- RSnake Report
- Posts
- RSnake Report 20241004
RSnake Report 20241004
Israel attacks Russian airbase, Chinese fleets, etc.
Robert RSnake Hansen
October 04, 2024
Table of Contents
Hello, and thanks for reading! We did two RSnake Show Demo Days this week. First with Nucleus, who does vulnerability management - basically what all vuln scanners should have been but never were. The second was with MirrorTab which makes it hard for browser plugins to steal your data in transit. Check them out, and if you know vendors who should be on the show, let me know! I also hope you got a chance to tune into the vice presidential debate. If not, don’t worry; I watched it, so you don’t have to. It was both totally civil and very tense at the same time. But we’ll get into that more in domestic news below.
For now, let’s start today with the Russia/Ukraine conflict. There is a strange theory that due to wiretaps or SIGINT, it appears Russia has missed it’s internal deadline for taking Pokrovosk. Does that mean Ukraine won? Very odd, if true, but even if it is, likely the deadline will be pushed back for any number of reasons. Either way, this news doesn’t appear to be stopping the Russian attempts to advance.
“3 points on Pokrovsk front”
Ukrainians attacked two fuel depots yesterday. In one of the more notable targets outside of Kursk is that the Ukrainians destroyed a Russian Nebo-M radar system, worth an estimated $100M. It is unclear how important this was for the Russian early warning, but the Russians have already had a difficult time seeing and stopping Ukrainian missile and drone waves.
"Nebo-M"
Sanctions have begun to change tactics for Russia. They have regressed to starting to use bartering. Interestingly, this may seem retrograde, and in many ways it is, but it is also one of the most efficient means of transfer, as the costs to barter and the ability to sanction it come mostly down to destroying supply lines. There is no tax, no electronic oversight or banks, just moving goods across borders.
Telegram has been experiencing a fairly large outage in Russia and surrounding regions. I have seen a few reports of this, with very little ripple effects, which makes me thinks it may have just been a temporary blip rather than a long-term outage, and likely not a military action, and more likely simply a minor temporary disruption. Telegram is used heavily by the Russian military for reasons that still barely any sense of military professionalism or security doctrine.
“Telegram”
In military tech news, Ukraine is testing a new Hawkeye howitzer system that the US has supplied. This is one of the more interesting non-towed systems that I’ve seen because if you watch the video the recoil on it is almost zero. It seems to prepare the barrel for firing by pushing it forward, leaving most of the recoil to re-seating the barrel. It looks like there are large pistons on it that are contributing to that recoil dampening. The benefits to this are that are extremely mobile, rapidly deployed, lightweight, and less wear and tear on the rest of the system components.
“US-supplied Hawkeye howitzers”
I also came across a new backpack sized mine-clearing rocket-driven line-charges that Netherlands developed and Ukraine is likely fielding. Typically these systems are rather large and require some sort of track-driven system, so the idea that this can now be done by infantry is extremely useful, especially because some of these mines are in very dense underbrush, along trails, and in trenches, where vehicles would have difficulty accessing.
“Backpack tactical line charges”
In South East Asia in the midst of our Longshoreman strike, China is showing off it's automated ports. If you have never seen anything like this before, it’s worth a look. Half of it looks like it’s computer-generated, but it does exist. The promise of the tech is that it allows us to get rid of all but a very small number of Longshoreman. Of course, the risk to us is enormous using their automation, given the fact that all of it is extremely suspect, Internet-connected, and if it fails for any reason, our ports come to a halt. Of course, we’re already at a halt with some very strong rhetoric coming from the head of the Longshoreman union. Oh and Governor DeSantis is bringing in the National Guard to manage the ports. So… 🤷
At the same time, China is ramping up it’s naval exercises - especially their carrier strike group. Well over 100 sorties in a short time is exercising every aspect of their capabilities. There is no reason to be doing this unless there is an expectation of a future need.
“Liaoning's carrier-based fighter jets made approximately 250 takeoffs”
I have heard rumors of large military operational exercises in South Korea happening over the last week or so, likely due to concerns about increasing tensions. Meanwhile South Korea is fielding a new laser system for line-of-sight defense. This appears to be easily deployed via a tractor trailer, making it readily deployed on the front lines, or near shore-lines where inbound cruise missiles may be a imminent threat.
“Block-I Lazer System”
But the real news this week is definitely coming out of the Middle East. Iranian missiles have been inbound to Israel. Technically, this isn’t new behavior, but the number and distance we’re talking about is rather striking. There is a lot of footage about this. The United States did get involved, it seems through a few naval vessels that intercepted at least some of the missiles inbound to Israel and likely had something to do with at least some of the ballistic interceptions in space.
