Daily Drop (574): China: SAT Swarm AU, ChattyGoblin, ATP29, Google: Quantum, LABRAT, Louisiana Utilities, Cyber OPs: Cartels, AnonFiles, Nofilter Attack, Airplane Mode, DARPA: AI Challenge, Wagner
08-18-23
Friday, Aug 18, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons
Analyst Comments: The ongoing cyber attacks on the Southeast Asian gambling sector highlight the evolving and sophisticated nature of cyber threats. The use of Cobalt Strike beacons, a commercial penetration testing tool, underscores the blurred lines between legitimate tools and malicious applications in cyber attacks. The association of the Bronze Starlight group with this campaign further emphasizes the strategic use of ransomware not just for financial gain but also as a diversion for espionage activities. The exploitation of vulnerabilities in widely-used software applications like Adobe Creative Cloud and Microsoft Edge serves as a reminder of the importance of regular software updates and patching. The interconnected relationships among Chinese nation-state actors and their shared tactics and infrastructure make attribution challenging but also underscore the coordinated nature of state-sponsored cyber activities.
FROM THE MEDIA: A cyber attack campaign originating from China is actively targeting the Southeast Asian gambling sector, deploying Cobalt Strike beacons on compromised systems. Cybersecurity firm SentinelOne has identified the tactics, techniques, and procedures used in the campaign as consistent with those of the Bronze Starlight group (also known as Emperor Dragonfly or Storm-0401). This group has previously been associated with using short-lived ransomware families to mask its espionage activities. The attackers are exploiting vulnerabilities in Adobe Creative Cloud, Microsoft Edge, and McAfee VirusScan executables to deploy the Cobalt Strike beacons. The campaign also shows similarities with an intrusion set called Operation ChattyGoblin, which was previously linked to a supply chain attack that used a trojanized installer for the Comm100 Live Chat application.
READ THE STORY: THN
China deploys swarm of satellites to monitor military exercises in Australia
Analyst Comments: China's proactive approach in deploying a vast number of satellites to monitor military exercises showcases its commitment to expanding its intelligence capabilities. This move can be seen as a demonstration of technological prowess and a strategic maneuver to keep tabs on regional military activities. Australia's response, or lack thereof, in terms of satellite deployment, raises concerns about its preparedness and capability in the space domain. The decision by the Labor party to scrap the satellite development program further accentuates this gap.
FROM THE MEDIA: The ABC News article reports on China's extensive deployment of satellites to monitor military exercises in Australia. Hundreds of these satellites are gathering intelligence on military activities involving partners like the United States. Specifically, three Chinese geostationary satellites observed the "Talisman Sabre" war games in July, and numerous smaller satellites are currently surveilling the "Exercise Malabar" naval drills involving warships from the US, India, and Japan. The data on this satellite activity was collected by EOS Space Systems using telescopes in Canberra and Learmonth, Western Australia. Dr. Bennett from EOS emphasized the detailed "persistent observation" these satellites offer Beijing, allowing them to gather significant military intelligence.
READ THE STORY: ABC (AU)
APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries
Analyst Comments: The activities of APT29 underscore the sophisticated and evolving tactics employed by state-sponsored cyberespionage groups. By leveraging legitimate services like Zulip and Microsoft Teams, these actors can effectively bypass traditional security measures, making their detection and mitigation more challenging. The targeting of NATO-aligned countries' Ministries of Foreign Affairs suggests a strategic intent, possibly aimed at gathering intelligence or exerting influence. The use of spear-phishing, a method that relies on deceiving individuals into opening malicious files or links, continues to be a preferred tactic, emphasizing the need for continuous user education and awareness.
FROM THE MEDIA: APT29 targeted Ministries of Foreign Affairs of NATO-aligned countries using spear-phishing techniques. The campaign involved two PDF files disguised as coming from the German embassy. One of these files delivered a variant of the Duke malware associated with APT29, while the other was likely used for testing or reconnaissance. The APT29 group utilized the open-source chat application Zulip for command-and-control, effectively evading detection by masking malicious traffic behind a legitimate service. The documents used in the campaign had themes related to the German embassy. The first PDF initiated a multi-stage infection process, ultimately installing a backdoor on the target system. The threat actor used Zulip's API to send victim details to a chat room managed by the attackers and to issue malicious remote commands. Microsoft also reported that APT29 carried out phishing attacks via Microsoft Teams targeting various organizations and government agencies globally.
