Monday, Mar 10, 2025 // (IG): BB // GITHUB // SN R&D
Elon Musk Seeks Italian Presidential Meeting to Salvage Starlink Deal
Bottom Line Up Front (BLUF): Elon Musk has requested a meeting with Italian President Sergio Mattarella to rescue Starlink's $1.5 billion military communications deal with Italy. The proposed five-year contract, intended to secure diplomatic and military communications, faces increasing political opposition amid growing transatlantic tensions between the U.S. and Europe. Critics argue that reliance on Starlink—a U.S. private entity controlled by Musk—poses security risks given Musk's recent anti-NATO comments and the Trump administration's suspension of U.S. military aid to Ukraine.
Analyst Comments: Musk’s intervention highlights Europe’s shifting security concerns, as governments now question U.S. reliability under Trump’s administration. Italy's exploratory talks with Eutelsat, a Franco-British satellite provider, signal a potential pivot toward EU-based alternatives for secure communications. The controversy also underscores the risks of depending on private tech moguls for critical infrastructure, especially when geopolitical alignments shift unpredictably. Given Starlink's role in Ukraine's war effort, EU leaders may be reluctant to trust Musk's platform, fearing potential politically motivated service disruptions.
FROM THE MEDIA: Prime Minister Giorgia Meloni's government has been negotiating with Starlink but is now reassessing alternatives amid domestic backlash. The Italian opposition and EU lawmakers have raised concerns about Starlink’s political reliability, particularly after Musk’s previous threats to cut off Ukraine’s access. Meanwhile, Italy’s far-right League party, aligned with Trump and Putin, continues to push for the Starlink deal, arguing that European alternatives are technologically inferior. While Meloni has not made a final decision, opposition within Italy’s government and Mattarella’s silence on the matter suggest the deal may not move forward.
READ THE STORY: FT
NTT Communications Reports Data Breach Affecting Nearly 18,000 Corporate Customers
Bottom Line Up Front (BLUF): NTT Communications, a subsidiary of NTT Group, reported a data breach after detecting unauthorized access to its internal order information system on February 5, 2025. The breach, which potentially exposed data from 17,891 corporate customers, includes contract details, customer names, contact information, and service usage data. The company isolated the compromised systems and has begun notifying affected businesses, though no evidence of misuse has been found so far.
Analyst Comments: The delayed discovery of secondary access (February 15) highlights potential gaps in network segmentation and intrusion detection. Given NTT Communications' role in Japan’s digital infrastructure, this incident could attract regulatory scrutiny and erode customer confidence. Strengthening monitoring, incident response, and access controls will be essential to preventing future attacks.
FROM THE MEDIA: NTT Communications first detected suspicious activity on its order information system on February 5, promptly restricting access to the affected device (Device A). A subsequent investigation on February 6 revealed that some corporate customer data had likely been exfiltrated. Further analysis on February 15 discovered a second compromised device (Device B), which was immediately isolated from the internal network. The leaked data does not include consumer mobile contracts from NTT Docomo, but businesses using NTT’s corporate services are affected. NTT Communications is contacting impacted customers while committing to strengthening security measures and transparency.
READ THE STORY: NTT
U.S. Open to Critical Minerals Partnership with the Democratic Republic of Congo
Bottom Line Up Front (BLUF): The United States has expressed interest in critical minerals partnerships with the Democratic Republic of Congo (DRC) as part of the Trump administration’s "America First" agenda. With the DRC holding significant global cobalt, lithium, and uranium reserves, discussions are underway about potential U.S. investments in exchange for regional security cooperation. The move comes as the DRC fights Rwanda-backed M23 rebels and seeks to diversify economic partnerships beyond its heavy reliance on China.
Analyst Comments: This development reflects Washington’s strategic push to secure supply chains for critical minerals, particularly as the U.S.-China rivalry intensifies. While the DRC is eager to attract American capital, a key challenge remains: the absence of major U.S. mining companies in the region, unlike China’s state-backed firms that dominate the market. If successful, this partnership could reduce China’s influence over global mineral supplies while bolstering U.S. geopolitical leverage in Africa. However, concerns about political instability, corruption, and regulatory risks in the DRC may complicate these negotiations.
FROM THE MEDIA: While the Congolese government has not officially endorsed this initiative, multiple high-level discussions are underway. A delegation from Kinshasa had been scheduled to meet with the U.S. House Foreign Affairs Committee on March 6 but abruptly canceled. Experts believe that while American investors are interested, the U.S. lacks state-owned mining companies, meaning alternative investment structures will be necessary. China dominates Congo’s mineral supply chains, making any U.S. entry a potential geopolitical flashpoint.
