Sunday, Apr 28 2024 // (IG): BB // ShadowNews // Coffee for Bob
*Started adding the Proof Of Concepts (PoC) if available for mentioned CVE’s :
A Proof of Concept (PoC) is a small exercise to test a certain hypothesis or demonstrate that a potential project can be viable. It's primarily used to verify that certain concepts or theories have the potential for real-world application. The purpose of a PoC is to showcase the feasibility, functionality, and potential of a concept before proceeding to the development of the full-scale project. *
Cyber Espionage Group (APT31): CVE-2017-0005 Exploitation Methods
Bottom Line Up Front (BLUF): CVE-2017-0005, a significant vulnerability in Windows, provided APT31, also known as Zirconium or Judgment Panda, with a mechanism for elevated privileges. This exploit allowed them to extend their espionage capabilities by gaining administrative control over targeted systems, notably those within government and defense agencies.
Analyst Comments: APT31's exploitation of CVE-2017-0005 reflects a strategic component of their broader operational tactics aimed at establishing long-term access to high-value targets. By exploiting this specific vulnerability, APT31 could escalate their privileges within an infected system, enabling them to manipulate data, install malicious software, and create new accounts with full user rights. Their ability to leverage such vulnerabilities underscores the critical importance of timely security patches and proactive defense strategies in national security domains. This incident is a stark reminder of the ongoing cyber arms race, where defense and offense continuously evolve in response to each other's capabilities.
FROM THE MEDIA: APT31, identified with the Hubei State Security Department, has used various tactics including spearphishing, malware deployment, and exploiting public services for command and control activities. This group is noted for its adaptability, shifting targets based on geopolitical developments, and maintaining a focus on strategic intelligence gathering. The indictment outlines APT31’s involvement in significant campaigns against global targets, including government agencies, defense contractors, and private sector entities across multiple countries. CVE-2017-0005 has been a crucial tool in their arsenal, allowing them to run arbitrary code in kernel mode—thus gaining the capability to install programs, alter or delete data, or create new accounts with comprehensive user rights. This level of access has been instrumental in advancing their espionage efforts across various targeted attacks, showcasing the group's pattern of exploiting known vulnerabilities to facilitate initial access or escalate privileges within targeted networks. The DOJ’s detailed account and subsequent sanctions illustrate a decisive step in addressing such cyber threats, emphasizing the necessity for robust cybersecurity measures and international cooperation in deterring state-sponsored cyber activities.
READ THE STORY: HLAB // Decode39 // RJ
DEV#POPPER: Malicious npm Packages in Social Engineering Scam Target Software Developers
Bottom Line Up Front (BLUF): A social engineering campaign, identified as DEV#POPPER and attributed to North Korean threat actors, is currently exploiting software developers by disguising malicious npm packages as legitimate job interview tasks. The campaign's objective is to install a Python backdoor for data exfiltration and system control.
Analyst Comments: This campaign highlights the ongoing threat posed by state-sponsored actors in the cybersecurity landscape, particularly those utilizing social engineering to target specific professional groups. By masquerading as potential employers, these actors exploit the trust and urgency typically involved in the job application process. The method of using npm packages suggests a sophisticated understanding of software development processes, allowing the threat actors to seamlessly integrate malicious code into developers' workflows. The involvement of North Korean actors aligns with their known strategies for cyber espionage and financial gain, reflecting a broader trend of increasingly targeted cyber operations.
FROM THE MEDIA: Securonix reports that the DEV#POPPER campaign involves fraudulent job interviews where developers are tricked into downloading npm packages containing malware. These packages deploy a Node JS payload that compromises the developer’s system. Initially detailed by Palo Alto Networks Unit 42 and further investigated by Phylum, the campaign delivers malware, such as BeaverTail and InvisibleFerret, which are capable of stealing sensitive information and performing actions like command execution and keystroke logging. This campaign underscores the critical need for vigilance in software supply chain security and the importance of verifying the legitimacy of all components used within development environments.
READ THE STORY: THN
Major Advancements in US Space Domain Awareness Through Space Systems Command
Bottom Line Up Front (BLUF): The US Space Systems Command's Tools Applications and Processing (TAP) Lab has significantly advanced space domain awareness (SDA) through its Apollo Accelerator program. The initiative fosters collaboration among commercial, academic, and governmental entities, enhancing the development and integration of technologies for monitoring and defending assets in space.
