Daily Drop (830): | Stargazer Goblin | Foreign Interference | CN: Cars | French Telecom | SideWinder | OneDrive Pastejacking | hdr0 | ESX Admins | India Economy | Proofpoint | CN’s Deep-Sea Mining |
07-30-24
Tuesday, Jul 30 2024 // (IG): BB // ShadowNews // Coffee for Bob
Measures of Effectiveness (MoE):
MoEs are used to assess how well a system or operation achieves its intended goals. They are qualitative or quantitative metrics that reflect the success of achieving desired outcomes. For example, in a cybersecurity context, an MoE could be the reduction in successful cyber-attacks after implementing new security protocols.
Results: We are seeing an uptick in “163.com”, “189.com” and “QQ” subscribers.
French Telecom Infrastructure Sabotaged During Olympics
Bottom Line Up Front (BLUF): Multiple French telecommunication providers experienced significant disruptions due to overnight sabotage of fiber optic networks. The incidents, which occurred in six areas but excluded Paris, caused fixed and mobile service outages, highlighting vulnerabilities in critical infrastructure during major international events like the ongoing Olympic Games.
Analyst Comments: The recent attacks on French telecom infrastructure during the Olympics underscore the persistent threat of sabotage to critical national systems. The precision and coordination required for such acts suggest involvement by highly equipped and possibly organized groups. With similar incidents occurring in Finland, there is a potential trend of targeting telecom infrastructure, raising concerns about broader coordinated efforts to destabilize essential services in Europe. This highlights the need for increased security measures and rapid response protocols to protect against and mitigate such acts of sabotage.
FROM THE MEDIA: French telecom networks faced significant disruption due to the sabotage of fiber optic cables belonging to major service providers like SFR, Free, and Alphalink. The attacks, which required precise information and equipment such as axes or grinders, occurred in multiple locations, including southern France and areas near Luxembourg and Paris. The sabotage impacted various services, including those of cloud provider OVH, leading to slower internet connections between Europe and Asia Pacific. Marina Ferrari, France's junior digital minister, condemned the attacks and confirmed that telecom operators have begun repairs. The incidents follow last week’s sabotage of France's high-speed railway during the Olympic Games’ opening ceremony, suspected to be orchestrated by far-left extremists. French authorities remain on high alert for potential terrorist acts, infrastructure sabotage, and cyberattacks throughout the event.
READ THE STORY: The Record
China’s Deep-Sea Mining Ambitions: A Bid to Dominate Critical-Mineral Supply Chains
Bottom Line Up Front (BLUF): China is poised to lead in deep-sea mining, aiming to secure critical minerals essential for electrifying the global economy. This push comes amid debates at the International Seabed Authority (ISA) on regulatory frameworks and environmental concerns.
Analyst Comments: China’s interest in deep-sea mining is strategically aligned with its broader economic and geopolitical ambitions. By securing critical minerals like nickel, copper, cobalt, and manganese, China aims to strengthen its dominance in global supply chains for technologies essential for renewable energy and electric vehicles. However, this ambition faces significant regulatory and environmental hurdles, as international bodies and environmental groups debate the sustainability and ecological impact of such activities.
FROM THE MEDIA: China is poised to lead in deep-sea mining, aiming to secure critical minerals essential for electrifying the global economy. This push comes amid debates at the International Seabed Authority (ISA) on regulatory frameworks and environmental concerns. China's interest in deep-sea mining is strategically aligned with its broader economic and geopolitical ambitions. By securing critical minerals like nickel, copper, cobalt, and manganese, China aims to strengthen its dominance in global supply chains for technologies essential for renewable energy and electric vehicles. However, this ambition faces significant regulatory and environmental hurdles, as international bodies and environmental groups debate the sustainability and ecological impact of such activities.
READ THE STORY: The Economist
The Overlooked Danger of Chinese Self-Driving Cars on Roads in America
Bottom Line Up Front (BLUF): Chinese self-driving cars have traversed millions of miles in California, collecting vast amounts of data. This situation raises significant national security concerns, as the data could potentially be accessed by the Chinese government for espionage or military purposes.
