- RSnake Report
- Posts
- RSnake Report 20240730
Hello and welcome to The RSnake Report, your new source for clear, rational insights at the intersection of geopolitical, technology, and security news. If you are an existing newsletter recipient you’ll notice that this feels quite a lot different. We’ve re-thought the newsletter and are focusing both on the show, yes, but also on world affairs.
In the ever-evolving geopolitical tensions, technological advancements, and security threats, our mission at The RSnake Report is to help others navigate the noise and present you with news that matters and, frankly, is easy to miss if you aren’t already deeply involved in my world. So rather than make you suffer through the hundred or so news sources I use to gather my information, here it is, curated for you.
We have also decided to add a part of the channel that will show off different demos of security products, so that you can start to evaluate what is available out there without the marketing and sales cruft. Today we start with RunReveal with CEO Evan Johnson. It is a cool demo and an interesting company. See RunReveal demo their product live:
We’re headed to Black Hat USA next week, which always promises to be a pivotal event. It brings together cybersecurity leaders to discuss and demonstrate the latest advancements and threats. I hope to see you there!
And now on with the news….
In recent developments, the National Vulnerability Database struggles with a backlog of over 16,000 unanalyzed vulnerabilities, while Europe faces a surge in brute-force cyber attacks from Russia. Meanwhile, US military aid to Ukraine continues, and France ramps up Olympic security amidst geopolitical tensions.
Geopolitical News
French authorities have heightened security measures to ensure the safety of athletes at the Olympics while also providing extra protection for Israeli athletes due to the ongoing conflict in Gaza. Roughly 18,000 French troops are in Paris to help secure the Games, and Israel’s 88 athletes have been assigned security details made up of both French officers and Israeli agents.
• French authorities have increased security measures at the Olympics.
• Extra protection is being provided for Israeli athletes due to the ongoing conflict in Gaza.
• 18,000 French troops are in Paris to help secure the Games, while Israel’s 88 athletes have been assigned joint security details.
The US will send Ukraine $1.7 billion in military aid, including munitions for air defense systems and artillery.
• The latest military aid package includes an array of munitions for air defense systems, artillery, mortars, anti-tank and anti-ship missiles.
• The package also includes $1.5 billion in funding for long-term contracts through the Ukraine Security Assistance Initiative and $200 million in immediate military aid taken from Pentagon stockpiles.
• This is the ninth military aid package for Ukraine since Russia invaded in February 2022. The US has now sent over $55.4 billion in security assistance to Ukraine.
Source: https://www.military.com/daily-news/2024/07/29/us-will-send-17-billion-military-aid-ukraine.html
Russia’s Putin vows ‘mirror measures’ in response to US missiles in Germany, potentially deploying new strike weapons.
• The US plans to station longer-range and hypersonic missiles in Germany.
• Russia may deploy new strike weapons in response, including intermediate- and shorter-range systems.
The US Space Force is strengthening its on-orbit missile defense capabilities by canceling a contract with RTX to build three missile-tracking satellites and reducing its contractor pool from three companies to two. The service is confident it can retain competition in the program moving forward.
• The Space Force is canceling a contract with RTX to build three missile tracking satellites due to underperformance and concerns about schedule risk.
• The decision leaves the Space Force with just two companies, Millennium and L3Harris, to build out its missile tracking capability in medium Earth orbit.
• The service plans to launch smaller, cheaper satellites to lower orbits, allowing it to observe large areas without requiring the same level of complexity from sensors positioned farther from the planet.
The US Marine Corps is seeking counter-drone technology that can detect and destroy small drones with ‘buckshot-like’ capability.
• The Marines want to develop a handheld device for detecting and tracking small drones.
• The device should have sensors that use acoustic or radio frequency detection worn by individual Marines.
• The technology should also include a rifle optic combination that can track and destroy drones with ‘enhanced ammunition’.