Analyst Comments: The advancements made by the TAP Lab illustrate a crucial evolution in the approach to space domain awareness. By facilitating partnerships across various sectors, the lab not only speeds up technological innovation but also ensures these developments are robustly tested and integrated into operational frameworks. This is vital in an era where space is increasingly contested, and the need for responsive and effective space surveillance and management systems is critical. The involvement of startups like True Anomaly and Intrack Radar Technologies in the Apollo Accelerator underscores a strategic shift towards leveraging commercial and academic expertise to address national security challenges in space.
FROM THE MEDIA: The Space Systems Command (SSC) through its TAP Lab has executed the Apollo Accelerator Cohort 2, achieving significant milestones in collaboration with diverse partners. This includes startups such as True Anomaly, which has contributed to satellite inspection technologies, and Intrack Radar Technologies, which has enhanced the prediction and tracking of rocket trajectories. The TAP Lab's ability to quickly recover and process data from missions like the Transporter-10 underscores its role in bolstering the US's capabilities in space domain awareness. The lab's initiatives help bridge the gap between emerging technologies and their operational deployment, enhancing the efficiency and security of space operations. The upcoming demo day for Cohort 2 promises to showcase further innovations that could redefine how space domain awareness is managed and maintained, reflecting the SSC's commitment to maintaining a leading edge in space technology and defense.
READ THE STORY: Spacewar
Urgent Call for Cloud Services to be Recognized as Critical Infrastructure in the US
Bottom Line Up Front (BLUF): Following a critical review by the Cyber Safety Review Board (CSRB) highlighting security failings in Microsoft's systems, there's a pressing need for the U.S. government to redefine 'the cloud' as critical infrastructure. This reclassification would enhance national cybersecurity resilience by imposing rigorous security standards and ensuring dedicated governmental oversight.
Analyst Comments: The CSRB's recent findings on Microsoft's cybersecurity practices reveal significant lapses that could potentially compromise U.S. national security and critical infrastructure. These revelations underscore the urgent need for the federal government to enforce higher security standards among cloud service providers, which play a pivotal role in the nation's digital and physical infrastructure sectors. Recognizing cloud services as critical infrastructure would not only bolster national defense mechanisms but also streamline the implementation of best practices across the board.
FROM THE MEDIA: The CSRB's damning report on Microsoft points to preventable security failures that facilitated unauthorized access to sensitive U.S. information by Chinese hackers. This breach was attributed to significant oversight in Microsoft's security operations and a corporate culture that reportedly deprioritizes cybersecurity. The situation is exacerbated by Microsoft's market dominance in cloud services, which are integral to the operation of the U.S. government and critical sectors. These services underpin crucial aspects of national security, economic stability, and public health, making their protection paramount. The proposed reclassification of cloud services as critical infrastructure is expected to introduce stringent security requirements and robust oversight mechanisms, aiming to mitigate such vulnerabilities and ensure the resilience of national infrastructure against cyber threats.
READ THE STORY: The Hill
Severe Security Flaws Uncovered in Brocade SANnav SAN Management Software
Bottom Line Up Front (BLUF): An array of critical security vulnerabilities has been disclosed in Brocade's SANnav SAN Management Software, with potential impacts ranging from unauthorized root access to interception of encrypted communications. These vulnerabilities affect all versions up to 2.3.0 and have been patched in the latest version released by Broadcom.
Analyst Comments: The discovery and disclosure of these vulnerabilities underscore the ongoing challenges faced by cybersecurity in managing complex software environments. The range of flaws—from insecure root access and hardcoded credentials to Docker misconfigurations—highlights systemic issues in software development practices. Furthermore, the presence of hardcoded SSH keys and credentials, in particular, raises significant concerns about security oversight and the importance of rigorous security practices during the development phase. The involvement of major companies like Broadcom and Hewlett Packard Enterprise in addressing these issues reflects the critical nature of the vulnerabilities and the importance of maintaining robust security protocols.
