Daily Drop (821): | Scattered Spider | SBSP | TAG-100 | Datastream Group | WazirX | Forewarn | Operation Spincaster | APT41 | SolarWinds | HotPage | Outages | Cyber Strategy | Arctic Silk Road |
07-19-24
Friday, Jul 19 2024 // (IG): BB // ShadowNews // Coffee for Bob
*Started adding the Proof Of Concepts (PoC) if available for mentioned CVE’s :
A Proof of Concept (PoC) is a small exercise to test a certain hypothesis or demonstrate that a potential project can be viable. It's primarily used to verify that certain concepts or theories have the potential for real-world application. The purpose of a PoC is to showcase the feasibility, functionality, and potential of a concept before proceeding to the development of the full-scale project. *
The US Supreme Court Kneecapped US Cyber Strategy
Bottom Line Up Front (BLUF): The US Supreme Court's recent ruling has significantly limited the power of federal agencies to create regulations, disrupting the Biden administration's strategy for protecting critical infrastructure from cyber threats. This decision places the burden on Congress to develop and implement cybersecurity policies.
Analyst Comments: The Supreme Court's decision to restrict federal agencies' regulatory powers is a substantial setback for US cybersecurity strategy. Historically, these agencies have been pivotal in swiftly responding to emerging cyber threats. The reliance on Congress to fill this regulatory void could lead to slower policy development and implementation, potentially leaving critical infrastructure more vulnerable to cyberattacks. This ruling underscores the need for a balanced approach that empowers agencies while ensuring legislative oversight.
FROM THE MEDIA: In the wake of the Supreme Court's decision to limit the regulatory authority of federal agencies, the Biden administration faces a significant challenge in safeguarding America's critical infrastructure from cyber threats. This ruling disrupts the administration's reliance on existing laws to creatively implement cybersecurity measures without needing new legislation from a gridlocked Congress. The decision now places the onus on Congress to enact comprehensive cybersecurity policies, a move that could lead to delays and increased vulnerability to cyberattacks. The administration had previously utilized broad interpretations of existing laws to address cybersecurity issues, a tactic that may no longer be viable. Experts argue that without the ability to swiftly enact regulations, the US may struggle to respond to the dynamic and evolving nature of cyber threats. The decision could hamper efforts to protect vital infrastructure, including the energy grid, water supply, and healthcare systems, from sophisticated cyberattacks by nation-states and cybercriminals.
READ THE STORY: Wired
Global Cyber Outage Grounds Flights and Disrupts Businesses
Bottom Line Up Front (BLUF): A major technical outage linked to Crowdstrike and Microsoft disrupted operations across multiple industries worldwide, affecting airlines, media, banks, and telecommunications companies in regions including Australia, New Zealand, Europe, and the US. The issue caused widespread delays and system failures but is not suspected to be a cyberattack.
Analyst Comments: The scale and impact of this outage underscore the critical dependencies on cybersecurity firms like Crowdstrike and technology providers like Microsoft. Such incidents reveal vulnerabilities in interconnected global systems where a single point of failure can cascade across various sectors. This incident highlights the need for robust backup systems and diversified technology solutions to mitigate the risk of widespread disruptions. While not deemed a cyberattack, the outage raises questions about the resilience of critical infrastructure against both technical failures and malicious threats.
FROM THE MEDIA: A widespread technical outage disrupted operations in multiple industries on July 19, 2024, affecting airlines, media, banks, and telecommunications companies globally. The outage, linked to issues with cybersecurity firm Crowdstrike and Microsoft, caused significant delays and system failures. In Australia and New Zealand, major disruptions affected government, media, and telecommunications sectors. Commonwealth Bank experienced money transfer issues, and Qantas and Sydney Airport reported flight delays. The Victorian state police and several media companies also faced system disruptions. Telstra, a major telecom firm, cited global issues affecting Crowdstrike and Microsoft as the cause. The incident appears related to Crowdstrike's "Falcon Sensor" software causing crashes on Microsoft's Windows operating system, leading to blue screen errors. Both companies provided technical support and manual workarounds to rectify the issue. There is no indication that the outage resulted from a cybersecurity attack, according to Australia's National Cyber Security Coordinator.