Amman, Jordan is now the middle ground for Iranian missiles, which have to fly over their country to hit Israel. Both Syria and Jordan are in the way, so they will naturally get some collateral damage as interceptors destroy missiles and long-range drones over their lands. There is pretty spectacular footage of this situation (and here and here).
“Hundreds of missiles”
The actual damage to Israel was rather minimal but imagine being in Jordan or Syria and seeing missiles fly over your supposedly sovereign territory. Either you are pro-Palestine/Israel, and you are cheering, or you are saying to yourself that you need to get some intercepters yourself to stop what could easily be aimed at your capital at some point soon. Especially because the US has said that there will be retaliatory strikes due to this behavior soon, for their part, Iranian tankers have been detected leaving port all of a sudden. Run while you can, but moving a few miles away won’t save them if the US and Israel decide they are targets.
Meanwhile, a bit further north of Israel, the IDF has apparently been in Lebanon for months. There may be two or more divisions operating there. Imagine finding out you have been infiltrated for months, and your systems and structures have been mapped and hijacked that entire time. It also killed Hasheem Safieddine yesterday in a fairly massive airstrike. I wouldn’t want to be at the top of Hezbollah right now.
“Eliminated”
But the big bang of the week goes to Israel hitting a Russian airbase in Syria. More pictures here.
“Russia's Hmeimim airbase”
This was apparently an ammo depot of some sort used to transport Israeli arms to Hezbollah at a warehouse in a Russian airbase. That Russia has such a cozy relationship with Iran and Hezbollah is pretty much the smoking gun to say that Russia is sanctioning terrorism. But what does this mean? What does Russia do? What can it do? Is it going to open another front against Israel? The Israeli strike passed all the Russian air defense and destroyed exactly the warehouse they were after and nothing else. The runway and other buildings were left intact - likely not to escalate things but also as a warning to Russia that Israel can attack when and where they choose. Will Russia escalate? As one famous artist once said bad decisions make great songs. Whether this was a bad decision or not remains to be seen.
“Is this Hezbollah”
Navim airbase was also struck and slightly damaged. There is rather amazing footage of the strikes, with somewhat confusing and mixed damage assessments.
On the domestic front there has been a few things worthy of mentioning. First is that Dominion voting machines in Georgia appear to have been directly connected via the Internet to Belgrade Serbia. For some reason some of the original documents linked to in the comments have been removed from the ca.gov website, but you know I went to go find it for you here (Beehiiv is breaking this link - remove the query string after you land). For those still believing that voting machines are vulnerable beyond me telling you that I have hacked one myself, and voting registration systems… there is a supercut of hackers at the voting village going after voting machines that are worth watching.
On the defense side, apparently, there is word that there is faulty sub/carrier welding. I was a little dubious of this reporting at first, but you can find more on this topic at on the Democrat’s Armed Services committee website.
Hurricane Helene has passed, but the dead, wounded, and missing are mounting. There are purportedly north of 150+ dead. There is a very interesting visual from orbit showing the current issues with power across the region, which still impacting many people in there. I have been helping pilots get in contact with the Save Our Allies team to help with search and rescue operations.
Okay, onto the vice presidential debates between Senator JD Vance vs. Gov Walz. My major takeaway was that the moderators were somehow worse than the Trump/Harris debates with real-time “fact-checking” and pretexting questions. It was actually a little hard to watch. What I mean is that there was pretexting about the strength of storms. There was fact-checking about how Kamala wasn’t the border Tzar (wait, who was in charge of the border then?). Then, not fact-checking about things Tim was saying, like the comment about yelling fire in a theatre, which isn’t actually illegal.
It reminds me of a time when Eric Weinstein started singing the song by the doors and asked people to sing along with them, saying, “Come on baby light my…” and then he stopped singing and got everyone to loudly sing the word “fire” in a theater. Not one person went to jail that day. 😆 The moderators were argumentative and wrong. Not a good look. I think the Republicans should have some caveat where they can find moderators some large amount if they fact-check them in real-time, otherwise I see no reason they won’t keep doing this.
But especially post-debate there was a lot of teeth gnashing about how the debate went where they concluded Tim Waltz won. One of the things I learned last week was how to read polls a little better. One of the lesser-known things about polls is that there is a 4:1 ratio of women to men who answer polls, so unless they specifically break it down and isolate sex, they are almost meaningless. So, I don’t have a lot of faith in anything that came from that debate. But I was surprised at how much agreement the two men had with one another.
