Daily Drop (507): Binance loses market share, African countries adopt IAEA, Supply chain crisis solution, Russia accuses US hacking, SpaceX wins Ukraine contract, GPT-4 in Minecraft: AI potential

06-02-23

Friday, Jun 02, 2023 // (IG): BB // Intro Exploit Dev // Coffee for Bob

Russia accuses US of hacking thousands of Apple devices to spy on diplomats

Analyst Comments: The Operation Triangulation campaign demonstrates the sophistication of attackers targeting iOS devices and the challenges of detecting such exploits. The use of "zero-click" vulnerabilities in iMessage highlights the difficulty in defending against these attacks. The fact that Kaspersky itself was targeted indicates the value of hacking a renowned cybersecurity firm. While the FSB's claim of Apple collaborating with the NSA lacks evidence, it underscores the ongoing tensions between intelligence agencies and technology companies regarding privacy and security.

FROM THE MEDIA: Kaspersky, a Moscow-based cybersecurity firm, has detected a targeted attack campaign called Operation Triangulation, in which iPhones were compromised using multiple vulnerabilities in Apple's iOS operating system. The attackers utilized "zero-click" exploitation, sending specially crafted messages via iMessage to victims' devices. Upon opening the message, the attack would chain together multiple vulnerabilities to gain deeper access to the device and download a final malware payload. Kaspersky noted that the attack has been ongoing since 2019 and is attributed to the Aggah threat group. Coincidentally, Russia's FSB intelligence service claimed that the US National Security Agency (NSA) hacked thousands of Russians' phones with Apple's collaboration.

READ THE STORY:   Wired // THN // The Record

Binance loses market share after the regulatory clampdown

Analyst Comments: The loss of market share by Binance reflects the challenges it is facing, including regulatory scrutiny and increased competition in the cryptocurrency exchange market. The discontinuation of the Binance-branded stablecoin and the end of a free trading promotion have impacted liquidity and trading volume on the platform. The legal action by the Commodity Futures Trading Commission further adds to the pressure on Binance. Job cuts indicate a strategic shift and an attempt to reassess the company's operations and talent pool. As the cryptocurrency market evolves and competition intensifies, Binance will need to navigate regulatory challenges and adapt its strategies to maintain its position as a leading exchange.

FROM THE MEDIA: Binance, the world's largest cryptocurrency exchange, has experienced a significant decline in market share over the past three months. The company's market share dropped from 57.5% in February to 43% currently, according to CCData. The decline can be attributed to increased competition, scrutiny from US regulators, the end of a free trading promotion, and the discontinuation of a Binance-branded stablecoin. The company is also planning job cuts, describing it as a re-evaluation of talent and expertise.

READ THE STORY:   FT

African Countries Embarking on Nuclear Technologies Must Adopt the IAEA Approach Framework

Analyst Comments: African countries are exploring nuclear power as a potential solution to their energy challenges. While nuclear power can provide a reliable baseload energy source, it comes with significant technical, financial, and safety considerations. The IAEA plays a crucial role in ensuring nuclear safety and regulating the use of radioactive materials. However, the high costs of constructing nuclear power plants and the challenges associated with financing have stalled progress in some countries. It is worth noting that renewable energy sources, such as hydropower and solar, offer viable alternatives that are environmentally friendly and potentially more cost-effective. The Grand Inga hydropower scheme and the Grand Ethiopian Renaissance Dam are examples of large-scale renewable energy projects in Africa. These projects have the potential to address energy shortages while minimizing the risks associated with nuclear power.

FROM THE MEDIA: African countries are considering nuclear power as part of their energy mix to address power deficits. However, they face challenges in the pre-installation stages, financing, and waste management. The International Atomic Energy Agency (IAEA) sets safety standards for nuclear power programs. Past nuclear disasters, like Chernobyl and Fukushima, highlight the risks associated with nuclear power. Ghana is among the countries progressing towards nuclear power, aiming for construction by 2023. The cost of nuclear power projects and concerns about transparency and financing have hindered progress in some countries.