READ THE STORY: Reuters
EU is Preparing for War with Russia and China in the Future
Bottom Line Up Front (BLUF): The European Commission, under President Ursula von der Leyen, is advancing plans for a "European Air Shield" and EU Cyber Defense systems to bolster the continent's military capabilities. These moves are seen as preparation for potential future conflicts with Russia and China, as well as a response to uncertainties in transatlantic relations.
Analyst Comments: The European Union's strategic pivot towards enhancing its military capabilities reflects growing concerns over geopolitical threats from Russia and China. The proposed defense systems indicate a significant shift in the EU's security posture, moving away from reliance on the US and NATO alone. This development is likely influenced by fears of reduced American support under a potential second Trump administration. The focus on creating a robust military-industrial complex underscores Europe's intention to assert its autonomy in defense matters and prepare for long-term strategic competition.
FROM THE MEDIA: The European Commission (EC) has unveiled plans for the "European Air Shield" and EU Cyber Defense systems as part of President Ursula von der Leyen's agenda for her second term. This initiative aims to create an integrated air and cyber defense framework in collaboration with NATO and EU member states. The EC emphasizes the need for Europe to develop a strong and capable defense infrastructure, particularly in light of perceived aggressive actions from Russia and potential future conflicts involving China. The establishment of a European military-industrial complex is seen as essential for maintaining security and global influence, especially as Europe anticipates possible changes in US foreign policy under a re-elected Trump administration. This strategic shift highlights Europe's commitment to investing in its own defense capabilities and reducing dependence on external allies.
READ THE STORY: News
APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K.
Bottom Line Up Front (BLUF): The Chinese state-sponsored group APT41 has launched a sustained cyber-espionage campaign targeting multiple sectors in Italy, Spain, Taiwan, Turkey, and the U.K. since 2023, compromising numerous networks and extracting sensitive data.
Analyst Comments: APT41's continued success in infiltrating diverse global sectors underscores the persistent and sophisticated nature of Chinese state-sponsored cyber threats. The group’s use of advanced tools like DUSTPAN and DUSTTRAP, along with leveraging legitimate services like Google Workspace for malicious activities, demonstrates their capability to adapt and evade detection. Organizations should bolster their defenses, particularly around data exfiltration techniques and code signing certificate security.
FROM THE MEDIA: APT41 has executed a prolonged cyber-espionage campaign since 2023, targeting organizations in sectors such as shipping, logistics, media, technology, and automotive across Italy, Spain, Taiwan, Turkey, and the U.K. The group's tactics include deploying web shells (ANTSWORD, BLUEBEAM), custom droppers (DUSTPAN, DUSTTRAP), and publicly available tools (SQLULDR2, PINEGROVE) to achieve persistence and exfiltrate data. The attack sequence typically begins with web shells to deploy the DUSTPAN dropper, which loads Cobalt Strike Beacon for command-and-control communications. Following lateral movement, the DUSTTRAP dropper decrypts and executes a payload in memory, establishing contact with attacker-controlled servers or compromised Google Workspace accounts to conceal activities.
READ THE STORY: THN
The Race for Space-Based Solar Power
Bottom Line Up Front (BLUF): The concept of space-based solar power (SBSP), once considered science fiction, is now closer to reality. Experts believe that beaming solar power from space to Earth could become a viable solution to combat climate change, despite the technical and financial challenges.
Analyst Comments: Space-based solar power holds significant potential as a renewable energy source, offering continuous energy generation unaffected by weather or daylight. However, the development of SBSP technology faces substantial hurdles, including the costs of space infrastructure, energy transmission efficiency, and ensuring safety. Advancements in these areas are crucial for SBSP to become a practical and scalable solution.
FROM THE MEDIA: Kat Friedrich of Ars Technica explores the advancements and challenges in space-based solar power (SBSP). While the idea of beaming solar power from space has long been a staple of science fiction, recent developments suggest it could soon become a reality. Experts from Space Solar, the European Space Agency, and the University of Glasgow are working on making SBSP a safe and cost-effective energy source. SBSP involves placing solar panels in space to collect sunlight and convert it into energy, which is then transmitted to Earth via microwaves or laser beams. This method could potentially deliver gigawatts of power, providing a constant energy supply unaffected by weather or time of day.
READ THE STORY: wired
Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
Bottom Line Up Front (BLUF): The cybercrime group Scattered Spider has expanded its operations by incorporating RansomHub and Qilin ransomware strains into its arsenal. This development signifies an increased threat level, as the group is known for sophisticated social engineering and persistent exploitation tactics.