OpenAI is announcing a new product called Canvas, which allows you to edit/write alongside ChatGPT including code. I generally think this is a decent approach to long-form content writing with an LLM, but I also think it lacks a bit of larger context. Just because you are writing something together doesn’t mean it has a clue what you want the output to be like. So while cool and super useful for some, I think the real power will come when it gives you total freedom to impart any knowledge into it, and have respond in any tone, not just a handful of pre-selected tones. I am very bullish on LLM sovereignty (and data sovereignty ultimately) and only using larger models when broader context is useful and privacy/security/trademarks are less of a concern.
Okay, onto the articles!
In Canada, there has been a recent surge in police-related deaths involving Indigenous people, leading to widespread outrage and calls for systemic change in policing practices.
Several Indigenous people have died in police-related incidents across Canada since late August.
Indigenous leaders are demanding accountability and reform in policing practices.
[RSnake: Read Nick Selby’s book if this reminds you of how African Americans are claimed to have been mistreated in the US. Be careful of these claims - statistics and data say otherwise.]
The U.S. is engaged in discussions with Israel regarding a response to Iran's recent missile attack, with President Biden indicating that no immediate Israeli retaliation is expected.
U.S. officials are having conversations with Israel about the situation following Iran's missile attack.
Iran warns of an unconventional response to any Israeli attack on its nuclear sites amidst escalating regional tensions.
[RSnake: I would be surprised if there wasn’t retaliation, but likely not whatever Iran thinks that will look like. Israeli forces are already embedded there. It likely won’t be tank columns across the Arabian peninsula.]
The FBI has uncovered a significant Russian disinformation campaign, dubbed 'Operation Doppelganger', which involves creating over 60 fake news websites mimicking major Western outlets to spread pro-Russian narratives and undermine support for Ukraine.
Russia's disinformation campaign created fake news sites to mislead users and diminish support for Ukraine.
The operation is linked to high-ranking Russian officials and uses advanced technologies to target specific demographics.
[RSnake: Yep, and without really looking at the domain, it’s easy to get confused. So it would be like washingtonpost[.]pm instead of .com.]
Romania has delivered a Patriot missile-defense system to Ukraine, enhancing its air defense capabilities in response to ongoing Russian attacks. The delivery comes amid increased concerns for NATO members as Russia continues to launch drones and missiles into Ukrainian territories, with Romania monitoring the situation after recent drone incursions into its airspace.
Romania delivered a Patriot missile-defense system to Ukraine.
This delivery is in response to ongoing Russian missile and drone attacks.
Romania has scrambled fighter jets to monitor Russian drone activity near its borders.
[RSnake: Better late than never, but one system isn’t going to change the tide of this war. They need a lot more than that to secure their airspace.]
Source: https://euromaidanpress.com/2024/10/03/romania-delivers-patriot-missile-defense-system-to-ukraine/
Donald Trump vows to revoke temporary protected status for Haitian migrants living in Springfield, Ohio, and deport them back to their own country, citing concerns over the town's population growth.
Trump has promised to conduct the largest mass deportation operation in U.S. history if elected to another term.
Over 20,000 Haitian migrants have settled in Springfield, Ohio, causing concerns over the town's population growth and infrastructure.
[RSnake: it may seem harsh but it is politically popular.]
Source: https://www.dailywire.com/news/trump-vows-to-deport-haitian-migrants-living-in-springfield-ohio
Mass immigration to Sweden is expected to lead to a significant increase in illiteracy rates, with the number of people unable to read or write expected to reach 1 million by the end of this year, putting a strain on the country's education system and economy.
Mass immigration is primarily due to illiterate adults from non-Western countries bringing in children who are entering the Swedish school system.
The education level of parents greatly influences the grades of their children, with non-Western migrants dominating among the worst performers.
Russia is revising its nuclear doctrine to broaden the conditions under which it would consider using nuclear weapons, including in response to aggression from non-nuclear states that are supported by nuclear nations. President Putin has stated that aggressive actions against Russia, particularly by NATO or its allies, may be met with a nuclear response.
Russia is updating its nuclear doctrine to allow for potential nuclear responses to a wider range of threats.
Putin has indicated that both traditional and nuclear strategies will be re-evaluated in light of perceived aggression from NATO and its allies.
[RSnake: I wonder if they will enter into it countries bombing their airbases full of terrorist weapons…]
A federal court filing suggests former President Trump acted privately to challenge the results of the 2020 election.
The court filing argues that Trump's efforts to overturn the 2020 election results were separate from his official presidential duties.
Trump's actions included pressuring officials and promoting false narratives of election fraud.
[RSnake: There is a lot of evidence that never made the light of day. Voter fraud definitely happens. To claim otherwise is simply not understanding the law of large numbers. I’ve even heard one woman bragging about it. So we know it happens, the question is how much and to what end. And yes, Trump misbehaved throughout, unquestionably. To me those are separate issues.]