Kinetic intercept has been a useful technique forever, so it’s not surprising they’d choose this method. Buckshot and birdshot tends to slow down a lot and become nearly inert by the time it falls to earth, which is why it is attractive for limiting collateral damage. We shall see! Drones are coming, like it or not.
Navy fighter jets employed several weapons in combat for the first time during their recently completed deployment to the Middle East. The squadron led the first strikes against Houthi facilities in Yemen and successfully employed the Joint Standoff Weapon-C Variant for the first time in combat.
• The Navy’s F/A-18 Super Hornets from Strike Fighter Squadron 105 became the first squadron in the Navy to shoot off the AIM-9X infrared-seeking missile in combat.
• The squadron led the first strikes against Houthi facilities in Yemen and successfully employed the Joint Standoff Weapon-C Variant for the first time in combat.
• An F/A-18 Super Hornet pilot from Strike Fighter Squadron 32 engaged and killed an air-to-air contact, taking down a Houthi air drone targeting civilian merchant vessels.
The US military is testing counter-drone capabilities with industry teams and evaluating solutions to address the threat of swarms of drones.
• The US military is conducting tests to evaluate counter-drone capabilities, including a recent demonstration at Yuma Proving Ground in Arizona.
• The tests involve pitting industry teams against swarms of 50 drones at a time to develop solutions to address the threat of coordinated drone attacks.
• Industry teams show improved performance and maturity in their approaches, with better tracking, identification, and defeat capabilities.
Italian army generals can expect the delivery of new tanks and tracked fighting vehicles within three years of the contract signing with Leonardo and Rheinmetall, which is expected by year-end. The CEO of Leonardo said he did not rule out the tank’s guns being manufactured in Italy and suggested the end product could be a candidate for Europe’s future common tank program - the MGCS. Leonardo and Rheinmetall agreed last month to start talks on creating a joint venture to build the German firm’s Panther tank and Lynx-tracked fighting vehicle for the Italian army.
• Italian army generals can expect the delivery of new tanks and tracked fighting vehicles within three years of contract signing with Leonardo and Rheinmetall, expected by year-end.
• Leonardo's CEO suggested the end product could be a candidate for Europe’s future common tank program, the MGCS.
• Leonardo and Rheinmetall agreed last month to start talks on creating a joint venture to build the German firm’s Panther tank and Lynx-tracked fighting vehicle for the Italian army.
Greece has signed a deal to buy 20 US-made F-35 jets as part of a major military overhaul. Delivery is expected to start in 2028. The purchase is seen as creating a powerful deterrent presence in the region.
• Greece has acquired advanced French-made Rafale fighter jets and is seeking an advantage in the air.
• The US State Department approved the sale of up to 40 F-35 aircraft, along with engines and support services.
Russian drone debris lands in Romania amid ongoing attacks on Ukraine; Ukrainian President Zelenskyy announces arrest of suspect in murder of Ukrainian lawmaker Farion.
• Debris from a Russian drone has been found in rural Romania, believed to be the latest incident of drone wreckage from neighboring Ukraine falling onto NATO member’s soil.
• Ukraine’s President Volodymyr Zelenskyy announced the detention of an 18-year-old suspect in connection with the murder of former Ukrainian lawmaker Iryna Farion.
This happens often unfortunately, and most of the time it is nothing. But when NATO countries get nervous that is never a good sign. Let’s hope this is just a one-off spill-over and Russia will be more cautious about straying so close to the border with NATO countries.
Israel Aerospace Industries is increasing shifts and hiring more workers to meet the deadline for installing the Arrow-3 missile defense system in Germany. The effort comes amid the ongoing conflict between Israel and Hamas. The project has been ongoing since German lawmakers approved the deal in June 2023.
• Israel Aerospace Industries is increasing shifts and hiring more workers to meet the deadline for installing the Arrow-3 missile defense system in Germany.
• The effort comes amid the ongoing conflict between Israel and Hamas.
• Work on the project has continued since German lawmakers approved the deal in June 2023.
