Wednesday, Jan 22, 2025 // (IG): BB // GITHUB // SGM Jarrell
Trump Administration, SoftBank, and OpenAI Unveil $500 Billion "Stargate Project"
Bottom Line Up Front (BLUF): The Trump administration, SoftBank, OpenAI, and other tech giants have announced the "Stargate Project," a $500 billion initiative to build advanced AI infrastructure in the United States over the next four years. Led by Masayoshi Son, this effort aims to secure U.S. dominance in artificial intelligence, create hundreds of thousands of jobs, and bolster national security. Key collaborators include NVIDIA, ARM, Oracle, and Microsoft.
Analyst Comments: This monumental initiative underscores the strategic shift in U.S. policy to prioritize AI leadership in the global tech race, particularly against China. While the project is poised to create significant economic and technological advantages, the administration’s decision to roll back AI safety and environmental regulations could result in long-term risks. By bringing together major private sector players, the Stargate Project represents a model of public-private partnership to address national competitiveness. Still, its success will depend on balancing innovation with responsible development.
FROM THE MEDIA: On January 21, 2025, the Trump administration announced the "Stargate Project," a $500 billion initiative led by SoftBank and OpenAI to build advanced AI infrastructure across the U.S. over the next four years. The project, chaired by SoftBank CEO Masayoshi Son, will focus on constructing massive AI data centers, starting in Texas, with key technology partners including NVIDIA, ARM, Oracle, and Microsoft contributing expertise in semiconductors, cloud computing, and AI training models. The initiative aims to secure U.S. dominance in AI and AGI development to create thousands of jobs and strengthen national security. The Trump administration has relaxed environmental regulations to accelerate deployment, contrasting with Biden-era clean energy mandates, as part of a broader strategy to counter China's rapid AI advancements.
READ THE STORY: Open AI // Bloomberg // Politico // FT
TSA Administrator Behind Cybersecurity Reforms Ousted by Trump Administration
Bottom Line Up Front (BLUF): TSA Administrator David Pekoske, a key figure in advancing cybersecurity measures for U.S. aviation, pipelines, and rail systems, was removed from his position by the Trump administration. Pekoske had spearheaded critical reforms that significantly improved cyber protections for the nation’s transportation infrastructure during his tenure.
Analyst Comments: Pekoske's dismissal marks a shift in U.S. cybersecurity priorities under the new administration. His leadership led to notable advancements in securing critical transportation sectors, addressing vulnerabilities exposed by high-profile cyberattacks like the Colonial Pipeline incident. The abrupt removal could signal a rollback or restructuring of cybersecurity policies within the TSA and other federal agencies. With threats from adversaries such as China and Russia escalating, the decision raises questions about the Trump administration's strategy for safeguarding critical infrastructure against cyberattacks. Additionally, Pekoske's ousting could create uncertainty for ongoing collaboration between industry and government on cyber defense initiatives.
FROM THE MEDIA: TSA Administrator David Pekoske was removed from office on January 20th, 2025, as part of broader personnel changes by the Trump administration. Pekoske, initially appointed by Trump in 2017 and reappointed by Biden in 2022, played a pivotal role in implementing cybersecurity directives for the aviation, pipeline, and rail industries. These initiatives led to significant improvements, such as 100% of critical pipelines and 68% of rail systems meeting minimum cybersecurity standards by late 2024. Pekoske also attended major cybersecurity conferences to recruit talent and refine TSA directives based on evolving threats. His departure follows Trump's rescission of several Biden-era cybersecurity policies, including directives on AI and the Office of the National Cyber Director's line of succession.
READ THE STORY: The Record
Trump Pushes Early Renegotiation of USMCA with Threat of Tariffs
Bottom Line Up Front (BLUF): President Trump is moving to renegotiate the US-Mexico-Canada Agreement (USMCA) ahead of its 2026 review by threatening 25% tariffs on Canadian and Mexican goods. The administration aims to revise automotive rules and other trade provisions, pressuring Canada and Mexico to bring manufacturing jobs back to the U.S. This could trigger a major economic disruption across North America.
Analyst Comments: Trump’s push to renegotiate the USMCA is emblematic of his administration's "America First" trade agenda, prioritizing domestic job creation and manufacturing. The aggressive tariff threats, while a negotiation tactic, risk destabilizing deeply integrated supply chains, especially in the automotive and agricultural sectors. Canada and Mexico’s potential retaliatory tariffs and economic countermeasures could escalate into a trade war, further straining continental economic relations. The uncertainty surrounding these negotiations may also lead to reduced business confidence and delayed investments, particularly in Canada. This strategy underscores a broader trend of using trade policies to reshape geopolitical and economic alliances.
