Daily Drop (889): AMD: 384-core Epyc | CISCO: Breach | 50-bit RSA: D-Wave Attacks | Microsoft: Cyber Axis | CN: Germany False Claims | ASML: Shares | Iran: Israel Cyber
10-14-24
Wednesday, Oct 16 2024 // (IG): BB // ScraperDaddy // Cloud Email Harvester
Poss. CN APT: Cisco Investigating Alleged Data Breach as Hackers Sell Corporate Files
NOTE:
The Cisco breach could indeed be related to the recent wave of cyber activity by Salt Typhoon, a Chinese state-backed group identified for targeting telecom and IT infrastructure in the U.S. Salt Typhoon, also known as Bronze Silhouette, was reported to exploit backdoors to access sensitive data from major companies like Verizon and AT&T, and reportedly monitored critical communications such as court-ordered wiretaps and internet traffic. If this breach aligns with Salt Typhoon's past targets and tactics, it could indicate a continuation or escalation of their cyber espionage against tech and telecom companies.
Salt Typhoon’s methodology includes exploiting vulnerabilities in cloud and on-premises systems to access confidential data. This matches some details of the Cisco breach, such as alleged access to cloud storage credentials, hardcoded keys, and sensitive source code, which espionage-focused groups highly seek.
Bottom Line Up Front (BLUF): Cisco is investigating claims of a significant breach allegedly involving sensitive files such as source code, hardcoded credentials, and confidential documents. The data, purportedly stolen by the hacker IntelBroker and associates, is being advertised for sale on dark web forums and could impact Cisco’s significant customers, including Microsoft, SAP, and AT&T.
Analyst Comments: If confirmed, this breach would indicate a severe exposure of Cisco’s internal and customer data, highlighting the elevated risks of supply chain attacks for the tech industry. The timing—if indeed from June—suggests a sophisticated, stealthy intrusion. IntelBroker’s recent high-profile cyber activities may pressure Cisco, other vendors, and affected partners to enhance their investigative and preventive cybersecurity protocols. The potential for cascading impacts on Cisco's clients further demonstrates the criticality of rigorous data protection and third-party risk management in enterprise environments.
FROM THE MEDIA: Cisco confirmed an ongoing investigation following IntelBroker’s claims of a massive data heist, allegedly in collaboration with other hackers. The stolen data reportedly includes susceptible Cisco files such as API tokens, AWS and Azure storage credentials, SSL certificates, and source code. IntelBroker, believed to operate the BreachForums site, initially posted about the breach on Monday, asserting that the violation involved multiple clients, including Microsoft and SAP. Cisco has yet to verify these claims, while SAP has confirmed its investigation. Earlier this year, IntelBroker was implicated in a similar breach targeting AMD, adding to a string of recent cybercrimes aimed at prominent tech firms.
READ THE STORY: The Register
Iranian Cyberattacks Against Israel Spike After Gaza War Outbreak, Microsoft Reports
Bottom Line Up Front (BLUF): Microsoft’s recent report indicates that since the October 2023 Hamas-Israel conflict began, Iran has significantly increased its cyber and social media operations against Israel, shifting focus from the U.S. and UAE. The campaigns range from direct cyberattacks on Israeli firms to influence operations designed to destabilize Israel through social media.
Analyst Comments: Iran’s pivot to intensify cyber activity against Israel underscores the expanding cyber battlefield as geopolitical tensions rise. The shift away from U.S.-focused cyber operations highlights Tehran’s intention to disrupt Israeli infrastructure and undermine public opinion, aligning with broader Iranian influence strategies. This increase in activity could persist post-conflict as cyber becomes a central front in Iran-Israel hostilities, with the potential for escalated cyber defenses and international response mechanisms.
FROM THE MEDIA: Since the Gaza war’s onset on October 7, 2023, Iranian state-aligned cyber groups have surged attacks on Israeli companies, now accounting for almost half of Iran’s digital assault activities, Microsoft’s report reveals. Previously, Israel comprised only 10% of Iranian cyber targets, while the U.S. and UAE were more frequent targets. The report details that within days of the conflict, Iran launched various disinformation campaigns impersonating Israeli social media accounts to sow discord, including accounts critical of Israeli leadership. Additionally, Iranian groups created fake Telegram accounts and social channels using Hamas logos to propagate misinformation about the conflict and influence public opinion against Israel.
READ THE STORY: Times of Israel
ASML Shares Drop Amid Semiconductor Recovery Concerns
Bottom Line Up Front (BLUF): ASML, a leader in semiconductor manufacturing equipment, saw its shares plummet by 16.3% following a forecast of slower-than-expected recovery in the semiconductor market. Orders for ASML's equipment fell to half of analysts' predictions, reflecting broader caution among semiconductor clients like Intel and Samsung.