FROM THE MEDIA: Independent security researcher Pierre Barre identified eighteen severe vulnerabilities in Brocade SANnav software, which could allow attackers to execute arbitrary commands, decrypt SSH traffic, and engage in supply chain attacks among other exploits. These vulnerabilities were responsibly disclosed and subsequently patched in the latest software update, SANnav version 2.3.1, released in December 2023. Notably, vulnerabilities such as CVE-2024-2859 and CVE-2024-29961 were rated particularly high on the CVSS scale, emphasizing their potential threat. Hewlett Packard Enterprise also responded by releasing patches for affected versions of their HPE SANnav Management Portal.
READ THE STORY: THN
Ship Attacked by Missiles off Yemen Coast
Bottom Line Up Front (BLUF): A commercial vessel was targeted with multiple missile attacks off Yemen's coast, claimed by Huthi rebels. The United Kingdom Maritime Trade Operations (UKMTO) reported the incidents near the Yemeni port of Mokha, involving the Panama-flagged tanker "Andromeda Star". The attacks represent a renewed aggression by the Iran-backed Huthis in maritime areas, coinciding with the ongoing Israel-Hamas conflict.
Analyst Comments: The recent missile attacks by the Huthi rebels off the coast of Yemen underline a strategic escalation in their maritime operations, reflecting broader regional tensions. These attacks are part of a concerted effort by the Huthis to challenge international shipping lanes, thereby extending the geopolitical conflict beyond the Arabian Peninsula. Historically, the Red Sea has been a critical chokepoint for global shipping; disruptions there can have significant implications for international trade and oil markets. The timing and targets of these attacks suggest a symbolic alignment with Palestinian causes and a direct challenge to Western naval presences, likely aimed at garnering international attention and retaliating against perceived adversaries.
FROM THE MEDIA: On April 27, 2024, Huthi rebels executed a dual missile strike on the "Andromeda Star", a tanker operating under a Panamanian flag and managed by Seychelles, which was traveling from Russia to India. UKMTO detailed that the ship endured an initial explosion near its hull followed by a direct missile hit in a subsequent strike, causing minor damage yet no casualties. The U.S. Central Command confirmed these incidents, noting the strategic importance of the targeted vessels and the absence of any injuries. These developments follow a pattern of increased Huthi aggression in the region, as the rebels have declared their intent to continue military actions against "all hostile targets" in strategic maritime zones, amidst ongoing conflicts in Gaza and sporadic attacks across regional waters.
READ THE STORY: Spacewar
Brokewell: A New Threat in Banking Malware Emerges with Advanced Device Takeover Capabilities
Bottom Line Up Front (BLUF): Brokewell, a newly discovered banking malware, is causing concern within the cybersecurity community due to its advanced device takeover capabilities. Equipped to execute remote actions and steal sensitive data, Brokewell can severely compromise personal and financial information. The malware's deployment via a fake browser update page illustrates the evolving tactics of cybercriminals to exploit user trust and security vulnerabilities.
Analyst Comments: The introduction of Brokewell into the threat landscape represents a significant evolution in mobile banking malware. Its capabilities not only include traditional data theft, such as stealing cookies and overlay attacks, but also extend to comprehensive remote control functionalities that can manipulate device operations directly. This malware is part of a worrying trend towards more invasive and hard-to-detect threats that exploit both technical vulnerabilities and user behavior. The discovery highlights the importance of continuous monitoring and updating of cybersecurity measures by both individuals and institutions.
FROM THE MEDIA: ThreatFabric's analysis has identified Brokewell as a new and active threat in the landscape of mobile banking malware, equipped with a variety of espionage and remote control tools. By mimicking legitimate browser update notifications, Brokewell tricks users into downloading and installing the malware, which then gains extensive access to the device. This access allows it to capture keystrokes, swipe patterns, and other interactions with infected devices, sending this data back to the attackers. The malware's capability to bypass new Android restrictions on accessibility services further enhances its effectiveness and stealth. The actor behind this malware, known as "Baron Samedit," has made the tools needed to deploy Brokewell publicly available, lowering the entry barrier for other cybercriminals and potentially leading to wider distribution and variation of this threat.
READ THE STORY: THN // Threat Fabric
ByteDance Prefers Shutting Down TikTok Over Selling It Amid U.S. Legal Challenges
Bottom Line Up Front (BLUF): ByteDance, the parent company of TikTok, would rather shut down its flagship app in the U.S. than sell it to comply with new American legislation. This decision comes after the U.S. government introduced a law requiring the sale of TikTok to a suitable American entity by January 19, 2025, to avoid a ban. The company has signaled its intention to challenge the law in court, emphasizing its commitment to fighting the mandate legally.