Analyst Comments: Scattered Spider’s adoption of RansomHub and Qilin ransomware marks a significant escalation in their cyber capabilities. The group's history of targeting critical infrastructure with advanced tactics suggests a heightened risk for organizations. Enhanced vigilance and robust cybersecurity measures, including zero-trust architectures and stringent credential hygiene, are essential to mitigate these threats.
FROM THE MEDIA: Scattered Spider, a notorious cybercrime group, has integrated the RansomHub and Qilin ransomware strains into its attack toolkit, according to a recent report by Microsoft. Known for its sophisticated social engineering tactics and targeting of VMWare ESXi servers, the group has previously deployed BlackCat ransomware. The group, also identified by various cybersecurity monikers such as 0ktapus, Octo Tempest, and UNC3944, has recently seen one of its key members arrested in Spain. RansomHub, first detected in February 2024, is believed to be a rebrand of the Knight ransomware strain, as per an analysis by Symantec. It operates as a ransomware-as-a-service (RaaS), making it accessible to multiple threat actors, including those previously using BlackCat. Microsoft has observed RansomHub being used by groups such as Manatee Tempest (Evil Corp) and Mustard Tempest (Purple Vallhund), often in conjunction with FakeUpdates infections delivered via Raspberry Robin. This trend underscores the growing sophistication and collaboration among cybercriminal groups.
READ THE STORY: THN
New Hacker Group Uses Open-Source Tools to Spy on Entities in Asia-Pacific Region
Bottom Line Up Front (BLUF): A newly identified hacker group, TAG-100, is targeting high-profile government and private sector organizations in the Asia-Pacific region, using open-source remote access tools and exploiting internet-facing devices. Researchers suggest this activity aligns with historical Chinese state-sponsored cyber-espionage.
Analyst Comments: TAG-100’s use of open-source tools for cyber espionage highlights a strategic shift towards cost-effective, accessible methods for compromising targets. This tactic allows even lower-tier threat actors to conduct sophisticated operations. Organizations should enhance their cybersecurity posture by adopting advanced threat detection systems and regularly updating their security protocols.
FROM THE MEDIA: TAG-100 has been actively targeting government and private sector entities in the Asia-Pacific region since at least February 2024. The group’s activities were discovered by Recorded Future’s Insikt Group, which noted TAG-100’s alignment with patterns observed in Chinese state-sponsored cyber activities. The group's targets span multiple sectors, including intergovernmental organizations, religious groups, and political parties. The group employs open-source remote access tools like Pantegana and SparkRAT, written in the Go programming language, to infiltrate and control infected systems across different operating systems. Pantegana, while minimally reported in the wild, has been linked to previous Chinese state-sponsored activities. TAG-100’s use of widely available open-source tools underscores the broader trend of state-sponsored actors outsourcing cyber operations to less capable proxy groups.
READ THE STORY: The Record
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software
Bottom Line Up Front (BLUF): SolarWinds has patched 11 critical vulnerabilities in its Access Rights Manager (ARM) software, including several severe remote code execution flaws. These vulnerabilities, if exploited, could allow attackers to access sensitive information or execute arbitrary code with elevated privileges.
Analyst Comments: The swift action by SolarWinds to address these critical vulnerabilities in ARM highlights the ongoing importance of proactive cybersecurity measures and responsible vulnerability disclosure. Organizations using SolarWinds ARM should immediately apply the updates to mitigate the risk of exploitation, especially given SolarWinds' past incidents with major cyber attacks. This situation also underscores the need for continuous security monitoring and the importance of collaboration between security researchers and software vendors.
FROM THE MEDIA: SolarWinds released patches for 11 critical security flaws in its Access Rights Manager (ARM) software, with seven rated as Critical severity, carrying a CVSS score of 9.6 out of 10. The other four vulnerabilities are rated High severity with a CVSS score of 7.6. The most severe flaws include directory traversal, arbitrary file deletion, information disclosure, and remote code execution vulnerabilities. This update comes after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a high-severity path traversal flaw in SolarWinds Serv-U Path (CVE-2024-28995) to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation. SolarWinds previously faced a significant supply chain attack in 2020, attributed to Russian APT29 hackers, which compromised its Orion network management platform, affecting downstream customers in a high-profile cyber espionage campaign.