Tensions in the Middle East are escalating as Iran has launched a missile attack on Israel in retaliation for the deaths of key military leaders. Israel claims to have intercepted most of the approximately 200 missiles, while both nations prepare for possible further confrontations amidst international calls for de-escalation.
Iran carried out a major missile attack on Israel as retaliation for recent assassinations.
Israel intercepted most missiles with U.S. assistance, signaling a significant military exchange.
[RSnake: No kidding. Iran was already threading the needle by getting Hezbollah to do their dirty work. There is no mistaking this direct act. More info from the BBC here.]
Ukrainian judge found dead in Berdiansk after collaborating with Russian occupiers, car explosion reported near city port.
A Ukrainian judge who collaborated with Russian occupiers was found dead in a car explosion near the city port of Berdiansk.
The judge, Vitalii Lomeiko, had defected to collaborate with Russian occupiers and remained in occupied Berdiansk despite violating his oath during the war.
[RSnake: I am not a fan of these extra-judicial actions, which is not surprising. It’s hard to drag a judge through court when they know the court system or are otherwise protected. But car bombs sure do the trick.]
A Houston lawyer is filing lawsuits against the recording artist Sean Combs on behalf of over 120 plaintiffs, including minors. The allegations include serious charges such as sex trafficking, racketeering, and various forms of abuse occurring over decades.
Over 120 plaintiffs, including minors, are involved in lawsuits against Sean Combs for serious allegations.
Federal authorities have charged Combs with racketeering and sex trafficking, with evidence suggesting a long history of abuse.
Hurricane Helene has caused severe flooding and damage across the southern U.S., displacing patients and forcing evacuations at multiple hospitals. The storm has resulted in significant disruption to health care services, with many medical facilities unable to operate due to flooded conditions and loss of power and water supplies.
Hurricane Helene resulted in the evacuation of dozens of medical facilities due to extreme flooding.
Over 1.5 million people remain without power, and nearly 400 drinking water systems have boil water advisories across the Southeastern U.S.
The UK has officially closed its last coal-fired power plant, Ratcliffe-on-Soar, marking the end of coal electricity generation in the country for the first time in 142 years. This shift reflects a long-term decline in coal use driven by increased reliance on natural gas, renewable energy, pollution controls, and government emissions targets aimed at achieving net-zero greenhouse gas emissions by 2050.
The UK has transitioned away from coal, which once provided over 90% of its electricity.
The shift is part of broader efforts to combat climate change and achieve net-zero emissions.
[RSnake: Okay, but… replacing it with what exactly? Everyone seems very slow on nuclear, so all that’s left is renewables, which are extremely flakey at night, at low tide, with calm cloudy days, etc. So unless they have some other form of capacity planning, like huge battery banks or gravity-capture, this isn’t exactly a great situation.]
The U.S. Navy's capacity and readiness have diminished significantly while China has rapidly expanded its naval forces, surpassing the U.S. in the number of battle force ships. This naval expansion is alarming for U.S. national security, as it affects control over international sea lanes crucial for global trade and stability. Additionally, recent incidents involving attacks on U.S. Navy ships and the decline of support logistics further illustrate the challenges faced by the U.S. maritime presence.
China's navy has become the world's largest with a projected fleet growth.
The U.S. Navy is struggling with readiness and logistics, impacting its ability to respond to global maritime challenges.
A coast-wide strike by the International Longshoremen’s Association (ILA) has begun, affecting approximately half of U.S. containerized imports and exports during a crucial shipping season. The strike stems from disputes over wage increases, job security related to automation, and inadequate working conditions, prompting the union to demand changes from the United States Maritime Alliance (USMX) with no immediate resolution in sight.
The ILA is participating in its first coast-wide strike since 1977 due to wage and job security issues.
USMX is under pressure from the Biden Administration to negotiate a fair contract amid concerns of economic impacts from the strike.
[RSnake: fingers crossed that this is a short one because the economy is already in bad shape. However, their demands might be a non-starter. We shall see. I hope you already did all your shopping though. More on it here.]
Delays in the construction of the Columbia-class submarines are raising significant national security concerns for the United States as these subs play a critical role in the nation's nuclear deterrent strategy. Additionally, cost overruns and budget constraints are threatening other defense projects, potentially compromising the overall effectiveness of the military amidst rising global threats from adversaries like China and Russia.
Delays in the Columbia-class submarine program could weaken US nuclear deterrent capabilities.
Cost overruns are putting pressure on the defense budget, potentially affecting other military operations.
[RSnake: I finally read up on these. They are formidable (or will be). 1900-ish warheads. That could level a small country easily. Per sub.]