Analyst Comments: ByteDance's preference to shut down TikTok rather than sell it underscores the complex geopolitical and economic implications of the U.S. government's push to regulate foreign technology firms on national security grounds. This stance by ByteDance could be a strategic move to preserve its proprietary technology and maintain its competitive edge, as selling TikTok could potentially involve handing over sensitive algorithms that are core to its operations. The situation also reflects the broader tensions between the U.S. and China over technology and data security, which have been mounting over recent years.
FROM THE MEDIA: According to Reuters, ByteDance would prefer to shut down TikTok in the U.S. rather than sell it, following a new law that forces the Chinese company to divest the app or face a ban. This law, the 21st Century Peace through Strength Act, signed by President Biden, aims to mitigate potential risks posed by foreign ownership on national security. TikTok CEO Shou Zi Chew has publicly opposed the law, stating the company's intent to challenge it legally. Despite TikTok only contributing a quarter of ByteDance's global revenue and a minimal percentage of its active users, the decision to potentially shut down rather than sell highlights the significant value ByteDance places on its operational independence and technological assets.
READ THE STORY: The Register
Significant Security Breach at StarWallets: Hacker Drains BNB Liquidity Through Staking Contract Exploit
Bottom Line Up Front (BLUF): StarWallets, a prominent decentralized finance (DeFi) platform, has experienced a severe security breach that compromised a significant amount of its liquidity pool. On April 17, 2024, an attacker exploited vulnerabilities in the platform's staking contract, leading to substantial financial losses. This incident has raised concerns about the robustness of security protocols across DeFi platforms, despite rigorous security measures being in place.
Analyst Comments: The breach at StarWallets highlights a persistent challenge within the DeFi ecosystem—balancing accessibility and security. Despite the platform's adherence to stringent security practices, the sophistication of the attack points to an evolving threat landscape where attackers continuously adapt to exploit even minor vulnerabilities. This incident underscores the need for ongoing vigilance, regular security audits, and the implementation of advanced security measures to safeguard user assets.
FROM THE MEDIA: StarWallets announced a significant security breach in their system, attributed to a sophisticated hack on April 17, 2024, which targeted their staking contract and led to a significant loss of BNB liquidity. The attack was executed by exploiting vulnerabilities in the staking contract, highlighting critical security challenges within DeFi platforms. In response, StarWallets has ceased interactions with the affected contract and is collaborating with cybersecurity experts to conduct a thorough investigation and mitigate the impact on users. The platform is taking steps to enhance its security measures and reaffirms its dedication to revolutionizing DeFi while ensuring the protection of user assets and data.
READ THE STORY: Accesswire
Major Security Flaws Found in Popular Chinese Keyboard Apps
Bottom Line Up Front (BLUF): Researchers from the University of Toronto’s Citizen Lab have uncovered significant security vulnerabilities in several popular Chinese keyboard apps, potentially exposing the keystrokes of approximately 750 million users to unauthorized access. Major brands affected include Xiaomi, OPPO, Samsung, and Honor, while Huawei's apps were found to be secure.
Analyst Comments: The discovery of these vulnerabilities in Input Method Editor (IME) software highlights the ongoing challenges in app security, especially for applications that handle sensitive input data like keystrokes. The reliance on potentially weak or compromised cryptographic protocols by some manufacturers shows a significant oversight in security practices. These vulnerabilities could have far-reaching implications, not only for individual privacy but also for national security, considering the scale of use and the types of data that could be intercepted.
FROM THE MEDIA: The vulnerabilities were primarily found in the Pinyin keyboard apps, which are used widely by Chinese speakers to input text on mobile devices. These apps convert the Latin alphabet inputs into Chinese characters but often require cloud processing, which becomes a point of vulnerability if the data transmission is not securely encrypted. The affected apps include those from Baidu, Samsung, Xiaomi, OPPO, Honor, and iFlytek, each showing different levels of exposure to potential snooping. Baidu's app, for example, was found to use weak encryption that could be easily bypassed by eavesdroppers, while others were susceptible to specific exploits that allow keystroke interception.
