Daily Drop (720): RU DISINFO: Portal Kombat, 23andMe, Project December: DeathBots, RTX 2000 Ada Gen, WuXi AppTec, Ivanti: DSLog Backdoor, NYC Cabbies, Austria: Gazprom, LeoLab: Debris Tracking
02-13-24
Tuesday, Feb 13 2024 // (IG): BB // ShadowNews // Coffee for Bob // Proxies
*Started adding the Proof Of Concepts (PoC) if available for mentioned CVE’s :
A Proof of Concept (PoC) is a small exercise to test a certain hypothesis or demonstrate that a potential project can be viable. It's primarily used to verify that certain concepts or theories have the potential for real-world application. The purpose of a PoC is to showcase the feasibility, functionality, and potential of a concept before proceeding to the development of the full-scale project. *
23andMe's Struggles and Optimism: Data Breaches, Lawsuits, and Future Plans
Bottom Line Up Front (BLUF): 23andMe, once valued at $6 billion, now faces over 30 lawsuits due to a data breach affecting 7 million profiles, with reports indicating targeted attacks on Jewish and Chinese customers. Despite challenges, including a significant revenue drop and a troubled stock market presence, CEO Anne Wojcicki remains hopeful, shifting focus towards comprehensive health services and drug development.
Analyst Comments: 23andMe's journey from a pioneering genetics company to its current troubled state is a reflection of the volatile nature of tech startups, especially those handling sensitive data. The company, known for its genetic testing kits, has evolved into a data and pharmaceutical company, signifying a broader trend in the tech industry towards diversification. However, this expansion has come with significant challenges. The recent data breach, exposing millions of customers' profiles and reportedly targeting specific ethnic groups, raises serious concerns about data privacy and security in the digital age. This incident highlights a growing issue where technological advancements and data collection outpace the development of robust security measures and ethical frameworks for data use. Wojcicki's optimistic outlook and strategic pivot towards health services and drug development may offer a path forward, but rebuilding trust and navigating the complex landscape of digital privacy will be crucial for the company's survival and growth.
FROM THE MEDIA: 23andMe, a company initially focused on genetic testing for ancestry and health risks, has grown into a diverse entity encompassing data analysis and pharmaceutical development. However, it currently faces significant challenges: a major data breach in 2023 compromised personal information of nearly 7 million customers, leading to over 30 lawsuits. The breach was peculiar in its apparent targeted nature, focusing on Jewish and Chinese customers. Financial struggles are also evident, with a 33% drop in revenue and a net loss of $278 million in the third fiscal quarter. The end of a collaboration with GlaxoSmithKline and the subsequent decline in research revenue exacerbated these issues. Despite these hardships, CEO Anne Wojcicki remains optimistic about the company's future. She envisions 23andMe as a leader in integrating genomic data into healthcare, primarily through its new service, Total Health, and its ventures in drug development based on genetic discoveries. Wojcicki's strategy involves transitioning from a genetic testing company to a more holistic healthcare provider, leveraging the vast genetic data at their disposal. This shift, while ambitious, faces challenges in market accessibility due to the high cost of new services and lingering concerns over data security.
READ THE STORY: Wired // The New York Times // The Record
Artificial Intelligence: Resurrecting the Dead Through Chatbots
Bottom Line Up Front (BLUF): Advancements in AI technology have led to the development of chatbots capable of simulating conversations with deceased individuals. This innovative but controversial use of AI raises profound ethical, psychological, and societal questions about the nature of grief, memory, and human interaction.
Analyst Comments: The use of AI chatbots to simulate conversations with the deceased represents a groundbreaking yet contentious frontier in technology. On one hand, these chatbots offer a novel way for individuals to process grief and hold onto memories of lost loved ones. This technology taps into our deep-seated human desire to reconnect with those we have lost, potentially providing comfort and closure. On the other hand, the ethical implications are significant. There are concerns about the psychological impact of such interactions, particularly regarding the prolongation of grief or the creation of unhealthy emotional dependencies.