READ THE STORY: Security Affairs
Google proposes new security keys to protect data from future quantum attacks
Analyst Comments: The integration of satellite technology into agriculture is a promising development in the face of the challenges posed by climate change. As traditional methods become less reliable due to shifting climate patterns, leveraging technology can provide farmers with the data they need to make informed decisions and optimize their yields. The potential benefits of this technology extend beyond winemaking to global food production, which is crucial given the rising threats of malnutrition and famine in various parts of the world. Policymakers and industry stakeholders should continue to invest in and promote the use of such technologies to ensure food security and sustainable agricultural practices in the future.
FROM THE MEDIA: The agriculture sector, particularly winemaking, is turning to satellite technology to adapt to the challenges posed by global warming. The decision of when to harvest grapes is vital for winemakers, and climate change is disrupting this delicate balance. In France, wine-growing regions have experienced shifts in their seasons due to global warming, with harvest dates moving up significantly. To adapt, winemakers are now using granular data from satellites to monitor the health and progress of vines in the changing climate. Startups like Ticinum Aerospace and TerraNIS are aiding vintners in using satellite technology to determine the optimal time for harvesting grapes. Beyond winemaking, satellite technology is poised to play a crucial role in global agriculture, especially as the world faces a food crisis exacerbated by climate change. Advanced satellite sensor technology can provide farmers with data about crop health, pest infestations, nutrient needs, and more, potentially transforming farming practices and mitigating the impacts of global warming on food production.
READ THE STORY: Business Standard
AI Tool Popularity: An Opportunity for Launching Malicious Campaigns
Analyst Comments: The findings emphasize the escalating threat of cybersquatting and phishing campaigns that leverage the renown of AI tools. The fact that threat actors are utilizing trusted cloud platforms like Cloudflare to host their malicious content is especially alarming, as it can provide a veneer of legitimacy to their deceptive sites.
FROM THE MEDIA: A study titled "Q2 2023 Digital Trust & Safety Index" by Sift highlighted that 78% of users are apprehensive about fraudsters exploiting AI tools. In response to these concerns, WhoisXML API and Bayse Intelligence collaborated to investigate the potential misuse of the rising popularity of AI productivity tools in 2023. Their research identified 2,003 domains containing the names of these tools, with less than 1% being confidently linked to the official AI tool developers. Furthermore, they discovered that attackers frequently clone content from valuable websites to deceive users, with the AI tool Bard being the most impersonated. This impersonation was part of a broader campaign by a single threat actor who has been using Cloudflare's infrastructure to host malicious content for over five months.
READ THE STORY: CircleID
Proxyjacking campaign LABRAT targets vulnerable GitLab deployments
Analyst Comments: The LABRAT campaign's sophistication underscores the evolving nature of cyber threats. The attackers' ability to exploit known vulnerabilities in popular platforms like GitLab and their use of legitimate services for obfuscation highlights the need for organizations to maintain up-to-date security patches and be vigilant about their network activities. The use of cryptojacking and proxyjacking as monetization methods indicates a shift in cybercriminal strategies, focusing on more covert ways to generate revenue.
FROM THE MEDIA: Researchers from Sysdig have identified an ongoing cyberattack campaign targeting vulnerable GitLab servers, leading to the deployment of cryptojacking and proxyjacking malware. This sophisticated attack, named LABRAT by Sysdig, uses cross-platform malware, kernel rootkits, and multiple obfuscation layers to make detection and defense more challenging. The attackers exploit a known critical security issue in GitLab, CVE-2021-22205, to gain access. Once inside, they use various techniques, including abusing legitimate services like TryCloudflare and CloudFlare Tunnel, to maintain stealth and persistence. The campaign's primary monetization methods include deploying a custom variant of the XMRig cryptocurrency mining program and a tool associated with the IPRoyal service, which allows users to share their bandwidth for a fee.
READ THE STORY: CSO
PSC proposal would unplug Louisiana utilities from components made by foreign adversaries
Analyst Comments: Skrmetta's proposal has sparked debate over its true intentions. While the directive is framed as a cybersecurity measure, the timing and nature of the proposal raise questions about its potential impact on the adoption of renewable energy in Louisiana. The state's transition to renewable energy could be significantly affected if utilities are restricted from using components from major manufacturing countries like China. Given the global nature of supply chains and the dominance of certain countries in producing renewable energy components, the proposal could inadvertently stifle Louisiana's green energy ambitions.
