Daily Drop (782)WRU: CN's "Great Cannon", "Goldoon" exploits routers, CN's rare earth minerals, Russians hack UA infra, HPE devices vulnerably coded, CN campaign hits Cisco, RU hacks emails, CN's EV's
05-05-24
Sunday, May 05 2024 // (IG): BB // ShadowNews // Coffee for Bob
*Started adding the Proof Of Concepts (PoC) if available for mentioned CVE’s :
A Proof of Concept (PoC) is a small exercise to test a certain hypothesis or demonstrate that a potential project can be viable. It's primarily used to verify that certain concepts or theories have the potential for real-world application. The purpose of a PoC is to showcase the feasibility, functionality, and potential of a concept before proceeding to the development of the full-scale project. *
German-Russian Cyber Conflict Intensifies Amidst Allegations of GRU Espionage
Bottom Line Up Front (BLUF): German officials, backed by NATO and other European entities, have strongly condemned Russia for alleged cyber espionage targeting political and industrial sectors in Germany, using a previously undisclosed Microsoft Outlook vulnerability, with promises of unspecified consequences.
Analyst Comments: The attribution of these cyberattacks to Russia's GRU military intelligence illustrates the continuing escalation of cyber operations as integral components of geopolitical strategies. The targeting of high-profile political entities, critical infrastructure, and defense sectors through sophisticated cyber espionage not only underscores the vulnerabilities within national security frameworks but also highlights the complex landscape of international cyber warfare. This incident reveals the broadening scope and the increasing sophistication of state-sponsored cyber activities aimed at influencing political outcomes and accessing sensitive information.
FROM THE MEDIA: The German Foreign Minister, Annalena Baerbock, during a press conference in Adelaide, stated that the Russian military's cyber unit, APT28 or Fancy Bear, was responsible for the cyberattacks that exploited vulnerabilities in Microsoft Outlook. These attacks have been ongoing since March 2022, intensifying after Russia's full-scale invasion of Ukraine. The espionage campaign affected not only Germany's Social Democrats but also targeted sectors including defense and aerospace, extending its impact to critical infrastructures and other European nations like Czechia. This situation has prompted a unified stance among EU nations and NATO members, recognizing the need for robust cyber defense mechanisms and potential collective response measures to counteract the perceived aggression from Russia.
READ THE STORY: AP // SCB // PoC: CVE-2023-23397
China's "Great Cannon" Exposed: A Powerful Hacking Tool for Cyberattacks and Surveillance
Bottom Line Up Front (BLUF): Researchers at the University of Toronto's Citizen Lab have uncovered a powerful Chinese cyberweapon dubbed "The Great Cannon," which was likely responsible for recent DDoS attacks on GitHub and GreatFire.org. The Great Cannon is a distinct attack tool that can hijack traffic to launch large-scale DDoS attacks and has the potential to conduct targeted surveillance by exploiting unsecured web traffic.
Analyst Comments: The discovery of the Great Cannon highlights China's growing capabilities in cyberwarfare and its willingness to openly deploy such tools for strategic objectives. The researchers' findings underscore the urgent need for better cybersecurity measures, particularly the widespread adoption of encrypted web protocols like HTTPS to prevent man-in-the-middle attacks. The brazen use of the Great Cannon also raises concerns about the global impact of state-sponsored cyberattacks and the importance of establishing international norms in cyberspace.
FROM THE MEDIA: Lead researchers Bill Marczak from Citizen Lab and Nicholas Weaver from UC Berkeley investigated the unusual GitHub DDoS attack and discovered that the Great Cannon could inject malicious code into unsecured web traffic, turning unwitting users into participants in cyberattacks. They noted similarities between the Great Cannon and the NSA's Quantum system, suggesting that the tool could also be used for targeted surveillance. The researchers emphasized the need for robust encryption and expressed alarm at the ease with which the Great Cannon could be repurposed for espionage.
READ THE STORY: Business Insider // Citizen Labs
"Goldoon" Botnet Exploits Decade-Old Vulnerability in D-Link Routers
Bottom Line Up Front (BLUF): Security researchers at FortiGuard Labs have identified a new botnet, named "Goldoon," which capitalizes on a longstanding vulnerability in D-Link routers, CVE-2015-2051. This botnet manipulates the Home Network Administration Protocol (HNAP) to take control of the devices and launch diverse malicious activities, including sophisticated DDoS attacks.