Analyst Comments: The rapid advancement and deployment of Chinese self-driving car technology in the U.S. reflect broader strategic ambitions. These vehicles not only showcase technological prowess but also pose unique security risks due to their data collection capabilities. This scenario underscores the need for stringent regulations and national security reviews similar to those in place for other critical technologies and infrastructure.
FROM THE MEDIA: Chinese companies have been approved to test their self-driving cars in California, accumulating 1.8 million miles of data. Concerns arise over the data being processed and stored in China, potentially accessible to the Chinese government. The detailed 3D maps created by these cars, using lidar technology, can be exploited for surveillance and military purposes. U.S. officials are considering regulatory measures to safeguard against these risks, including a bill for national security reviews of Chinese-made connected vehicles. This situation parallels China’s strict data security laws, emphasizing the need for balanced innovation and security.
READ THE STORY: THN
New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries
Bottom Line Up Front (BLUF): The nation-state threat actor SideWinder has launched a new cyber espionage campaign targeting maritime facilities in the Indian Ocean and Mediterranean Sea. The campaign employs spear-phishing tactics and exploits known vulnerabilities in Microsoft Office to deliver malicious payloads, potentially compromising critical infrastructure in affected countries.
Analyst Comments: The targeting of maritime facilities by SideWinder underscores the strategic importance of these infrastructures and the increasing sophistication of cyber espionage campaigns. Given SideWinder’s known affiliation with India, this campaign may further strain regional geopolitical tensions, particularly with the inclusion of countries like Pakistan and Bangladesh. Organizations in the maritime sector should enhance their cybersecurity defenses, focusing on phishing awareness training and the prompt application of security patches. International cooperation and intelligence sharing will be crucial in mitigating the impact of such state-sponsored cyber threats.
FROM THE MEDIA: The SideWinder threat actor has been active since 2012, using spear-phishing emails to deliver malware. The latest campaign targets maritime facilities in countries including Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the Maldives. The attack chain begins with emails containing decoy documents exploiting old vulnerabilities (CVE-2017-0199 and CVE-2017-11882) to deliver JavaScript-based malware. The goal is likely intelligence gathering, as evidenced by SideWinder’s past activities. The use of emotional triggers in the spear-phishing emails, such as lures related to sexual harassment and salary cuts, aims to increase the likelihood of recipients opening the malicious attachments.
READ THE STORY: Fox News
Proofpoint Email Routing Flaw Exploited for Massive Phishing Campaign
Bottom Line Up Front (BLUF): An unknown threat actor has exploited an email routing misconfiguration in Proofpoint's email security defenses to send millions of spoofed phishing emails impersonating major companies like Best Buy, IBM, Nike, and Walt Disney. The campaign, dubbed "EchoSpoofing," began in January 2024, peaking at 14 million emails per day in early June before countermeasures were implemented.
Analyst Comments: This incident highlights a significant vulnerability in email security infrastructure, where misconfigurations can be weaponized to bypass stringent security measures like SPF and DKIM. The exploitation of Proofpoint’s systems to relay spoofed emails from legitimate domains underscores the sophistication and scale at which modern phishing campaigns operate. This situation should prompt organizations to re-evaluate their email security configurations and ensure strict adherence to best practices. The use of legitimate infrastructure to conduct widespread phishing campaigns represents a growing trend in cyberattacks that leverage trusted platforms to enhance credibility and bypass security checks.
FROM THE MEDIA: Researchers from Guardio Labs identified a massive scam campaign that exploited a misconfiguration in Proofpoint’s email routing to send millions of spoofed phishing emails. The campaign, named EchoSpoofing, utilized Proofpoint’s email relays with authenticated SPF and DKIM signatures, deceiving recipients by appearing as emails from trusted companies. Starting in January 2024, the threat actor sent an average of three million emails daily, with a peak of 14 million in early June. The misconfiguration allowed spammers to relay emails from rogue Microsoft 365 tenants through Proofpoint’s servers. Proofpoint has since taken measures to mitigate the issue, emphasizing the need for better email routing configuration and tighter controls over SMTP server permissions.
READ THE STORY: THN
Foreign Influence Actors Adjusting Tactics Amidst US Election Turmoil
Bottom Line Up Front (BLUF): Foreign actors, primarily from Russia and Iran, are likely to exploit recent upheavals in the U.S. presidential race to devise new tactics aimed at undermining confidence in the electoral process. Senior intelligence officials warn of potential changes in influence themes, though there is no evidence yet of significant shifts in larger strategies or preferences.