FROM THE MEDIA: Jason Rohrer, the creator of Project December, developed a platform that allows users to simulate conversations with AI versions of deceased individuals. His project gained significant attention when individuals began using it to recreate lost loved ones. This use of AI taps into deeply personal and emotional aspects of human experience, offering a digital form of solace for some, while potentially disturbing or unethical for others. The technology behind these chatbots, such as OpenAI's GPT models, leverages vast datasets to generate convincingly human-like text. However, experts caution against overestimating AI's current capabilities. While AI can replicate speech patterns and mannerisms based on available data, it lacks a true understanding of context or the ability to genuinely replicate a person's consciousness or essence. Ethical considerations are paramount in this discussion. The idea of 'digital resurrection' challenges our traditional concepts of mourning and memory. For some, interacting with a digital version of a deceased loved one might hinder the natural grieving process. Others may find comfort in these interactions, underscoring the subjective nature of grief and the potential therapeutic applications of such technology.
READ THE STORY: FT // Medium // UC Riverside
Nvidia's New RTX 2000 Ada Generation: A Powerful yet Affordable Pro GPU
Bottom Line Up Front (BLUF): Nvidia's launch of the RTX 2000 Ada Generation GPU marks a significant advancement in the professional graphics card market. Priced at less than $650, this new entry-level workstation graphics card offers a robust combination of 2,816 CUDA cores and 16GB ECC VRAM, making it an attractive option for professionals in compact systems and with limited budgets.
Analyst Comments: The introduction of Nvidia's RTX 2000 Ada Generation GPU is a strategic move that aims to cater to the growing demand for powerful yet affordable professional graphics solutions. This card's compact form factor and enhanced capabilities are well-suited for professionals working in areas such as 3D modeling, AI-accelerated design workloads, and virtual reality. Its performance, evidenced by its single-precision and RT core performance, shows significant improvements over its predecessors.
FROM THE MEDIA: Nvidia's RTX 2000 Ada Generation GPU has been released as an upgrade to the previous RTX A2000, offering higher performance at a competitive price. This new GPU is designed to fit into both standard and small form factor (SFF) systems, making it versatile for various professional uses. The RTX 2000 Ada Generation, built on Nvidia's Ada Lovelace architecture, features 2,816 CUDA cores and 16GB of GDDR6 ECC memory, delivering enhanced performance in AI-accelerated workloads and rendering tasks. Despite having a lower memory bandwidth than the RTX A2000, the RTX 2000 Ada Generation compensates with higher CUDA core count and memory capacity. Its performance is reported to be up to 1.6X faster than the RTX A2000 in specific benchmarks, particularly in AI and rendering applications. The 70W power consumption, similar to its predecessor, ensures energy efficiency, and the card does not require external power connectors, making it suitable for compact system builds.
READ THE STORY: The Register // siliconANGLE // Toms Hardware
US Lawmakers Urge Sanctions on Chinese Biotech Firm WuXi AppTec Over National Security Concerns
Bottom Line Up Front (BLUF): A bipartisan group of U.S. lawmakers has called for a review and potential sanctions against Chinese biotech company WuXi AppTec and its affiliate WuXi Biologics. The legislators argue that the firm's connections to the Chinese Communist Party and military pose a threat to U.S. national security. WuXi AppTec, a global pharmaceutical giant, has previously denied being a national security risk.
Analyst Comments: The U.S. lawmakers' move to target WuXi AppTec reflects growing concerns over the security implications of Chinese firms with ties to the Chinese government and military. This action aligns with broader U.S. efforts to protect national security from potential foreign threats, especially in sensitive sectors like biotechnology. WuXi AppTec's denial of being a security threat highlights the complex and often opaque nature of Chinese corporate-government relationships. The proposed sanctions, if implemented, could significantly impact WuXi AppTec's operations and its collaborations with U.S. and global entities.
