlin and the importance of strong cyber defenses in today's digital age. Israel, as a global leader in cybersecurity, is well-positioned to continue developing its defensive capabilities in the face of increasing cyber threats.
FROM THE MEDIA: Hacktivist group Anonymous Sudan is expected to carry out a distributed-denial-of-service (DDoS) attack against multiple Israeli universities, hospitals, and cybersecurity firms. The attack is believed to be a cover for the pro-Kremlin Killnet group, which has previously targeted institutions in countries opposing Russia's incursion into Ukraine. While DDoS attacks are a relatively unsophisticated tactic that only temporarily disrupts a server, it indicates the growing network of cyber mercenary outfits used by the Kremlin as a strategic method. As a global leader in cybersecurity, Israel is likely to further develop its cyber defense capabilities.
READ THE STORY: Foreign Brief
Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
Analyst Comments: The use of Telegram for phishing is a growing trend that poses a significant threat to users’ personal and financial data. The platform provides phishers with a free, easily accessible, and user-friendly environment to distribute their services and target unsuspecting victims. Telegram’s end-to-end encryption makes it harder for law enforcement to track and prosecute cybercriminals. Organizations and individuals should be cautious when receiving links to Telegram channels and avoid clicking on suspicious links or downloading unknown files. Cybersecurity solutions that can detect and block phishing attempts should be implemented. Telegram should also enhance its security measures to prevent cybercriminals from abusing its platform.
FROM THE MEDIA: Phishers are increasingly using Telegram to distribute phishing kits and set up phishing campaigns. They create Telegram channels to promote their services and distribute links to those channels via platforms such as YouTube and GitHub. Kaspersky detected over 2.5 million malicious URLs generated by phishing kits in the past six months. Threat actors use Telegram bots to automate the process of generating phishing pages and collecting user data. Scammers also advertise free and paid services that include advanced phishing kits, personal data for sale, and subscription-based phishing-as-a-service (PhaaS). They have been observed sharing users’ personal data for free in hopes of attracting aspiring criminals. Telegram’s popularity and free accessibility have lowered the threshold for joining the phisher community.
READ THE STORY: THN
Hardware giant MSI confirms cyberattack after new ransomware group issues demand
Analyst Comments: The latest cyberattack on Taiwanese hardware manufacturer MSI highlights the continued threat of ransomware attacks on the technology sector. As with previous attacks on Taiwanese vendors, this event underscores the importance of having robust cybersecurity measures in place and staying vigilant against emerging ransomware groups. The attack also demonstrates the increasing use of double extortion tactics by ransomware groups, which poses an even greater risk to companies that hold sensitive data. While MSI has not reported any significant impact on its financial business, the potential for reputational damage from data breaches and ransom demands can still have long-term consequences.
FROM THE MEDIA: Taiwanese computer hardware manufacturer MSI confirmed that it was hit by a cyberattack after a new ransomware group called Money Message claimed responsibility and demanded $4 million ransom for not leaking 1.5 TB of data stolen from the company. MSI did not specify when the attack occurred, but stated that recovery measures have been initiated and that the affected systems have gradually resumed normal operations with no significant impact on financial business. Cybersecurity researchers stated that Money Message only emerged this week and has already targeted over five publicly disclosed victims, with most of them in the US. The ransomware group is also capable of encrypting network shares and performing double extortion attacks. Several Taiwanese hardware vendors have faced ransomware attacks in the last three years, including QNAP, Delta Electronics, GIGABYTE, Acer, Quanta, and more.
READ THE STORY: The Record
‘Assistance’ scams prey on sextortion victims who seek help, FBI says
Analyst Comments: The article provides a concise summary of the FBI alert that warns of for-profit companies taking advantage of sextortion victims. It includes relevant details, such as the deceptive tactics used by these companies and the FBI's recommendation to seek help from non-profit agencies or law enforcement. The article also includes statistics from the Federal Trade Commission and the FBI to give context to the issue.
FROM THE MEDIA: The FBI has issued an alert warning sextortion victims to be cautious of for-profit companies that claim to help them but provide little to no support in return. The IC3 warns that these companies use deceptive tactics and charge victims for services that may not be legally enforceable. Some of these businesses even discourage victims from reporting to law enforcement, increasing the chances of their association with the original sextortion attempt. The FBI recommends that victims of sextortion seek assistance from non-profit agencies or law enforcement instead of for-profit companies that can take advantage of their desperation for help. The Federal Trade Commission notes that reports of sextortion have increased by more than eightfold since 2019. The FBI reported 7,000 cases of sextortion in 2022, many of which originated outside of the US.
READ THE STORY: The Record
Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
Analyst Comments: The critical vulnerability in the popular JavaScript sandbox module vm2 highlights the need for secure development practices, particularly with the increasing use of untrusted code. Organizations should prioritize applying the patch to avoid the risk of remote code execution on their systems. Additionally, this incident underscores the importance of vulnerability reporting and prompt patching to mitigate risks in a timely manner.
FROM THE MEDIA: The maintainers of the popular JavaScript sandbox module, vm2, have issued a patch to fix a critical vulnerability that could allow threat actors to break out of security boundaries and execute arbitrary shellcode. Researchers from KAIST WSP Lab reported the vulnerability on April 6, 2023, and vm2 released a fix with version 3.9.15 on April 8, 2023. The flaw, assigned the identifier CVE-2023-29017 and rated 9.8 on the CVSS scoring system, affects all versions, including and prior to 3.9.14, and is due to improper handling of errors that occur in asynchronous functions. KAIST security researcher Seongil Wi has created two proof-of-concept exploits that bypass sandbox protections and allow for the creation of an empty file named "flag" on the host. This comes six months after vm2 resolved another critical bug that could have been exploited to perform arbitrary operations on the underlying machine.