FROM THE MEDIA: At a recent Louisiana Public Service Commission meeting, Commissioner Eric Skrmetta proposed a directive that would immediately ban Louisiana's electric utilities from using components produced in China, Russia, North Korea, or Iran. Skrmetta, a conservative member of the commission, argues that this move is essential to protect the power grid from cybersecurity threats, especially from "enemy states." He particularly highlighted the vulnerabilities of renewable energy systems, though he did not provide evidence for this claim.
READ THE STORY: Louisiana Illuminator
Manchin seeks cyber operations to target drug cartels at the border
Analyst Comments: The bipartisan proposal by Manchin and Rounds underscores the increasing importance of cybersecurity in addressing border-related issues. By targeting the digital operations of drug cartels and human traffickers, the senators aim to strengthen border security and reduce the flow of illegal substances and activities into the U.S. The emphasis on China's role in the opioid crisis further highlights the global nature of the drug trade and the need for international cooperation in addressing it. The success of this legislation, if passed, will depend on the effectiveness of the proposed cyber operations and the broader strategy to secure the southern border.
FROM THE MEDIA: West Virginia Democrat Joe Manchin and South Dakota Republican Mike Rounds have proposed increased cyber operations at the southern border to counter drug smuggling and human trafficking. The bipartisan "Countering Mexican Transnational Criminal Organizations (TCOs) in Cyberspace Act of 2023" mandates the Department of Defense to devise a strategy within 60 days to conduct cyber operations against cross-border drug smuggling, human trafficking, and weapons trafficking by Mexican Transnational Criminal Organizations and drug cartels. Manchin attributes the influx of narcotics, including fentanyl, into America to the Biden administration's failure to secure the southern border. Both Manchin and Rounds had previously written to U.S. Secretary of State Antony Blinken in May, urging the Department of State to hold China accountable for its role in the illegal trafficking of synthetic opioid drugs.
READ THE STORY: BDT
‘Extreme’ user abuse leads AnonFiles operators to shut down hosting service
Analyst Comments: The closure of AnonFiles underscores the challenges faced by platforms that prioritize user anonymity. While such platforms can offer privacy benefits to users, they can also become hotspots for illegal activities, making them targets for law enforcement and regulatory scrutiny.
FROM THE MEDIA: AnonFiles, a popular online file hosting platform, has shut down due to the "extreme volumes" of abuse of its services. The website had over 18 million monthly users and allowed them to share documents, images, videos, and other files for free without the need for an account. However, its simplicity and anonymity also made it a hub for sharing copyrighted material, illegal content, and malware. Pieter Arntz, a malware intelligence researcher at Malwarebytes, mentioned that most legitimate users had already abandoned the site due to aggressive advertising. The platform administrators tried to ban hundreds of thousands of malicious files, but the abuse persisted. They are now looking to sell the web domain. In 2021, it was discovered that files downloaded from AnonFiles could infect devices with seven different types of malware, indicating that the platform was heavily compromised.
READ THE STORY: The Record
Why securing East-West network traffic is so important – and how it can be done
Analyst Comments: The shift from a perimeter-based security model to one that also addresses East-West traffic is crucial in today's complex threat landscape. Network virtualization offers a promising solution, but continuous innovation and adaptation are required to stay ahead of potential security breaches.
FROM THE MEDIA: The distinction between East-West (traffic flowing between servers within a data center) and North-South (traffic entering and exiting a data center) is made primarily for security reasons. Historically, data centers have been secured using a "perimeter" model, which places security appliances at the ingress/egress points. However, this approach has proven inadequate as it does not address security threats within the perimeter, allowing for potential lateral movement among systems by attackers. The 2013 cyber-attack on the US superstore chain Target is cited as a prime example of the vulnerabilities of the perimeter model. Attackers initially breached the network through a refrigeration contractor's computer and then moved laterally within the system until they accessed the credit card details of about 100 million customers. Securing East-West traffic was challenging because of the vast number of paths between systems and the high volumes of data. However, the evolution of network virtualization around 2012 provided a solution. Network virtualization allows for an SDN-style implementation of a firewall, where the data plane is distributed, but the control plane is logically centralized.