FROM THE MEDIA: U.S. lawmakers have urged the Biden administration to consider imposing sanctions on WuXi AppTec due to its alleged links to the Chinese Communist Party (CCP) and the People's Liberation Army (PLA). They cited public documents and media articles outlining WuXi AppTec's military connections and support for China's policies in Xinjiang. The lawmakers' concerns include investments in WuXi AppTec from PLA funds and the involvement of WuXi Biologics' CEO in China's military medical research. The letter sent to senior U.S. officials suggests that WuXi AppTec's activities could enable human rights violations in Xinjiang. It proposes including the firm on several U.S. control lists, including Treasury's Non-SDN Chinese Military-Industrial Complex Companies List and the Commerce Department's export control list. This move could lead to restrictions on U.S. sales to WuXi AppTec and warnings about cooperation with the firm.
READ THE STORY: Reuters // The Wall Street Journal // The Jamestown Foundation
Ivanti Connect Secure Vulnerability Leads to Deployment of DSLog Backdoor on Over 670 IT Infrastructures
Bottom Line Up Front (BLUF): A critical vulnerability in Ivanti Connect Secure, identified as CVE-2024-21893, has been exploited to install a backdoor named 'DSLog' in more than 670 IT infrastructures. This vulnerability enables unauthorized remote access, allowing attackers to execute commands with high privileges.
Analyst Comments: The exploitation of CVE-2024-21893 demonstrates the increasing sophistication of cyber threats targeting enterprise security solutions. The DSLog backdoor is notable for its stealth and complexity, as well as its ability to gain high-level access to affected systems. The rapid identification and exploitation of this vulnerability, following the public release of a proof-of-concept, underscore the importance of timely patching and threat intelligence. The discovery of the DSLog backdoor by Orange Cyberdefense sheds light on the tactics, techniques, and procedures (TTPs) of the attackers, revealing a meticulously planned operation. The unique 'API key' mechanism used by DSLog for access control is a significant feature, indicating a higher level of sophistication in backdoor design.
FROM THE MEDIA: The essays cover a wide range of topics, each focusing on a specific aspect of modern warfare technology. Zachary Kallenborn discusses the future of drone swarms, emphasizing different state approaches to their deployment. Akshat Upadhyay examines VR/AR's increasing significance in training and battlefield operations. Nishant Rajeev delves into the strategic use of cyber capabilities by states, while Meghna Bal and Mohit Chawdhry critically analyze the potential military applications of blockchain technology. Shruti Sharma raises concerns about the use of biotechnology in warfare, particularly biological weapons.
READ THE STORY: THN // Orange Cyber defense // PoC: CVE-2024-21893
NYC Cabbies Sentenced in JFK Airport Hacking Scheme with Russian Hackers
Bottom Line Up Front (BLUF): Two NYC taxi drivers, Daniel Abayev and Peter Layman, received prison sentences for collaborating with Russian hackers to manipulate the JFK Airport taxi dispatch system. This breach allowed them to prioritize certain taxis in exchange for payments, significantly disrupting airport operations and fair taxi services.
Analyst Comments: This case highlights the evolving nature of cybercrime, illustrating how traditional sectors like transportation can become targets of sophisticated hacking operations. The collaboration between local taxi drivers and foreign hackers underscores the globalized nature of cyber threats, where local infrastructural systems can be compromised through international partnerships. The impact of this cybercrime on JFK’s taxi dispatch system not only caused financial losses but also raised concerns about the vulnerability of critical transportation infrastructure to cyberattacks. The response from law enforcement and the judicial system indicates a growing recognition of the seriousness of such cybercrimes and the need for stringent penalties to deter similar future incidents.
