Daily Drop (791): CNVD vs CVE | Cosmos 2576: Space Weapon | CN National Arrested for Botnet | Mexico's Cybersecurity Policy Under AMLO | DPRK 'Moonstone Sleet' Attacks | Russia IO Struggles

05-30-24

May 30, 2024

Sunday, May 30 2024 // (IG): BB // ShadowNews // Coffee for Bob

*Started adding the Proof Of Concepts (PoC) if available for mentioned CVE’s :

A Proof of Concept (PoC) is a small exercise to test a certain hypothesis or demonstrate that a potential project can be viable. It's primarily used to verify that certain concepts or theories have the potential for real-world application. The purpose of a PoC is to showcase the feasibility, functionality, and potential of a concept before proceeding to the development of the full-scale project. *

Cosmos 2576: U.S. Accuses Russia of Launching Potential Space Weapon

Bottom Line Up Front (BLUF): The U.S. has accused Russia of launching a satellite, Cosmos 2576, which could function as a counterspace weapon. This satellite, placed in close proximity to a U.S. military satellite, raises concerns over potential threats to American space assets.

Analyst Comments: The deployment of Cosmos 2576 reflects the escalating militarization of space, a domain increasingly critical for national security. While Russia claims such satellites are for inspection purposes, the proximity to U.S. satellites suggests potential for offensive capabilities. This situation underscores the strategic competition between major powers in space and highlights the need for robust international regulations to prevent the weaponization of space.

FROM THE MEDIA: Russia's recent launch of the Cosmos 2576 satellite has sparked allegations from the U.S. that it may be a counterspace weapon. Launched on May 16, the satellite has been positioned on the same orbital plane as a U.S. spy satellite, causing concerns about its true purpose. The U.S. believes the Russian satellite could potentially damage or disrupt American satellites, an assertion based on its behavior and proximity. Pentagon officials and U.S. Ambassador Robert Wood have indicated that this move is consistent with Russia's previous launches in 2019 and 2022, which displayed similar characteristics. Russian officials have dismissed the U.S. allegations as fake news, asserting their opposition to the placement of attack weapons in space. Despite these denials, the incident has reignited discussions about the potential for satellites to be used as weapons in space.

READ THE STORY: NPR

North Korea’s ‘Moonstone Sleet’ Using Fake Tank Game, Custom Ransomware in Attacks

Bottom Line Up Front (BLUF): A new North Korean hacking group, "Moonstone Sleet," is targeting software companies and defense firms with custom ransomware and elaborate scams. Their tactics include deploying a ransomware variant called "FakePenny" and using a fake tank game to distribute malware.

Analyst Comments: Moonstone Sleet's activities signify an advanced and multifaceted approach to cyber operations, blending financial motives with traditional intelligence-gathering. The group's deployment of custom ransomware, particularly the "FakePenny" variant, and their use of sophisticated social engineering techniques, such as creating fake games and companies, highlight the increasing complexity of North Korean cyber operations. This evolution suggests a well-resourced and adaptable threat that poses significant risks to both private and public sector organizations, particularly in critical sectors like defense and technology.

FROM THE MEDIA: North Korean hacking group Moonstone Sleet is using new tactics to target the IT, education, and defense sectors, according to Microsoft. The group, observed since February, has deployed a ransomware variant called "FakePenny" and engaged in elaborate scams involving fake tank games and fictitious companies to lure victims. In April, Moonstone Sleet used FakePenny against a company they had previously compromised in February. The ransomware deployment, aimed at financial gain, demanded a $6.6 million ransom. Similar incidents have been reported involving companies in drone technology and aircraft parts.

READ THE STORY: The Record

Chinese National Arrested for Operating World's Largest Botnet

Bottom Line Up Front (BLUF): Mexico's cybersecurity policy has seen minimal progress under President Andrés Manuel López Obrador (AMLO), primarily due to a lack of political prioritization. The country faces significant cybersecurity challenges, and without renewed interest from the next president, who takes office in October 2024, the prospects for reform and improvement remain bleak.

Analyst Comments: The stagnation of Mexico's cybersecurity policy under AMLO highlights the critical need for political will and leadership in addressing cyber threats. The 2017 National Cybersecurity Strategy (ENCS) laid a foundation, but its implementation has been insufficient amidst rising cybercrime. The incoming administration must prioritize cybersecurity by enhancing institutional coordination, investing in education and skills, and fostering a cybersecurity culture. Moreover, leveraging international partnerships, particularly with the United States, will be crucial for capacity building and addressing shared security challenges.

