Daily Drop (504)

05-30-23

Tuesday, May 30, 2023 // (IG): BB // Intro Exploit Dev // Coffee for Bob

How to prevent China from cutting off Taiwan’s Internet

Analyst Comments: Taiwan's efforts to strengthen its digital resilience are driven by the need to mitigate risks posed by natural disasters and potential conflicts with China. The reliance on undersea cables leaves the island vulnerable, as past incidents have demonstrated. Establishing a robust satellite network is a crucial step, but the current capacity is inadequate to serve as a backup for undersea cables. Taiwan's plan to have 700 satellite receivers is considered a minimum for sustaining essential communication, but it may not fully meet the needs of the population. The involvement of multiple satellite providers would enhance resilience by preventing a single point of failure. Yet the challenges remain in terms of satellite availability and capacity. The geopolitical considerations involving SpaceX and its owner, Elon Musk, raise uncertainties about the feasibility of relying on Starlink for communication support. Tang's focus on domestic routing and ensuring essential communication within Taiwan during crises is a proactive approach. It highlights the importance of maintaining local communication channels that are less susceptible to disruptions.

FROM THE MEDIA: Taiwan's leaders are seeking to enhance the island's resilience to communications breakdowns and direct attacks on its digital infrastructure amid earthquakes and potential conflicts with China. Audrey Tang, head of the Ministry of Digital Affairs, aims to make Taiwan capable of handling a complete collapse of its communications during emergencies by the end of next year. The recent digital disruption caused by severed submarine internet cables and previous earthquakes cutting undersea cables have highlighted the vulnerability of Taiwan's digital infrastructure. Tang emphasizes the need to manage reduced bandwidth expectations and prioritize its use during crises. To achieve digital resilience, the government plans to establish 700 satellite receivers throughout the country. However, the current satellite capacity is insufficient compared to the undersea cables. Tang hopes to involve multiple satellite providers to ensure communication is not disrupted by targeting a specific constellation. The vulnerability of undersea cables and the limited satellite coverage present challenges for Taiwan's digital resilience.

READ THE STORY:   Taipei Times

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

Analyst Comments: The widespread use of AceCryptor indicates the demand for encryption-based protection among threat actors who seek to obfuscate their malware. Crypters like AceCryptor make malware detection and reverse engineering more challenging. Their use highlights the need for robust security measures and advanced threat detection techniques. The availability of CaaS options allows less technically skilled threat actors to leverage crypters without investing significant time or effort. The obfuscation techniques employed by AceCryptor, including the three-layer architecture, anti-VM, anti-debugging, and anti-analysis features, demonstrate the sophistication of the crypter. It is crucial for organizations and individuals to stay vigilant against malware attacks and employ comprehensive security practices to mitigate the risks associated with crypter-packed malware.

FROM THE MEDIA: The AceCryptor crypter malware has been used to pack various strains of malware since 2016. Slovak cybersecurity firm ESET reported over 240,000 detections of AceCryptor in its telemetry in 2021 and 2022, indicating its widespread use. Prominent malware families packed within AceCryptor include SmokeLoader, RedLine Stealer, RanumBot, Raccoon Stealer, Stop ransomware, and Amadey. The crypter is distributed via trojanized installers of pirated software, spam emails with malicious attachments, or other compromised malware. AceCryptor is heavily obfuscated and employs anti-VM, anti-debugging, and anti-analysis techniques. The use of crypters reflects a trend where malware authors offer encryption capabilities to less technically skilled threat actors. The availability of crypter-as-a-service (CaaS) options allows multiple threat actors to use AceCryptor to propagate various malware families.

READ THE STORY:   THN

US sanctions individuals in China, Mexico connected to fentanyl-laced pill production

Analyst Comments: The imposition of sanctions on individuals and entities involved in the illicit production of fentanyl-laced pills reflects the United States' commitment to combating the opioid crisis and reducing drug-related deaths. Fentanyl, a potent synthetic opioid, has been a major driver of overdose deaths in the country. By targeting the supply chain, including the machinery and equipment used to produce counterfeit pills, the United States aims to disrupt the distribution and availability of these dangerous substances. The coordination with the Mexican government demonstrates international cooperation in addressing the issue. The Biden administration's approach emphasizes a comprehensive strategy to combat illicit drugs, including disrupting supply chains, increasing law enforcement efforts, and promoting public health initiatives.