FROM THE MEDIA: Daniel Abayev and Peter Layman, Queens cab drivers, were sentenced to four and two years in prison, respectively, for their roles in a hacking scheme that compromised the JFK Airport taxi dispatch system. They collaborated with Russian hackers to allow cabbies to bypass the taxi queue for a fee, impacting over a thousand taxi trips daily. The scheme involved breaching the Port Authority of New York's dispatch system and earning profits by charging other drivers to skip the line. The collaboration with Russian hackers was central to gaining unauthorized access to this system. The conspirators used a flash drive with hacking software and manipulated the system to control taxi dispatching. Abayev and Layman pleaded guilty to conspiring to commit computer intrusion and were ordered to forfeit significant sums and make restitution payments to the Port Authority. The Russian hackers involved in the scheme remain at large.
READ THE STORY: New York Post // Courthouse News Service
Austria Considers Early Termination of Russian Gas Contract Amid Growing Reliance
Bottom Line Up Front (BLUF): Austria is exploring options to end its long-term gas contract with Russia before its 2040 expiration, responding to heightened reliance on Russian gas which reached 98% in December. This strategic shift aims to reduce Austria's energy dependency on Moscow but faces significant legal, financial, and political challenges.
Analyst Comments: Austria's move to disentangle itself from Russian gas dependence is a significant step towards energy diversification and security. The nation's current heavy reliance on Russian gas not only poses risks to its energy security but also aligns poorly with the EU's goal to phase out Russian fossil fuels by 2027. The proposed phase-out, although financially and legally complex, signals Austria's intent to align more closely with broader European energy strategies and reduce its geopolitical vulnerabilities.
FROM THE MEDIA: Austria's Energy Minister Leonore Gewessler announced plans to gradually phase out Russian gas and study the implications of terminating the long-term contract with Gazprom. This decision comes as Austria's reliance on Russian gas hit a record high of 98% in December, despite efforts to diversify energy sources since the Ukraine conflict. The proposed phase-out requires domestic energy firms to increase non-Russian gas flows. An independent study will assess the costs and impacts of ending the contract with Gazprom. Legal experts suggest that terminating the contract could incur a fee exceeding €1 billion, unless a new law specifically bans Russian gas imports or ends the contract. OMV, Austria's partly state-owned energy firm, stated that it could supply 100% non-Russian gas if required, pending legal framework adjustments.
READ THE STORY: Politico // Reuters
LeoLabs Secures $29 Million for AI-Powered Space Debris Tracking
Bottom Line Up Front (BLUF): LeoLabs, known for its work in tracking objects in low Earth orbit, has raised an additional $29 million in financing. The funding will enhance the company's AI-driven technology for monitoring space debris and ensuring the safety and sustainability of space operations.
Analyst Comments: This investment in LeoLabs is a significant step toward addressing the growing problem of space debris, which poses a risk to satellites and other space assets. By leveraging AI algorithms, LeoLabs is able to provide crucial insights to space operators about potential collision risks. This technology is vital for the management of the increasingly crowded low Earth orbit environment and is a reflection of the global concern over space safety. The involvement of former NASA astronaut Ed Lu, a co-founder of LeoLabs, adds a level of expertise and credibility to the company's endeavors.
FROM THE MEDIA: LeoLabs' recent funding round, led by GP Bullhound, brings its total funding to around $121 million. The investment will be used to expand the company's data architecture, system software, end-user applications, and partner integrations. LeoLabs uses AI to process data from its global radar network into actionable insights for space operators, helping to avoid potential collisions in low Earth orbit. The company's work has gained the attention of various sectors, including the US Space System Command, which has selected LeoLabs for the Space Domain Awareness Tools, Applications, and Processing Accelerator program. LeoLabs' capabilities are becoming increasingly important as the number of satellites in low Earth orbit grows, necessitating advanced solutions for space traffic management and safety.