FROM THE MEDIA: President Trump announced plans to renegotiate the USMCA, the trade pact governing $2 trillion in annual trade among the U.S., Canada, and Mexico. Although the deal isn’t due for statutory review until 2026, Trump intends to use 25% tariffs on Canadian and Mexican goods as leverage to force talks. His administration is mainly focused on revising automotive rules to encourage manufacturing to relocate from Canada and Mexico to the U.S. Canadian Prime Minister Justin Trudeau warned of “robust and rapid” retaliatory measures, including tariffs on U.S. products and an export tax on Canadian oil. Mexican President Claudia Sheinbaum called for calm but indicated Mexico would also consider countermeasures. Economists predict significant disruptions if tariffs are imposed, with Canada potentially entering a recession and U.S. consumers facing higher prices on imported goods. Trump’s proposed tariffs could also impact his goal of extending tax cuts by generating $1 trillion in revenue from trade duties.
READ THE STORY: WSJ
Philippines Arrests Chinese National for Espionage Targeting Critical Infrastructure
Bottom Line Up Front (BLUF): Philippine authorities arrested a Chinese national and two Filipino citizens accused of conducting surveillance on critical infrastructure, including military bases, power plants, and police stations. The suspects, allegedly linked to a Chinese network, used advanced surveillance technology to collect sensitive data, raising concerns over national security.
Analyst Comments: This arrest highlights the increasing sophistication of espionage operations targeting critical infrastructure globally, with China-linked groups leveraging advanced technologies under legitimate guises, such as autonomous vehicle development. The connection to a university controlled by the People's Liberation Army (PLA) raises suspicions of state sponsorship. The incident underscores the need for heightened cybersecurity and physical security measures in countries at the forefront of geopolitical tensions, particularly in Southeast Asia, where strategic infrastructure is often a target of espionage. This case also demonstrates the growing role of surveillance-enabled vehicles in intelligence operations, which may prompt a reevaluation of regulations on technologies with dual-use capabilities.
FROM THE MEDIA: The Philippines' National Bureau of Investigation (NBI) confirmed the arrest of a Chinese national, Deng Yuanqing, along with two Filipino citizens for alleged espionage targeting the nation’s critical infrastructure. Deng, a software engineer reportedly tied to a PLA-affiliated university, specialized in automation and engineering. The group equipped a vehicle with surveillance devices to collect images and topographic data of potential targets, including military bases and power plants in Manila and Luzon. Law enforcement seized devices containing sensitive data and maps, with evidence suggesting the devices could be remotely accessed. Following the arrests, Philippine Armed Forces Chief Gen. Romeo Brawner Jr. announced increased security measures at military installations. This marks the second instance of suspected Chinese espionage arrests in the Philippines, amid rising tensions over South China Sea disputes and concerns about state-sponsored cyber and physical surveillance campaigns.
READ THE STORY: The Record
Indonesia Plans Nickel Production Cuts Amid Global Price Decline
Bottom Line Up Front (BLUF): Indonesia, the world’s largest nickel producer, is contemplating cuts to nickel ore production quotas to stabilize prices after a 40% drop over two years. With 57% of global refined nickel output in 2024, the move aims to address a market glut but risks triggering domestic supply shortages and increasing global prices.
Analyst Comments: Cutting quotas could stabilize global prices but might strain domestic processing facilities, leading to higher domestic ore prices and increased reliance on imports. Balancing the economic benefits of export revenues and maintaining market stability will be a critical challenge. This action reflects Indonesia’s long-term strategy to dominate higher-value nickel production and reduce global dependency on its raw materials.
FROM THE MEDIA: Indonesia, responsible for 57% of global refined nickel output in 2024, is weighing mining quota reductions to counter falling prices caused by an oversupplied market. The Ministry of Energy and Mineral Resources emphasized aligning production with market demand to stabilize prices. Last year, the government approved 270 million tonnes of ore, but this year’s quotas may be slashed to 150–200 million tonnes, significantly impacting global supply. Indonesia’s previous ban on raw ore exports in 2020 spurred billions in foreign investments, mainly from China, in domestic refineries and battery production facilities. Analysts note the risks of creating domestic shortages while increasing nickel production's economic viability in other countries. Macquarie estimates a smaller global surplus in 2025 due to potential Indonesian cuts and recovering EV demand, with Indonesia remaining a decisive factor in global market dynamics.