READ THE STORY: The Register
NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security
Analyst Comments: The discovery of the NoFilter attack method highlights the evolving nature of cybersecurity threats and the need for constant vigilance and research. The ability to escalate privileges within an operating system can provide attackers with significant control, making it crucial for security professionals to be aware of such methods and develop countermeasures.
FROM THE MEDIA: A new attack method named "NoFilter" has been discovered that exploits the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. The findings were presented at the DEF CON security conference. The attack method allows for the escalation from admin to SYSTEM privileges. The research began with an in-house tool called RPC Mapper, which led to the discovery of a method named "BfeRpcOpenToken" that is part of WFP. WFP is used to process network traffic and configure filters that either permit or block communications. The NoFilter method can launch a new console as "NT AUTHORITY\SYSTEM" or as another user that is logged on to the machine, making it both evasive and stealthy. Ron Ben Yizhak, a security researcher at Deep Instinct, emphasized that new attack vectors can be found by examining built-in components of the OS, such as the Windows Filtering Platform. He also pointed out that these methods avoid WinAPI that are typically monitored by security products.
READ THE STORY: THN
Hackers ask $120,000 for access to multi-billion auction house
Analyst Comments: The increasing trend of hackers selling access to corporate networks on underground forums is alarming. The fact that they can demand such high prices indicates the potential value and damage that can be caused by these breaches. Companies, especially those in high-value sectors, need to be vigilant and proactive in their cybersecurity measures. Monitoring forums where IABs advertise can provide early warnings of potential breaches, even if the company's name is not explicitly mentioned. Implementing robust security measures, regular network assessments, and employee training can help mitigate the risk of such breaches.
FROM THE MEDIA: Hackers have reportedly infiltrated the network of a prominent auction house and are demanding a sum of $120,000 for access. This discovery was made by security researchers who stumbled upon the advertisement on a hacker forum renowned for being a marketplace for initial access brokers (IABs). The research, conducted by the threat intelligence company Flare, spanned three months and analyzed IAB offers on the Russian-language hacker forum, Exploit. The findings revealed that between May 1st and July 27, access to over 100 companies across 18 industries was advertised. The industries included defense, telecommunications, healthcare, and financial services. The most expensive access on offer was priced at $120,000 for a multi-billion dollar auction house, where the hackers claimed to have privileged backend access to high-end auctions. The majority of the advertised accesses were through VPN or RDP, with prices starting at $150.
READ THE STORY: Bleeping Computer
New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
Analyst Comments: The evolving tactics and tools of ransomware groups like BlackCat underscore the pressing need for organizations to stay updated with the latest in threat intelligence. The integration of advanced tools into ransomware variants is a testament to the increasing sophistication of cybercriminals. To counteract these threats, organizations must prioritize comprehensive cybersecurity measures. This includes ensuring regular software updates, maintaining secure backups, and investing in continuous employee training. The proactive involvement of government agencies, like the U.S. government's introduction of the Cyber Defense Plan, is a positive step, but businesses must also take individual responsibility to safeguard their assets and data.
FROM THE MEDIA: Microsoft has unveiled a new variant of the BlackCat ransomware, also known as ALPHV and Noberus, which now incorporates advanced tools like Impacket and RemCom to aid in lateral movement and remote code execution. The Impacket tool, in particular, is used for credential dumping and remote service execution, enabling a broader deployment of the BlackCat ransomware. On the other hand, RemCom, an open-source alternative to PsExec, has been previously utilized by nation-state threat actors from China and Iran. The BlackCat group, which initiated its operations in November 2021, is known for its adaptability and has recently introduced a data leak API to amplify the visibility of its attacks. In a related trend, the Cuba ransomware group has been deploying a diverse range of attack tools and leveraging vulnerabilities for initial access. The first half of 2023 has seen a surge in ransomware attacks, with some groups even shifting from encryption to pure data exfiltration and ransom.
READ THE STORY: THN
When airplane mode isn't airplane mode: iOS malware spoofs standby
Analyst Comments: This vulnerability in iOS is concerning as it can mislead users into thinking their device is in a safe mode, while in reality, it could be transmitting data. The fact that the device's UI can be manipulated to show it's in airplane mode, when it's not, can have serious implications, especially for users who rely on this mode for privacy or security reasons. While the need for local access to exploit this vulnerability provides some relief, it's a reminder of the importance of being cautious about app installations and physical device security.