FROM THE MEDIA: The United States has imposed sanctions on 17 individuals and entities in China and Mexico involved in the production of illicit pills, often containing the synthetic opioid fentanyl. The sanctions target entities and individuals involved in the sale of pill press machines and equipment used to produce counterfeit pharmaceuticals laced with fentanyl. These counterfeit pills have contributed to a surge in fentanyl-related deaths in the United States. The sanctions aim to disrupt the supply chain of illicit drugs and counter the threat posed by these drugs. The actions were coordinated with the Mexican government and are part of the Biden administration's efforts to combat the global illicit fentanyl supply chains.

READ THE STORY:   The Hill

Chinese organizations launched 79 AI large language models since 2020

Analyst Comments: The report indicates the significant progress and investment in large-language model development in China. The country's focus on AI development and the increasing number of LLMs being released highlight its commitment to advancing AI technology. The competition between China and the United States in the LLM space reflects the global race for AI dominance. The export controls imposed by the U.S. present challenges for the Chinese AI industry, as access to key technologies, such as semiconductors, becomes limited. It underscores the ongoing tensions and competition between the two countries in the AI sector. The development of LLMs has broad implications for natural language processing, text generation, and other AI applications, and the continued advancements by both China and the United States will shape the future of AI technologies.

FROM THE MEDIA: Chinese organizations have launched 79 large-language models (LLMs) over the past three years, according to a report by state-run research institutes. The development of LLMs in China entered an "accelerated" phase in 2020, with 30 LLMs released in both China and the United States in 2021. The report highlights that China and the United States are the global leaders in LLM development, accounting for over 80% of the total. However, the Chinese AI industry is facing challenges due to U.S.-led export controls restricting access to semiconductors used for training LLMs.

READ THE STORY:   Reuters

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

Analyst Comments: The discovery of BrutePrint highlights the importance of addressing vulnerabilities in biometric authentication systems. The attack technique exploits logical defects in the SFA framework, allowing for unlimited fingerprint authentication attempts. This underscores the need for robust security measures to protect biometric data and prevent unauthorized access. Manufacturers and developers should prioritize the implementation of secure authentication protocols and ensure the protection of sensitive data at all stages, including data transmission and storage.

FROM THE MEDIA: Researchers have discovered a technique called BrutePrint that exploits two zero-day vulnerabilities, Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL), in smartphone fingerprint authentication (SFA) frameworks. By bypassing the limits on failed biometric authentication attempts, BrutePrint enables an attacker in possession of the target device to perform an unlimited number of fingerprint image submissions until a match is found. The attack relies on a hardware approach, acting as a middleman between the fingerprint sensor and the Trusted Execution Environment (TEE). The vulnerabilities in the SFA framework stem from insufficient protection of fingerprint data on the Serial Peripheral Interface (SPI) of fingerprint sensors. The BrutePrint attack can be executed using a microcontroller board and an auto-clicker, with costs as low as $15. The attack has been tested on various smartphone models from Apple, Huawei, OnePlus, OPPO, Samsung, Xiaomi, and vivo, showing successful infinite attempts on Android and HarmonyOS, and additional attempts on iOS devices.

READ THE STORY:   THN

AI Industry Leaders and Experts Warn of the Dangers of AI-Induced Extinction

Analyst Comments: The letter from AI industry leaders and experts highlights the growing concerns about the risks associated with AI and the need for proactive measures to address them. The call for prioritizing the risk of AI-induced extinction alongside other societal-scale risks reflects the recognition that AI has the potential for significant impact on humanity. It underscores the importance of ethical considerations, transparency, and accountability in the development and use of AI. Policymakers, industry leaders, and researchers should take this call seriously and collaborate to ensure the responsible advancement of AI technology while mitigating potential risks.

FROM THE MEDIA: Over 350 signatories, including top AI executives and professors, have signed a letter published by the nonprofit Center for AI Safety (CAIS), highlighting the risk of extinction posed by AI and calling for policymakers to prioritize this global risk. The signatories, which include OpenAI CEO Sam Altman, emphasize the need for global cooperation in mitigating the risks of AI, including the potential for unintended harm and the ethical development and use of AI. They urge policymakers to develop ethical guidelines, invest in research, engage with stakeholders, and take proactive steps to ensure the responsible development of AI.