READ THE STORY: The Register
Ukraine Confronts Increased Cyber Threats via Messengers and Dating Platforms
Bottom Line Up Front (BLUF): CERT-UA has issued a warning about the heightened activities of the UAC-0184 cyber group, which is now using messengers and dating platforms to target Ukrainian Defense Forces. The attacks aim to compromise devices and steal sensitive data through sophisticated social engineering tactics and malicious software deployment.
Analyst Comments: The shift in tactics by UAC-0184 to utilize social platforms for their attacks represents a strategic adaptation to the evolving cybersecurity landscape. By exploiting personal communications through messengers and dating sites, the group is able to bypass traditional security measures more effectively. This method also indicates a potentially higher success rate in targeting, given the personal and often less guarded nature of such platforms. The use of both commercial and open-source spyware tools by the attackers enhances their capability to extract sensitive information discreetly.
FROM THE MEDIA: CERT-UA has documented an increase in cyberattacks by the UAC-0184 group, particularly targeting personnel within the Ukrainian Defense Forces via messengers and dating platforms. The attackers employ various malware tools including HijackLoader, SHADOWLADDER, GHOSTPULSE, REMCOS RAT, VIOTTO KEYLOGGER, and XWORM to infiltrate devices and extract data. Open-source software like SIGTOP and TUSC are specifically used to pilfer messages and contact data from Signal and other communication tools. The group's method involves enticing service members with deceptive social engineering techniques such as phony romantic interests or false legal notifications, leading to the downloading and opening of malicious files.
READ THE STORY: THN // CERT-UA
'ArcaneDoor' Malware Campaign Targets Cisco Devices for Espionage
Bottom Line Up Front (BLUF): A sophisticated nation-state actor, believed to be backed by a foreign government, has exploited vulnerabilities in Cisco firewalls to conduct espionage. Dubbed "ArcaneDoor" by Cisco, this campaign targets VPN services used by governments and critical infrastructure globally. The attacks leverage two newly identified vulnerabilities, CVE-2024-20353 and CVE-2024-20359, which have been promptly addressed by Cisco with necessary security patches.
Analyst Comments: The 'ArcaneDoor' malware campaign underscores the evolving landscape of cyber threats where state-backed actors employ advanced strategies to exploit essential network infrastructure devices. The exploitation of Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) systems highlights the critical need for continuous monitoring and rapid response to security advisories in governmental and critical sectors. The involvement of state actors suggests that the motives extend beyond mere data theft to more comprehensive espionage, likely aimed at accessing sensitive communications and disrupting critical services.
FROM THE MEDIA: The 'ArcaneDoor' operation involved compromising Cisco firewalls as part of a broader espionage campaign targeting global government networks and critical infrastructures. Initially detected by Cisco in early January, the campaign was publicly disclosed following a joint advisory from cybersecurity agencies in Canada, Australia, and the UK. The identified vulnerabilities allowed unauthenticated remote attacks that could cause devices to reload unexpectedly, leading to potential denials of service, and authenticated local attacks to execute arbitrary code with root-level privileges. While Cisco has not confirmed the origin of the attackers, there is speculation about the involvement of Chinese or Russian state-backed groups, given their historical interest in such cyber espionage activities.
READ THE STORY: The Register // Jason Deegan // Wired
UN Space Director Lauds China's Role in Global Space Endeavors *State Sponsored Propaganda*
Bottom Line Up Front (BLUF): Aarti Holla-Maini, the director of the United Nations Office for Outer Space Affairs (UNOOSA), recently praised China for its significant contributions to global space exploration and its collaborative efforts with international entities. Her accolades came ahead of her visit to China, highlighting the country's progress in areas like lunar exploration and space station development.
Analyst Comments: China's space program continues to impress on the global stage with its advanced technological capabilities and ambitious projects, including the Tiangong space station and the Chang'e lunar missions. The UN's recognition of China's role in leveraging space technology for global benefits underscores the strategic diplomatic and developmental initiatives China is undertaking within the international community. This partnership not only advances scientific knowledge but also facilitates global cooperation in critical areas like climate change and disaster management. As China prepares to host significant space cooperation forums, its position as a leader in space science promises to bring more collaborative opportunities that could benefit developing nations and enhance global space governance.