Analyst Comments: This case underscores the critical vulnerabilities within the supply chains of essential services and national security apparatus. The use of counterfeit network equipment poses significant risks, not only due to potential failures and malfunctions but also as potential vectors for cyber espionage or sabotage. The operation's scale and the involvement of sophisticated evasion tactics, such as using fake aliases and addresses, highlight a deliberate attempt to undermine U.S. critical infrastructure.
FROM THE MEDIA: Onur Aksoy operated through a network of 19 companies and 25 online storefronts on platforms like eBay and Amazon, known as Pro Network Entities, to distribute counterfeit Cisco products. These products, sourced at dramatically reduced prices from Hong Kong and Chinese counterfeiters, were disguised as new and genuine, complete with fake Cisco labels and packaging. The U.S. Customs and Border Protection intercepted 180 shipments linked to this scheme between 2014 and 2022, leading to significant legal actions and ultimately, Aksoy's conviction. The counterfeit devices often malfunctioned, causing operational disruptions across vital networks, including those of the U.S. military and other government and healthcare entities.
READ THE STORY: The Record // GBhackers // PoC: CVE-2015-2051
CISA's Role in Protecting Critical Infrastructure Reinforced by New Presidential Directive
Bottom Line Up Front (BLUF): President Joe Biden signed a revised Presidential Policy Directive 21 (PPD-21) on Tuesday, affirming the Cybersecurity and Infrastructure Security Agency's (CISA) central role in coordinating federal efforts to secure and protect the nation's 16 critical infrastructure sectors from cyber threats and natural disasters.
Analyst Comments: The updated PPD-21 solidifies CISA's statutory authority and highlights the evolving threat landscape posed by highly interconnected, digitized, and vulnerable critical infrastructure. By designating CISA as the "national coordinator for security and resilience," the directive emphasizes the importance of a centralized agency to manage cross-sector risks and drive down vulnerabilities. However, the lack of inclusion of new sectors, such as space and cloud computing, despite recommendations from experts and a congressionally-mandated CISA report, may draw criticism and raise questions about the comprehensiveness of the approach.
FROM THE MEDIA: The revised directive comes amidst heightened concerns about Chinese state-sponsored hackers targeting U.S. infrastructure, as exemplified by the Volt Typhoon campaign. Administration officials stress the need for resilience, particularly for sensitive assets and systems, as a cornerstone of homeland defense and security. CISA Director Jen Easterly noted that much of the work directed in the new memorandum is already underway, including the reestablishment of the Federal Senior Leadership Council and the designation of systemically important entities within critical infrastructure. The updated policy also directs the intelligence community to share information with critical infrastructure owners and operators, in line with the 2023 National Intelligence Strategy.
READ THE STORY: The Record
China's Rare Earth Dominance Faces Challenges As Global Supply Chain Shifts
Bottom Line Up Front (BLUF): China's rare earth industry is grappling with declining profits, oversupply, and increased competition as other nations strive to establish their own rare earth supply chains. Despite these challenges, China remains the world's top rare earth producer, controlling around 40% of global reserves.
Analyst Comments: The declining profitability of China's rare earth sector underscores the shifting dynamics in the global rare earth market. As other countries recognize the strategic importance of these critical minerals and invest in developing their own production capabilities, China's long-standing dominance faces mounting pressure. However, China's well-established infrastructure and processing capacities still give it a significant advantage over emerging competitors. The Chinese government's efforts to tighten regulations and control exports suggest a determination to maintain its market position, even as it grapples with internal challenges such as oversupply and price undercutting.
FROM THE MEDIA: China Rare Earth Resources and Technology, a key state-owned company, reported a 45.7% decline in net profit and a 5.4% drop in sales in 2023. Other Chinese rare earth manufacturers saw revenues decrease by 60-79%. The industry ministry acknowledged that rare earths are being "undersold" and "wasted" due to "vicious competition." Meanwhile, Australia's Lynas Rare Earths is tightening costs and prices to weather falling demand and prices, particularly for neodymium and praseodymium (NdPr). Lynas' CEO, Amanda Lacaze, emphasized the need for a "laser-like focus on our cost performance" while remaining optimistic about the long-term outlook, projecting an 81% increase in supply needed to meet demand by 2035.
READ THE STORY: Oil Price
Advanced Botnet-as-a-Service Exploits in China Target Western Companies
Bottom Line Up Front (BLUF): EPCYBER has identified a sophisticated botnet network operated as a service from China, known for circumventing the latest DDoS protection mechanisms from major providers like Cloudflare. This network uses multiple domains and over 20 active Telegram groups, signaling a significant cybersecurity threat to Western companies across various industries.