READ THE STORY: Reuters
Hidden Backdoor Commands Found in Bluetooth Chips Used in Over a Billion Devices
Bottom Line Up Front (BLUF): Security researchers from Tarlogic Security have uncovered 29 undocumented vendor-specific commands in ESP32 Bluetooth chips, which are widely used in IoT devices. These hidden commands enable attackers to change MAC addresses, intercept Bluetooth traffic, bypass firmware verification, and execute arbitrary code. Given that ESP32 chips are embedded in over a billion smart home products, the discovery poses significant security risks.
Analyst Comments: The findings highlight a major vulnerability in Bluetooth security, particularly in IoT ecosystems where ESP32 chips are prevalent. Attackers could exploit these backdoors for persistent access, impersonation attacks, and even the deployment of rootkits. Since many smart home devices lack robust firmware update mechanisms, mitigation could be challenging. Manufacturers must prioritize patching these vulnerabilities, while organizations using ESP32-powered devices should review their Bluetooth security posture to prevent potential breaches.
FROM THE MEDIA: At RootedCON 25, researchers Antonio Vázquez Blanco and Miguel Tarascó Acuña demonstrated how the ESP32 chip's hidden commands could be leveraged for sophisticated Bluetooth attacks. They reverse-engineered the firmware to uncover undocumented HCI commands that allow direct memory manipulation, low-level packet interception, and unauthorized device impersonation. Given ESP32’s widespread use in smart home devices, these vulnerabilities could enable large-scale cyberattacks. To address these risks, the researchers released an open-source, cross-platform Bluetooth driver and tools on GitHub, enabling further security assessments and mitigations.
READ THE STORY: Cyber Kendra
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools
Bottom Line Up Front (BLUF): A new malware campaign is infecting Russian users with a cryptocurrency miner called SilentCryptoMiner, which disguises itself as a tool for bypassing internet restrictions. The malware, distributed via YouTube and Telegram, trick victims into disabling security protections before executing malicious payloads. To persist undetected, the miner employs advanced evasion tactics, including process hollowing and Windows Defender exclusions.
Analyst Comments: SilentCryptoMiner's use of social engineering, YouTube copyright strike threats, and sandbox evasion techniques demonstrates the increasing sophistication of financially motivated cyberattacks. Organizations and users in high-risk regions should be cautious of third-party tools and implement strict endpoint security measures. The reliance on Windows Packet Divert (WPD) tools as an infection vector highlights the need for better awareness and security controls in software distribution channels.
FROM THE MEDIA: According to Kaspersky, SilentCryptoMiner has infected over 2,000 Russian users through deceptive software archives promoted on a YouTube channel with 60,000 subscribers. Victims are tricked into downloading an infected archive, which includes a batch script that launches a malicious Python-based loader via PowerShell. If antivirus software interferes, an error message urges users to disable security protections and retry the installation. The malware leverages process hollowing to inject its mining payload into legitimate system processes (dwm.exe), ensuring persistence. Furthermore, the miner is based on XMRig, an open-source Monero mining tool, and uses file padding to evade automatic malware detection by inflating its size to 690 MB. The attackers control the malware remotely via a web panel, allowing them to halt mining operations when specified processes are active, further reducing detection risks.
READ THE STORY: THN
Zelenskiy Heads to Saudi Arabia Ahead of High-Stakes U.S. Talks
Bottom Line Up Front (BLUF): Ukrainian President Volodymyr Zelenskiy is set to meet Saudi Crown Prince Mohammed bin Salman before crucial talks with U.S. officials regarding a possible framework for ending the war with Russia. The U.S. has shifted its stance, engaging directly with Moscow while scaling back military support for Kyiv. Zelenskiy aims to secure a bilateral minerals deal with Washington and discuss potential ceasefire terms amid intensifying Russian attacks.
Analyst Comments: The upcoming negotiations signal a critical turning point for Ukraine, as the U.S. appears to be pressuring Kyiv toward a rapid resolution that aligns with Trump’s broader foreign policy objectives. With Russian forces making gains and Ukraine struggling with dwindling Western support, Zelenskiy faces mounting pressure to concede strategic ground in exchange for a ceasefire. The involvement of Saudi Arabia highlights Riyadh’s growing role as a mediator in global conflicts, leveraging its ties with both Washington and Moscow. The outcome of these discussions could reshape Europe’s security landscape, particularly if Ukraine is forced to accept a settlement on Russia’s terms.
