Daily Drop (621): CN: Yaogan SATs, Anonymous Sudan: ICS, Volex: Breach, Baltic Sea: Subsea Infrastructure, Disinformation Surge, HTTP/2 Rapid Reset, Iran & RU: Space, Predatory Sparrow, Grayling
10-11-23
Wednesday, Oct 11, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
Expanding the Yaogan Reconnaissance Fleet Amidst Global Silence
Bottom Line Up Front (BLUF): China continues to bolster its satellite reconnaissance capabilities, launching a new set of Yaogan satellites while maintaining a veil of secrecy around the specifics of these missions.
Analyst Comments: China's consistent and secretive satellite launches underscore its strategic ambitions in space and the importance it places on satellite reconnaissance. The Yaogan series, believed to be for military purposes, highlights China's focus on enhancing its surveillance and intelligence-gathering capabilities. The lack of detailed information provided by Chinese authorities on these launches suggests a strategic intent to maintain an element of surprise and ambiguity. As China continues to ramp up its space activities, it will be crucial for global space stakeholders to monitor and assess the implications of these developments, especially in the context of space security and geopolitics.
FROM THE MEDIA: China has recently added three new satellites to its Yaogan orbital reconnaissance fleet. The launch was executed using a Long March 2D rocket from the Xichang Satellite Launch Center. The China Aerospace Science and Technology Corporation (CASC) confirmed the success of the launch shortly after liftoff. However, both CASC and Chinese state media have been tight-lipped about the details of the spacecraft, merely describing them as remote sensing satellites. U.S. Space Force's space domain awareness data indicates that three satellites were launched, marking this as the third batch of satellites in the Yaogan 39 series. The Yaogan satellites, generally classified and believed by Western observers to be for military purposes, encompass optical, radar, and electronic intelligence-gathering capabilities. These satellites join others in roughly circular orbits, providing more frequent coverage over specific areas.
READ THE STORY: Space
Anonymous Sudan Claims Attacks on Israel's Industrial Control Systems and Satellite Networks
Bottom Line Up Front (BLUF): The Russian-affiliated hacktivist group, Anonymous Sudan, has claimed responsibility for multiple cyberattacks on Israel's critical infrastructure systems. These attacks come amidst heightened tensions in the region and are seen as part of a broader campaign by Russian hacktivist groups against Western and NATO nations.
Analyst Comments: The cyberattacks by Anonymous Sudan on Israel's critical infrastructure systems underscore the evolving nature of geopolitical conflicts, where cyber warfare plays an increasingly prominent role. The targeting of critical infrastructure systems can have far-reaching consequences, not just in terms of immediate disruptions but also in the broader context of regional stability and international relations. As cyber warfare tactics continue to evolve, nations will need to bolster their cyber defenses and develop strategies to counter such threats effectively.
FROM THE MEDIA: Anonymous Sudan, a hacktivist group with suspected ties to Russia, has announced a series of cyberattacks on Israel's Industrial Control Systems (ICS) in an attempt to disrupt the nation's critical infrastructure. The group's targets include Israel's Global Navigational Satellite Systems (GNSS), Building Automation and Control Networks (BACNet), and Modbus Industrial Control Systems. The potential impacts of these attacks range from GPS systems going offline, affecting various industrial systems and critical infrastructure, to energy surges, building evacuations, and computer shutdowns. Research by Cybernews revealed that many of Israel's ICSs, as well as those in Palestine, are exposed online, making them vulnerable to cyberattacks. Historically, SCADA (Supervisory Control and Data Acquisition) software, used by industrial systems for monitoring and control, was isolated from the Internet.
READ THE STORY: CyberNews
The Manufacturing Sector's Vulnerability Exposed Again as Volex Faces a Major Breach
Bottom Line Up Front (BLUF): Volex, a prominent global manufacturing technology provider, has fallen victim to a cyberattack, with its IT infrastructure at multiple international locations compromised.
Analyst Comments: The cyber breach at Volex underscores the manufacturing sector's heightened vulnerability to digital threats. The critical role of manufacturing in underpinning global supply chains amplifies the potential ramifications of such cyber disruptions, potentially sending shockwaves across diverse industries. It is imperative for entities, especially those nesting in the manufacturing domain, to elevate cybersecurity to a top-tier priority. This entails the continuous fortification of defense mechanisms and the crafting of robust, agile incident response blueprints to navigate the evolving threat landscape.