READ THE STORY: THN
TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks
Bottom Line Up Front (BLUF): TAG-100, a newly identified threat actor, is leveraging open-source tools and known vulnerabilities to conduct cyber espionage campaigns against global government and private sector organizations. The group has compromised entities in at least ten countries, utilizing tools like Go backdoors Pantegana and Spark RAT, and focusing on internet-facing devices to gain initial access.
Analyst Comments: The emergence of TAG-100 underscores the persistent threat posed by actors who exploit open-source tools and publicly known vulnerabilities. The group's use of widely available tools and techniques highlights the ongoing challenge of defending against lower-sophistication, high-impact cyber threats. TAG-100's ability to conduct widespread reconnaissance and exploitation activities across various sectors and geographies emphasizes the importance of robust security measures and vigilant monitoring of internet-facing devices.
FROM THE MEDIA: Recorded Future's Insikt Group reports that TAG-100, an unknown threat actor, is executing a cyber espionage campaign using open-source remote access tools. Active since February 2024, TAG-100 has targeted entities across Africa, Asia, North America, South America, and Oceania, including diplomatic and government organizations, as well as sectors such as semiconductors, non-profits, and religious institutions. TAG-100 exploits security flaws in internet-facing devices like Citrix NetScaler, F5 BIG-IP, Zimbra, Microsoft Exchange Server, SonicWall, Cisco ASA, Palo Alto Networks GlobalProtect, and Fortinet FortiGate. Notably, the group conducted significant reconnaissance activity targeting Palo Alto Networks GlobalProtect appliances shortly after a critical vulnerability's public disclosure.
READ THE STORY: THN
US Company's Geolocation Data Transaction Draws Intense Scrutiny in Germany
Bottom Line Up Front (BLUF): A U.S.-based data broker, Datastream Group, reportedly provided 3.6 billion individual geolocation data points from millions of Germans' smartphone apps, including national security officials, to a journalist via the German company Datarade. This transaction highlights significant privacy concerns and the ease of acquiring sensitive location data on the open market.
Analyst Comments: The incident underscores the vulnerabilities in data privacy regulations, even within the stringent framework of the EU. The ability to track and profile individuals, including national security personnel, poses significant risks. This event may prompt stricter enforcement of existing laws and potentially new regulations to safeguard personal data against such transactions.
FROM THE MEDIA: Datastream Group shared vast amounts of geolocation data with a journalist, which included data from millions of Germans, including national security officials, as reported by Bayerische Rundfunk (BR) and netzpolitik.org. This data transaction, facilitated by the German company Datarade, exposes the ease with which sensitive location data can be bought and sold. The data, offered as a sample for a monthly subscription, included detailed coordinates and timestamps, allowing the creation of movement profiles for tens of thousands of individuals, including officials from Germany’s foreign intelligence organization (BND) and other national security entities. This raises concerns about the effectiveness of the EU’s data privacy laws, which are designed to protect consumers from unauthorized sharing of location data. Datastream Group charges about $14,000 for monthly subscriptions, providing clients with a continuous stream of fresh location data from millions of smartphones globally. The ease of access to such data, obtained through advertising IDs used for targeted marketing, has significant implications for privacy and national security.
READ THE STORY: The Record
Novel Chinese Browser Injector Lets Hackers Intercept Web Traffic
Bottom Line Up Front (BLUF): Researchers from ESET have discovered the HotPage adware, which masquerades as an ad blocker while installing a malicious kernel driver on Windows systems. This malware can inject code into processes, intercept and tamper with browser traffic, and run arbitrary code with elevated permissions, posing significant security risks.
Analyst Comments: The HotPage adware demonstrates the evolving sophistication of malicious actors, who now exploit legitimate-looking applications to distribute harmful payloads. The use of a kernel driver signed by Microsoft highlights the necessity for stricter code-signing protocols and vigilance in monitoring software for potential misuse. Users should exercise caution when installing unknown applications and ensure their security software is up-to-date to detect and mitigate such threats.
FROM THE MEDIA: ESET researchers have uncovered an adware module called HotPage, which presents itself as an ad blocker while secretly offloading a kernel driver that grants attackers the ability to execute arbitrary code with elevated permissions on Windows hosts. The installer "HotPage.exe" deploys a driver capable of injecting code into remote processes and intercepting browser network traffic.