Analyst Comments: The recent developments in the U.S. political landscape, including a failed assassination attempt on former President Trump, President Biden's withdrawal from the race, and Vice President Harris becoming the presumptive Democratic nominee, present ripe opportunities for foreign actors to amplify disinformation campaigns. Historically, Russia has favored Trump, and this preference appears to persist. Iran, on the other hand, continues to stoke chaos and divisions, leveraging existing geopolitical tensions, such as the Israel-Gaza conflict. The adaptive nature of these influence operations underscores the need for heightened vigilance and proactive measures to safeguard the integrity of the upcoming elections.
FROM THE MEDIA: Senior U.S. intelligence officials highlighted that foreign influence actors are closely monitoring recent tumultuous events in the U.S. political arena. Despite significant changes, including President Biden's decision not to seek re-election and Vice President Harris emerging as the presumptive Democratic nominee, there have been no immediate signs of new tactics being deployed by these actors. Moscow remains a prominent threat, with a continued preference for Trump, while Iran's influence operations aim to avoid increased tensions with the U.S. Both nations employ sophisticated methods, including online personas and propaganda mills, to disseminate disinformation. Additionally, there have been efforts to scan networks related to election infrastructure, though no specific countries or systems have been identified.
READ THE STORY: The Record
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
Bottom Line Up Front (BLUF): A new phishing campaign targets Microsoft OneDrive users with a sophisticated social engineering attack, leading them to execute a malicious PowerShell script. This campaign, known as OneDrive Pastejacking, employs fake error messages and deceptive instructions to compromise systems.
Analyst Comments: This campaign is particularly concerning due to its reliance on social engineering, a technique that often bypasses technical defenses by exploiting human vulnerabilities. The phishing email’s realistic presentation and legitimate-looking instructions increase the likelihood of users falling for the scam. Organizations should enhance user awareness training to recognize such deceptive tactics and consider implementing more robust email filtering and endpoint protection solutions. Regular drills and simulations of phishing attacks can also help in preparing users to identify and avoid falling victim to similar threats. IT teams should monitor PowerShell activity and implement strict execution policies to mitigate the risk posed by such attacks.
FROM THE MEDIA: The OneDrive phishing campaign begins with an email containing an HTML file that mimics a OneDrive page and displays an error message prompting users to update their DNS cache. The fake error directs users to open a PowerShell terminal and execute a Base64-encoded command. This command downloads and executes a malicious script, ultimately compromising the victim's system. The campaign has targeted users in various countries, including the U.S., South Korea, Germany, and India. The phishing tactic, known as ClickFix, has been identified in other similar campaigns, highlighting the growing trend of using sophisticated social engineering techniques to spread malware. Researchers emphasize the need for ongoing security training and awareness to combat such threats effectively.
READ THE STORY: THN
Pro-Ukrainian Hackers Claim Attack on Russian Cyber Company
Bottom Line Up Front (BLUF): The pro-Ukrainian hacker group Cyber Anarchy Squad has claimed responsibility for a cyberattack on the Russian cybersecurity firm Avanpost, encrypting over 400 virtual machines and leaking 390 gigabytes of data. This incident marks a significant escalation in the cyberwar between Ukraine and Russia, impacting critical infrastructure and sensitive information.
Analyst Comments: The attack by "hdr0" on Russian TV channels underscores the increasingly sophisticated and impactful tactics employed by hacktivist groups in the cyberwar between Ukraine and Russia. By targeting media channels, these groups aim to directly influence public opinion and undermine the Russian government's narrative. The use of emotionally charged messages and comparisons to 9/11 is intended to provoke a strong reaction and draw international attention to the situation in Ukraine. This incident is likely to escalate the cyber conflict and prompt further retaliatory measures from pro-Kremlin hackers.