FROM THE MEDIA: Volex, headquartered in the U.K., is renowned for its production of power products tailored for data centers, and electric vehicles, among other applications. The company revealed on Monday that cyber adversaries had successfully infiltrated some of its IT systems and data repositories. In response to the breach's detection, Volex promptly activated its IT security measures, striving to curtail unauthorized access. To delve deeper into the breach's scope and roll out its incident response strategy, the company has enlisted the expertise of third-party consultants. Despite the cyber onslaught, Volex has managed to keep all its operational sites running, ensuring minimal disruption to its global production metrics. At this juncture, the company anticipates that the financial repercussions of this incident will be contained and not be of a significant magnitude. Volex's stature in the electrical products domain is noteworthy, boasting a century-long legacy. The company's financial report for 2023 showcased revenues surpassing the $722 million mark.
READ THE STORY: The Record
Subsea Infrastructure in Baltic Sea Compromised
Bottom Line Up Front (BLUF): A subsea telecommunications cable and a gas pipeline between Finland and Estonia have been damaged, with the Finnish government suspecting deliberate external interference. The incident has raised concerns about the security of critical infrastructure in the region.
Analyst Comments: The damage to the subsea telecommunications cable and gas pipeline between Finland and Estonia underscores the vulnerabilities of critical infrastructure. While the exact cause and perpetrators remain unidentified, the incident highlights the need for enhanced security measures and international cooperation to safeguard such vital assets. The potential involvement of external actors in this incident could have broader geopolitical implications, especially given the strategic importance of the Baltic Sea region.
FROM THE MEDIA: The Finnish government announced on Tuesday that a subsea telecommunications cable and the Balticconnector gas pipeline, which runs between Finland and Estonia, were damaged. The damage is suspected to be the result of "external activity," according to a statement from the office of Sauli Niinistö, the president of Finland. The investigation into the incident began on Sunday. The Balticconnector gas pipeline, which spans 77 km (48 miles) and connects the Estonian and Finnish gas grids, was commissioned in 2020. The pipeline was shut down on Sunday after operators detected an unusual drop in pressure shortly before 2 a.m. Gasgrid Finland, the Finnish network operator, believes that a hole in the pipeline is the most likely cause of the pressure drop and has warned that repairs could take several months.
READ THE STORY: The Record
The Disturbing Rise of Child Sexual Abuse Material Online
Bottom Line Up Front (BLUF): Major cloud service providers, including Amazon Web Services (AWS), Cloudflare, and Google, have reported record-breaking distributed denial-of-service (DDoS) attacks exploiting a new technique known as HTTP/2 Rapid Reset. Immediate action is recommended to address this high-severity vulnerability.
Analyst Comments: The emergence of the HTTP/2 Rapid Reset attack technique represents a significant escalation in the DDoS threat landscape. With the ability to launch massive attacks using a relatively small botnet, this vulnerability poses a considerable risk to online services and infrastruPredatory Sparrowctures. Organizations, especially those using HTTP/2, should prioritize mitigation steps and remain vigilant for evolving attack patterns. The proactive response from major cloud providers underscores the severity of this threat, and the broader online community should heed their warnings and insights.
FROM THE MEDIA: In late August 2023, these companies detected DDoS attacks leveraging the HTTP/2 Rapid Reset flaw, a zero-day vulnerability in the HTTP/2 protocol. This vulnerability, tracked as CVE-2023-44487 with a CVSS score of 7.5, allows attackers to send and cancel requests rapidly, bypassing server thresholds and causing server overloads. The attacks on Google's infrastructure peaked at 398 million requests per second (RPS), while AWS and Cloudflare experienced attacks exceeding 155 million and 201 million RPS, respectively. The HTTP/2 protocol, used by 35.6% of all websites, is particularly vulnerable to this exploit. Variants of the attack have been observed, with some not immediately canceling streams and others trying to open more concurrent streams than the server advertised. F5 has released an advisory for its NGINX HTTP/2 module, recommending configuration updates to mitigate the risk.
Assessment:
The emergence of the HTTP/2 Rapid Reset attack technique represents a significant escalation in the DDoS threat landscape. With the ability to launch massive attacks using a relatively small botnet, this vulnerability poses a considerable risk to online services and infrastructures. Organizations, especially those using HTTP/2, should prioritize mitigation steps and remain vigilant for evolving attack patterns. The proactive response from major cloud providers underscores the severity of this threat, and the broader online community should heed their warnings and insights.