READ THE STORY:   Modern Diplomacy

What supply chain crisis? Supermicro lifts rack-scale system production

Analyst Comments: Supermicro's plan to increase the production of rack-scale systems reflects the growing demand for data center infrastructure and customized solutions. By offering a one-stop shop for custom rigs, Supermicro aims to provide faster delivery times and meet the specific needs of different applications. The collaboration with Nvidia further emphasizes the focus on AI and on-premises deployment, positioning Supermicro as a provider of high-performance computing solutions. The announcement indicates Supermicro's confidence in its ability to compete with established players such as Lenovo, Dell, and HPE in the data center market.

FROM THE MEDIA: Supermicro CEO Charles Liang announced at the COMPUTEX event that the company is planning to increase its production of rack scale systems by 25%. Supermicro currently has the capacity to design and deliver up to 4,000 racks per month, but this will increase to 5,000 racks per month later this year. Liang highlighted that Supermicro's rack-scale systems are a one-stop shop for custom rigs, featuring their own motherboards, servers, storage arrays, and chassis. The company aims to deliver data center infrastructure to enterprises within a few weeks of receiving an order, rather than a few months. Liang was joined on stage by executives who emphasized the availability of inventory and reduced lead times. The event also featured Nvidia CEO Jensen Huang discussing the importance of AI and the potential for on-premises AI deployment using Supermicro's MGX server spec.

READ THE STORY:   The Register

North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Analyst Comments: The warning about Kimsuky's social engineering tactics highlights the ongoing cyber threat posed by North Korea and its intelligence-gathering efforts. The group's focus on think tanks, academia, and news media suggests an interest in geopolitical matters, foreign policy, and political experts related to North Korea. Organizations in these sectors should be vigilant against spear-phishing attacks and take measures to enhance their security posture, including user awareness training and email security solutions. Regular monitoring and updating of security measures are crucial to detect and prevent Kimsuky's attempts to infiltrate networks and steal sensitive information.

FROM THE MEDIA: U.S. and South Korean intelligence agencies have issued a joint alert warning about North Korean cyber threat group Kimsuky targeting think tanks, academia, and news media sectors. Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, and other names, is a state-sponsored cluster operating within North Korea's Reconnaissance General Bureau. The group relies on social engineering tactics, particularly spear-phishing campaigns, to gather intelligence on geopolitical events, foreign policy strategies, and security developments. Kimsuky impersonates legitimate sources, creates spoofed email addresses, and leverages open-source information to appear more credible. The objective is to gain illicit access, steal data, and provide geopolitical insight to the North Korean government. The group uses password-protected malicious documents and fake versions of websites to trick victims into enabling macros or revealing login credentials.

READ THE STORY:   THN

AI will create ‘more losers than winners’ even as Nvidia soars

Analyst Comments: The rise of AI and its impact on various industries present both opportunities and challenges for companies. Nvidia, as a leading chipmaker in the AI space, is expected to be a beneficiary of AI-driven technological advancements. Its stock market performance and valuation reflect investors' confidence in its position in the market. While AI disruption may lead to winners and losers across industries, the larger tech companies with AI capabilities are considered more likely to succeed. The potential for AI to automate certain tasks and make existing processes redundant raises concerns for software and IT services companies.

FROM THE MEDIA: Nvidia, the US chipmaker powering artificial intelligence (AI) applications like ChatGPT, is expected to sustain its stock market rebound despite the disruptive impact of AI on various industries. Rajiv Jain, founder, and chief investment officer of GQG Partners, a major investor in Nvidia, believes that AI will create more losers than winners as it disrupts business models. However, he sees Nvidia and larger tech names like Alphabet and Meta as the obvious winners in this context. Nvidia's shares have soared this year, and it became the first chipmaker to achieve a $1 trillion valuation. Jain cautions that predicting the winners in the AI industry is difficult, citing the unpredictability of past successes like Amazon. He expects high barriers to entry and strong demand for semiconductor chips to benefit many semiconductor companies, while some software and IT services companies may face challenges as AI automates aspects of their operations.