FROM THE MEDIA: Zelenskiy’s meeting with Mohammed bin Salman comes as Ukraine grapples with a worsening battlefield situation and a shift in U.S. priorities. According to Reuters, Tuesday’s U.S.-Ukraine talks will focus on securing an economic deal involving Ukrainian mineral resources, which Washington sees as key to maintaining its strategic partnership with Kyiv. The Trump administration’s envoy, Steve Witkoff, has stated that the goal is to establish a peace framework and an initial ceasefire, though Moscow has rejected any temporary truce, viewing it as a strategy to delay Ukraine’s military collapse. Meanwhile, Russian forces have intensified their offensive, launching over 1,200 guided bombs, 870 attack drones, and 80 missiles at Ukraine in the past week alone. With Kyiv’s troops nearly encircled in the Kursk region, the stakes for Zelenskiy’s diplomatic efforts have never been higher.
READ THE STORY: Reuters
U.S. Lumber Prices Drop After Trump Delays Canadian Tariffs
Bottom Line Up Front (BLUF): U.S. lumber prices have fallen from recent highs after President Trump delayed tariffs on Canadian imports, easing supply concerns. However, the Department of Commerce has launched an investigation into Canadian softwood lumber dumping, which could still result in a nearly 52% total duty on imports. Canada, which supplies 30% of U.S. softwood lumber, warns that increased tariffs would disrupt the housing market and raise costs for American consumers.
Analyst Comments: While the temporary pause on tariffs has stabilized lumber prices, the looming investigation suggests that duties may still increase significantly in the near future. This could worsen housing affordability in the U.S., which is already strained by high interest rates and labor shortages. Canada’s forestry industry—a major employer—will face significant financial pressure if duties rise. Meanwhile, Trump’s broader strategy to reduce foreign competition aligns with his administration’s protectionist economic policies but risks escalating trade tensions with key allies.
FROM THE MEDIA: According to the Financial Times, lumber futures surged to a 30-month high before Trump’s last-minute decision to delay tariffs by one month. However, prices still remain elevated due to uncertainty over pending anti-dumping duties. The U.S. claims that Canadian lumber producers benefit from unfair government subsidies, allowing them to sell at below-market prices. Industry analysts warn that Canadian producers cannot absorb such high duties, potentially leading to supply shortages and higher costs for American homebuilders. Meanwhile, Canada’s Forest Products Association urged the U.S. to reconsider tariffs, arguing they would disrupt a long-standing and mutually beneficial trade relationship.
READ THE STORY: FT
Items of interest
Trump and the Decline of American Soft Power
Bottom Line Up Front (BLUF): Joseph Nye coined the term "soft power," argues that former U.S. President Donald Trump’s nationalist and transactional approach to foreign policy has significantly weakened America's global influence. Trump's disregard for alliances, international institutions, and democratic norms has eroded soft power, which relies on cultural appeal, values, and diplomacy. This shift may benefit geopolitical rivals like China, which is actively working to expand its influence.
Analyst Comments: The decline of American soft power under Trump is not just a short-term political issue but a structural shift with long-term consequences. America's influence has historically relied on a combination of military strength and the appeal of its democratic values. However, Trump's isolationist and often erratic foreign policy decisions—such as weakening NATO, withdrawing from international agreements, and downplaying human rights—have alienated allies and emboldened adversaries. If these trends continue, the U.S. risks losing its leadership role, allowing countries like China to reshape the global order.
FROM THE MEDIA: Nye highlights key examples, such as Trump's withdrawal from multilateral agreements, his dismissal of allies’ concerns, and his lack of commitment to democratic principles. He contrasts this with China's strategic investment in soft power through foreign aid and cultural initiatives. While the U.S. has historically recovered from soft power setbacks, Nye warns that Trump’s second presidency could cause more profound, lasting damage. He also emphasizes that much of America's soft power comes from civil society, universities, and cultural exports, which may counter government policies.
READ THE STORY: FT
What is Soft Power? (Video)
FROM THE MEDIA: The U.S. military carried out an attack against missile launch sites inside Houthi-controlled areas of Yemen after a Houthi attack late Wednesday that damaged a U.S.-owned commercial ship sailing in the Gulf of Aden. The attacks came as the United States redesignated Yemen’s Iranian-backed Houthi rebels as a global terrorist organization following weeks of missile and drone attacks on international shipping in the Red Sea and the Gulf. But as VOA Pentagon correspondent Carla Babb reports, critics remain concerned about Iran’s increasing aggression in the region.
The Demise of U.S.A.I.D. — and American Soft Power (Video)
FROM THE MEDIA: As President Trump demolishes the government’s biggest provider of foreign aid, the United States Agency for International Development, he is ending a 60-year bipartisan consensus about the best way to keep America safe from its enemies.
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.