READ THE STORY: THN
Disinformation Surge: Social Media Platforms Amplify Falsehoods Amidst Israel-Hamas Conflict
Bottom Line Up Front (BLUF): The ongoing conflict between Hamas and Israel is seeing a surge in disinformation campaigns on major social media platforms. Clips from video games are being falsely presented as real-life combat footage, and fake accounts are spreading misleading narratives. Despite some efforts by platforms to curb this trend, the rapid spread of false information remains a significant concern.
Analyst Comments: The rapid spread of disinformation during times of conflict poses a significant challenge for both the public and policymakers. The ability of malicious actors to exploit social media platforms to spread false narratives can have real-world consequences, influencing public opinion and potentially impacting strategic decisions. Platforms must take more proactive measures to curb the spread of false information, and users must exercise increased discernment when encountering news on these platforms. The involvement of influential figures, like Elon Musk, further underscores the need for public figures to exercise caution and responsibility in their online interactions.
FROM THE MEDIA: The conflict between Hamas and Israel has been accompanied by a wave of disinformation on social media platforms. Clips from video games, such as ARMA 3, are being falsely portrayed as actual combat footage. Fake accounts on X, previously known as Twitter, are disseminating false narratives under the guise of reputable news outlets like the BBC and Jerusalem Post. Elon Musk, the owner of X, amplified some of these misleading accounts, further exacerbating the spread of false information. While X has taken steps to remove some of the most blatant disinformation, many misleading accounts remain active. European Commissioner Thierry Breton has expressed concerns over X's role in spreading "illegal content and disinformation," urging prompt action.
READ THE STORY: The Record
Unprecedented DDoS Attacks: The HTTP/2 Rapid Reset Vulnerability
Bottom Line Up Front (BLUF): Major cloud service providers, including Amazon Web Services (AWS), Cloudflare, and Google, have reported record-breaking distributed denial-of-service (DDoS) attacks exploiting a new technique known as HTTP/2 Rapid Reset. Immediate action is recommended to address this high-severity vulnerability.
Analyst Comments: The emergence of the HTTP/2 Rapid Reset attack technique represents a significant escalation in the DDoS threat landscape. With the ability to launch massive attacks using a relatively small botnet, this vulnerability poses a considerable risk to online services and infrastruPredatory Sparrowctures. Organizations, especially those using HTTP/2, should prioritize mitigation steps and remain vigilant for evolving attack patterns. The proactive response from major cloud providers underscores the severity of this threat, and the broader online community should heed their warnings and insights.
FROM THE MEDIA: In late August 2023, these companies detected DDoS attacks leveraging the HTTP/2 Rapid Reset flaw, a zero-day vulnerability in the HTTP/2 protocol. This vulnerability, tracked as CVE-2023-44487 with a CVSS score of 7.5, allows attackers to send and cancel requests rapidly, bypassing server thresholds and causing server overloads. The attacks on Google's infrastructure peaked at 398 million requests per second (RPS), while AWS and Cloudflare experienced attacks exceeding 155 million and 201 million RPS, respectively. The HTTP/2 protocol, used by 35.6% of all websites, is particularly vulnerable to this exploit. Variants of the attack have been observed, with some not immediately canceling streams and others trying to open more concurrent streams than the server advertised. F5 has released an advisory for its NGINX HTTP/2 module, recommending configuration updates to mitigate the risk.
Assessment:
The emergence of the HTTP/2 Rapid Reset attack technique represents a significant escalation in the DDoS threat landscape. With the ability to launch massive attacks using a relatively small botnet, this vulnerability poses a considerable risk to online services and infrastructures. Organizations, especially those using HTTP/2, should prioritize mitigation steps and remain vigilant for evolving attack patterns. The proactive response from major cloud providers underscores the severity of this threat, and the broader online community should heed their warnings and insights.
READ THE STORY: THN
Iran Steps into the Commercial Space Arena with Russian Collaboration
Bottom Line Up Front (BLUF): Iran is intensifying its space endeavors by seeking Russian assistance for satellite projects, while Russia, facing global challenges, is exploring new space partnerships.