READ THE STORY: FT
Anthropic CEO Predicts AI Surpassing Human Intelligence by 2027
Bottom Line Up Front (BLUF): Anthropic CEO Dario Amodei announced at Davos that artificial intelligence could surpass human intelligence by 2027. The company is rapidly scaling its AI capabilities, raising $2 billion at a $60 billion valuation and addressing compute limitations to meet the growing demand for its Claude chatbot. Amodei stressed both the immense potential and risks of achieving human-level AI within the next few years.
Analyst Comments: The prediction of human-level AI by 2027 underscores the accelerating pace of AI development and competition among key players like Anthropic and OpenAI. While this represents an inflection point for innovation, it also highlights significant ethical, regulatory, and societal challenges. The pressure to scale compute resources and advance capabilities suggests that companies are racing not only for technological dominance but also to set the precedent for how AI integrates into everyday life. Regulatory oversight must keep pace to mitigate risks associated with such transformative technologies.
FROM THE MEDIA: Speaking at the World Economic Forum in Davos, Anthropic CEO Dario Amodei shared that the company is scaling its AI infrastructure, targeting over 1 million chips to support its technology by 2026. Anthropic's revenue reportedly grew tenfold in 2024, driven by demand for its Claude chatbot, which Amodei expects will soon integrate web capabilities, two-way voice functionality, and improved memory for personalized interactions. The company, valued at $60 billion, is in advanced talks to raise $2 billion. Amodei expressed confidence that AI will surpass human intelligence within two to three years, bringing transformative benefits and risks. Competitors like OpenAI are introducing similar features, intensifying the race to create more intuitive and powerful AI assistants.
READ THE STORY: The Record
Rostelecom Probes Cyberattack on Contractor Amidst Rising Russian Data Breaches
Bottom Line Up Front (BLUF): Russian telecom giant Rostelecom is investigating a suspected cyberattack on a contractor after hacker group Silent Crow claimed responsibility for leaking customer data. The breach follows a series of attacks on prominent Russian organizations and highlights growing cybersecurity challenges in the region.
Analyst Comments: Silent Crow’s motives remain unclear, but its pattern of targeting prominent entities suggests a focus on undermining Russian confidence in digital systems. Rostelecom's reliance on third-party contractors emphasizes the risks of supply chain vulnerabilities. With over 135 database leaks recorded in 2024, Russian organizations face mounting pressure to enhance cybersecurity measures as breaches grow in scale and sophistication.
FROM THE MEDIA: Rostelecom, one of Russia’s largest telecom providers, announced it is investigating a suspected cyberattack on a contractor responsible for its corporate website and procurement portal. Hacker group Silent Crow claimed responsibility, leaking thousands of customer emails and phone numbers on a private Telegram channel. Initial findings from Rostelecom suggest no highly sensitive personal data was compromised, though users have been advised to reset passwords and enable two-factor authentication. The attack comes amid rising cyber incidents targeting Russian entities, including Rosreestr, Alfa-Bank, and other organizations. Recent breaches like Roseltorg and Nodex highlight Russian businesses’ vulnerability to pro-Ukraine and independent hacker groups. Rostelecom’s president previously noted that nearly all Russian data is already available on the dark web, underscoring the extent of the country's cybersecurity crisis.
READ THE STORY: FT
U.S. Treasury Sanctions Chinese Hacker and Firm Linked to Cyberattacks on Critical Infrastructure
Bottom Line Up Front (BLUF): The U.S. Treasury Department imposed sanctions against Shanghai-based Yin Kecheng and Sichuan Juxinhe Network Technology Co. due to their involvement in cyber intrusions targeting U.S. critical infrastructure, including telecommunications firms and the Treasury itself. These actions follow a wave of cyberattacks orchestrated by state-linked groups such as Salt Typhoon and Flax Typhoon.
Analyst Comments: China's strategic use of digital colonialism and global influence operations demonstrates its ambition for technological and geopolitical dominance. China has established global control over critical digital infrastructure through the Belt and Road Initiative's Digital Silk Road, embedding surveillance capabilities via IoT devices and undersea cables. The panel’s focus on integrating cyber, policy, and geopolitical approaches highlights the need for U.S. and allied nations to counteract these risks swiftly. Delays in action risk a deeper erosion of democratic norms and more significant vulnerabilities in critical infrastructure.