FROM THE MEDIA: Mexico's cyber policy progress has significantly stalled during AMLO's presidency. The 2017 National Cybersecurity Strategy (ENCS) was a promising start, but without AMLO's support, its implementation has lagged. The ENCS focused on five strategic priority areas, including public safety and national security, and highlighted the importance of protecting human rights and managing risks. Under AMLO, cybersecurity initiatives suffered due to budget cuts and a lack of high-level coordination. Corruption and misuse of spyware have further complicated the cyber landscape. The 2022 Guacamaya hack, which leaked sensitive military documents, underscored Mexico's vulnerabilities.

READ THE STORY: The Register // Aljazeera // CNBC

Mexico’s National Cybersecurity Policy: Progress Has Stalled Under AMLO

READ THE STORY: Carnegie

Russian Influence Operation Struggles to Impact European Elections and Ukraine Policy

Bottom Line Up Front (BLUF): Meta's latest threat report reveals that the Russian-linked influence operation, known as Doppelganger, continues its efforts to sway European elections and undermine Western support for Ukraine. Despite being prolific, the operation has seen limited success, largely due to high detection rates and the need to adapt tactics constantly.

Analyst Comments: The persistent yet largely ineffective efforts of the Doppelganger operation underscore the evolving landscape of cyber influence campaigns. Despite Russia's substantial investment in these operations, the increased vigilance and improved defenses by social media platforms and governments have significantly diminished their impact. Meta's proactive measures, including blocking spoofed domains and sharing threat indicators, highlight the importance of continued international cooperation and technological advancement in countering such threats. The upcoming European Union elections remain a critical target, and efforts to fortify election integrity and public awareness are essential in mitigating the influence of foreign interference.

FROM THE MEDIA: An influence campaign linked to Russian government contractors, known as Doppelganger, continues to target European elections and Western support for Ukraine with limited success, according to Meta's quarterly threat report. The group, one of the most prolific in history, has shifted tactics to avoid detection, moving away from impersonating government and media websites to using less effective redirect links. Meta researchers noted that Doppelganger's operations have been characterized by a high detection rate and significant resource expenditure. Despite these efforts, the group's ability to build authentic social media audiences has been minimal. Meta's head of threat investigations, Mike Dvilyanski, highlighted that the campaign's crude tactics and the platform's defensive measures have degraded its overall quality.

READ THE STORY: Cyberscoop

Striking a Balance: China’s AI Ambitions and the Quest for Safety

Bottom Line Up Front (BLUF): The U.S. and China held their first official bilateral dialogue on AI, highlighting the tension between China's rapid AI development and international safety concerns. While China has taken steps to regulate AI domestically, the U.S. remains wary of potential misuse and continues to impose export controls on advanced technology.

Analyst Comments: The Geneva meeting underscores the complex dynamics between AI advancement and safety regulations. Historically, China's top-down approach to technological innovation has driven rapid progress, but this same approach raises concerns about the ethical and safe deployment of AI technologies. The ongoing dialogue between China and the U.S. may pave the way for a more balanced approach, though geopolitical tensions could hinder substantial cooperation.

FROM THE MEDIA: In a significant development, Chinese and U.S. envoys met in Geneva for the first bilateral dialogue on artificial intelligence, following the November 2023 Woodside Summit. The closed-door talks revealed Beijing's frustration over U.S. export controls on advanced chips, which are crucial for AI development, while the U.S. emphasized the need for safety measures to prevent AI misuse. China has taken notable steps domestically, such as regulating deepfakes and harmful algorithms since 2018, and establishing an AI safety governance committee last year. Major tech hubs like Beijing have also called for safety benchmarks. Internationally, China co-signed the "Bletchley Declaration" to strengthen AI risk cooperation and launched its "Global AI Governance Initiative" to promote secure and equitable AI technologies.

READ THE STORY: The Diplomat

Russia-Linked CopyCop Uses LLMs to Weaponize Influence Content at Scale

Bottom Line Up Front (BLUF): CopyCop represents a significant evolution in the use of generative AI for malign influence operations. By leveraging large language models to plagiarize and modify content from legitimate media sources, CopyCop tailors messages to specific audiences, promoting narratives favorable to Russian interests. The sophisticated use of AI, combined with human-produced content, enhances the operation's ability to engage and manipulate public sentiment effectively. This development poses a formidable challenge to election integrity and highlights the need for heightened vigilance and advanced countermeasures from public-sector organizations and media outlets.