Analyst Comments: The collaboration between Iran and Russia in the space sector is indicative of a broader geopolitical strategy. As Russia faces international challenges, especially after its actions in Ukraine, it is seeking to diversify its partnerships. Iran, with its ambitions in space technology, offers a potential avenue for collaboration. This partnership could provide Iran with advanced satellite technology capabilities, accelerating its space ambitions. The alliance also underscores the geopolitical dynamics, with both nations having faced international sanctions. Their collaboration in the space sector could be a strategic move to counterbalance Western influence and sanctions.
FROM THE MEDIA: Iran is actively pursuing its space ambitions, as evidenced by its plans to launch two privately owned cubesats aboard a Russian Soyuz-2 rocket in December. This move signifies Iran's entry into the commercial space sector. The satellite manufacturer, SpaceOMID, had previously signed a launch agreement with Glavkosmos, a commercial subsidiary of Russia's space agency, in November 2022. On a related note, Iran has also initiated discussions with Russia to seek assistance in developing a new Khayyam remote-sensing satellite. These talks will encompass the development of technical specifications for new Khayyam satellites and plans for other satellite projects. Russia's space industry, having faced significant setbacks due to its invasion of Ukraine in 2022, is on the lookout for new customers and partners.
READ THE STORY: AviaGraylingtionWeek // Space // Times of India
Israel-Linked Hacking Group Resurfaces Amidst Gaza Conflict
Bottom Line Up Front (BLUF): Predatory Sparrow, a hacking group with suspected ties to the Israeli government, has reappeared online after nearly a year of silence. This resurgence suggests that as the conflict between Israel and Hamas continues, cyber operations may play an increasingly significant role alongside traditional military actions.
Analyst Comments: The reemergence of Predatory Sparrow amidst the Israel-Hamas conflict underscores the evolving nature of modern warfare, where cyber operations complement traditional military actions. As the conflict continues, it is likely that more state-backed and hacktivist groups will engage in cyber operations, further complicating the situation on the ground. The involvement of multiple hacking groups and intelligence agencies from around the world indicates the global implications of the conflict and the potential for it to escalate in the cyber domain.
FROM THE MEDIA: The ongoing conflict between Israel and Hamas, primarily characterized by kinetic military operations, has seen a rise in cyber activities. Since the start of the conflict, various hacktivist groups have engaged in cyberattacks, including distributed denial-of-service (DDoS) attacks, website defacement’s, and false alerts on mobile apps. The global nature of the conflict has attracted the attention of hacking groups and intelligence agencies worldwide. Predatory Sparrow, believed to be an Israeli-backed hacking group known for its destructive attacks in Iran, has caught the attention of cyber operations observers. The group recently posted its first message since January on its Telegram channel and X (formerly Twitter), hinting at its involvement in the current conflict. In the past, Predatory Sparrow has been linked to attacks targeting Iranian infrastructure, including fuel pumps and steel facilities.
READ THE STORY: CyberScoop
U.S. Cybersecurity Agency Raises Alarm on Adobe Acrobat Reader Vulnerability
Bottom Line Up Front (BLUF): The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited vulnerability in Adobe Acrobat Reader. Immediate patching is recommended to mitigate potential cyber threats.
Analyst Comments: The active exploitation of this high-severity flaw in a widely-used software like Adobe Acrobat Reader emphasizes the critical importance of timely software updates and patching. Given the widespread use of Adobe products, both organizations and individual users should prioritize the implementation of these patches to safeguard against potential cyber threats. The mandate for federal agencies further underscores the severity and potential implications of this vulnerability.
FROM THE MEDIA: The vulnerability, tagged as CVE-2023-21608 and rated with a CVSS score of 7.8, is a use-after-free bug that can lead to remote code execution (RCE) under the privileges of the current user. Adobe had already released a patch for this flaw in January 2023, with the discovery credited to HackSys security researchers Ashfaq Ansari and Krishnakant Patil. Affected versions include Acrobat DC, Acrobat Reader DC, Acrobat 2020, and Acrobat Reader 2020. While the specifics of the exploitation and the identities of the threat actors remain undisclosed, a proof-of-concept (PoC) exploit was made available in late January 2023. This is the second known instance of an Adobe Acrobat and Reader vulnerability being exploited, following CVE-2023-26369. Federal Civilian Executive Branch (FCEB) agencies are mandated to apply the necessary patches by October 31, 2023.