Violence in Red Sea targeting commercial shipping, attacks persist despite airstrikes and rising insurance costs
Yemen’s Houthi militants have continued to attack commercial shipping in the Red Sea
The attacks come as tensions rise over a potential regional conflict following Israeli airstrikes
[RSnake: This is one of those Russian dark-fleet ships we talked about before in the newsletter. Oh and now Russia is aiming to supply them with better missiles, Ironically.]
Military activity in the Indo-Pacific region has increased significantly, with joint naval exercises conducted by the Philippines, the US, Japan, Australia, and New Zealand to enhance cooperation and counter China's presence. Concurrently, China and Russia are strengthening their military partnership through joint exercises, heightening tensions and altering the regional power dynamics.
Joint naval patrols in the Indo-Pacific are increasing among US allies, signifying heightened military cooperation.
China and Russia are conducting joint military exercises, demonstrating their intention to strengthen military collaboration against Western influence.
The recent Vice Presidential debate focused on foreign policy and national security, with candidates discussing U.S. military involvement abroad. Republican J.D. Vance advocated for a cautious approach in foreign engagements, echoing former President Trump's policies, while Democrat Tim Walz emphasized the need for stronger global presence and alliances.
Candidates debated U.S. foreign policy and military engagement, emphasizing the balance between caution and proactive involvement.
Walz criticized Trump's approach for creating power vacuums that adversaries exploit, while Vance argued for prioritizing domestic issues.
[RSnake: They both had points, but if we continue to get in bed with China, we both have no guarantees that they will behave, and we also have a growing aggressive regional power. We will likely have to go back to a hard line if we want to have any chance of stopping a large-scale regional or global conflict. That said, when Japan attacked Pearl Harbor, it was due to sanctions, so this is not a perfect or even good solution to a worsening situation.]
Source: https://sofrep.com/news/vp-debate-recap-foreign-policy-and-national-security-in-the-spotlight/
Germany is upgrading its air defense capabilities by acquiring 19 Boxer Skyranger 30 mobile air defense systems to counter evolving aerial threats, including drones. This initiative is part of Germany's involvement in the European Sky Shield Initiative, aimed at enhancing the continent's integrated air defense systems and addressing geopolitical challenges. The Skyranger 30 features advanced technology, including a 30mm cannon and surface-to-air missiles, designed to protect critical infrastructure and expand NATO's defensive posture.
Germany is acquiring 19 Skyranger 30 mobile air defense systems to enhance its aerial defense capabilities.
The acquisition is part of the European Sky Shield Initiative, aimed at strengthening continental air defense against various threats.
OpenAI raises $6.6 billion and is now valued at $157 billion, the largest VC round of all time, allowing it to double down on AI research and increase compute capacity.
OpenAI has secured a large funding round valuing the company at $157 billion post-money
The new funding will allow OpenAI to double down on its leadership in frontier AI research and increase compute capacity
[RSnake: This is coming at an interesting time when I think they are losing ground to Claude and Meta. Claude from a technical capability perspective and Meta from a data sovereignty perspective.]
IBM Quantum Computing has made significant advancements, surpassing the 1,000-qubit barrier and transitioning towards fault-tolerant quantum computing capabilities. The company provides access to quantum hardware via IBM Cloud and has been pioneering developments in both hardware and software since 2016.
IBM Quantum has achieved a major milestone by surpassing the 1,000-qubit barrier.
The evolution of quantum processors is moving towards fault-tolerant quantum computing.
[RSnake: 1024 is finally in the range where some older keys are at risk. 2048 is more modern and then on up. The question is, can they factor in it?]
Source: https://arxiv.org/abs/2410.00916
Microsoft has launched Office 2024, a standalone version of its office productivity suite available for small businesses and consumers, which includes updated applications like Word and Excel. The new release features improvements, including a fresh default theme, enhanced document recovery, and a shift to disable ActiveX controls by default to address security vulnerabilities. Additionally, Office LTSC 2024 has been made available for commercial and government customers, offering a volume-licensed version of the software.
Office 2024 provides a standalone version of Microsoft's productivity applications.
The release includes new features and security measures, particularly disabling ActiveX controls by default.
[RSnake: As soon as they enable the non-Office 365 co-pilot, that’ll be a lot more useful, and they’ll get more users on it. I am not sure if this includes that, but without it, it’s going to lose traction with other tools that are enabling inline LLM support. I actually think Microsoft has a shot here, but they aren’t playing their hand correctly. No one I have met likes Office365, so forcing people onto it to use a neutered version of ChatGPT is a mistake.]
