- RSnake Report
- Posts
- RSnake Report 20240906
RSnake Report 20240906
Thermite, China spies and yield curves
Table of Contents
Hello, and thanks for reading! I hope everyone had a productive week. We had a great Demo Day with Pellonium, a company that breaks down the hidden costs of system vulnerabilities, allowing companies to understand their unrealized losses. It’s always interesting to see new ways to quantify risk so check out. Okay, let's move on to what’s happening in the world today.
Let’s start with the Russian-Ukraine conflict. Ukraine continues to get more creative on the battlefield. We’re seeing increasing use of thermite drones, which aren’t just setting fire to entrenched Russian positions but also having the effect of lighting up nighttime raids. These drones are creating hazardous conditions for the troops by surrounding enemies with fire, making it nearly impossible for them to escape. If you’ve seen the footage, it’s pretty intense—thermite igniting dry forests, trapping Russian forces, and no doubt leading them to die by smoke inhalation as well. The fact that Russia is testing similar drones is telling—they see the utility of these innovations and are also looking to capitalize. You’d think the wet Ukrainian winter would limit thermite’s effectiveness in spreading the fires, simply due to the wet timber, but in the drier regions, it’s going to be devastating. At a minimum, this has got to be psychologically terrifying for troops to watch.
“thermite dropping drones"
Meanwhile, Russia’s “meat-wave” strategy is as brutal as it sounds—throwing waves of soldiers into combat with no regard for cover or concealment. You always hear about this happening, but this might be the first time I’ve witnessed it. It’s reckless, but sadly, it’s still gotten them results. The Ukrainians, however, are saying that they have stopped Russia in its tracks at Potrovsk, so perhaps those meat waves are just sacrificing themselves for nothing.
Russia has been showing off its new glide bomb tech, but there’s more focus now on electronic warfare, too, with tetrahedral vehicle-mounted EW jamming in the 100mhz-1200mhz range and a backpack-mounted FPV drone EW jammer in the 400mhz-500mhz spectrum. They've also rolled out drones with tethered EW-resistant capabilities, hovering at around 75 meters—these aren’t exactly game-changers, though; they’re more like glorified balloons but with better stability.
“new type of glide bomb”
On the Ukrainian side, they've developed the “Verba” electronic fuze—a tricky little device making IEDs much more dangerous things. However, they have a useful feature which is that they start working after 10 minutes and stop working after 60 days. This fuze can be deployed by drones, activated by magnetometers, and will detonate if anything metal comes too close. The only thing I can think is that they use lidar, so I wonder if old-school laser detectors used in cars might actually be able to sense these things. The funny thing is we are seeing an increase in sophistication in drone tech and a de-evolution in bomb tech, like old car parts being used as bomb casings. And in other cases, I am seeing more complex tech like 3d printed PTM-3 mines that fall in such a way that every direction is a shaped charge.
“automotive pipe filled with high explosive”
But with the recent blackouts in Kyiv, Dnipropetrovsk, and Donetsk, you can feel the pressure mounting. Russia’s attacks on energy infrastructure are starting to take their toll. Freight traffic in Russia has also collapsed—two years of logistical strain show cracks in their system. Russia is feeling it, too—emergency energy shortages, transportation delays, and industries in decline. Some of the attacks against Russian energy should be easily stopped by Pantsir missile defense, but the current thinking is there is too much civilian air travel in Russia and de-conflicting low-flying drones with air traffic takes too much time, causing Ukrainian attacks to work, lest they take friendly fire.
Russia has begun to move to digital mail. People mail stuff; the post office opens the mail, scans it, and forwards it to the recipient. This will definitely ease logistics which are already being suffocated, but the Russian post office is not exactly known for being on the up and up. It also opens the doors for hackers where physical mail is less prone to interception.
One thing that I found interesting was this site that has the ongoing geopolitical risk graphed over time. I’ve got no sense of how useful this data is at the moment, but it still struck me as interesting.
In European news, French authorities caught an arsonist responsible for burning down one of the country’s historic churches. He was pushing a narrative of anti-racism and pro-Islam online. Meanwhile, the country is ramping up its defensive drone capabilities, testing everything from FPV anti-drone backpacks to drones capable of delivering long-range strikes on Moscow. They’re also deploying 4-wheeled anti-tank robot drones, which are poised to be a game-changer on the front lines, being able to loiter for long periods of time without putting anyone at risk.
“ARES Anti-Take Robot”
Poland’s border guards are holding firm against an increasingly hostile group of migrants attempting to cross into the EU from Belarus. There’s been a growing anger among the migrants, shouting “f*ck Poland” as border guards repel them. Despite the tensions, Poland isn’t budging. They are not backing down on their stance to secure the border. I think they know they are the next line of defense if Ukraine falls, and given their history, they know how bad it can get.