FROM THE MEDIA: The OODAcon 2024 panel, moderated by Kristin Del Rosso of DEVSEC LLC, featured experts from Recorded Future, Microsoft, and ETH Zurich, discussing China's complex threat landscape. Topics included the exploitation of ownership structures, hacking contests, and intellectual property theft. The experts warned of China's "digital colonialism," characterized by the export of digital technologies under the Digital Silk Road to control global information flows. They highlighted critical vulnerabilities in global supply chains and urged proactive measures like enhanced network security, threat-sharing partnerships, and international cooperation. Panelists also pointed to initiatives like the U.S. Cyber Games as examples of positive steps forward.
READ THE STORY: CSD
Trump's Launch of Meme Coins Sparks Criticism in Crypto Industry
Bottom Line Up Front (BLUF): President Donald Trump and First Lady Melania Trump launched two meme coins, $TRUMP and $MELANIA, which have quickly gained a combined market cap of $8.6 billion. While the coins have drawn enthusiastic investors, they have also sparked criticism from within the cryptocurrency community for undermining the industry's credibility and raising concerns over potential conflicts of interest as Trump oversees crypto policy.
Analyst Comments: The launch of $TRUMP and $MELANIA highlights a significant shift in how cryptocurrencies are being leveraged for branding and profit rather than technological innovation. While the coins' popularity underscores the speculative appeal of meme-based assets, they risk damaging the crypto industry’s hard-won credibility, particularly in the wake of regulatory and reputational rebuilding after the FTX collapse. Critics argue that Trump's direct financial stake in these tokens while shaping crypto policy creates a stark conflict of interest. This could deepen skepticism toward cryptocurrencies, especially as investors grapple with the volatility and potential legal scrutiny surrounding these assets.
FROM THE MEDIA: On January 19, 2025, President Trump launched the $TRUMP token, which quickly reached a peak market cap of $15 billion before stabilizing at $7.8 billion. Two days later, First Lady Melania Trump introduced the $MELANIA token, valued at $800 million. Both tokens are classified as meme coins with no intrinsic economic purpose; their value is primarily driven by internet popularity and speculative trading. Industry experts have expressed concerns about the lack of regulation in the meme coin space, with 80% of the $TRUMP token owned by Trump-affiliated entities such as CIC Digital. Some traders accused the coins of resembling "rug pull" schemes, further fueling skepticism. Prominent figures in the crypto world, including Mark Cuban, criticized the launches as "manipulative" and potentially harmful to the industry’s legitimacy.
READ THE STORY: WSJ
ByteDance to Invest $12 Billion in AI Chips Amid Mounting U.S. Pressure
Bottom Line Up Front (BLUF): TikTok-owner ByteDance plans to spend $12 billion on artificial intelligence infrastructure in 2025, doubling its AI chip purchases from the previous year. The Beijing-based company is focused on building its AI capabilities in China and overseas despite mounting U.S. export controls and ongoing pressure to divest TikTok in the U.S. The ambitious investment underscores ByteDance’s strategy to maintain its leadership in China's AI race while navigating geopolitical tensions.
Analyst Comments: By allocating 60% of its domestic AI chip purchases to Chinese suppliers like Huawei and Cambricon, ByteDance aligns with Beijing's strategic goals while navigating informal mandates to support local industries. However, the company faces substantial hurdles overseas due to U.S. sanctions, including limitations on acquiring high-performance Nvidia chips. These challenges could significantly impact ByteDance’s ability to compete globally as it expands AI infrastructure for advanced model training. The geopolitical tug-of-war over TikTok further complicates its prospects, potentially disrupting ByteDance’s valuation and IPO plans.
FROM THE MEDIA: ByteDance has announced plans to spend over $12 billion on AI chips and infrastructure in 2025, with $5.5 billion allocated for domestic chip purchases in China and $6.8 billion for overseas AI model training using Nvidia chips. This represents a significant increase from last year’s budget despite U.S. export controls restricting Chinese companies from accessing advanced Nvidia chips. ByteDance’s domestic semiconductor orders will predominantly go to Chinese suppliers, aligning with informal government guidance to source at least 30% of chips from local manufacturers. Internationally, ByteDance faces challenges as tighter U.S. restrictions on renting high-performance chips through third-party providers have closed previous loopholes. Meanwhile, TikTok remains under scrutiny in the U.S., where President Trump issued a temporary executive order to keep the app operational but demanded a future sale of 50% ownership to a U.S. company. ByteDance’s investments also come as it competes with domestic giants like Alibaba, Tencent, and Baidu in China’s generative AI race.