British Defense has signed a contract with Thales U.K. to procure Martlet missiles valued at $227 million. The UK will replenish its stocks after donating hundreds of Martlet missiles to Ukraine. Deliveries are expected to begin in 2027.
• The UK is procuring Martlet missiles from Thales U.K. to replenish its stocks after donating hundreds to Ukraine.
• The contract is valued at $227 million and deliveries are expected to begin in 2027.
• Martlet missiles have been used by the Ukrainian military against Russian drones and have made a significant contribution to Ukraine’s defense.
Supply chain disruptions continue to impact Dassault Aviation’s Rafale fighter jet production, making it difficult to ramp up production and meet delivery targets.
• Dassault Aviation struggles to produce its Rafale fighter jets due to supply chain issues.
• The company has not caught up on the ‘small delay’ in deliveries from last year but is still targeting 20 deliveries in 2024.
• CEO Éric Trappier said that while Dassault Aviation can exceed production rates at some plants, final assembly remains challenging due to missing parts and supplies.
Sweden aims to establish itself as a critical player in the international space domain by leveraging its northern geostrategic position and ramping up research and development capabilities.
• Sweden has adopted its first-ever defense and security space strategy to make Stockholm a space hub for allies.
• The country’s northern location provides a unique opportunity to develop its space capabilities, including launching satellites from the Esrange Space Center.
• Sweden is cooperating with international partners, such as South Korea and the Netherlands, to advance its space-related capabilities and services.
North Korea’s state media rebuffed comments made by former President Donald Trump about good ties with leader Kim Jong Un, saying ‘we do not care’ and warning its nuclear arsenal stands ready for any U.S. leader.
• North Korea’s state media rejected Trump’s claims of positive relations with Kim Jong Un.
• The commentary emphasized that personal relations and diplomacy should be kept separate, implying that the current political climate remains hostile.
• The statement also reiterated North Korea’s stance that its nuclear arsenal is ready to defend against any U.S. leader, suggesting a continued threat of military action if necessary.
The Army is reducing job choices for recruits in two critical fields: air defense and field artillery.
• The move comes as both air defense and artillery will likely play a key role in future conflicts.
• The reduced choice for new applicants comes as the service has seen dwindling recruiting numbers in the past decade.
Technology News
The number of domain name registrations has reached 362.4 million, unchanged from the previous quarter but up 1.6% year over year. The .com and .net TLDs saw a combined decrease of 3.8 million domain name registrations compared to last year.
• The number of domain name registrations has reached 362.4 million, with no change from the previous quarter but a 1.6% increase year-over-year.
• The .com and .net TLDs saw a combined decrease of 3.8 million domain name registrations compared to last year.
• Total country-code TLD (ccTLD) domain name registrations were 140.0 million at the end of the second quarter, an increase of 0.4 million domain name registrations, or 0.3%, compared to the first quarter.
Don’t even let me get on a roll about how broken the RIR system is, or ICANN… buy me a beer. Maybe two or three first. No, seriously, I kept a guy up for 2 hours later than he wanted to stay up explaining to him how I had to physically mail a request off to get access to a file on an FTP server.
A security update for CrowdStrike’s Falcon software caused a widespread outage affecting up to 8.5 million Windows PCs, leading to crashes and disruptions.
• The issue was due to a bug in the Content Validator that failed to detect problematic content data in the update.
• CrowdStrike is improving its testing processes by adding more layers of validation and introducing a staggered deployment strategy for future updates.
This has been a big deal in our world as it may have been in yours. Software supply chain questions, QA and release management questions, etc. There will almost certainly be lawsuits. It’s time for software liability and warranties.
AI-powered code generation is widely adopted, but developers’ use of AI for code generation raises concerns about security threats.
• 99% of development teams use AI for code generation.
• 80% of teams are worried about security threats from developers using AI.