Analyst Comments: The discovery of this Chinese botnet network exemplifies the ongoing cybersecurity warfare where attackers continuously evolve to outpace current defensive measures. The ability of this network to bypass Cloudflare's advanced DDoS protections is particularly alarming, as it not only showcases the sophistication of the attackers but also exposes potential vulnerabilities within widely trusted cybersecurity defenses. This situation demands a reassessment of the defensive capabilities that companies rely on and underscores the importance of adaptive security strategies that can anticipate and counter such advanced threats.
FROM THE MEDIA: The botnet network's infrastructure, rooted deeply within China, leverages domestic communication channels to orchestrate attacks, highlighting the coordinated nature of this threat. Among the affected are prominent European companies, whose domain names are specifically targeted, risking data theft, service disruption, and loss of consumer trust. EPCYBER's reporting on this issue includes evidence of successful DDoS attacks that have overcome the most recent updates to Cloudflare’s DDoS rules, suggesting a critical need for ongoing enhancements in DDoS mitigation strategies and international cooperation in cyber defense initiatives.
READ THE STORY: EPCYBER // GBH
Escalating Cyber Conflicts: Russian Hackers Target Ukrainian Critical Infrastructure
Bottom Line Up Front (BLUF): Recent reports from Ukraine’s Computer Emergency Response Team (CERT-UA) highlight an alarming wave of cyberattacks by Russian hackers targeting critical infrastructure facilities across Ukraine, aimed at bolstering military operations through strategic disruption.
Analyst Comments: The recent cyberattacks underscore the persistent vulnerabilities within critical infrastructure sectors that can be exploited in geopolitical conflicts. By targeting utilities like energy, water, and heating, these cyber operations not only aim to directly disrupt these services but also to magnify the effects of physical military strikes. The use of supply chain compromises and third-party accesses as vectors for these attacks points to a sophisticated understanding of systemic weaknesses within infrastructure networks. This strategy of undermining critical systems reflects an evolution in cyber warfare tactics, moving beyond data theft and vandalism to actively influencing the outcome of military engagements.
FROM THE MEDIA: The attacks on Ukrainian infrastructure involved complex methodologies, including the exploitation of software supply chains and third-party maintenance accesses, to plant malicious software within operational networks. Two specific Linux backdoors, "Biasboat" and "Loadgrip," were utilized, evolving from the previously identified "Queueseed" malware, indicating a maturing cyber arsenal designed to perform stealthy, long-term espionage and disruption. These backdoors allow for extensive surveillance and control over compromised systems, reflecting a deep-seated capability for sabotage. Furthermore, Ukrainian authorities have observed the misuse of common cybersecurity tools and the deployment of sophisticated malware by Russian operatives, aimed at maintaining a foothold within critical networks and executing disruptive commands precisely.
READ THE STORY: CPO
GitHub Introduces New Updates to Enhance Supply Chain Security
Bottom Line Up Front (BLUF): GitHub has recently announced two significant updates aimed at bolstering software supply chain security: a public beta of Artifact Attestations for GitHub Actions and the ability to run Dependabot as a GitHub Actions workflow. These features are designed to help companies verify the origin of software components and streamline vulnerability monitoring.
Analyst Comments: The introduction of Artifact Attestations and the integration of Dependabot with GitHub Actions demonstrate GitHub's commitment to addressing the growing concerns surrounding software supply chain security. By providing developers with tools to create a verifiable paper trail for their software artifacts and simplifying the process of monitoring dependencies for vulnerabilities, GitHub is taking proactive steps to promote greater software integrity and transparency. These updates are particularly timely given the increasing reliance on open-source software and the need for robust security measures to protect against supply chain attacks.
FROM THE MEDIA: Artifact Attestations, currently in public beta, allows maintainers of open-source software to easily create attestations that include crucial information such as the associated workflow, repository, organization, environment, commit SHA, and triggering event. Powered by Sigstore, an open-source project for signing and verifying software artifacts, Artifact Attestations enable consumers to verify the origin and build process of the software they use. Setting up Artifact Attestations is a straightforward process, and consumers can easily download and extract the attestation documents for use in policy engines like OPA. In addition to Artifact Attestations, GitHub has announced that Dependabot can now be run as a GitHub Actions workflow, both on hosted and self-hosted runners. This change addresses user requests for improved performance, increased log visibility, and the ability to access on-premise resources. GitHub plans to migrate all of Dependabot's update jobs to GitHub Actions over the next year, leading to faster runs, enhanced troubleshooting capabilities, and other benefits.