FROM THE MEDIA: A vulnerability in iOS has been identified that could allow attackers to trick users into transmitting data even when they believe their device is in airplane mode. Researchers from mobile device management specialist, Jamf, discovered that two core iOS components, SpringBoard (which handles UI functions) and CommsCenter (which manages network connections), can be manipulated against each other. Attackers with access to an iOS device could use specially-crafted code to present a fake airplane mode to users. This mode would appear to disable connections, but would actually allow specific apps to access the internet. The exploit would use CommsCenter to selectively block network access for all apps except the attacker's malware, while SpringBoard would display the usual airplane mode icons. This vulnerability could be exploited for covert data harvesting or stalkerware. However, to exploit this vulnerability, attackers would need local access to the target device, either by getting the user to install a malicious application or through a "jailbreak" attack technique. Users can protect themselves by using trusted app stores and monitoring physical access to their devices.
READ THE STORY: The Stack / Security Affairs
Add 'writing malware' to the list of things generative AI is not very good at doing
Analyst Comments: The findings highlight the dual-edged nature of AI technologies. While they can be used for beneficial purposes, there's always the potential for misuse. The limited application of AI in malware development is reassuring, but the use of AI in phishing and disinformation campaigns is concerning..
FROM THE MEDIA: Despite the growing interest and hype around the potential use of large language models (LLMs) like ChatGPT for writing malware, recent research suggests that these AI technologies are not particularly effective for such malicious tasks. The research indicates that while cybercriminals have shown interest in using these models, they aren't widely used to produce malicious code. This could be due to the limitations of the AI systems or the built-in safeguards that make the process cumbersome. Two reports from Trend Micro and Google's Mandiant have concluded that while there's interest in using generative AI for malicious purposes, its actual use remains limited. The primary application of AI in the criminal domain is for generating text and other media for phishing campaigns and not for automating malware development. For instance, a software called GoMailPro, used by criminals for spamming, announced the integration of ChatGPT to draft spam emails.
READ THE STORY: The Register
Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions
Analyst Comments: The introduction of these features in Chrome signifies Google's commitment to enhancing user security and privacy. By notifying users about potentially harmful extensions, Google is empowering users to make informed decisions about their online safety. The automatic upgrade from http to https is a proactive measure to ensure data integrity and confidentiality, especially given the increasing risks associated with insecure connections. However, while these features are commendable, users should continue to exercise caution and regularly update their browsers to benefit from the latest security enhancements. The move towards quantum-resistant encryption also indicates Google's forward-thinking approach, preparing for future threats in the quantum computing era.
FROM THE MEDIA: Google is gearing up to introduce a feature in the forthcoming Chrome 117 browser that will notify users when an extension they've installed is removed from the Chrome Web Store. This is in response to extensions that are unpublished by developers, flagged for policy violations, or identified as malware. Extensions under scrutiny will be highlighted in the "Safety check" category within the browser's settings. Google is also testing an automatic upgrade for all http:// URL navigations to https:// in Chrome 115. Additionally, starting from mid-September 2023, Chrome will issue a warning for downloads of high-risk files over insecure connections. Google's future plans also include the incorporation of quantum-resistant encryption algorithms in Chrome 116.
READ THE STORY: THN
DARPA Launches AI Cyber Challenge
Analyst Comments: The AI Cyber Challenge is a significant step towards enhancing cybersecurity infrastructure using AI. By incentivizing the development of AI-driven security solutions, the U.S. government is acknowledging the potential of AI in bolstering cybersecurity. The involvement of tech giants like Google and Microsoft further underscores the importance and potential impact of this competition. Given the increasing reliance on digital platforms and the subsequent rise in cyber threats, initiatives like AIxCC are crucial for developing robust, future-ready cybersecurity solutions. The focus on securing open-source software, which constitutes a significant portion of modern software stacks, is particularly noteworthy, emphasizing the need to protect widely-used platforms.
FROM THE MEDIA: President Biden has initiated a two-year competition, the AI Cyber Challenge (AIxCC), to foster the development of superior cybersecurity products using AI. With a prize pool nearing $20 million, the challenge will see teams vying to create AI-driven systems that can autonomously secure critical code. The competition, announced at Black Hat USA 2023, will be spearheaded by DARPA (Defense Advanced Research Projects Agency). There are two tracks: a funded track and an open track. The funded track will provide up to seven small businesses with funding, while the open track will be self-funded. The top five teams from the semifinals will each receive $2 million, with the final three winners receiving $4 million, $3 million, and $1.5 million respectively. Major companies like Anthropic, Google, Microsoft, and OpenAI are collaborating with DARPA to offer technological support and expertise. The semifinal and final rounds will be held at DEF CON in 2024 and 2025.