READ THE STORY:   Bollyinside

A Q&A with Wazawaka: The FBI’s cyber Most Wanted says new designation won’t affect his work

Analyst Comments: Matveev's nonchalant response to being listed on the FBI's Most Wanted list suggests a level of confidence and defiance. He downplays his alleged involvement in ransomware attacks and denies being a key figure in the operations of Hive and Lockbit. While he claims to be an affiliate rather than a leader, the Department of Justice indictment indicates a significant level of involvement, linking him to various attacks and substantial ransom payments. Matveev's statements should be approached with caution, considering his vested interest in minimizing his role. The interview offers a glimpse into the mindset and self-perception of a cybercriminal operating in the ransomware ecosystem. It also underscores the challenges authorities face in apprehending and prosecuting such individuals, especially when they operate from countries with limited extradition agreements.

FROM THE MEDIA: Mikhail Pavlovich Matveev, also known as "Wazawaka," recently appeared on the FBI's Most Wanted list for his alleged involvement in ransomware attacks as an affiliate of Lockbit, Babuk, and Hive ransomware groups. The Department of Justice has accused Matveev of participating in attacks on various U.S. entities, including law enforcement agencies and hospitals, and claims that he and his co-conspirators collected between $200 million and $400 million in ransom payments. Despite his new status, Matveev stated in an interview that it would not impact his work and expressed a desire to launch new projects in cybersecurity and IT training in Russia. He dismissed the allegations against him and downplayed his involvement, stating that he was merely an affiliate and not running the operations. Matveev also criticized the media for exaggerating his role and highlighted misinformation regarding his connections to Hive and Lockbit's leadership.

READ THE STORY:   The Record

An alleged Russian spy whale turned up in Sweden. Why?

Analyst Comments: The story of Hvaldimir, the beluga whale, continues to captivate and intrigue. The ongoing concern for his well-being highlights the complexities surrounding the management of wild animals that have developed a reliance on human interaction. The debate between rehabilitation and release versus captivity underscores the ethical considerations and challenges involved. Ensuring Hvaldimir's safety while allowing him to remain in his natural habitat is crucial, while also taking measures to protect both the whale and human populations in the areas he frequents.

FROM THE MEDIA: Hvaldimir, a beluga whale believed to be a former intelligence asset, has been spotted in Swedish waters, adding an international element to the ongoing saga surrounding the friendly animal. Hvaldimir was first observed by Norwegian fishermen in 2019, wearing a harness inscribed with "Equipment of St. Petersburg," raising suspicions that he was linked to a Russian navy program training aquatic mammals as spies. Hvaldimir has become a local celebrity in Norway, and his recent appearance in Sweden has prompted Swedish authorities to take action to protect him. The debate continues on how best to deal with Hvaldimir, with advocates calling for his rehabilitation and release, while others caution against captivity. The whale's ability to adapt to human interaction and avoid harm has impressed experts.

READ THE STORY:   The Washington Post

Microsoft Threat Intelligence: Chinese Hackers Are “Living Off The Land” Inside US Critical Infrastructure

Analyst Comments: The Microsoft report provides valuable insights into the persistent and sophisticated cyber threat posed by China's Volt Typhoon group. The hackers' focus on critical infrastructure and their ability to evade detection through fileless techniques and stolen credentials pose significant risks. The long-term nature of their campaign underscores the need for enhanced cybersecurity defenses and vigilance. The Biden administration's efforts to prioritize cybersecurity and share threat information with the public are commendable steps toward mitigating such threats.

FROM THE MEDIA: A recent report by the Microsoft Threat Intelligence team reveals a long-term campaign by China's state-backed hacking group, Volt Typhoon, targeting critical infrastructure in the United States. The hackers employ stealthy techniques, including fileless malware and "living off the land" tactics, to maintain undetected access. Their ultimate goal is to create a network of sabotage that can be activated during a global crisis or a conflict with the US. The group primarily targets Fortinet FortiGuard devices and relies on compromised credentials rather than malware. They also utilize compromised routers to appear legitimate. The report highlights the need for improved cybersecurity measures in US critical infrastructure.