Analyst Comments: The CopyCop influence operation, suspected to be operated from Russia and aligned with the Russian government, extensively uses generative AI to create and disseminate politically biased content. This network targets audiences in the US, UK, and France with tailored narratives that support Russian perspectives on international issues and influence domestic political landscapes.

FROM THE MEDIA:In early March 2024, Insikt Group identified the CopyCop network leveraging generative AI to plagiarize and edit content from legitimate media sources to push specific political biases. This network, likely aligned with the Russian government, has targeted audiences in the US, UK, and France with content critical of Western policies and supportive of Russian viewpoints on issues like the Ukraine conflict and Israel-Hamas tensions.CopyCop employs large language models for prompt engineering, tailoring content to resonate with targeted audiences. This content includes divisive narratives about Russia's actions in Ukraine, critiques of Israeli operations in Gaza, and political messages aimed at influencing US elections by supporting Republican candidates and criticizing the Biden administration.

READ THE STORY: Recorded Future

Man Behind Deepfake Biden Robocall Indicted on Felony Charges, Faces $6M Fine

Bottom Line Up Front (BLUF): Steven Kramer, a political consultant from New Orleans, has been indicted on felony voter suppression charges and faces a $6 million FCC fine for using AI-generated deepfake technology to impersonate President Biden in a robocall aimed at discouraging voting in the New Hampshire Democratic primary.

Analyst Comments: This case marks a significant precedent in the intersection of AI technology and election interference. The use of deepfakes for political manipulation underscores the growing need for robust regulations and technological safeguards. Historically, electoral fraud has relied on more rudimentary tactics, but the advent of sophisticated AI tools like voice cloning presents new challenges for election security. The FCC's hefty fine and the multiple felony charges signal a strong deterrent message against future misuse of AI in the political arena.

FROM THE MEDIA: Steven Kramer, 54, has been indicted on 13 felony counts of voter suppression and 13 misdemeanor counts of impersonating a candidate. He faces a $6 million fine from the FCC for employing deepfake technology to create a robocall that impersonated President Biden, urging voters not to participate in the New Hampshire Democratic primary. Kramer admitted to paying $150 to a "magician" for the AI-generated voice and hiring a telemarketing firm to distribute the call to over 5,000 voters. The robocall falsely claimed to be from the treasurer of a political committee and was intended to reduce voter turnout, thereby benefiting House Rep Dean Phillips (D-MN) over President Biden. The New Hampshire Attorney General's office and the FCC initiated investigations in January, resulting in Kramer's indictment. The FCC also proposed a $2 million penalty against Lingo Telecom for improperly labeling the calls to evade detection.

READ THE STORY: The Register

DOJ Uses Civil War-Era Law to Enforce Corporate Cybersecurity

Bottom Line Up Front (BLUF): The Department of Justice (DOJ) is leveraging the False Claims Act, a law from the Civil War era, to enforce corporate cybersecurity. This initiative targets companies that mislead the government about their cybersecurity practices, aiming to hold them accountable and improve overall cybersecurity standards.

Analyst Comments: The DOJ's use of the False Claims Act in its Civil Cyber-Fraud Initiative represents a significant shift towards stricter enforcement of cybersecurity standards among federal contractors. By holding companies accountable for misrepresenting their cybersecurity measures, the DOJ aims to drive better compliance and enhance protection against cyber threats. This approach aligns with the Biden administration’s broader strategy to shift the cybersecurity burden from consumers to vendors. The success of this initiative could set a precedent for future regulatory measures and signal to companies the critical importance of maintaining robust cybersecurity practices.

FROM THE MEDIA: Amid rising cyberattacks, the DOJ is using the False Claims Act to penalize contractors who mislead the government about their cybersecurity defenses. This initiative, part of the Civil Cyber-Fraud Initiative launched in October 2021, aligns with President Joe Biden's National Cybersecurity Strategy to hold companies to higher cybersecurity standards. Since early 2022, the DOJ has settled five cyber-fraud cases, involving companies from various sectors, including health services, aerospace, telecom, and web hosting. These settlements highlight instances where companies falsely claimed to meet cybersecurity requirements, causing material harm to government agencies.