READ THE STORY: THN
Southeast Asian casino scams with meth gang syndicate links ‘coming for NZ targets’
Analyst Comments: The warning by UNODC is a timely call to action for New Zealand to prepare for a possible surge in cyber fraud orchestrated by organised crime syndicates based in Southeast Asia. The warning is particularly relevant given the increasing sophistication of the scams, the growing use of human slaves and the involvement of major international crime syndicates. The global nature of this crime means that countries must collaborate and share intelligence to address the problem effectively.
FROM THE MEDIA: The United Nations Office on Drugs and Crime (UNODC) has warned that New Zealand should be prepared for a new wave of online fraud conducted by organized crime syndicates operating from casinos in Southeast Asia. The criminals are increasingly preying on human slaves and targeting innocent online gamblers in scams that attempt to trick them into investing in sham investments such as cryptocurrency, stocks and gold. UNODC's investigation of this rising trend has found clear links to major underworld figures, including international crime syndicates such as Sam Gor, the Chinese triads, and key gang bosses. Geographical distance does not protect anyone from this kind of crime that transcends borders, said Jeremy Douglas, UNODC's regional representative for Southeast Asia and the Pacific.
READ THE STORY: NZ Herald
European And Asian Regulators Welcome Crypto Innovation While U.S. Cracks Down
Analyst Comments: The article presents a well-supported argument that the US is losing its dominance in the crypto industry as developers and entrepreneurs move to more crypto-friendly jurisdictions in Europe and Asia. The article also provides detailed information on the regulatory frameworks and initiatives that make these jurisdictions attractive to the industry. The sources cited in the article are reputable, and the Electric Capital Developer Report provides empirical evidence to support the claims made.
FROM THE MEDIA: European and Asian policymakers are making progress on crypto digital innovation, while the US has been dominated by negative headlines and regulatory crackdowns on the industry. The latest Electric Capital Developer Report shows that US dominance in open source crypto contributions has dropped from 40% in 2017 to 29% in 2022, with more than 70% of surveyed crypto developers living in places like Europe, Latin America, and Africa. The report also tallied the number of monthly active developers at 297% greater in 2023 than in January 2018, indicating that the industry’s global growth has not been hampered by regulatory backlash or volatile crypto prices. Many developers and entrepreneurs are already leaving the US to consider more crypto-friendly jurisdictions, including the European Union, Switzerland, the UK, and APAC countries like Japan, Hong Kong, and China.
READ THE STORY: Forbes
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
Analyst Comments: The discovery of zero-day vulnerabilities that are actively exploited in the wild highlights the need for prompt software updates and patches. Cybersecurity incidents can have severe consequences, so it is crucial to apply software updates as soon as they become available. The recent zero-day vulnerabilities in Apple's products underline the importance of staying vigilant and cautious while using technology.
FROM THE MEDIA: Apple released security updates for iOS, iPadOS, macOS, and Safari to fix two zero-day vulnerabilities that are being actively exploited in the wild. The flaws include a use-after-free vulnerability in WebKit and an out-of-bounds write issue in IOSurfaceAccelerator that could allow an attacker to execute arbitrary code with kernel privileges. Apple has patched three zero-day vulnerabilities since the beginning of the year. In February, it fixed another actively exploited flaw in WebKit. The updates are available in iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1. The company credited Google's Threat Analysis Group and Amnesty International's Security Lab with discovering and reporting the flaws.
READ THE STORY: THN
Items of interest
El Salvador’s Bitcoin Experiment: How Is It Working Out
Analyst Comments: The article provides a good overview of El Salvador's adoption of Bitcoin, the potential benefits and challenges, and the political and economic climate in the country since the decision. The article also highlights potential conflicts of interest in the rise of Bitcoin in El Salvador. However, the article lacks information on the technical aspects of Bitcoin adoption and the impact on the broader cryptocurrency industry. The article could have also included more insights from experts in the field to provide a more well-rounded perspective on the topic.
FROM THE MEDIA: El Salvador became the first country to adopt Bitcoin as official legal tender. The government's goal was to improve economic opportunities for citizens, allow access to digital currency through smartphones, and reduce inflation risk. However, since adopting bitcoin, El Salvador has plunged into political turmoil, with instability in the government, conflicting interests among political parties, and an uncertain economic future. Despite the instability and the spike in gang-related violence in 2022, tourism has gone up by 30%. Bitcoin's volatility has had widespread consequences, and it has not caught on as much as expected. Two key people in the rise of Bitcoin in El Salvador, Max Keiser and Stacy Herbert, launched a popular financial news show on Russian state television, with potential conflict of interest, positioning themselves to benefit from their investments if El Salvador's use of Bitcoin succeeds.
READ THE STORY: BeingCrypto
Cyberwarfare: Is it the Future of War (Video)
FROM THE MEDIA: Explore the origins and impact of cyber warfare with the story of Stuxnet, a computer virus that destroyed critical infrastructure in an Iranian nuclear facility. Learn about the history of hacking and how it evolved into a potential danger to the world, and how one worm changed everything.
The History Behind Russia's Expansionary Foreign Policy with Stephen Kotkin (Video)
FROM THE MEDIA: Is Russia inherently imperialist and expansionist? Russia wasn’t forced to invade Ukraine, but its leaders chose to do so because they want Russia to become a great power. If Russian elites could somehow relinquish their unwinnable competition with the West, they could set their country on a less costly and more promising course.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.