READ THE STORY:   CPO

TikTok Creators’ Financial Info, Social Security Numbers Have Been Stored In China

Analyst Comments: The revelation that TikTok has been storing sensitive financial data on servers in China raises serious concerns about the security and privacy of user information. Storing such data in a country known for its surveillance capabilities and previous incidents of data theft from Americans raises questions about the integrity of TikTok's data handling practices. The discrepancies between the CEO's congressional testimony and the internal records obtained by Forbes further erode trust in the platform. Regulatory bodies in the US and Europe are likely to investigate TikTok's handling of user data, especially in light of previous privacy violations. Users and creators may also express concerns about the security of their financial information, potentially impacting their trust in the platform and willingness to participate in its monetization programs.

FROM THE MEDIA: TikTok has been storing sensitive financial data, including social security numbers and tax IDs, of its creators and businesses on servers in China, according to sources and internal records obtained by Forbes. The data is accessible to employees in China, raising concerns about unauthorized access. TikTok CEO Shou Zi Chew previously testified before Congress that American user data is stored on servers outside of China. However, the latest revelations suggest that sensitive financial information has been stored in China, potentially putting it at risk. The storage of European creators' bank information in China could also violate the General Data Protection Regulation. TikTok's storage practices and access to sensitive data could lead to regulatory scrutiny in the US and Europe.

READ THE STORY:   Forbes

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

Analyst Comments: The discovery of DogeRAT highlights the continuous evolution of malware tactics and the financial motivation behind scam campaigns. The use of social media platforms and the distribution of malware disguised as legitimate applications make it easier for cybercriminals to target unsuspecting users. The availability of DogeRAT as an open-source tool on GitHub and its promotion through a Telegram channel increase the risk of wider distribution and potential misuse by other threat actors. Similarly, the presence of other Android malware like LEMONJUICE and SpinOk emphasizes the ongoing threat landscape for Android users. These incidents highlight the importance of maintaining strong security practices, including avoiding downloading apps from untrusted sources and regularly updating devices with the latest security patches.

FROM THE MEDIA: A new remote access trojan (RAT) called DogeRAT has been discovered targeting Android users primarily in India. The malware is distributed through social media and messaging platforms disguised as legitimate applications such as Opera Mini, YouTube, Netflix, and Instagram. Once installed, DogeRAT gains unauthorized access to sensitive data, including contacts, messages, and banking credentials. It can also take control of the infected device and perform malicious actions like sending spam messages, making unauthorized payments, modifying files, and capturing photos through the device's cameras. The malware is promoted by its India-based developer through a Telegram channel and is available as a free version on GitHub, with a premium subscription offered for additional capabilities. Meanwhile, another Android backdoor called LEMONJUICE has been detailed, which enables remote control and access to compromised devices.

READ THE STORY:   THN

Understanding the Progression of a Ransomware Attack

Analyst Comments: Understanding the life cycle of a ransomware attack provides valuable insights into the tactics and techniques employed by threat actors. This knowledge helps organizations better protect their systems by implementing preventive measures and strengthening security measures. It also enables organizations to respond effectively in the event of a ransomware incident, making informed decisions about recovery options and negotiations. Ransomware attacks continue to pose a significant threat, and organizations should prioritize proactive security measures, such as employee education, multi-factor authentication, regular patching, and robust backup strategies, to minimize the risk of successful attacks.

FROM THE MEDIA: Understanding the entire life cycle of a ransomware attack is crucial for effectively protecting organizations. The typical life cycle of a ransomware attack involves threat actors gaining access through phishing emails or exploits, establishing a foothold in the system, conducting internal reconnaissance, stealing credentials and sensitive information, and finally encrypting and stealing data. Threat actors often aim to steal data even if backups are available, as they can use it as leverage for extortion. Infiltration tactics commonly used by threat actors include spear phishing emails, password spraying, purchasing stolen credentials, exploiting publicly available servers, and compromising third-party systems. Once inside the system, threat actors remain undetected, gather information, and locate critical data and backup servers to encrypt first. The decision of whether or not to pay the ransom is complex and involves considerations such as data recovery capabilities, trust in the threat actor, ongoing access to the system, and cyber insurance coverage. Counter demands can be made, requesting intrusion reports or data decryption keys in return for payment.