READ THE STORY: SD Times
HPE Aruba Devices Vulnerable to Critical Remote Code Execution Flaws
Bottom Line Up Front (BLUF): HPE Aruba Networking has released security updates to address 10 vulnerabilities, including four critical flaws, in ArubaOS that could allow remote code execution on affected systems. The critical vulnerabilities are related to unauthenticated buffer overflow issues in various services accessed via the PAPI protocol.
Analyst Comments: The discovery of these critical vulnerabilities in HPE Aruba devices underscores the ongoing challenges in securing network infrastructure. The severity of the flaws, particularly those allowing for remote code execution, highlights the potential for significant disruption and compromise of affected systems. Organizations using HPE Aruba products should prioritize patching and implement recommended workarounds to mitigate the risk of exploitation. The disclosure also serves as a reminder of the importance of regular vulnerability assessments and timely patch management to maintain a robust security posture.
FROM THE MEDIA: The four critical vulnerabilities (CVE-2024-26304, CVE-2024-26305, CVE-2024-33511, and CVE-2024-33512) affect the L2/L3 Management Service, Utility Daemon, Automatic Reporting Service, and Local User Authentication Database, respectively. These flaws can be exploited by sending maliciously crafted packets to the PAPI UDP port (8211), enabling attackers to execute arbitrary code with high privileges on the underlying operating system. The vulnerabilities impact various ArubaOS and SD-WAN software versions, including those that have reached end-of-maintenance status. HPE Aruba credited security researcher Chancen with discovering and reporting seven of the 10 issues, including the four critical flaws. As a temporary workaround for ArubaOS 8.x, HPE recommends enabling the Enhanced PAPI Security feature using a non-default key.
READ THE STORY: THN
ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China
Bottom Line Up Front (BLUF): An analysis of indicators of compromise (IoCs) by threat hunting firm Censys suggests that a Chinese threat group may be behind the recently uncovered ArcaneDoor espionage campaign targeting Cisco firewalls. The campaign, which exploits two zero-day vulnerabilities in Cisco's Adaptive Security Appliance (ASA) platform, has targeted government networks worldwide.
Analyst Comments: The potential involvement of a Chinese state-sponsored threat actor in the ArcaneDoor campaign underscores the ongoing threat of cyberespionage targeting critical network infrastructure. The use of previously unknown zero-day vulnerabilities in widely-deployed Cisco firewalls highlights the sophistication of the attackers and their ability to exploit even well-secured systems. Organizations must remain vigilant and proactively monitor for indicators of compromise, as the attackers appear to be continuing their operations. Strengthening network defenses, regularly updating software, and implementing robust threat detection and response capabilities are crucial to mitigating the risk of such targeted attacks.
FROM THE MEDIA: Cisco's Talos threat intelligence unit first revealed the ArcaneDoor campaign in April 2024, attributing it to a group tracked as UAT4356 and Storm-1849. The attackers exploited two zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359) to implant custom malware, execute commands, and exfiltrate data from compromised Cisco ASA firewalls. While Talos provided limited attribution information, sources told Wired that the attacks aligned with China's interests. Censys researchers investigated the IoCs provided by Talos and discovered compelling evidence pointing to a China-based actor. Four of the five networks hosting systems with an attacker-linked SSL certificate are based in China, and half of the attacker-controlled IP addresses are still active, suggesting ongoing operations. Further analysis led to GitHub projects written in Chinese, including anti-censorship tools, potentially linking the attackers to China.
READ THE STORY: Security Week // PoC: CVE-2024-20353 and CVE-2024-20359
China Engaged in Open Hybrid Warfare Against the West, Exploiting Vulnerabilities
Bottom Line Up Front (BLUF): China, under the leadership of President Xi Jinping, is actively engaged in hybrid warfare against Western nations, exploiting vulnerabilities in liberal societies to undermine, defeat, and replace the West as the global norm-setter. The issue surrounding the Chinese-owned social media app TikTok is just one example of how Beijing weaponizes its interactions with the outside world to further its strategic goals.