READ THE STORY: FT
HPE Investigates IntelBroker's Data Theft Claims Amid Rising Cybercrime Sophistication
Bottom Line Up Front (BLUF): Hewlett Packard Enterprise (HPE) has activated its cyber response protocols following claims by the cybercriminal group IntelBroker of stealing sensitive data, including source code and user information. The alleged breach highlights the growing sophistication of cybercriminals and the increasing targeting of major tech firms.
Analyst Comments: If verified, IntelBroker's alleged breach of HPE's systems underscores the persistent risks posed by sophisticated threat actors targeting intellectual property and sensitive data. Known for targeting high-profile organizations, IntelBroker exemplifies combining technical expertise and strategic anonymity among modern cybercriminals. This incident reinforces companies’ need to strengthen security protocols for private repositories, enforce API key protections, and maintain robust incident response mechanisms. The potential impact on customer trust and intellectual property remains a key concern, especially as IntelBroker has a history of following through on threats.
FROM THE MEDIA: On January 16, 2025, HPE became aware of claims by IntelBroker that the group had stolen source code, API access, and personal data from its systems. HPE immediately disabled affected credentials and launched an internal investigation, confirming that no operational impact or customer data compromise had been identified. IntelBroker, known for prior high-profile breaches, reportedly sells stolen data on a cybercrime forum. The hacker claims to possess source code from private GitHub repositories, Docker builds, SAP Hybris, and more.
READ THE STORY: The Register
Items of interest
Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers for DDoS Campaigns
Bottom Line Up Front (BLUF): The Murdoc Botnet, a new variant of the Mirai malware, is actively exploiting vulnerabilities in AVTECH IP cameras and Huawei HG532 routers, including CVE-2017-17215 and CVE-2024-7029. Over 1,370 devices have been infected since mid-2024, targeting IoT devices globally to launch large-scale distributed denial-of-service (DDoS) attacks.
Analyst Comments: The use of known vulnerabilities in widely deployed devices such as AVTECH cameras and Huawei routers highlights the risks of unpatched firmware and weak credential management in IoT ecosystems. The botnet's growing sophistication, leveraging malware variants like Mirai and BASHLITE, poses significant threats to industries such as telecommunications, financial services, and cloud hosting. Organizations must adopt proactive measures, including regular firmware updates, strong password policies, and robust monitoring to mitigate the growing risks of IoT-based botnets.
FROM THE MEDIA: Active since at least July 2024, the Murdoc Botnet exploits critical flaws, including CVE-2017-17215 and CVE-2024-7029, to infect IoT devices across Malaysia, Mexico, Indonesia, and other regions. Once compromised, devices are used to download malware payloads targeting their specific CPU architecture. The infected devices connect to a command-and-control (C2) server for instructions to execute DDoS attacks. This follows a broader trend of Mirai-based botnets, with earlier examples such as the “gayfemboy” variant exploiting Four-Faith industrial routers. Recent attacks linked to Murdoc Botnet have focused on sectors like banking, gaming, and telecommunications, with over 55% of compromised devices located in India and significant activity reported in South Africa, Brazil, and Kenya.
READ THE STORY: THN
Zero to Hero: The process of reversing and exploiting complex vulnerabilities, with Chompie! (Video)
FROM THE MEDIA: n this stream, chompie will share some of the techniques she uses when weaponizing complex vulnerabilities. Check out her Github page with some great examples of vulnerabilities she's weaponized, such as SIGRed and SMB Ghost: https://github.com/chompie1337
CVE of the Week: CVE-2024-7029 (Video)
FROM THE MEDIA: Often we think of software as being relegated to cyberspace only. But more and more hardware is connected to the world as part of the Internet of Things (IoT). We highlight a perfect example of CCTV cameras that are no longer supported by the manufacturer and the existing vulnerability will remain unpatched forever. In this case, it has already been exploited by hackers to deploy Mirai malware that aggregates compromised devices into large botnets.
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.