READ THE STORY: The Record

Nvidia Faces Local Competition for its 'China Special' GPUs

Bottom Line Up Front (BLUF): Nvidia has reduced the price of its GPUs tailored for the Chinese market due to competition from Huawei's domestically manufactured AI hardware. This move highlights Nvidia's struggles to maintain its market share in China amidst U.S. export restrictions and local advancements.

Analyst Comments: Nvidia's situation exemplifies the challenges U.S. tech companies face under geopolitical pressures and restrictive trade policies. Historically, Nvidia has relied heavily on the Chinese market, contributing significantly to its revenue. However, the rise of capable local competitors like Huawei, combined with stringent export controls, threatens to diminish Nvidia's market dominance. This scenario underscores the broader trend of technological decoupling and the strategic efforts of Chinese companies to achieve self-sufficiency in key tech sectors.

FROM THE MEDIA: Nvidia has slashed prices for its H20, L20, and L2 GPUs, specifically designed for China, in response to competitive pressure from Huawei. Huawei's Ascend 910B, a high-performance AI accelerator produced by SMIC using 7nm technology, rivals Nvidia's A100 GPU. The Ascend 910B's competitive pricing and performance have driven some Chinese customers away from Nvidia's reduced-spec products.

Nvidia's revenue from China, which historically constituted 20-25%, has now dropped to around 17%. The company faces challenges due to U.S. export restrictions limiting the performance of GPUs that can be sold to China. Meanwhile, Samsung has denied reports of issues with its HBM3 chips, which are crucial for Nvidia's products, although concerns about supply shortages persist.

READ THE STORY: The Register

Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data

Bottom Line Up Front (BLUF): A critical security flaw in Replicate AI's service could have allowed unauthorized access to proprietary AI models and sensitive information, potentially impacting the accuracy and security of AI-driven outputs. The vulnerability has been addressed with no evidence of exploitation.

Analyst Comments: This incident highlights the vulnerabilities inherent in AI-as-a-service platforms. The exploitation method, leveraging an open-source containerization tool, underscores the risks of deploying AI models from untrusted sources. Historically, the rapid adoption of AI technologies has often outpaced the implementation of robust security measures. The proactive disclosure and remediation by Replicate AI demonstrate the importance of vigilant cybersecurity practices in mitigating potential threats to AI infrastructures.

FROM THE MEDIA: Cybersecurity researchers at Wiz discovered a significant flaw in Replicate, an AI-as-a-service provider, allowing unauthorized access to AI models and sensitive data. The vulnerability, linked to the use of an open-source tool called Cog for packaging AI models, enabled remote code execution and potential cross-tenant attacks.

By uploading a malicious Cog container, researchers achieved elevated privileges within Replicate’s infrastructure, exploiting a Redis server in a Kubernetes cluster to inject arbitrary commands. This could compromise AI model integrity and expose proprietary and sensitive data, including personally identifiable information (PII).

READ THE STORY: THN

China Wary of SpaceX's Starlink Service During Taiwan Contingency

Bottom Line Up Front (BLUF): China has analyzed SpaceX's Starlink satellite internet service, expressing concerns over its intelligence-gathering and reconnaissance capabilities, particularly in a Taiwan contingency scenario. Chinese military researchers highlight the system's extensive coverage and operational effectiveness, as demonstrated in Ukraine. Beijing is responding by bolstering its own space and cyber capabilities and exploring countermeasures against Starlink.

Analyst Comments: TChina's apprehensions about Starlink reflect the strategic significance of satellite internet in modern military operations. The analysis underscores the potential threat Starlink poses to Chinese military activities in the Taiwan Strait, where the service's ability to provide high-speed, low-latency communication could enhance U.S. and allied reconnaissance and intelligence capabilities. China's response, which includes developing its own satellite systems and enhancing cyber defenses, indicates a broader strategy to mitigate perceived technological disadvantages and maintain strategic parity in potential conflict zones.