READ THE STORY:   Security Boulevard

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

Analyst Comments: The discovery of multiple security flaws in Sonos One wireless speakers highlights the importance of robust security measures in IoT devices. The vulnerabilities could have allowed attackers to gain unauthorized access and execute arbitrary code. Sonos acted responsibly by addressing the flaws and releasing software updates to mitigate the risks. Users should ensure they have applied the latest patches to protect their devices. Manufacturers of IoT devices should prioritize security in their product development and maintenance processes to prevent potential vulnerabilities that could be exploited by threat actors.

FROM THE MEDIA: Multiple security vulnerabilities have been discovered in Sonos One wireless speakers, which could allow for information disclosure and remote code execution. The flaws were demonstrated by three different teams at the Pwn2Own hacking contest and resulted in monetary rewards. The vulnerabilities, identified as CVE-2023-27352, CVE-2023-27355, CVE-2023-27353, and CVE-2023-27354, impact specific versions of Sonos One Speaker. The unauthenticated flaws could be exploited by network-adjacent attackers to execute arbitrary code or disclose sensitive information. Sonos has addressed the vulnerabilities in software updates, and users are advised to apply the latest patches to mitigate the risks.

READ THE STORY:   THN

Swiss real estate agency fails to put a password on its systems

Analyst Comments: The exposure of sensitive credentials puts Neho and its customers at risk of various cyberattacks. The compromised data could be used to launch phishing campaigns, manipulate communication channels, and facilitate identity fraud. To mitigate further risks, Neho should implement security measures such as avoiding the use of the "root" user, protecting databases from public access, implementing role-based access controls, securing remote database access, and utilizing multi-factor authentication. Real estate agencies and other organizations that handle sensitive data must prioritize cybersecurity to protect both their own systems and customer information.

FROM THE MEDIA: Real estate agency Neho experienced a misconfiguration on its website that exposed sensitive credentials, potentially allowing threat actors to compromise the company's systems and communication channels. The leaked data included database credentials, AWS bucket credentials, email service credentials, API keys, and more. If exploited, this information could enable attackers to access databases, send phishing emails, hijack communication channels, and conduct fraudulent activities. The incident highlights the importance of cybersecurity for real estate agencies, as they handle valuable customer data. Neho promptly fixed the issue after being notified by Cybernews.

READ THE STORY:   Cybernews

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Analyst Comments: The emergence of GobRAT targeting Linux routers in Japan highlights the ongoing threat posed by RATs to network devices. It demonstrates the importance of securing routers and maintaining up-to-date firmware to protect against vulnerabilities. Organizations and individuals should ensure that their routers are not exposed to the public internet and should regularly update their software and firmware. Additionally, implementing strong firewall rules, disabling unnecessary services, and using secure protocols like SSH with strong authentication mechanisms can help mitigate the risk of unauthorized access. Network monitoring and intrusion detection systems should be employed to detect and respond to any suspicious activity. It is crucial to stay informed about the latest threats and security best practices to protect against evolving RAT attacks.

FROM THE MEDIA: A new remote access trojan (RAT) called GobRAT is targeting Linux routers in Japan, according to a report by JPCERT Coordination Center. The attack begins by exploiting routers with public-facing web interfaces and executing scripts to infect them with GobRAT. A loader script is then deployed to facilitate the delivery of GobRAT, which disguises itself as the Apache daemon process to evade detection. The loader script can disable firewalls, establish persistence using cron job scheduler, and enable remote access via SSH. GobRAT communicates with a remote server using the Transport Layer Security (TLS) protocol and can execute various encrypted commands, including obtaining machine information, executing reverse shells, reading/writing files, configuring command-and-control (C2) protocols, starting SOCKS5 proxies, and attempting to log in to services on other machines such as sshd, Telnet, Redis, MySQL, and PostgreSQL.

READ THE STORY:   THN

Dark Web Data Leak Exposes RaidForums Members

Analyst Comments: The data leak from RaidForums exposes a significant number of users' personal information, potentially putting them at risk of various cybercrimes. The incident highlights the ongoing challenges of securing sensitive data in online forums and the need for robust security measures. Although law enforcement likely possesses this information, its release could still be valuable for security researchers seeking insights into cybercriminal activities. Affected users should take immediate action to secure their online accounts by changing passwords and enabling two-factor authentication where possible. Additionally, they should monitor their accounts for any suspicious activity and be cautious of phishing attempts or identity theft.