The malware's primary functions include modifying or replacing web page contents, redirecting users to different pages, and opening new tabs based on specific conditions. It also harvests and exfiltrates system information to a server linked to the Chinese company Hubei Dunwang Network Technology Co., Ltd.
READ THE STORY: THN
Indian Crypto Platform WazirX Confirms $230 Million Stolen During Cyberattack
Bottom Line Up Front (BLUF): At least $230 million worth of cryptocurrency was stolen from WazirX, a major Indian cryptocurrency platform, during a cyberattack. Initial investigations suggest North Korean hackers, possibly the Lazarus Group, are behind the theft.
Analyst Comments: The breach of WazirX highlights ongoing vulnerabilities in cryptocurrency platforms, despite increased security measures. The involvement of sophisticated hackers, potentially linked to North Korea, underscores the need for robust cybersecurity frameworks and international cooperation to address the persistent threat of state-sponsored cybercriminal activities.
FROM THE MEDIA: WazirX, a leading Indian cryptocurrency exchange, confirmed a cyberattack resulting in the theft of over $230 million worth of digital assets. The attack, which took place on Wednesday night, was detected by several blockchain security firms and researchers who observed the rapid outflow of millions in digital coins. WazirX quickly acknowledged the security breach and shut down all withdrawals to protect the remaining assets. The platform is actively investigating the incident and has blocked some deposits while attempting to recover the stolen funds. Despite efforts to safeguard customer assets, the attackers managed to breach security features. Blockchain security companies, including Elliptic, Arkham, and BlockSec, identified the stolen currencies, including ETH and various U.S. dollar-pegged stablecoins. The attackers have reportedly begun converting these tokens to Ether using decentralized services. Initial analyses attribute the attack to North Korean hackers, potentially linked to the notorious Lazarus Group.
READ THE STORY: The Record
SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks
Bottom Line Up Front (BLUF): Security researchers from Wiz have identified five critical vulnerabilities in SAP AI Core, potentially allowing unauthorized access to customer data, contamination of internal artifacts, and privilege escalation. These vulnerabilities have been patched by SAP as of May 15, 2024.
Analyst Comments: The discovery of the SAPwned vulnerabilities highlights the importance of rigorous security measures and tenant isolation in AI service platforms. As AI models are essentially code, organizations must ensure robust isolation mechanisms and avoid running untrusted models on critical infrastructure. This incident underscores the need for continuous monitoring and updating of security practices, especially in rapidly evolving technological environments like AI and cloud services.
FROM THE MEDIA: Security researchers have uncovered significant vulnerabilities in SAP AI Core, a cloud-based platform for creating and deploying AI workflows. The vulnerabilities, collectively named SAPwned by cloud security firm Wiz, could allow attackers to access customer data, contaminate internal artifacts, and gain cluster administrator privileges on SAP AI Core's Kubernetes cluster. These vulnerabilities arise from insufficient isolation and sandboxing mechanisms, allowing malicious AI models to execute without adequate safeguards. Specifically, the issues include obtaining unauthorized access to private artifacts and credentials, modifying Docker images, and exploiting misconfigurations in cloud environments such as AWS, Microsoft Azure, and SAP HANA Cloud. The flaws enable attackers to weaponize access by obtaining AWS tokens and accessing sensitive customer data, including models, datasets, and code. Additionally, attackers could manipulate AI data and inference models, posing a significant risk of supply chain attacks on SAP AI Core services.
READ THE STORY: THN
How a Little-Known Tool is Sweeping the Real Estate Industry by Giving Instant Access to Vast Amounts of Homebuyer Data
Bottom Line Up Front (BLUF): Forewarn, an app providing instant access to extensive homebuyer data, is rapidly becoming popular among real estate agents. While it offers significant advantages in safety and efficiency, it raises substantial privacy and ethical concerns.
Analyst Comments: Forewarn’s growth in the real estate market highlights the increasing reliance on data-driven tools for efficiency and safety. However, the app's ability to provide detailed personal and financial information with minimal verification poses risks of misuse and discrimination. Regulatory scrutiny and ethical guidelines will be essential to balance the benefits and protect consumer privacy.