FROM THE MEDIA: Pro-Ukrainian hackers, known as "hdr0," have claimed responsibility for breaching Russian TV channels such as Channel One Russia, Russia-24, and Russia-1, broadcasting anti-war messages that likened Russia’s attack on Ukraine to the September 11 terrorist attacks in New York. The broadcast showed footage of Russian attacks on Ukrainian cities and interviews with Ukrainian President Volodymyr Zelensky and other leaders condemning Russia’s actions. The hack follows a similar incident in May, where Victory Day parade broadcasts were replaced with anti-war messages. Russian authorities and media channels have not provided detailed responses on the impact or extent of these breaches.
READ THE STORY: The Record
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
Bottom Line Up Front (BLUF): Ransomware groups are exploiting a recently patched vulnerability (CVE-2024-37085) in VMware ESXi hypervisors to gain administrative access and deploy malware. This flaw allows attackers to bypass Active Directory integration authentication, leading to elevated permissions and ransomware deployment.
Analyst Comments: The exploitation of CVE-2024-37085 underscores the critical need for timely patch management and robust security measures in virtualized environments. The use of this flaw by multiple ransomware groups, including Storm-0506 and Storm-1175, to deploy ransomware like Akira and Black Basta, highlights the ongoing threat posed by vulnerabilities in widely used enterprise software. Organizations must prioritize the patching of such vulnerabilities, enhance monitoring of their virtual infrastructure, and adopt multi-factor authentication to mitigate the risk of unauthorized access. Additionally, the sophisticated techniques employed, such as leveraging compromised credentials and lateral movement using tools like Cobalt Strike, necessitate comprehensive security strategies to detect and respond to these advanced threats.
FROM THE MEDIA: The vulnerability CVE-2024-37085 in VMware ESXi allows attackers to gain administrative access by creating or renaming an Active Directory (AD) group named "ESX Admins." Exploited by ransomware groups, this flaw has facilitated the deployment of ransomware like Akira and Black Basta. Microsoft reported that groups like Storm-0506 used this vulnerability post-compromise to elevate permissions, deploying tools like Cobalt Strike and Pypykatz for lateral movement and credential theft. The attacks included brute-forcing Remote Desktop Protocol (RDP) connections and tampering with antivirus tools to avoid detection. The financial motive behind these attacks is evident, with groups like UNC4393 transitioning to new malware delivery methods such as ZLoader. The exploitation of this VMware ESXi flaw by multiple ransomware groups highlights the urgency for organizations to implement robust security measures, including timely patching and multi-factor authentication, to protect their virtual environments from such sophisticated threats.
READ THE STORY: THN
'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread
Bottom Line Up Front (BLUF): A threat actor known as Stargazer Goblin has established a network of over 3,000 fake GitHub accounts to distribute various information-stealing malware, resulting in illicit profits of $100,000 over the past year.
Analyst Comments: The use of legitimate platforms like GitHub for malware distribution highlights the increasing sophistication of cyber threats. Stargazer Goblin’s strategy of creating numerous fake accounts and repositories to propagate malware while maintaining a semblance of legitimacy poses significant challenges for detection and takedown efforts. This incident underscores the need for enhanced security measures on code hosting platforms and greater awareness among users about the risks of downloading software from unverified sources. Additionally, the involvement of other social media platforms like Discord, Facebook, Instagram, X, and YouTube indicates a coordinated effort to maximize the spread of malicious content across multiple channels.
FROM THE MEDIA: Stargazer Goblin has leveraged a network of over 3,000 fake GitHub accounts to spread malware such as Atlantida Stealer, Rhadamanthys, RisePro, Lumma Stealer, and RedLine. These accounts are used to share malicious links and files, masquerading as legitimate software and game cheats. The network employs a distribution-as-a-service (DaaS) model, generating substantial profits for the operators. Check Point’s analysis reveals that the fake accounts perform activities like starring, forking, and watching repositories to appear legitimate. Additionally, the accounts update links and repositories to maintain operations even after takedowns. This sophisticated operation spans multiple platforms, complicating efforts to combat the spread of malware.
READ THE STORY: THN
Russia, Iran, China Seek to Shape US Election, Officials Say
Bottom Line Up Front (BLUF): American intelligence officials report that Russia, China, and Iran are attempting to influence the upcoming US presidential election. Russia is reportedly trying to support Donald Trump, while Iran aims to undermine him. These foreign actors are enlisting Americans, sometimes unknowingly, to promote propaganda that serves their interests.