Poland’s drone tests are something to watch, particularly the Warmate-50, with its 1000 km range—easily within striking distance of Moscow. That’s a significant development, and it’s raising eyebrows. And then there’s the surge in exports from Europe to Kyrgyzstan, with many wondering if these goods are being redirected to Russia to evade sanctions. For their part, it’s not like Russia is playing nice with these same countries. Telenor believes that Russia used sabotage teams to disrupt their telecommunication equipment.
“a shameful flood of exports to Russia that’s invoiced to Kyrgyzstan”
China is stepping up its game on the military front. Two of the country’s largest state-owned shipbuilders are preparing to merge, effectively eliminating competition between them. This will allow them to serve the military better while purportedly addressing global shortages of vessels.
And then there’s the dual-use technology angle: China sold 300,000 drones to farmers. Although these drones have agricultural uses, it’s a no-brainer that they could be repurposed for defense if needed. Would you want to invade a country with 300,000 extra drones pre-positioned all over it?
“300,000 units”
There is also a great short video on Chinese naval warfare drones, knockoffs of Ukrainian military sea drones, being sold for less than $10k each on Alibaba. The convergence of military tech and off-the-shelf robotic tech is unsettling, and it means we’re going to have to face this kind of thing in all sorts of conflict zones.
A friend of mine also sent me this horrifying article about Microsoft using Chinese data centers. The article is long, but one of the worst quotes in it is, “Obama authorized Microsoft to begin using uncleared foreign national staff to manage the U.S. Sovereign Cloud, working together with a cleared security escort team,” Schiller, who has personal knowledge of the agreement, said. According to Schiller, those foreign nationals accounted for 98 percent of the total, with over 90 percent being out of China. What is the U.S. Sovereign Cloud? It consists of ALL of the U.S. Government and DoD Microsoft cloud environments.” 😬
Onto the Middle East - the salvage operation for the burning oil tanker targeted by the Houthis in the Red Sea has hit a wall. The private companies involved have decided that conditions aren’t safe enough to continue towing the wreck. Instead, they’re exploring alternative solutions, but time is ticking.
“Salvagers Abandon Effort”
The Blue Lagoon I apparently was carrying Russian oil, so the Houthis are targeting their own team, as the Russians, Iran, and, by extension, Hezbollah and Houthis are all working together against Western interests. The Red Sea insurance rates have also nearly doubled, which isn’t great news for anyone operating in those waters, and it is now around the same rates as the Black Sea. OPEC+ is now discussing delaying the supply boost, likely due to the crash of oil prices.
We’ve also seen some intense sniper attacks by Hamas, targeting IDF soldiers with Iranian-made anti-materiel sniper rifles. In Al-Zeitoun, Gaza, these groups are becoming more sophisticated in their tactics, and the results are clear—devastation on both sides. Lebanon is getting the worst of Israeli airstrikes.
“Huge explosion”
Going south of the border to Honduras. The Próspera project, a libertarian charter city, is suing the government for ⅔ of its annual state budget. Why? Because the new democratic government is trying to undo the sweetheart deal the previous corrupt administration gave to the startup. If the lawsuit succeeds, Honduras could go bankrupt. It’s a story of political corruption, economics, and ideology—all playing out in the courtroom.
“Próspera is suing Honduras”
Back home on the domestic front, RTX just got slapped with a $200 million fine for exporting defense tech to China, Russia, and Iran. This is a big deal—it shows just how serious the U.S. is about keeping sensitive technologies out of the hands of adversaries (except for Microsoft, obviously). Some good news is that we are seeing container congestion going up again, at a two year high actually. That should lower the cost of goods as more ships are making it to their destinations.
“Container port congestion”
Meanwhile, New York’s former deputy chief of staff, Linda Sun, was arrested for acting as an undisclosed agent of China. The details are shocking—blocking Taiwanese officials, altering official messaging to favor the Chinese Communist Party, and facilitating secret meetings. It’s espionage on a state level and something we should expect much more of.
Speaking of espionage, a new DoJ indictment alleges that RT employees "covertly fund[ed] and direct[ed]" a US company with $10m in order to push pro-Russia content. The company is based in Tennessee. But big personalities are allegedly caught up in this, like Tim Pool, Dave Rubin, and many others.
Finally, the yield curve has been declining for over 700 days, and historically, this coincides with economic downturns. It’s inverting fast. Others think there is not a great correlation and imminent market crashes are not necessarily predictable using yield curves. Either way, worth keeping our eyes on it.
“longest yield curve inversion since 1929”
Okay, onto the articles!