READ THE STORY: i-Programmer
Yevgeny Prigozhin's Wagner Group Registers as 'Educational Organization' in Belarus — Set to Recruit Kids After Exile From Russia
Analyst Comments: The registration of the Wagner Group as an "educational organization" in Belarus raises significant concerns, especially given the group's history and intentions. The potential involvement of children in mercenary activities is alarming. The move also highlights the evolving dynamics in the region, with Prigozhin and his group finding sanctuary in Belarus after their failed coup attempt against Putin. The involvement of figures like Maxim Petrov, who potentially has a dark past, further complicates the situation. The international community should monitor these developments closely, given the potential implications for regional stability and security.
FROM THE MEDIA: Yevgeny Prigozhin's Wagner Group, a mercenary organization, has registered as an "educational organization" in Belarus, leading to concerns that the group might begin recruiting children. This move comes two months after Prigozhin and his mercenaries attempted a failed rebellion against Vladimir Putin in Moscow. The group was added to the Belarusian Unified State Register of Legal Entities as an educational entity after paying $75. There are reports suggesting that the Wagner Group intends to initiate "educational activities and training" in local schools. Additionally, Maxim Petrov, who shares a name with a notorious Russian serial killer, has been identified as the new "owner" of Wagner. Another company, owned by Prigozhin, was registered in the Belarusian village of Tsel, which houses military bases established by the Soviet Union in 1936. After their failed coup in June, Prigozhin and the Wagner Group sought refuge in Belarus, with Belarusian President Alexander Lukashenko granting them amnesty.
READ THE STORY: Radar Online
Items of interest
How Satellites Are Helping Farmers Adapt to Global Warming
Analyst Comments: The introduction of this EO marks a pivotal change in U.S. policy towards outbound investments, particularly concerning China. By zeroing in on advanced technology sectors, the U.S. government is highlighting its apprehensions about the potential national security ramifications of U.S. investments in these domains. This policy shift could have profound repercussions for U.S. businesses and investors with stakes in China, especially within the highlighted technology sectors.
FROM THE MEDIA: On August 9, 2023, President Biden introduced an executive order (EO) that places restrictions on outbound investments from the U.S. to specific sensitive sectors in China, including Hong Kong and Macau. Named the "Executive Order on Addressing United States Investments in Certain National Security Technologies and Products in Countries of Concern," this directive establishes a new national security regulatory framework called the Outbound Investment Program. Administered by the US Department of the Treasury and the US Department of Commerce, the EO's primary objective is to regulate, and in certain instances, prohibit investments in various technology sectors within China. The main areas of focus include semiconductors and microelectronics, quantum information technologies, and certain artificial intelligence (AI) systems. The EO will predominantly affect U.S. citizens, lawful permanent residents, and entities organized under U.S. laws, even if they operate outside the U.S.
READ THE STORY: JDsupra
Learning Series #1: Satellite Imaging and In-Precision Agriculture with Hadi Jaafar (Video)
FROM THE MEDIA: Dr. Jaafar is an international expert in remote sensing technologies in agriculture. He is currently the Chair of the Department of Agriculture at the American University of Beirut where he serves as an Associate Professor of Irrigation and Water Management. At AUB, he founded AgHive, the research hub for smart irrigation and remote sensing, and geospatial technologies. With the help of a Google-funded research grant and a grant from IHE delft, he and his team designed and developed AgSAT, the world’s only free mobile smart irrigation application that yields irrigation runtimes and amounts using remote sensing and weather data anywhere on land.
How to Use Satellite Data in Precision Farming (Video)
FROM THE MEDIA: The Farm21 platform offers users a comprehensive suite of tools to collect and analyse data from their farms, including satellite data. In this video, we will explore NDVI, WDVI, NDMI and Chlorophyll indexes in practice, as well as how to incorporate the data in your day-to-day work as a farmer, advisor or agriculture researcher. Farm21's satellite data is free of use and provides users with 10x10m resolution images every 3-6 days. In addition to the default images, a paid option is available with 3x3m resolution. Whether you're a small-scale farmer or a large agribusiness, the Farm21 data platform can help you harness the power of satellite data to improve your yields, reduce costs, and increase profitability.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.