FROM THE MEDIA: Forewarn, an app by data broker Red Violet, is gaining traction in the real estate industry for its ability to provide detailed data on prospective clients using just their phone numbers. Priced at around $20 per month, the app offers real estate agents access to extensive data, including criminal records, address history, vehicle and property records, bankruptcies, and liens. Susan Hicks, a Florida real estate professional, praised the app's capabilities, describing the amount of accessible information as mind-blowing. While agents like Hicks emphasize the app's safety benefits, Forewarn's data delivery also aids in the financial vetting of clients, saving time by identifying those likely to meet the financial requirements for property purchases. The app’s rapid adoption is evident, with numerous real estate associations and MLSs across the U.S. contracting with Forewarn. By May 2024, over 425 associations had adopted the tool. Despite its benefits, concerns about privacy and ethical use are mounting. Civil rights advocates and fair housing experts worry about potential misuse, discrimination, and the app's impact on privacy, especially since prospective clients are not notified when their data is accessed.
READ THE STORY: The Record
Crypto Experts, Law Enforcement Shut Down Network Stealing Billions Through ‘Approval Phishing’
Bottom Line Up Front (BLUF): Operation Spincaster, a collaborative effort between cryptocurrency experts and law enforcement agencies across six countries, successfully dismantled scam networks responsible for stealing over $1 billion through approval phishing scams.
Analyst Comments: The success of Operation Spincaster highlights the importance of international collaboration in combating cryptocurrency fraud. The operation's ability to identify and prevent further victimization through quick, coordinated actions showcases a promising strategy for tackling cybercrime. However, the persistence and evolution of such scams underscore the need for continuous vigilance and adaptation in cybersecurity measures.
FROM THE MEDIA: Cryptocurrency experts and law enforcement agencies from six countries collaborated to dismantle scam networks that stole over $1 billion through approval phishing scams. Operation Spincaster involved 17 crypto exchanges, including Binance and NDEX, and 12 public sector agencies. The operation began in Canada with the Calgary Police Service and Chainalysis identifying over 770 victims, including 119 Canadians, who lost a combined $59 million. Chainalysis reported $2.7 billion in losses from approval phishing scams since 2021. The coordinated sprints from April to June 2024 involved training officers to identify compromised wallets and trace stolen funds. Over 7,000 leads related to $162 million in losses were disseminated, leading to account closures, fund seizures, and intelligence building to prevent future scams.
READ THE STORY: The Record
Items of interest
Russian National Jailed for Smuggling US Military Tech to Russia
Bottom Line Up Front (BLUF): A Russian businessman, Maxim Marchenko, has been sentenced to three years in prison for orchestrating an international smuggling scheme that funneled U.S. military-grade microelectronics to Russia through Hong Kong.
Analyst Comments: Marchenko's sentencing highlights the ongoing risks of dual-use technology being illicitly acquired and diverted to foreign military applications. His network of shell companies successfully masked the true destination of the sensitive technology, a tactic increasingly used in global smuggling operations. The coordinated efforts by U.S. law enforcement and international agencies underscore the critical need for stringent export controls and vigilant monitoring to prevent such breaches.
FROM THE MEDIA: Maxim Marchenko, a 52-year-old Russian national based in Hong Kong, has been sentenced to three years in prison for his role in smuggling U.S.-made military-grade microelectronics to Russia. Marchenko operated a network of shell companies to disguise the final destination of OLED micro-displays, which are used in advanced military equipment such as night vision goggles and rifle scopes. The scheme, running from May 2022 to August 2023, saw over $1.6 million worth of technology funneled through his companies, including Alice Components, Neway Technologies Limited, and RG Solutions Limited. This case was investigated by the FBI, Commerce Department’s Bureau of Industry and Security, and the State Department’s Diplomatic Security Service, with prosecution led by the Southern District of New York. This operation forms part of broader efforts to counter Russia’s attempts to acquire sensitive technologies amid ongoing geopolitical tensions .
READ THE STORY: HackRead // DoJ
Russia and China seek a trade advantage in the Arctic (Video)
FROM THE MEDIA: As Arctic ice melts and the Northeast Passage becomes accessible, Russia and China could establish an Arctic Silk Road. Will this provide a new alternative to the Indian Ocean and Red Sea?
How China Is Trying to Rewire Its Faltering Economy (Video)
FROM THE MEDIA: Xi Jinping has a plan to fix his country’s faltering economy and offset the pain caused by the property crisis. The goal is to move up the value chain. Out with dirty, low-end manufacturing and in with new industries like solar and electric vehicles. The problem, however, is Chinese consumers aren’t spending. Also, Beijing faces a tense trade and geopolitical landscape with the US and Europe.
The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.