READ THE STORY: THN
"Grayling" Targets Organizations in Taiwan, US, Vietnam, and Pacific Islands for Espionage
Bottom Line Up Front (BLUF): A newly identified government-backed hacking group named "Grayling" is actively targeting entities in the manufacturing, IT, and biomedical sectors across Taiwan, Vietnam, the U.S., and an unspecified Pacific island. The primary objective of these cyberattacks appears to be espionage.
Analyst Comments: The emergence of "Grayling" underscores the evolving cyber threat landscape, with nation-state actors continuously developing and deploying sophisticated tools and techniques for espionage. The focus on Taiwan, coupled with the broader geopolitical context, suggests that the Asia-Pacific region remains a hotspot for cyber-espionage activities. Organizations in the targeted sectors should remain vigilant and bolster their cybersecurity defenses to mitigate potential threats.
FROM THE MEDIA: Symantec's recent research has unveiled the activities of "Grayling," a previously unknown nation-state hacking group. The group has been active since February and has been using a combination of custom-made malware and publicly available tools to carry out its cyber operations. Notably, the group's attacks have been characterized by the use of distinctive hacking tools, pointing towards espionage as the primary motive rather than financial gains. Several organizations in the manufacturing, IT, and biomedical sectors in Taiwan have been targeted. Additionally, a government agency in a Pacific island, along with unnamed entities in Vietnam and the U.S., have also been attacked as part of this campaign. Symantec highlighted that Grayling might exploit public-facing infrastructure to gain initial access to its targets. Once inside, the attackers escalate privileges, scan networks, and deploy downloaders.
READ THE STORY: The Record
Surge in WordPress Site Compromises: Balada Injector Strikes
Bottom Line Up Front (BLUF): In September 2023, more than 17,000 WordPress websites were compromised by the Balada Injector malware, marking a significant increase from the previous month. The malware primarily exploited a recently disclosed vulnerability in the tagDiv Composer plugin.
Analyst Comments: The Balada Injector's aggressive campaign against WordPress sites underscores the evolving threat landscape for website administrators and owners. The rapid exploitation of recently disclosed vulnerabilities highlights the importance of timely patching and security updates. With the malware's primary objective being to redirect users to fraudulent pages, there's a clear financial motive behind these attacks. Website owners and administrators must remain vigilant, regularly update their systems, and employ robust security measures to mitigate such threats.
FROM THE MEDIA: The Balada Injector malware campaign has seen a sharp rise in its activity, compromising over 17,000 WordPress websites in September 2023. This figure is nearly double the number of affected sites in August. A significant portion of these infiltrations, around 9,000 websites, were breached using a vulnerability (CVE-2023-3169) in the tagDiv Composer plugin. This flaw allows unauthenticated users to perform stored cross-site scripting (XSS) attacks. Sucuri security researcher, Denis Sinegubko, highlighted that this isn't the first time the Balada Injector group has targeted vulnerabilities in tagDiv's premium themes. The malware campaign, which was first identified by Doctor Web in December 2022, exploits various WordPress plugin vulnerabilities to deploy a Linux backdoor on vulnerable systems. The primary objective of this malware is to redirect users of the compromised sites to fraudulent tech support pages, lottery scams, and push notification scams. Since its inception in 2017, the campaign has impacted over a million websites.
READ THE STORY: THN
Iran and China's Cyber Operations Target Israel-Gaza and Ukraine Conflicts
Bottom Line Up Front (BLUF): Cyber groups linked to Iran and China are exploiting the conflicts in Israel-Gaza and Ukraine to further their political narratives on social media platforms. These operations aim to promote anti-Western sentiments and sow discord among nations.
Analyst Comments: The strategic use of online influence operations by nation-state actors underscores the evolving nature of cyber warfare. These operations not only aim to further political interests but also to create chaos, distrust, and confusion among global audiences. The blending of disinformation with destructive cyberattacks, especially as seen in Russian-backed operations against Ukraine, indicates a concerning trend where cyber capabilities are being used in tandem with information warfare to achieve broader geopolitical objectives. The international community needs to be vigilant and collaborative in countering these sophisticated cyber threats.
FROM THE MEDIA: Iranian-linked actors, posing as Egyptian citizens, have been promoting narratives supportive of Hamas and critical of Israel's response to the Gaza attacks. In parallel, a China-linked cyber group has criticized the Biden administration's handling of these attacks. Furthermore, both Iranian and Chinese groups have opportunistically used the Ukraine war to spread disinformation that aligns with their political interests. Mandiant's research has identified campaigns like the pro-Iran "Roaming Mayfly" and the pro-Chinese "Dragonbridge" as key players in these operations. Additionally, new Russian campaigns, such as "Secondary Infektion" and "Ghostwriter", have been observed spreading misinformation about the Ukraine conflict.