Analyst Comments: The involvement of foreign nations in the US election underscores the persistent and evolving nature of cyber and propaganda warfare. Russia's history of interference in 2016 and 2020 suggests a continued strategic interest in shaping US political outcomes. Iran's motivation stems from animosity towards Trump's policies, particularly his withdrawal from the nuclear deal. China's activities, while not directly aimed at influencing the presidential election, reflect broader geopolitical strategies to undermine democratic stability and promote Chinese interests globally.
FROM THE MEDIA: US intelligence officials have disclosed that Russia, China, and Iran are actively recruiting Americans to spread propaganda ahead of the US presidential election. Some US citizens are knowingly aiding these efforts, while others are being unwittingly manipulated. Russia is reportedly favoring Trump, as seen in past elections, by building networks to disseminate pro-Russian narratives. Iran is working against Trump, motivated by past US sanctions and policy decisions. Meanwhile, China, although not targeting the presidential race directly, is engaging in activities to undermine democratic processes and influence down-ballot candidates. The report highlights the sophisticated methods employed, including outsourcing to marketing firms and leveraging social media to mask their involvement and reach American audiences.
READ THE STORY: Bloomberg
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
Bottom Line Up Front (BLUF): The Gh0st RAT Trojan is being distributed through a deceptive website mimicking Google's Chrome download page, specifically targeting Chinese-speaking Windows users. This tactic highlights the persistent and evolving threat of cyber espionage operations.
Analyst Comments: The Gh0st RAT Trojan, a well-known tool in cyber espionage, is being deployed through a fake Chrome download site to compromise Chinese-speaking users. This method underscores the sophistication and adaptability of cybercriminals, particularly those associated with state-sponsored groups. The use of an "evasive dropper" called Gh0stGambit, which cleverly checks for security software before deploying the Trojan, demonstrates advanced evasion techniques. The persistent nature of Gh0st RAT, with its numerous features for data exfiltration and system manipulation, poses significant risks to both personal and organizational security. The increasing reliance on drive-by downloads and the usage of language-specific lures call for heightened awareness and robust cybersecurity measures.
FROM THE MEDIA: Gh0st RAT, a remote access Trojan active since 2008, has resurfaced in a new campaign targeting Chinese Windows users. Cybersecurity firm eSentire discovered the Trojan being delivered via a fake Chrome download site, "chrome-web[.]com," which tricks users into downloading malicious installer packages. These packages include a legitimate Chrome setup file and a harmful installer that deploys Gh0stGambit. The dropper then connects to a command-and-control server to retrieve Gh0st RAT, which can terminate processes, capture audio and screenshots, execute remote commands, and more. The campaign's focus on Chinese users is evident from the use of Chinese-language lures and applications aimed at data theft and defense evasion. This highlights the need for continuous security training and awareness programs to mitigate such threats.
READ THE STORY: THN
Tensions Raised as China Expands Military Presence Along India’s Vast Northern Border
Bottom Line Up Front (BLUF): China's military buildup along the contested border with India has intensified, with the deployment of advanced fighter jets and increased infrastructure development. These actions heighten long-standing territorial disputes and exacerbate military tensions in the region.
Analyst Comments: China’s military expansion in Tibet and along the disputed border regions with India signifies a strategic effort to bolster its defensive and offensive capabilities in the Himalayas. The deployment of J-20 stealth fighters and advanced artillery not only serves as a deterrent but also reflects China’s commitment to asserting its territorial claims. The challenging geography and historical context of the China-India border disputes, including the 1962 war and recent skirmishes, underscore the volatility and potential for conflict escalation in this region. Enhanced surveillance and infrastructure developments by China aim to solidify its strategic advantage, compelling India to respond with corresponding military and infrastructural enhancements.
FROM THE MEDIA: Recent satellite images from BlackSky reveal the deployment of China's advanced J-20 stealth fighters at Tibet’s Shigatse Air Base, alongside existing military jets. The images, published by the Hindustan Times, also show substantial military infrastructure and road networks developed by China across the Doklam plateau and near Pangong Lake in Ladakh. These developments come amid a historical backdrop of territorial disputes between the nuclear-armed neighbors, with the region witnessing frequent military standoffs and skirmishes, the latest occurring in 2022. The harsh terrain and extreme weather conditions present unique security challenges, emphasizing the strategic importance of underground facilities and advanced military logistics. These activities reflect China's broader strategy to fortify its positions and maintain a significant military presence along its contentious border with India.