FROM THE MEDIA: Aarti Holla-Maini's recent statements celebrate China's achievements and its proactive role in using space technology for global good. She mentioned specific advancements such as China's Tiangong space station, which plays a key role in international scientific research and space exploration. The forthcoming Chang'e-6 mission aims to further lunar exploration by retrieving samples from the moon's far side, marking a significant step in international lunar research efforts. China's commitment to space education and disaster management, as evidenced by hosting regional centers for space science and technology education and the UN-SPIDER office, also highlights its dedication to leveraging space for sustainable development.
READ THE STORY: Spacewar (Chinese Influence on the UN)
Multistage Cyber Attack Campaign Utilizes SSLoad and Cobalt Strike to Hijack Systems
Bottom Line Up Front (BLUF): An advanced cyber attack campaign, codenamed FROZEN#SHADOW, uses phishing emails to deliver SSLoad malware, leading to the deployment of Cobalt Strike and ConnectWise ScreenConnect for remote system control. This campaign targets a broad geographical spectrum, affecting organizations across Asia, Europe, and the Americas.
Analyst Comments: The FROZEN#SHADOW campaign exemplifies a sophisticated multistage attack structure where initial entry is achieved through phishing, followed by complex malware deployment strategies to establish persistence and full system control. The utilization of both SSLoad for initial infection and Cobalt Strike for further exploitation highlights a high level of coordination and technical proficiency, allowing attackers to perform extensive reconnaissance and system compromise. The tactics observed also underline the importance of robust email security practices and the need for continuous monitoring of network traffic to identify and mitigate such threats early in the attack chain.
FROM THE MEDIA: Researchers from Securonix have identified a dangerous cyber attack campaign that leverages phishing emails to initially compromise systems with SSLoad malware. This malware stealthily gathers sensitive information and prepares the systems for further exploitation using Cobalt Strike—a tool ostensibly designed for security testing but often repurposed by cybercriminals. The attack does not stop here; it also employs ScreenConnect to facilitate remote access, giving attackers the ability to maneuver within the network, escalate their privileges, and ultimately gain administrative control over the entire domain. The campaign’s sophistication is evident in its use of a booby-trapped JavaScript file, which initiates the download of a malicious installer from a deceptive network share. This multilayered approach not only ensures the malware’s delivery and execution but also complicates detection and response efforts, posing significant challenges for affected organizations.
READ THE STORY: THN
Items of interest
The 5×5—China’s Cyber Operations
Bottom Line Up Front (BLUF): In the article "The 5×5—China’s Cyber Operations" from The Atlantic Council, experts discuss the evolving nature of China’s cyber operations, focusing on their strategies, the role of non-state actors, and comparative practices with other states. The article emphasizes China's sophisticated use of cyber strategies to further its geopolitical and economic goals, notably through aggressive intelligence collection and the exploitation of cybersecurity vulnerabilities globally.
Analyst Comments: China's cyber operations demonstrate a calculated integration of state-directed goals with the technical acumen of non-state actors, like contracted hacker groups. This dual-faceted approach not only maximizes China's strategic reach in cyberspace but also complicates the global cybersecurity landscape. By leveraging non-state capabilities, China enjoys plausible deniability and greater operational flexibility. The evolution of these operations reflects broader strategic goals, aligning with China's ambition to be a dominant cyber power and echoing historical patterns of leveraging all available means to achieve national objectives.
FROM THE MEDIA: Non-state actors play a pivotal role, operating under the state’s tacit approval to carry out economic espionage and intelligence gathering. The state’s use of these actors as a component of its cyber strategy reflects a nuanced understanding of both the cyber domain and international law, allowing China to operate in grey areas of cybersecurity norms. Comparatively, China's cyber operations are distinguished by their scale and integration into national economic and security strategies, differing significantly from the more cautious and targeted approaches observed in other Asian countries.
READ THE STORY: AC
Chinese hackers preparing 'bold and unrelenting' attacks on U.S. infrastructure: FBI (Video)
FROM THE MEDIA: The Chinese government is preparing "bold and unrelenting" attacks on U.S. infrastructure, the Federal Bureau of Investigation (FBI) announced Thursday.
hinese hackers spent up to 5 years in US networks: cyber officials (Video)
FROM THE MEDIA: A Chinese hacker group spent 5 years in US networks so China could position themselves for an attack on critical infrastructure using malware.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.