READ THE STORY: WSJ // FP // The Regester
Magecart's Evolution: Manipulating 404 Error Pages to Steal Credit Card Data
Bottom Line Up Front (BLUF): A new Magecart campaign has been discovered that exploits websites' default 404 error pages to hide malicious code, marking a significant evolution in their attack techniques.
Analyst Comments: The evolution of Magecart's attack techniques underscores the need for heightened vigilance and advanced security measures for online businesses, especially those operating on platforms like Magento and WooCommerce. The manipulation of 404 error pages is a creative yet alarming approach, highlighting the attackers' adaptability and the lengths they will go to evade detection. Online businesses must prioritize regular security audits, employ real-time monitoring tools, and ensure timely patching of vulnerabilities to safeguard their platforms and protect their customers' data.
FROM THE MEDIA: Magecart, known for its cyberattacks on online shopping carts, has launched a sophisticated campaign that manipulates the default 404 error pages of websites to hide malicious code. This recent activity, as reported by Akamai, primarily targets Magento and WooCommerce websites. Some of the affected entities are large-scale players in the food and retail sectors. The attackers inject malicious code snippets directly into the HTML pages or within the first-party scripts loaded by the website. This multi-stage attack involves a loader code that fetches the main payload during runtime, capturing sensitive data from visitors on checkout pages and subsequently sending it to a remote server. The campaign's design makes detection challenging, ensuring that the full attack flow is activated only on specifically targeted pages. Three variations of this campaign have been identified: the use of 404 error pages, obfuscation of the skimmer code in a malformed HTML image tag's onerror attribute, and an inline script that appears as the Meta Pixel code snippet.
READ THE STORY: THN
Items of interest
Agency's Chief Cyber Policy Adviser Highlights the Imperative of Embracing AI to Avoid Disruption
Bottom Line Up Front (BLUF): The CIA stresses the urgency of adopting artificial intelligence (AI) to maintain a competitive edge, warning that organizations not leveraging AI will likely be disrupted by those that do.
Analyst Comments: The CIA's proactive stance on AI adoption underscores the technology's transformative potential in the intelligence and cybersecurity domains. As AI continues to evolve, it's crucial for agencies and organizations to strike a balance between harnessing its capabilities and addressing associated risks. The emphasis on ethical guidelines and partnerships with the commercial sector indicates a holistic approach to AI integration, ensuring that the benefits are maximized while potential pitfalls are mitigated.
FROM THE MEDIA: The Central Intelligence Agency (CIA) is pushing for rapid adoption of artificial intelligence, emphasizing its critical role in the agency's operations. Dan Richard, the CIA's chief cyber policy adviser, stated at a Billington Cybersecurity event that it's essential for the agency to harness AI swiftly to avoid falling behind entities that are already leveraging the technology. Richard highlighted that organizations augmenting their operations with AI will likely disrupt those that don't. The intelligence community, spearheaded by the Office of the Director of National Intelligence, has been proactive in developing ethical guidelines for AI use, showcasing their foresight in this domain. Despite the current surge in generative AI tools, Richard expressed concerns, particularly about AI-driven threats to cyber defenses and the spread of disinformation. Addressing these challenges is crucial, but solutions should not stifle the innovation essential for the CIA's mission. Recent news revealed the CIA's endeavors in developing its generative AI tool to rival China.
READ THE STORY: FedScoop
Moldova: In the shadow of Putin’s war (Video)
FROM THE MEDIA: The people of Moldova have been living in fear since the Russian attack on the Ukraine. Their nation could be next on Moscow’s list. Russian politicians and propagandists issue outright threats, even including the prospect of an invasion. It’s a danger also recognized by Maia Sandu, the country’s pro-European President: "We’re seeing military activities close to the borders of the Republic of Moldova. This is a dramatic situation for our neighbors. For us, it’s extremely threatening."
Gravitas: Decoding the joint drills by China, Russia & Iran (Video)
FROM THE MEDIA: China, Russia, and Iran are staging a new set of joint drills in the gulf of Oman. The U.S. says it is not concerned about the military drills. Will this joint drill lead to a new triangular alliance in Asia? Mohammed Saleh reports.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.