Analyst Comments: The growing tensions between the U.S. and China, as evidenced by the recent talks between Secretary of State Antony Blinken and Chinese Foreign Minister Wang Yi, underscore the escalating nature of the conflict. China's hybrid warfare tactics, which include coercive diplomacy, proxy wars, political espionage, disinformation, data theft, and cyberattacks, pose a significant threat to Western security and interests. The West must recognize the gravity of the situation and take proactive measures to defend itself and its allies from China's aggressive actions. This requires a coordinated and comprehensive approach that addresses vulnerabilities across various domains, from technology and infrastructure to diplomacy and information warfare.
FROM THE MEDIA: The controversy surrounding TikTok highlights China's ability to exploit the data and influence of social media platforms to serve its state interests. Despite the app's popularity among young users worldwide, concerns about data privacy and the potential for Chinese state exploitation have led Western governments, including the U.S. and U.K., to ban its use on government devices. China's likely refusal to allow ByteDance to sell TikTok further suggests that Beijing values control over the platform's algorithms more than the company's prosperity. Other recent developments, such as the public disclosure of Chinese cyberattacks on British MPs and the U.K. government's review of cybersecurity in critical national infrastructure, demonstrate the increasing awareness of China's hostile actions. The U.S. has also warned of Chinese hackers penetrating its critical infrastructure, potentially preparing for a "devastating blow." These incidents underscore the urgent need for Western nations to enhance their defenses against China's hybrid warfare tactics.
READ THE STORY: Telegraph (UK)
Russian Hackers Target German Social Democratic Party Ahead of EU Election
Bottom Line Up Front (BLUF): The German government has accused Fancy Bear, a notorious Russian hacking group linked to the GRU military intelligence, of infiltrating the email accounts of Chancellor Olaf Scholz's Social Democratic Party (SPD). This breach, executed via a previously unknown Microsoft Outlook vulnerability, represents Moscow's ongoing efforts to influence European politics, particularly ahead of a critical EU election.
Analyst Comments: This recent cyberattack underscores the persistent cyber threats that European nations face from Russian state-sponsored actors, a pattern that has been consistent over the past decade. Fancy Bear, also known as APT28, has been involved in numerous cyber operations targeting Western political institutions, aiming to disrupt and influence political outcomes to favor Russian interests. The timing of this attack, amidst escalating geopolitical tensions and an upcoming EU election, highlights the strategic use of cyber espionage in achieving political objectives. Such incidents amplify concerns about the resilience of Western democracies in the face of sophisticated cyber and hybrid warfare tactics.
FROM THE MEDIA: According to reports, the German government has confirmed that Fancy Bear exploited a vulnerability in Microsoft Outlook in December 2022, leading to unauthorized access to the SPD's email accounts. The attack was publicly disclosed by the SPD in 2023. In response, Germany's Foreign Minister, Annalena Baerbock, emphasized the unacceptability of the breach and promised consequential actions. Additionally, similar cyber intrusions have been reported in the Czech Republic, with both nations condemning Russia's actions and seeking to bolster cybersecurity measures. The European Union and NATO have also expressed strong condemnation, reflecting the broader regional security concerns and the potential for coordinated responses to cyber threats.
READ THE STORY: Politico
Experts Warn of Risks Associated with Increasing Prevalence of Chinese EVs on Global Roads
Bottom Line Up Front (BLUF): Cybersecurity expert Cliff Steinhauer highlights the vulnerabilities in Chinese-made electric vehicles (EVs), suggesting that these vehicles could be exploited to conduct sabotage attacks, including hijacking car functions or using them as tools for espionage. This concern is compounded by China's status as the largest car exporter and the potential geopolitical implications.
Analyst Comments: The possibility that Chinese hackers could exploit vulnerabilities in EVs to control vehicle functions remotely is a stark reminder of the cybersecurity risks associated with increasingly interconnected technologies. Vehicles, much like other smart devices, are becoming extensions of the cyber domain, presenting new channels for state-sponsored cyber activities. The integration of these vehicles into Western markets could potentially open up new avenues for data theft, espionage, or even more direct forms of sabotage, such as disrupting vehicle operations. This scenario not only highlights the technical vulnerabilities but also underscores the broader geopolitical tensions between China and the West, where technology and security intersect.
FROM THE MEDIA: According to Cliff Steinhauer, vehicles today are essentially computers on wheels, equipped with Wi-Fi, internet access, and significant data storage capacities, making them potential targets for hacking. The research into these vulnerabilities aims to demonstrate possible attack methods, which can then be mitigated by manufacturers to enhance security. The U.S. Secretary of Commerce, Gina Raimondo, has also voiced concerns, likening EVs to "smartphones on wheels" and pointing out the national security risks if these vehicles were to be disabled remotely. This ongoing issue reflects a broader challenge as nations grapple with the dual-use nature of civilian technology that can be weaponized in geopolitical conflicts. As EVs become more prevalent, the need for rigorous cybersecurity measures and international cooperation on technology standards and regulations will become increasingly important to ensure public safety and security.