READ THE STORY:   FT

Elon Musk’s SpaceX Wins Pentagon Contract for Satellite in Ukraine

Analyst Comments: The agreement between SpaceX and the US Department of Defense to provide satellite internet terminals to the Ukrainian military is significant. It highlights the growing role of satellite technology in supporting military operations and communication in conflict zones. By enabling data-intensive surveillance and communication capabilities, the Starlink terminals can enhance the Ukrainian military's capabilities in its battle against Russian forces. The decision also underscores the importance of international support and assistance in modernizing Ukraine's defense infrastructure.

FROM THE MEDIA: SpaceX, the company founded by Elon Musk, has secured funding from the US Department of Defense to provide Starlink satellite internet terminals to the Ukrainian military. The specific quantities and financial details of the contract have not been disclosed. Previously, Musk had expressed concerns about the cost and complexity of continuing service in Ukraine, but the decision to provide satellite terminals was made to support the modernization of the Ukrainian military as it battles the Russian army. The terminals will enable data-intensive drone surveillance, communications, and internet access for both military and civilian purposes. The funding is expected to come from the Ukraine Security Assistance Initiative, which supports the procurement of weapons and training for the Ukrainian military.

READ THE STORY:   FT

Beyond the Battlefield

Analyst Comments: The evolution of warfare and the rise of information warfare pose significant challenges in navigating modern conflicts. The ability to adapt to changing tactics and employ strategies that encompass cultural and information warfare is crucial. The spread of fake news and disinformation calls for a discerning approach to information consumption and a commitment to verifying sources. Governments and societies must develop effective responses to combat the influence of disinformation and protect the integrity of truth in an increasingly complex and volatile strategic landscape.

FROM THE MEDIA: Throughout human history, warfare has evolved from simple engagements to complex global conflicts driven by nationalistic imperatives. Modern warfare encompasses unconventional tactics, asymmetric warfare, psychological operations, and information warfare. The rise of fifth-generation warfare or hybrid warfare highlights the importance of cultural warfare and information warfare over brute force. Information warfare, including the spread of fake news and disinformation, has become a significant aspect of modern conflicts, requiring skepticism and critical analysis of sources. The digital age has exacerbated the problem of fake news, with the proliferation of channels and contradictory information making it easier for conspiracy theories and rumors to spread.

READ THE STORY:   Modern Diplomacy

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Analyst Comments: The identification of an individual associated with XE Group provides valuable insight into the operations of the cybercrime group. Attribution in the cyber realm is challenging, but connecting a real name to a threat actor can aid in investigations and efforts to disrupt their activities. XE Group's history of targeting various sectors highlights the importance of robust cybersecurity measures for organizations in government, construction, and healthcare.

FROM THE MEDIA: Cybersecurity researchers from Menlo Security have identified Nguyen Huu Tai, also known as Joe Nguyen and Thanh Nguyen, as possible individuals associated with the cybercrime group XE Group. XE Group believed to be of Vietnamese origin, has been involved in cybercriminal activities since at least 2013. The threat actor targets government agencies, construction organizations, and healthcare sectors by compromising internet-exposed servers with known exploits and installing password theft or credit card skimming codes. XE Group has used techniques such as creating AutoIT scripts and employing web shells to carry out its attacks.

READ THE STORY:   THN

Amidst Diminishing Russian Impact in Central Asia, China, and the U.S. Intervene

Analyst Comments: The renewed focus of both China and the United States on Central Asia reflects the shifting dynamics in the region, with Russia's influence being challenged. China's substantial investment demonstrates its ongoing commitment to building trade and security ties, while the United States seeks to strengthen its engagement and support the region's independence and reform efforts. However, the proximity and economic ties between Central Asian countries and Russia and China pose challenges to significantly redirecting economic exchanges. It is important for the U.S. to identify areas where it can provide valuable expertise and support, such as healthcare, education, and food security, which are crucial for stability and development.

FROM THE MEDIA: China and the United States are intensifying their diplomatic engagement in Central Asia, a region where Russia's influence has diminished due to its involvement in Ukraine and resulting sanctions. China has pledged significant investment in trade and security ties with Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Turkmenistan. Meanwhile, the United States is emphasizing its commitment to the independence, sovereignty, and territorial integrity of the states in the region. The U.S. aims to promote the rule of law, human rights, and free media, and it is ready to assist with reforms and diversification of the region's energy sector.

READ THE STORY:   VOA