Cybersecurity News
The National Vulnerability Database has a backlog of 16,974 unanalyzed vulnerabilities and receives approximately 111 new security flaws daily. NIST’s ability to process vulnerabilities in a timely manner has been hampered due to resource challenges, increased vulnerability disclosures, and other constraints.
• NVD has a significant backlog of unanalyzed vulnerabilities.
• NIST processes an average of 111 new security flaws daily.
• Resource constraints have hindered NIST’s ability to process vulnerabilities in a timely manner.
This happens frequently. When I created the NaN injection vulnerability it took me days to find the right people (turns out it was RedHat - don’t ask me why they control Python bugs) and it took them weeks to get back to me only to tell me it wasn’t an issue. Clearly this whole system needs a lot more work/funding if it has a chance of staying current… or even being useful.
EU facing surge in brute-force cyber attacks primarily originating from Russia, exploiting Microsoft infrastructure to avoid detection.
• Attackers are targeting High-Value Targets (HVTs) and exploiting weak or default credentials through password guessing, spraying, and stuffing.
• Over 60% of attack IPs are new, with approximately 65% recently compromised and the rest previously abused, revealing a constantly evolving threat.
• The attackers primarily target administrative accounts using various case combinations and language variants.
A North Korean hacker was hired by a US-based security vendor, KnowBe4, and attempted to load malware into the company’s network. The incident was detected and contained before any damage occurred.
• KnowBe4, a US-based security vendor, unwittingly hired a North Korean hacker who tried to load malware into the company’s network.
• The hacker used a stolen US-based identity and AI-enhanced photo to pass HR checks and interviews.
• The suspicious activities were flagged by security software, leading KnowBe4’s Security Operations Center (SOC) to investigate and contain the incident before any damage occurred.
This is a scary issue for any hiring manager of an information security company. Do you want to risk hiring someone you cannot properly vet? This speaks to even more reasons we need additional automation. There are simply too many spooks in our industry, not to mention people are a cost center like non-other even when they are doing their job.
Organizations are more interconnected than ever due to global supply chains, increasing their potential for data breaches or security incidents involving third-party suppliers and partners. The network of globally connected vendors significantly increases an organization’s attack surface and opens exposure to software supply chain risks, vulnerabilities, and malicious or negligent insiders.
• The global network of supply chains means organizations are more interconnected than ever, increasing the potential for data breaches or security incidents involving third-party suppliers and partners.
• Third-party vendors, especially those digitally connected to an organization, significantly increase their attack surface and open exposure to software supply chain risks, vulnerabilities, and malicious or negligent insiders.
Source: https://www.darkreading.com/threat-intelligence/fighting-third-party-risk-with-threat-intelligence
Malicious actors are targeting users of a mobile currency game called Hamster Kombat by distributing fake Android and Windows software that installs spyware and other malware. Users must join the game’s Telegram channel to play, which may lead them to copycat channels with hidden malware. Fake websites redirect visitors to advertisements instead of the real game.
• Malicious actors are targeting users of Hamster Kombat by distributing fake software that installs spyware and malware.
• Users must join the game’s Telegram channel, which may lead them to copycat channels with hidden malware.
• Fake websites redirect visitors to advertisements instead of the real game.
Source: https://www.darkreading.com/cyber-risk/hamster-kombat-players-threatened-by-spyware-infostealers
The CrowdOut event has caused estimated insured losses between $400mn and $1.5bn, making it a major event for the cyber insurance market but not exceeding extreme scenarios currently being modeled.
• CyberCube estimates preliminary insured losses from the CrowdOut event at between $400mn and 1.5bn.
• The event could represent a loss ratio impact of roughly 3-10% on global cyber premiums of $15bn.
One cyber insurer alone was making $400M in payments annually for context - the entire year not just a single event. That means this is a huge event. Really. Ouch. This may have a big effect on the affordability of cyber insurance as actuarials get more familiar with the risks.
Thank you for reading! If you think this newsletter would be helpful to your friends or family, please forward it to them to help them stay informed. We appreciate your support!
—RSnake