FROM THE MEDIA: Chinese military researchers have conducted an in-depth analysis of SpaceX's Starlink satellite internet service, focusing on its applications in Taiwan and surrounding areas. Their report highlights Starlink's extensive coverage, which includes over 90 percent of mainland China, Taiwan, and nearby waters, with minimal non-coverage periods. This capability poses a significant challenge to China, as demonstrated by Starlink's effective use in Ukraine. The report, titled "Analysis of influence of Starlink constellation on China's territory and its surrounding space domain," suggests that the Starlink service could support U.S. military operations, necessitating close attention from Chinese regional operations. Notably, President Xi Jinping has directed the Chinese military to enhance its outer space and cyber defense systems, creating a new unit called the Information Support Force for coordinated network information system development.

READ THE STORY: Kyodonews

Germany's Cyber Ambassador on the Response to Russia: 'All of This Takes Time'

Bottom Line Up Front (BLUF): Germany's cyber ambassador, Regine Grienberger, has indicated that Berlin is preparing to leverage the "European cyber diplomacy toolbox" in response to a 2023 cyberattack on the Social Democrat Party, attributed to Russian state-backed hackers. Sanctions and other diplomatic measures are being considered, although these actions require substantial evidence and international coordination.

Analyst Comments: Germany's methodical approach to attributing and responding to cyberattacks underscores the complexities of cyber diplomacy. The need for concrete evidence and the sharing of classified information before enacting sanctions demonstrates the cautious and legalistic nature of international cyber response mechanisms. Grienberger's comments reflect a broader strategy to uphold cyber norms and signal to the international community, particularly through the United Nations, that cyber aggression will not go unchecked. The increasing frequency of cyberattacks from Russian state actors and affiliated cybercriminals emphasizes the urgency for robust defensive and retaliatory measures.

FROM THE MEDIA: Regine Grienberger, Germany's cyber ambassador, addressed the 2023 breach of the Social Democrat Party attributed to APT28, also known as Fancy Bear, linked to Russia's GRU. Speaking at the CyCon conference in Estonia, Grienberger outlined Germany's preparedness to use the European cyber diplomacy toolbox, which includes sanctions, to respond to the attack. She emphasized the need for extensive proof and the sharing of classified information, a process that takes considerable time. Germany's foreign minister has assured that Russia will face consequences for the attack, summoning its ambassador for a formal explanation and rejecting Russia's denials of involvement. The hack is viewed as an attempt to destabilize democratic processes ahead of the European parliamentary election in June.

READ THE STORY: The Record

China Invests $47.5 Billion to Boost Semiconductor Industry Amid US Restrictions

Bottom Line Up Front (BLUF): China has announced the creation of its largest-ever semiconductor state investment fund worth $47.5 billion, as it aims to strengthen its position as a global technology leader. This move comes in response to stringent US export restrictions on advanced chips and chip-making technology to China.

Analyst Comments: China's significant investment in its semiconductor industry underscores its strategic priority to achieve technological self-reliance and counteract the effects of US-led export controls. The establishment of the $47.5 billion fund is part of China's broader "Made in China 2025" initiative, which aims to elevate the country to a leading position in various advanced technology sectors, including artificial intelligence, 5G, and quantum computing. While this investment may accelerate China's semiconductor capabilities, challenges such as corruption within the industry and ongoing international restrictions could impede its progress. However, the initiative demonstrates China's commitment to overcoming these hurdles and reducing its dependency on foreign technology.

FROM THE MEDIA: China has launched its largest-ever semiconductor state investment fund, valued at $47.5 billion, as part of its strategy to become a dominant player in advanced technologies. The fund, supported by major state-owned banks like ICBC and China Construction Bank, is aimed at boosting the country's chip manufacturing, design, equipment, and materials sectors. This new investment vehicle is the third phase of the China Integrated Circuit Industry Investment Fund, also known as the “Big Fund.” The first two phases were established in 2014 and 2019, with funds of $19.2 billion and $28.2 billion, respectively. The fund's launch comes amid increasing US restrictions on Chinese access to advanced chips and chip-making technology. In response to these restrictions, China has focused on enhancing its domestic capabilities to ensure technological self-reliance.

READ THE STORY: CNN

i-SOON: “Significant Superpower” or Just Getting the Job Done?

Bottom Line Up Front (BLUF): The recent leak of documents from the Chinese IT company i-SOON reveals its operations and business strategies, focusing on practical skills over formal education, but struggling with low pay and high employee turnover.

Analyst Comments: This case highlights the complexity of China's cybersecurity landscape, where smaller firms like i-SOON play crucial roles despite challenges from larger, state-associated companies. The emphasis on practical skills over degrees shows a pragmatic approach, but also underscores systemic issues in talent retention and resource competition.