READ THE STORY: Blacksky
State Department: UN Cybercrime Treaty Must Include Human Rights Protections
Bottom Line Up Front (BLUF): The U.S. State Department emphasizes the importance of incorporating human rights protections in the United Nations cybercrime treaty, which faces significant criticism for potentially enabling domestic and transnational repression.
Analyst Comments: The U.N. cybercrime treaty has garnered attention due to its potential implications for human rights. The U.S. and other member states are pushing for robust safeguards to prevent misuse that could lead to repression and human rights abuses. The involvement of prominent human rights organizations and tech companies in opposing the current draft underscores the high stakes of these negotiations. The treaty's provisions on transnational cooperation for cybercrime evidence gathering present both opportunities for enhanced security and risks of overreach. The debate reflects broader concerns about balancing cybersecurity and privacy rights in an increasingly digital world.
FROM THE MEDIA: The U.S. State Department, alongside 40 other U.N. member states, has raised concerns about the potential misuse of the proposed U.N. cybercrime treaty to violate human rights. As negotiations for the treaty's final draft commence, critics, including human rights groups and tech companies, argue that the treaty could facilitate surveillance and repression of journalists, activists, and marginalized groups. The treaty's current language allows for broad transnational cooperation in cybercrime investigations, which opponents fear could lead to abuses. The U.S. and its allies are advocating for stronger human rights protections within the treaty to prevent its use for domestic and transnational repression.
READ THE STORY: The Record
Items of interest
China’s Undermining of India's Health and Economic Stability
Bottom Line Up Front (BLUF): China is employing a multifaceted strategy to undermine India’s pharmaceutical industry and economic stability, including dumping substandard APIs, spreading disinformation, and engaging in clandestine chemical and biological warfare research with Pakistan. This strategy threatens India's status as the "pharmacy of the world," compromises health and safety, and disrupts economic stability through unfair trade practices and clandestine operations.
Analyst Comments: China's actions against India's pharmaceutical industry highlight a broader geopolitical struggle involving trade practices, cyber-attacks, and disinformation campaigns. The deliberate dumping of inferior APIs not only undermines India's pharmaceutical reputation but also endangers global health. Additionally, China's clandestine activities with Pakistan, involving dual-use chemical and biological agents, raise significant security concerns. These actions reflect a strategic effort by China to assert dominance and destabilize regional rivals, necessitating robust countermeasures from India to safeguard its health sector and economic interests.
FROM THE MEDIA: China has been strategically targeting India’s pharmaceutical industry, known as the "pharmacy of the world," by flooding the market with low-quality Active Pharmaceutical Ingredients (APIs). This has led to the shutdown of numerous Indian API manufacturers and has tarnished the quality of Indian drug formulations, attracting scrutiny from global health bodies like the WHO and FDA. Moreover, China's influence has reportedly hindered the recognition of Indian drugs and vaccines on the international stage. Further compounding the issue, China has been involved in clandestine chemical and biological warfare research, sharing technologies with Pakistan. This includes the recent seizure of a significant shipment of dual-use chemicals at Indian ports, intended for Pakistan’s defense industry. Such activities point to a systematic effort to destabilize the region and exert pressure on India.
READ THE STORY: The Sunday Guardian
Can MODI’s GOLDEN TEAM hit the 10 Trillion dollars GDP dream for India? : Economic Case Study (Video)
FROM THE MEDIA: India has the potential to become a global superpower and a major manufacturing hub, rivaling China, but significant challenges must be addressed. The trajectory of economic growth, policy reforms, demographic advantages, and strategic investments are promising. However, overcoming structural, infrastructural, and social hurdles is crucial for achieving this vision.
Will India's Economy Grow Stronger than China? | Explaining India's Fastest Growing Big Economy? (Video)
FROM THE MEDIA: India, with its vast and diverse population, is making significant strides on the global economic stage. With policies aimed at fostering innovation, entrepreneurship, and sustainable development, India is poised to achieve unparalleled growth in the coming years.
The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.