READ THE STORY: The Sun
Ongoing Cyber Espionage: APT42's Impersonation Tactics Expose Media and Think Tanks
Bottom Line Up Front (BLUF): APT42, an Iranian state-sponsored cyber espionage group, has been actively impersonating notable news outlets and think tanks such as The Washington Post, The Economist, and The Jerusalem Post. Their tactics, aimed at harvesting login credentials and spreading malware, have involved sophisticated social engineering and typosquatting to deceive targets primarily in the Western and Middle Eastern regions.
Analyst Comments: The activities of APT42 represent a persistent and sophisticated threat to global information security, highlighting the intricate methods employed by state-backed actors to gain strategic intelligence. By impersonating trusted media entities and research organizations, APT42 not only breaches security defenses but also undermines trust in legitimate communication channels. This tactic, coupled with the minimal digital footprint left by their operations, makes detection and mitigation particularly challenging for network defenders. Such campaigns underscore the critical importance of vigilant digital hygiene and the need for ongoing cybersecurity education and awareness among potential targets.
FROM THE MEDIA: APT42's strategy includes the creation of malicious websites that mimic the domains of reputable sources but contain subtle typos—a technique known as typosquatting. Victims who inadvertently visit these sites are redirected to counterfeit login pages designed to steal their credentials. Recent findings from Mandiant have exposed how APT42 has also masqueraded as individuals from prominent U.S. think tanks, including the Aspen Institute and the Washington Institute, using these disguises to facilitate the spread of malware and to extract sensitive information from targeted networks. The group's ability to adapt and maintain an array of personas across various fronts highlights their versatile and persistent nature in cyber espionage operations.
READ THE STORY: The Record
Items of interest
Chinese Automaker Dongfeng Unveils Copycat Version of Tesla Cybertruck at Beijing Auto Show
Bottom Line Up Front (BLUF): Chinese carmaker Dongfeng has unveiled its take on the Tesla Cybertruck at the 2024 Beijing Auto Show. The copycat pick-up truck draws inspiration from the original Cybertruck's design but features some notable differences, such as rounded edges and the absence of a stainless steel exterior.
Analyst Comments: The emergence of a Cybertruck copycat from a Chinese automaker like Dongfeng was somewhat expected, given China's history of producing look-alike vehicles inspired by popular Western models. While the Dongfeng EV appears to be a concept at this stage, the fact that it was showcased at a major event like the Beijing Auto Show suggests that the company may have serious intentions of bringing it to production. However, the claimed output of 1,305 BHP seems highly implausible and should be viewed with skepticism until verified through independent testing.
FROM THE MEDIA: The Dongfeng EV features design elements inspired by the Tesla Cybertruck, such as an LED light bar at the front, an illuminated logo, a rugged skid plate, aerodynamic wheel covers, suicide rear doors, power-retractable side steps, and mud-terrain tires. The vehicle even comes with a tent that extends out from the flatbed, similar to an accessory shown for the Cybertruck. Inside, the copycat truck sports a square-shaped steering wheel and dashboard-spanning displays. Dongfeng claims the EV is based on a skateboard platform with a maximum output of 1,305 BHP, which would make it even more powerful than the range-topping Tesla Cybertruck.
READ THE STORY: TEAM-BHP // CarScoops
China's Knockoff Tesla Cybertruck and Elon Musk (Video)
FROM THE MEDIA: Not only does China have a knock off Elon Musk, it also has a knockoff Tesla Cybertruck. Leaked documents marked "secret" by the US Defense Department show that China has created a supersonic spy drone unit. China is targeting UK politicians that have been outspoken against China. And Taiwan is arming itself with land-based harpoon missiles in preparation for an invasion by China. Watch this episode of China Uncensored for that and more of this week's China news headlines.
Chinese Automaker unveils Tesla Cybertruck knockoff (Video)
FROM THE MEDIA: One of China's major automakers has revealed a new all-electric 'concept' truck, resembling Tesla's iconic Cybertruck. Dubbed the '2024 Concept Pickup truck,' this model showcased at the Beijing auto show features a pop-out tent over a mattress in the truck bed, a heftier but more-rounded silver metal body, and a full-length rear LED for conveying messages to other drivers.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.