FROM THE MEDIA: i-SOON, despite low employee pay and high turnover, focuses on practical "attack and defense" skills, often recruiting from lesser-known institutions. Their business processes involve extensive collaboration and profit-sharing with larger firms, adapting to the competitive cybersecurity market in China. They face challenges in maintaining access to high-value targets, indicating the limitations of their capabilities. The leaks suggest i-SOON's involvement in state-directed cyber activities, though their independent impact is constrained by these operational challenges.

READ THE STORY: Natto Thoughts

Items of interest

China's Expansive System for Collecting Software Vulnerabilities: Implications for Cyber Operations

Bottom Line Up Front (BLUF): China has developed a comprehensive and multi-faceted system for collecting software vulnerabilities from industry, academia, and private sector partnerships. This system, which includes multiple databases and mandatory reporting requirements, provides China with a significant advantage in accessing a wide range of vulnerabilities. Mounting evidence suggests that China's intelligence agencies are exploiting this pipeline to stockpile vulnerabilities for offensive cyber operations, posing a serious challenge to the United States and other countries that rely on voluntary disclosure models.

Analyst Comments: China's approach to vulnerability collection highlights its sophisticated strategy for enhancing offensive cyber capabilities. By leveraging a combination of mandatory disclosure requirements, private sector incentives, and the integration of academic research, China has established a formidable infrastructure for amassing software vulnerabilities. This system allows China to tap into a vast pool of vulnerability research conducted by companies, universities, and individual researchers, providing a steady flow of new exploits for potential use in cyber operations.

FROM THE MEDIA:

China's vulnerability collection system is composed of several key components:

China National Vulnerability Database (CNVD): Operated by CNCERT/CC, the CNVD is a central repository for vulnerabilities collected through voluntary reporting, partner databases, and mandatory reports from the MIIT's new database. CNVD shares vulnerability data with "technology collaboration organizations," including the MSS 13th Bureau, PLA contractors, and universities with ties to PLA hacking activities.
China National Vulnerability Database of Information Security (CNNVD): Managed by the MSS 13th Bureau , CNNVD imposes strict requirements on its 151 private sector partners, requiring them to provide a minimum of 1,955 vulnerabilities annually, including at least 141 critical severity vulnerabilities. This arrangement likely enables the MSS to stockpile vulnerabilities for later use in offensive operations.
MIIT's Cybersecurity Threat and Vulnerability Information Sharing Platform: In 2021, China introduced the Regulations on the Management of Network Product Security Vulnerabilities (RMSV), mandating that companies disclose discovered vulnerabilities to the MIIT within 48 hours. This platform includes the Network Vulnerability Database (NVDB) and several downstream databases. At least 48 companies participating in this system also contribute to the MSS-run CNNVD, highlighting the interconnectedness of China's vulnerability collection ecosystem.

China's system allows its intelligence agencies to quickly identify and exploit new vulnerabilities before they are widely known or patched. This approach contrasts sharply with the U.S. voluntary disclosure system, which promotes transparency and collaboration but lacks centralized control and comprehensive coverage.

READ THE STORY: Atlantic Council // CyberScoop // BankInfoSec

Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure (Video)

FROM THE MEDIA: The US is still lagging behind China in terms of vulnerability discovery and disclosure. While the gap between the US National Vulnerability Database (NVD) and the Chinese NVD (CNNVD) has slightly shrunk over the last 5 years, there are still hundreds of vulnerabilities registered in China that are yet to be listed on the US NVD. The CNNVD is a known subsidiary of the Chinese Ministry of State Security’s Technical Bureau, which drives Chinese cyber espionage, and has a history of altering CVE disclosure dates and providing APT groups with exploits.

China’s Approach to Software Vulnerabilities Reporting (Video)

FROM THE MEDIA: In July 2021, the Chinese government published its “Regulations on the Management of Network Product Security Vulnerabilities.” These rules require researchers to inform the government of all flaws in code within 48 hours of their discovery, effectively supporting efforts to stockpile software vulnerabilities, which can then be used for offensive cyber operations.Lawfare Fellow in Technology Policy and Law Eugenia Lostri sat down with two guests who recently authored a report on how China manages software vulnerabilities.

These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.

Bob’s Newsletter

Discussion about this post