The electric vehicle (EV) racing series Formula E has evolved since its inception in 2014, now featuring faster, more efficient cars that are capable of completing races on a single charge, and has attracted nearly 400 million fans. As the sport continues to emphasize sustainability, it aims to advance battery technology and drive the widespread adoption of electric vehicles globally, with ambitions to improve its carbon footprint and racing performance in urban environments.
Formula E has transitioned to cars that reach speeds of 200 mph and accelerate from 0 to 60 mph in under 2 seconds.
The series is committed to sustainability, aiming to reduce carbon production by 45 percent and promote renewable energy initiatives.
WP Engine is suing Automattic and WordPress co-founder Matt Mullenweg for alleged abuse of power and trademark infringement, while Mullenweg has criticized WP Engine for infringing on WordPress trademarks. The lawsuit follows a series of disputes over trademark usage and contributions to the open-source WordPress project. The case could have significant implications for the future of WordPress and its users.
WP Engine accuses Automattic and Mullenweg of not keeping promises to run WordPress open-source projects without constraints
Mullenweg criticized WP Engine for infringing on WordPress trademarks and accused Silver Lake, WP Engine's private equity partner, of not caring about the open-source community.
[RSnake: Frivolous, but we shall see what Matt has planned. Either way, my advice is to stay away from WordPress until the dust settles if you are building a new web app. If Matt is king, we’re all at his mercy, and he can make any decisions he wants. I feel bad because I am friendly with a number of WordPress folks, and they have nothing to do with this.]
Source: https://techcrunch.com/2024/10/02/wp-engine-sues-automattic-and-wordpress-co-founder-matt-mullenweg/
A coalition of leading cancer research institutions has formed the Cancer AI Alliance (CAIA) with a $40 million investment from major tech firms to enhance the application of AI in oncology. The alliance aims to address data sharing challenges among institutions to better facilitate collaborative research and potentially improve precision medicine in cancer treatment.
The Cancer AI Alliance involves key cancer research organizations working together to advance AI capabilities in cancer care.
It aims to overcome data sharing barriers through federated learning while complying with legal regulations like HIPAA.
A new tool demonstrated by students allows users wearing smart glasses to obtain personal information about strangers, utilizing facial recognition technology and data scraping from various online sources. This project raises significant privacy implications as it indicates a potential future where anonymity in public spaces is compromised. The creators emphasize the importance of public awareness of such technology to enable individuals to take protective measures for their personal data.
Smart glasses can extract sensitive information about strangers in real time.
The technology combines facial recognition and large language models to infer personal details.
[RSnake: Cool research. Obvious use case that anyone with access to the tech would want, but that companies are scared to implement themselves due to the vast number of laws it would infringe upon. More on it here.]
A series of massive DDoS attacks targeting multiple sectors, including financial services and telecommunications, were mitigated by Cloudflare. The largest attack reached 3.8 Tbps and was part of a month-long campaign that exploited vulnerabilities in various devices, indicating a significant escalation in attacker capabilities.
The attacks involved two methods: CPU exhaustion and bandwidth depletion.
They originated from compromised devices, such as MikroTik devices, DVRs, and ASUS routers, exploiting known vulnerabilities.
[RSnake: Good on Cloudflare. My major concern with them is that they aren’t unsusceptible to public outrage campaigns. Twice they’ve taken down websites they disagreed with.]
Over 4,000 Adobe Commerce and Magento shops have been hacked in CosmicSting attacks, leaving high-profile victims including Whirlpool, Ray-Ban, National Geographic, Segway, and Cisco.
The CosmicSting vulnerability allows attackers to achieve remote code execution on targeted servers.
Over 75% of Adobe Commerce & Magento install base had not patched when the automated scanning for secret encryption keys started.
A new malware campaign operated by the FIN7 group targets users with fake deepfake generating tools, tricking them into downloading infostealing malware instead of the promised software. This sophisticated scheme involves multiple malicious websites and uses social engineering tactics to lure individuals into compromising their credentials and systems.
FIN7 operates multiple websites claiming to offer deepfake photo generation tools.
Instead of the promised software, users inadvertently download malware that steals sensitive information.
The campaign demonstrates a blend of advanced technology and social engineering tactics to exploit potential victims.
A critical remote code execution vulnerability (CVE-2024-45519) has been found in Zimbra mail servers, leading to active exploitation attempts. Security researchers report that hackers are attempting to build webshells on vulnerable servers by exploiting the flaw, which allows unauthenticated command execution due to inadequate user input sanitization.
A critical vulnerability in Zimbra mail servers enables unauthenticated remote code execution.
Active exploitation attempts have been confirmed, with hackers trying to execute commands and install webshells.