READ THE STORY: The Register // LeoLabs // LEO Tracking too
French Intelligence Uncovers Russian Disinformation Network: 'Portal Kombat' Campaign Exposed
Bottom Line Up Front (BLUF): French authorities have revealed a large-scale Russian disinformation network, "Portal Kombat", targeting Western countries with pro-Russian propaganda. This network aims to polarize public opinion and weaken support for Ukraine by disseminating misleading content through 193 information portals.
Analyst Comments: The discovery of "Portal Kombat" by French intelligence signifies a critical escalation in the information warfare landscape. This strategic deployment of disinformation, linked directly to the Russian presidential administration, underscores the sophistication and breadth of state-sponsored propaganda efforts. The operation's focus on Western nations, particularly during an election year, highlights a concerted effort to manipulate public discourse and opinion. The revelation also emphasizes the importance of heightened vigilance and proactive measures in countering disinformation campaigns that can subtly influence political and social narratives.
FROM THE MEDIA: The French agency Viginum, responsible for monitoring foreign digital interference, has identified the Russian-backed network "Portal Kombat", which uses 193 different "information portals" to disseminate propaganda. These portals include sites named "pravda" in various European languages and are designed to echo the Kremlin's narratives, targeting local audiences in Ukraine and major Western countries. Despite its current low impact in terms of audience reach, the network represents a significant threat due to its potential for rapid activation and wide dissemination capabilities. French authorities aim to increase public awareness and resilience against such covert disinformation tactics.
READ THE STORY: UNN // Le Figaro
Warzone RAT Malware Service Dismantled by US Authorities
Bottom Line Up Front (BLUF): U.S. authorities have successfully dismantled the "Warzone RAT" malware service, seizing associated websites and arresting suspects in Malta and Nigeria. This malware enabled cybercriminals to remotely access and manipulate victims' computers, compromising data security.
Analyst Comments: The dismantling of the Warzone RAT malware service is a significant victory in the ongoing battle against cybercrime. This operation highlights the increasing sophistication of cyber threats and the importance of international cooperation in tackling such challenges. The malware's capabilities, including keystroke recording, unauthorized access to web cameras, and data theft, posed serious risks to individual and organizational cybersecurity. The arrests and charges in this case send a strong message about the consequences of engaging in or supporting cybercriminal activities.
FROM THE MEDIA: Law enforcement agencies seized four domains offering the Warzone RAT malware, which allowed hackers to covertly connect to and control victims' computers. The malware could browse file systems, capture screenshots, steal usernames and passwords, record keystrokes, and access web cameras. Two individuals, Daniel Meli from Malta and Prince Onyeoziri Odinakachi from Nigeria, were indicted in the United States for their involvement in the scheme. Meli faces charges related to unauthorized computer damage and other cyber offenses, while Odinakachi is charged with conspiracy to commit multiple computer intrusion offenses. The U.S. government is seeking extradition of Meli, and defense lawyers for both suspects were not immediately identified.
READ THE STORY: The Record // Rueters
FTC's Aggressive Stance on Big Tech Data Abuses: Meta Lawsuit and Beyond
Bottom Line Up Front (BLUF): Federal Trade Commission Chair Lina Khan emphasizes the need for strong regulatory actions against big tech firms like Meta, highlighting the insufficiency of fines and the importance of addressing business models that incentivize data misuse. This comes in the wake of Meta's lawsuit against the FTC, challenging its order to stop monetizing children's data.
Analyst Comments: The FTC's move to enforce stricter regulations on tech giants, particularly concerning data privacy and AI business models, signals a significant shift in the U.S. government's approach to tech industry oversight. Chair Lina Khan's remarks suggest a paradigm shift from reactive penalty imposition to proactive regulatory frameworks. This strategy aims to ensure tech firms prioritize user privacy and ethical AI practices over profit-driven data exploitation. Meta's lawsuit against the FTC represents a critical test case for the commission's enhanced regulatory approach, potentially setting a precedent for future tech industry governance.