Analyst Comments: ASML’s results indicate the challenges facing the semiconductor industry as it recalibrates after periods of intense growth spurred by AI demand. The subdued outlook signals potential headwinds for other tech and semiconductor players as demand for non-AI chips lags, possibly affecting projections for industry recovery in 2025. Furthermore, China’s reduced demand for ASML products due to geopolitical restrictions could push ASML to diversify its market reach. This strategy may benefit the company long-term if AI demand stabilizes globally.
FROM THE MEDIA: On Tuesday, ASML released disappointing Q3 results a day early due to a technical error, revealing a bleak outlook for the semiconductor market's rebound. CEO Christophe Fouquet cited “customer cautiousness” and predicted a slower recovery across the market, excluding AI. The Q3 report detailed a sharp drop in new orders, with ASML’s net bookings at €2.6 billion, far below analysts' expectations of over €5 billion. The results immediately impacted the broader tech sector, with stock prices for companies like Nvidia, AMD, and Arm also dropping. Additionally, ASML warned of a steep decline in Chinese orders in 2025, as export restrictions hinder its ability to sell advanced equipment in China.
Chinese Researchers Use Quantum Computing to Threaten RSA and AES Encryption
Bottom Line Up Front (BLUF): Chinese scientists have reportedly demonstrated a successful quantum computing attack against RSA encryption, raising concerns about future vulnerabilities in widely used encryption algorithms. Using a D-Wave quantum computer, researchers claim they achieved an early-stage breach of RSA encryption and potential inroads into AES. This development emphasizes the urgency of advancing quantum-resistant encryption standards.
Analyst Comments: This breakthrough could redefine global cybersecurity strategies since quantum computers may soon bypass encryption. Such a capability has strategic implications for protecting military, financial, and personal data. Although full-scale breaches of more robust encryption (such as RSA-2048) remain unachieved, advancements in quantum hardware could soon place sensitive global data at risk. In response, organizations may need to accelerate their shift toward post-quantum cryptographic protocols, as initiatives from NIST and tech companies like Apple suggest.
FROM THE MEDIA: Chinese researchers from Shanghai University recently claimed a successful attack on 50-bit RSA encryption using a D-Wave quantum computer, marking a milestone in quantum applications for cryptographic attacks. The team’s methodology combined quantum annealing algorithms with classical computational techniques, suggesting this hybrid approach could overcome some current encryption limitations. The team reportedly used two approaches: purely quantum and integrating classical cryptography methods like the Schnorr signature algorithm. While this demonstration focused on a lower-level RSA key, its implications signal progress toward tackling more complex encryption like RSA-2048 and AES-256. Quantum cryptographic breakthroughs have recently gained attention, with the Global Risk Institute predicting a 30-year timeline to crack RSA-2048 encryption. This advancement comes as governments and companies accelerate to create quantum-resistant encryption to counter future threats.
READ THE STORY: Benzinga // tom’sHardware // PCMAG
AMD Dismisses Manycore CPU 'Blast Radius' Concerns Amid Data Center Expansion
Bottom Line Up Front (BLUF): As AMD’s manycore Epyc CPUs gain traction in data centers, concerns about potential failure risks — the “blast radius” — of these dense systems have arisen. AMD’s analysis suggests these worries are overestimated, with data indicating that many core CPUs are generally resilient, supporting AMD’s push to consolidate legacy data center hardware onto fewer servers.
Analyst Comments: With data center modernization and energy efficiency driving the trend toward high-density, manycore servers, AMD, and Intel are intensifying their focus on core count expansion. As many core CPUs offer significant energy savings and consolidation benefits, AMD’s optimistic outlook likely reflects confidence in the reliability of modern server hardware. Licensing issues, which limit core scalability due to per-core fees from software vendors, could hinder adoption but may be offset by AMD’s high-performance, lower-core options. This shift in server design paradigms points to evolving software pricing structures and the increasing importance of crypto-resilient, dense CPU systems in data centers.
FROM THE MEDIA: At AMD’s recent Advancing AI event, Dan McNamara, head of AMD's server division, addressed “blast radius” concerns for their 384-core Epyc processors, claiming that server systems are more robust despite higher core counts. McNamara emphasized AMD's energy-efficient approach, noting that 131 Epyc servers could replace up to 1,000 older Intel Cascade Lake servers, reducing energy consumption by 68 percent. Despite high hardware costs, these new manycore CPUs save on operational space and power. To address licensing constraints, AMD’s lineup includes high-performance, lower-core CPUs like the 64-core 9575F and the 16-core 9175F, designed to accommodate workloads where per-core licensing fees apply.