[RSnake: This used to be a bit of a favorite amongst hardcore hackers in days past as an Exchange alternative. So there are likely some juicy targets left out there if they haven’t shifted.]
CISA has warned that a critical vulnerability in Ivanti Endpoint Manager (EPM) is being actively exploited, allowing attackers to execute arbitrary code on unpatched systems. Organizations globally are urged to prioritize patching this vulnerability to prevent ongoing attacks, as Ivanti has confirmed some customers have already been compromised.
CISA identified a critical Ivanti vulnerability that can lead to remote code execution.
Organizations are required to patch this vulnerability to secure their systems against active exploitation.
Scams are getting more complex as artificial intelligence gets more advanced, with Meta launching a new tool to cut down on financial losses suffered by victims in Australia.
Meta has launched a Fraud Intelligence Reciprocal Exchange (FIRE) tool in Australia to collect information on online scams and block thousands of pages and celebrity scams on Facebook.
Australians reported $43.3 million in losses from social media scams between January and August, with losses from social media scams rising 16.5 percent to $93.5 million last year.
A US man broke into the Office365 email accounts of executives at five publicly traded companies and obtained confidential information to profit from stock trades.
A person broke into the email accounts of executives at publicly traded companies using password reset mechanisms.
The individual obtained confidential financial reports and used this information to predict how a company's stock would perform.
[RSnake: That is certainly one way to do it. 😆 But if you think nation-states aren’t doing the same, you’re dreaming.]
Numerous critical vulnerabilities have been identified in government and judicial IT systems across the United States, affecting the management of sensitive personal information. These flaws, such as inadequate access controls and poor validation processes, pose significant risks to citizen data security and the integrity of governmental functions.
High-severity bugs have been found in systems that store sensitive personally identifying information.
Critical vulnerabilities have affected multiple states, leading to potential unauthorized access to legal and voter records.
Attacks on Wi-Fi networks can be conducted through packet-size side channel attacks, exploiting the observable frame size to hijack TCP connections.
Attackers can exploit Wi-Fi network security mechanisms such as WEP and WPA2/WPA3 to conduct TCP hijacking attacks through packet-size side channel attacks.
The attack is based on two significant findings: response packets generated by TCP receivers vary in size, and the encrypted frames containing these response packets have consistent and distinguishable sizes.
[RSnake: Reminds me a lot of my old talk, HTTPS Can Byte Me. Different protocol, same issue.]
Source: https://arxiv.org/abs/2402.12716
Snapchat has failed to adequately address abuse and child exploitation on its platform, according to a lawsuit filed by New Mexico's attorney general.
Snapchat knew of the issue but did not warn parents or users about the risks of sextortion and child trafficking on its platform.
The company has a history of pushing back on safety mechanisms proposed by employees, despite user reports of grooming and sextortion being ignored or falling through the cracks.
[RSnake: Either it is covered by safe harbor laws, or it isn’t. The government needs to figure this out because it’s hell on platforms just trying to stay in business. I’m not a fan of what can go over a lot of these networks, but you don’t see people trying to take down AT&T or Verizon for the same. This is the single reason I stay away from social platforms as business models - the regional, federal, and international governments in question are simply too volatile.]
A sophisticated cyber-espionage campaign is attributed to a known Chinese advanced persistent threat group, Mustang Panda, which uses Visual Studio Code to distribute Python-based malware. This malware allows attackers to gain unauthorized and persistent remote access to victim machines, enabling various malicious activities such as data exfiltration and installing further malware.
Mustang Panda employs a malicious email to execute a disguised .lnk file that initiates the malware download.
The malware utilizes Visual Studio Code for remote access, posing challenges for detection and response efforts.
The National Security Agency, in collaboration with cybersecurity agencies from several allied countries, has established six principles to enhance the cybersecurity of operational technology (OT) critical infrastructure. These principles aim to improve the safety, security, and resilience of essential services such as water, energy, and transportation systems, by addressing risks and ensuring robust cybersecurity practices.
The NSA has collaborated with various international cybersecurity agencies to create guidelines for securing operational technology.
The six principles focus on safety, knowledge of essential business areas, protecting valuable OT data, network segregation, supply chain security, and the importance of having trained cybersecurity professionals.
[RSnake: Spoiler - compartmentalization and know your attack surface/supply chain! Nothing anyone working in the space doesn’t already know, but it’s nice to see it boiled down like this.]
A new cyberattack campaign called 'FakeUpdate' is targeting users in France by leveraging compromised websites to distribute a malicious backdoor known as WarmCookie. This backdoor, which has been recently updated, can execute various malicious activities on infected systems, including data theft and arbitrary command execution.
FakeUpdate campaigns deceive users by showing fake software update prompts for legitimate applications.