FROM THE MEDIA: The FTC's recent order against Meta, part of a broader initiative under Chair Lina Khan, aims to curb data privacy abuses, particularly concerning children's data. This follows a $5 billion fine against Meta in a 2020 privacy order. Meta's lawsuit against the FTC challenges the commission's structure and its authority to enforce such orders. Khan asserts that fines alone are insufficient, as tech firms often view them as a business cost. The FTC's new strategy focuses on business models and incentives that lead to data privacy violations, indicating a more aggressive regulatory stance. Kahn faces criticism from the tech industry for possibly overstepping the FTC's authority. The outcome of Meta's lawsuit could have far-reaching implications for the FTC's regulatory powers and the tech industry's data practices.
READ THE STORY: The Record
Items of interest
China's Temu Versus Shein: The Battle for E-commerce Dominance
Bottom Line Up Front (BLUF): Temu, a Chinese online marketplace, is aggressively recruiting suppliers previously associated with Shein, as the latter prepares for a U.S. IPO. Temu's tactics aim to challenge Shein's dominance in the fast-fashion market, leveraging relaxed supplier requirements and financial incentives, while Shein tightens its supply chain standards.
Analyst Comments: The ongoing battle between Temu and Shein in the e-commerce space is a classic example of competitive dynamics in the fast-fashion industry. Shein's decision to drop suppliers for failing to meet its enhanced standards, likely a strategic move ahead of its U.S. IPO, has opened a window of opportunity for Temu. By adopting less stringent supplier requirements, Temu is quickly absorbing those manufacturers left behind by Shein. This approach reflects a broader trend in the e-commerce sector, where companies are constantly adapting and evolving their strategies to gain a competitive edge. The fast-fashion market, characterized by rapidly changing trends and consumer preferences, particularly among Gen Z shoppers, demands such agility. As Temu and Shein vie for market share, the implications of their strategies extend beyond the commercial realm, raising questions about sustainability, labor practices, and the long-term viability of the ultra-fast fashion business model.
FROM THE MEDIA: Temu, owned by PDD Holdings, is aggressively courting manufacturers that have been dropped by Shein due to non-compliance with its new supply chain standards. Shein's stringent requirements include a minimum factory size and employee count, part of its strategy to streamline operations ahead of its planned IPO in the U.S. Manufacturers that fail to meet these criteria, like Louis Li's bag factory in Guangdong, find a more accommodating partner in Temu, which does not consider factory size in its selection of sellers.
This shift has allowed Temu to expand its product offerings, which range from low-cost tech accessories to apparel, directly competing with Shein's market segment. Temu's strategy involves rapid payment to suppliers, a practice also adopted by Shein to maintain strong relationships with its manufacturing network. However, Temu is going a step further by providing an outlet for excess stock, including items initially intended for Shein, showcasing its flexibility and adaptability in the fast-paced e-commerce sector.
READ THE STORY: FT // Fortune // Reuters
Shein accused of "mafia-style intimidation" in new lawsuit from Temu (Video)
FROM THE MEDIA: Temu is suing Shein again, saying the company is using "mafia-style intimidation" of suppliers to restrict its expansion in the U.S. Part of the complaint claims Shein would detain suppliers it thought were doing business with Temu and threaten to punish them for working with its rival. Shein said the lawsuit is "without merit." Susan Scafidi, founder and director of Fordham University's Fashion Law Institute, joined CBS News to discuss the suit.
Congress Launches Investigation into SHEIN and TEMU Using Slave Labor (Video)
FROM THE MEDIA: Rep. Mike Gallagher (R-WI) and Rep. Raja Krishnamoorthi (D-IL) Chairman and Ranking Member of the Select Committee on the Chinese Communist Party, yesterday sent letters to Nike, Adidas, Shein, and Temu citing concerns about the companies' alleged continued use of Uyghur forced labor in their supply chains despite the 2021 Uyghur Forced Labor Prevention Act (UFLPA) which outlawed this practice.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.