FROM THE MEDIA: Over 478,000 users of the cybercrime forum RaidForums had their data leaked after a key database was published on another hacking site called Exposed. The leaked data includes usernames, email addresses, and hashed passwords. While law enforcement likely already has this information following the takedown of RaidForums in April 2022, it could still be useful for security researchers. RaidForums was a prominent hacking forum that allowed members to trade and publish compromised data. The site was seized and its alleged administrator and accomplices were arrested after coordinated law enforcement action. The forum was known for hosting high-profile database breaches and facilitating cyberattacks like "raiding" and "swatting."

READ THE STORY:   InfoSecMag

How Schneider Electric balances risk and reward for the IIoT

Analyst Comments: The growing adoption of IIoT brings significant benefits to industries but also exposes them to increased cyber risks. Companies must prioritize cybersecurity measures to protect their connected systems from potential attacks. Implementing strong firewalls, designing secure devices, and fostering a cybersecurity-aware culture are essential steps in mitigating risks. Companies should adopt a comprehensive approach to security, including regular code reviews, threat modeling, and employee training. Cybersecurity must be a continuous effort to stay ahead of evolving threats in the IIoT landscape.

FROM THE MEDIA: As industries embrace the Industrial Internet of Things (IIoT) for increased efficiency and productivity, the risk of cyberattacks on connected systems also rises. The NotPetya virus attack in 2017, which cost affected companies an estimated $10 billion, serves as a reminder of the potential devastation of such cyber incidents. Schneider Electric, a global manufacturer of electrical and industrial automation products, emphasizes three critical factors for IIoT cyber protection. First, recognizing that any connected system can be an entry point for attacks and implementing effective firewalls. Second, ensuring that all equipment with compute capability is designed with security in mind through a Secure Development Life Cycle approach. Finally, fostering a cybersecurity-aware culture within the enterprise by educating employees on risks and prevention measures.

READ THE STORY:   DJ

Items of interest

BOK Report Says Korean Semiconductor Exports Overly Dependent on China

Analyst Comments: The decline in Korean semiconductor exports to the United States underscores the challenges faced by the industry. Reduced server CAPEX by major tech companies and slow smartphone demand have contributed to the decline. However, there is hope for recovery in the second half of the year, driven by increased demand for memory semiconductors. The report emphasizes the vulnerability of Korea's semiconductor industry to market fluctuations and the concentration of demand in specific sectors and countries. Diversifying the semiconductor demand and reducing reliance on specific markets would help mitigate the volatility in exports.

FROM THE MEDIA: Korean semiconductor exports to the United States have dropped significantly, with a 68.6% year-on-year decline in April. This decline surpasses the drop in exports to China and Vietnam. Korea's semiconductor industry heavily depends on the United States and China for its major clients. The decline in exports to the United States is attributed to reduced server CAPEX by major tech companies and slow recovery in smartphone demand. However, the Bank of Korea predicts a gradual recovery in the second half of the year, as demand for memory semiconductors is expected to increase due to digital transformation and AI expansion. The report also highlights the vulnerability of Korea's semiconductor industry to fluctuations in demand and changes in industrial structures, particularly compared to Taiwan.

READ THE STORY:   Business Korea

Is Russia Using Beluga Whales As Spies? (Video)

FROM THE MEDIA: In this episode of Nature League, the host, Brit Garner, discusses a peculiar incident involving a beluga whale spotted off the coast of Inga in northern Norway. The whale, which was unusually friendly and interested in the fishermen's boat, was found to be wearing a harness with a slot for a GoPro camera. Upon removal of the harness, the words "Equipment of Saint Petersburg" were found on the inside, leading to speculation that the whale may have been part of a program within the Russian navy. The video delves into the history of military marine mammals and the potential use of such animals for espionage.

Hidden in Plain Sight: Spy Devices of the CIA (Video)

FROM THE MEDIA: The video showcases various examples such as a camera-equipped pigeon, a robotic fish for water sampling, and a rat used as a covert message carrier. It also introduces the "Insectothopter", a micro drone designed for audio surveillance. This video is part of the museum's STEM in 30 program, aimed at providing educational resources for middle school students.

These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected to cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.