READ THE STORY: The Register
Microsoft Report Highlights Cyber Collaborations Between Russia, China, and Iran
Bottom Line Up Front (BLUF): Russia, China, and Iran are increasingly collaborating with criminal cyber networks to target the U.S. and other perceived adversaries, according to Microsoft’s 2024 Digital Defense Report. The findings outline cyber campaigns leveraging malware, social media manipulation, and phishing attacks aimed at espionage, influence, and destabilization significantly ahead of the U.S. presidential election.
Analyst Comments: This trend signals a significant blending of state-backed and criminal cyber capabilities, complicating traditional threat intelligence and response strategies. By collaborating with organized cybercriminals, these states can execute complex attacks with plausible deniability, avoiding direct accountability. Such alliances could potentially intensify as authoritarian governments seek low-cost, high-impact ways to influence foreign elections, conduct espionage, and disrupt political stability. Increased collaboration between public and private sectors will likely be necessary to counter these hybridized threats effectively.
FROM THE MEDIA: Microsoft’s recent report highlights that cyber actors from Russia, China, and Iran are partnering with criminal groups for various cyber activities targeting the U.S., Ukraine, and allies. Examples include Russian groups accessing Ukrainian military devices and Iran’s operations to infiltrate U.S. voter groups through fabricated news outlets. The report notes specific cases, such as a Russian cyber actor compromising 50 Ukrainian military devices to gather intelligence. China, meanwhile, has used covert social media channels to influence U.S. campus protests and disrupt discourse around issues like the Israel-Hamas war. Microsoft’s Vice President of Customer Security, Tom Burt, emphasized that while the collaboration across these states and criminal networks is growing, there is no indication they share resources directly. Microsoft President Brad Smith warned that unchecked, these efforts could pose a serious national security risk.
READ THE STORY: Newsweek // The Hill
Germany and China in Diplomatic Standoff Over Cyber Espionage Allegations
Bottom Line Up Front (BLUF): China has denounced Germany’s allegations of a 2021 cyberattack targeting the federal cartography agency, calling the accusations “groundless.” In a formal response, Germany summoned China’s ambassador to file an official complaint over the alleged espionage-related incident, reflecting rising cybersecurity concerns.
Analyst Comments: This dispute highlights growing tensions between Europe and China over cybersecurity, a sensitive issue as Germany increasingly prioritizes digital security within its critical infrastructure. Germany’s move to directly confront China diplomatically reflects broader European efforts to hold state actors accountable for alleged cyber activities. This development could influence other EU nations as they examine and respond to similar cyber threats from state-backed groups, potentially straining economic and political ties with Beijing. The response from China underscores its position against international cybercrime accusations, suggesting the two powers may face ongoing friction over security narratives.
FROM THE MEDIA: Germany’s allegations link China to a 2021 cyber intrusion targeting its federal cartography agency, suspected to have been for espionage purposes. Germany’s Foreign Ministry summoned the Chinese ambassador, a rare diplomatic move underscoring Berlin’s importance on cybersecurity. China’s embassy in Germany responded strongly, accusing Germany of manipulating cybersecurity issues and inflating China-related cyber threats. This diplomatic clash aligns with a broader trend where Western nations, especially in Europe, are addressing suspected cyber activity from Chinese and Russian actors. As cyber threats increasingly concern government infrastructure, Germany’s stance may set a precedent within the EU for responding to alleged state-sponsored cyberattacks.
READ THE STORY: MSN
Items of interest
D-Wave’s New Quantum Roadmap Aims to Optimize AI and Machine Learning Workloads
Bottom Line Up Front (BLUF): D-Wave has introduced a roadmap expanding its quantum computing applications in AI and ML. This initiative focuses on generative AI, cybersecurity, and drug discovery, aiming to leverage quantum annealing for complex optimization tasks and energy-efficient workloads.
Analyst Comments: Focusing on specific AI applications, the initiative highlights a move toward specialized quantum resources to supplement conventional computing. Despite promising developments, analysts caution that the technology’s impact remains early-stage as mainstream adoption in AI presents cost and integration challenges.
FROM THE MEDIA: The roadmap targets three core areas: unique quantum distributions for generative AI, integrating GPUs with quantum cloud services, and applying quantum architectures for complex use cases. While some see potential in these enhancements, experts note that practical AI impacts may take time due to the field’s high cost and emerging use cases.
READ THE STORY: ComputerWorld
Alleged - Chinese Scientists Develop Cyberattack Using Quantum Computers (Video)
FROM THE MEDIA: Chinese scientists have launched what they claim is the world's first successful attack against a commonly used encryption mechanism using a quantum computer.
Hello, Quantum World! (Video)
FROM THE MEDIA: How would you like to see an actual quantum computer, actually working?Everyone's heard about quantum computers - how they'll be able to solve every computational problem in the blink of an eye, decrypting every coded message, and spilling our secrets across the internet. That’s if they ever get delivered: for all the talk, nobody seems able to construct a working quantum computer. So is the whole idea nothing more than fairy dust?
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.