The WarmCookie backdoor allows attackers to carry out extensive malicious activities and has been observed with new functionality in recent attacks.
A group in the Biden-Harris administration is drafting new guidance recommending Americans never drink alcohol, which could lead to a wave of bad press and lawsuits against alcohol companies.
The ICCPUD committee is making recommendations that would not ban alcohol outright but could have a negative impact on the industry if adopted.
The Biden-Harris administration has been trying to meddle in Americans' lives in the name of public health, proposing bans on certain products and now attempting to change alcohol guidelines behind closed doors.
[RSnake: I mean, maybe they should take on China importing fentanyl first?]
Source: https://www.dailywire.com/news/no-donald-trump-isnt-coming-for-your-tequila-but-kamala-might-be
Japan's economic situation is deteriorating as the yen continues to weaken, driven by the Bank of Japan's decision to halt further interest rate hikes. The new Prime Minister, Shigeru Ishiba, announced that the economy is not yet ready for additional rate increases, which raises concerns about inflation and living standards in Japan. As the government emphasizes controlling deflation, the yen carry trade is revitalized, indicating ongoing volatility in currency markets.
Japan has suspended plans for further interest rate hikes, impacting the value of the yen.
The new administration is focusing on eradicating deflation while the yen carry trade experiences a resurgence.
[RSnake: Another interesting conversation I had last week was about how Japan is embracing AI because of an aging population - they know they’ll need the support with a dwindling supply of workers.]
Source: https://www.zerohedge.com/markets/yen-craters-japan-gives-further-rate-hikes-carry-trade-back-bang
Google's dominance in the search engine market faces scrutiny as it contends with antitrust lawsuits and a recent ruling that could have significant implications for its business practices. Alternative search engines exist, but they capture a small fraction of the market, raising questions about user choice and the impact of Google's features on search results.
Google holds approximately 90 percent of the U.S. search engine market.
Antitrust lawsuits and legal rulings challenge Google's market practices, potentially leading to significant changes.
Bank of America experienced a widespread outage affecting customer access to accounts, with many users reporting zero balances. Over 20,000 complaints were submitted, and the cause of the outage remains unclear, while the bank has not provided detailed information regarding the issue.
Bank of America customers reported access issues and zero account balances.
The outage led to significant user complaints, and the bank has not clarified the cause.
[RSnake: Either there is zero balance, and the money is there, or there is zero balance and the money isn’t. I don’t know which is worse from a user’s perspective. Either way, I could empathize with why people might not be particularly confident. This is the kind of thing that can cause runs on banks.]
Global liquidity has significantly increased in 2024 due to extensive money printing and debt expansion, leading to a positive correlation between Bitcoin's price and global liquidity trends. The analysis indicates that Bitcoin's price has followed global liquidity movements 83% of the time, making it a strong indicator of monetary policy effects.
Global liquidity has increased significantly due to money printing and debt expansion.
Bitcoin's price is highly correlated with global liquidity changes, suggesting a potential bull run.
India and Pakistan have lifted restrictions on rice exports, potentially leading to a pricing conflict in the global market. As both countries are significant players in rice production, particularly Basmati rice, the removal of export caps may increase competition and impact the economies of rice growers in both nations.
India has recently lifted its export ban on non-Basmati white rice, which had been in place for over a year.
Pakistan’s removal of its minimum export price for rice is aimed at keeping its market competitive against India after a significant rise in rice exports during India’s restrictions.
Aston Martin forecasts a production cut of 1,000 cars for 2024 due to supply chain disruptions attributed to recent natural disasters affecting key component delivery. Other European automakers, including Mercedes-Benz and BMW, are also experiencing profit downgrades amid similar challenges, and Volkswagen may face unprecedented plant closures in Germany due to supply shortages.
Aston Martin projects a 1,000 car production decrease for 2024.
European automakers face profit downgrades due to supply chain disruptions.
[RSnake: Yes, supply chain issues, but also a decreased Chinese market to sell into…]
23andMe, a home DNA testing company, is facing severe financial difficulties as sales have declined significantly, leading to a drop in stock value and the closure of its drug discovery unit. The company's challenges stem from increased competition, customer disengagement after initial curiosity about genetic testing, and a failure to generate meaningful ongoing revenue from new services.
23andMe's stock has dropped from $10 to 40 cents due to declining interest in home DNA testing.
The company has attempted to pivot towards telehealth services but struggles to differentiate itself in a crowded market.
Thanks so much for reading, and once again, please forward this newsletter to anyone you think should be reading it. It’s how the newsletter grows, how I know you love it, and encourages me to keep going. I’d really appreciate it!