InfoSec News Briefs Proof of Concept March 2023
MP3 Download of the Audio for this Episode
‘Mind Dominance’: The CCP’s Disinformation War on US Social Media
According to the testimony of security experts, lawmakers, and numerous reports, the CCP is adapting its strategy for psychological warfare against the weaknesses of open societies. It is evolving its influence campaigns from corny propaganda about the glory of communism into subtler, more insidious disinformation campaigns intended to make Americans give up on their own country. “The goal of CDO is to achieve what the People's Liberation Army refers to as ‘mind dominance,’ defined as the use of propaganda as a weapon to influence public opinion to effect change in a nation’s social system, likely to create an environment favorable to China and reduce civilian and military resistance to People's Liberation Army actions,” the report said.
China sets SIM-based tracking devices in UK Government cars.
NOTE- Every developed country like the United States, the UK, China, Russia, and Iran has launched its own set of surveillance campaigns from 2012. Each has a different aim of spying on its populace, politicians, bureaucrats, and businesspersons of international fame, especially after law enforcement found a tracking device transmitting data to Chinese servers through a china-based telecom provider’s SIM in Westminster, Central London.
CIA is seeing a lot of effort’ from Russia to close down US intelligence visibility
Burns acknowledged that during the early days of the invasion, the Biden administration had been concerned that providing too much intelligence to Ukraine could have been seen as “provocative” by Russia. Still, it quickly became apparent that withholding information “inhibited the Ukrainian ability to be successful.” Harvard political scientist Graham Allison, who chaired the panel, said that he thought it was fair for Putin to describe the U.S. providing intelligence on targets for Ukraine as an act of hostility and asked whether Russia had successfully countered the agency’s collection efforts.
Facts Contrary to Left's Narrative Targeted by Global Disinformation Index
The Global Disinformation Index, a British organization with two affiliated U.S. nonprofit groups, is feeding blacklists to ad companies to defund and shut down websites peddling alleged ‘disinformation.’ Investigative reporter Gabe Kaminsky did an excellent job of uncovering how activist organizations, some partnered with the State Department, work to blacklist and defund conservative media.
Russian Spy Ring in Australia Busted (and more)
A Russian spy ring in Australia operated for over 18 months before it was broken in a counter-espionage operation by the Australian Security Intelligence Organisation (ASIO). According to media reports, a Russian vessel attempting to map out energy infrastructure for possible sabotage was escorted away from a North Sea wind farm by Dutch authorities.
Australian Prime Minister Tells Inquiry Chinese Influence Ops are “Blatant”
Former Australian Prime Minister Malcolm Turnbull has told an inquiry that Chinese influence operations in Australia are “blatant” despite the country’s lack of listings on Australia’s foreign influence transparency register. Turnbull noted that China and the Communist Party of China are the most active state and political parties attempting to sway Australian public policy, but the transparency register shows no affiliation with the United Front Work Department of the CPC.
Ransomware Attack Hits US Marshals Service
The US Marshals Service (USMS) has confirmed falling victim to a ransomware attack that compromised sensitive law enforcement information. “The US Marshals Service is one of America’s highest ranking law enforcement agencies, and it possesses highly sensitive information related to national security, witness protection programs and convicted felons.
Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware.
The cybersecurity researchers at AhnLab Security Emergency response Center (ASEC) have discovered a new ChromeLoader malware campaign in which hackers bypassed antivirus programs and other cybersecurity mechanisms. Users looking for pirated video game hacks and software are the key targets of attackers, who are lured into downloading VHD files from compromised websites appearing in search results.
Chipmakers receiving US federal funds can’t expand in China for ten years.
Chipmakers must agree not to expand capacity in China for a decade if they are to receive money from a $39 billion federal fund designed to build a leading-edge US semiconductor industry.
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
The conclusions above are based on an extensive analysis of Telegram chat logs from three distinct cybercrime groups or actors that security researchers have identified as particularly active in and effective at “ SIM-swapping,” which involves temporarily seizing control over a target’s mobile phone number. The 104 days in the latter half of 2022 in which different known SIM-swapping groups claimed access to T-Mobile employee tools.
China's BlackFly Targets Materials Sector in 'Relentless' Quest for IP
Last week, researchers at Symantec revealed a new threat group, Hydrochasma targeting Asia-based organizations associated with COVID-19 treatments and vaccines in an intelligence-gathering operation — solely using open-source and commodity malware and tools. Dick O'Brien, a principal intelligence analyst at Symantec Threat Hunter, tells Dark Reading that this puts Blackfly's incursions in context. "The bigger picture is that there seems to be a fairly relentless intelligence operation underway on multiple fronts."The open source tools tactic helps them avoid detection, which in the case of Blackfly — members of whom already have been indicted by the US government — would be an attractive proposition, O'Brien says."This shift toward open source tools is something we've seen a lot of attackers doing," he tells Dark Reading.
Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist
"Organizations need to look hard at their cloud security because the cloud comes to secure out of the box, but as people start to operate on it and change it, they make it less secure."From Minor to Major Security BreachThe attacker compromised the target's cloud infrastructure through a vulnerable Internet-exposed service that allowed access to a Kubernetes pod, a technology used to manage and deploy containerized applications. Because Terraform often saves the state of its pipeline to Simple Storage Service (S3) buckets, the attacker could retrieve those files and find at least one more additional credentials. However, the second identity had limited permissions, stopping the attacker's lateral movement, Sysdig stated in its analysis.
WannaCry Hero & Kronos Malware Author Named Cybrary Fellow
Marcus Hutchins, who set up a "kill switch" that stopped WannaCry's spread, later pled guilty to creating the infamous Kronos banking malware.
A Farley, Mo., man pleaded guilty in federal court today to sexually assaulting a 3-year-old victim to produce child pornography and distribute it to others through the Kik application. Most of these were created live, meaning he was recording himself actively sexually abusing the child victim while communicating with others over Kik, and sending those images and videos to them during the abuse.
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
"The threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack," the password management service said. LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened because of the same adversary launching a second attack on its systems.
Comments
Post a Comment