Israeli military operations in the occupied West Bank have intensified, resulting in at least six fatalities in recent air attacks in Tubas. A significant number of casualties have been reported in the ongoing military campaign, which represents the largest Israeli offensive in the region since the early 2000s, affecting humanitarian conditions and infrastructure significantly.
Israeli forces conducted air attacks in Tubas, resulting in multiple casualties including both adults and a teenager.
The military campaign has caused extensive destruction in Palestinian refugee camps and worsened humanitarian conditions.
I am really curious if Israel bows to a peace accord in the short term, to ease tensions in the region. Then, 3 days later, another missile fires, and it’s game on again.
US charges and sanctions Russian state media executives, accusing Moscow of interfering with the presidential election and attempting to secure a 'preferred outcome' for Donald Trump.
US charges Russian state media executives for interfering with the presidential election.
US sanctions Kremlin-linked broadcasters and restricts their operations in the country.
Foreign adversaries have attempted to interfere with US elections since Russia's efforts in 2016.
Meanwhile, Putin publicly endorsed Hillary. So likely, the plan is to create discord in the United States and increase the political temperature. I mean, the best outcome for Putin would be a US civil war.
The Taliban has officially implemented a new manifesto that codifies numerous restrictions on women's rights in Afghanistan, making it the most oppressive country in the world for women.
The Taliban's new manifesto enforces severe restrictions on women's rights, limiting education and public presence.
Many women in Afghanistan are experiencing a return to the oppressive conditions of the Taliban's previous reign from 1996 to 2001.
The document includes prohibitions such as banning women from public spaces, education beyond the sixth grade, and the sound of women’s voices in public. If I didn’t know better, I think the Taliban is deathly afraid of what happens if women attain any amount of power.
The Sudan Civil War has brought chaos and violence to the country, with widespread attacks, displacement, and food insecurity affecting millions of people. The conflict is being driven by a struggle for power between two key figures: General Abdel Fattah al-Burhan and Mohamed Hamdan Dagalo. The situation on the ground is extremely dire, with reports of genocide and famine conditions.
The Sudan Civil War has resulted in the displacement of 15,000 people, with two million fleeing to neighboring countries, and 18 million facing severe food insecurity.
An estimated 2.5 million people are at risk of starvation by September, making it the world's largest hunger crisis.
The US House Foreign Affairs Committee has called for the recognition of a genocide in Sudan, and the Department of State has imposed sanctions on the Rapid Support Forces militia.
A recent Russian missile attack on an educational institution in Poltava, Ukraine, resulted in at least 52 fatalities and 271 injuries, with emergency workers continuing search and retrieval operations. The attack is part of ongoing hostilities in the region as Ukraine braces for further military actions, including Russia's troop redeployment in Kursk Oblast.
A missile strike targeted an educational institution in Poltava, resulting in significant casualties.
Emergency services are engaged in search and rescue operations amidst ongoing military tensions.
We talked about this before; the earlier reports were in the low 40s, but as more bodies are pulled out, that count has gone up.
The ongoing competition between the United States and China in the development and deployment of 5G technology is of significant geopolitical importance. The U.S. faces challenges in maintaining its technological edge while China has rapidly advanced its 5G capabilities through government support, potentially influencing global standards and strategic advantages.
5G technology is critical for national security and economic competitiveness.
The U.S. needs to enhance its domestic capabilities and collaborate with allies to counter China's growing influence in the global 5G landscape.
A gunman opened fire at Apalachee High School in Georgia, killing at least four people and injuring 30 others. A 14-year-old suspect is in custody. Authorities are investigating the incident.
The shooting occurred on September 4, 2024, at Apalachee High School in Barrow County, Georgia.
Two teachers and two students were killed by the gunman, with a total of four fatalities and 30 injuries reported.
A 14-year-old male suspect is in custody, and authorities are investigating the incident with federal, state, and local partners.
The boy’s dad is currently being put on trial for giving his son access to the weapon, after the boy threatened the school. Felony murder in the second degree (max penalty is 30 years for each count), felony involuntary manslaughter (10 years each), and cruelty to children counts (10 years each) for a max total of 180 years imprisonment.
Iran's new president faces challenges in changing the country's foreign policy due to Supreme Leader Khamenei's influence and Iran's nuclear program progress making a deal more difficult.
Iran's nuclear program has advanced significantly, reducing the time it would take to produce atomic bombs.
The US and EU have differing views on a new agreement with Iran, with the US pushing for additional demands and Iran being hostile to any changes.
Tensions between Iran and other countries remain high due to Iran's support for terrorist groups in the region and its nuclear program.
Raytheon Corporation has been fined $200 million for illegally exporting defense technology to China, Russia, and Iran. This incident raises significant concerns regarding the outsourcing of national defense supply chains and the implications for national security.
Raytheon faced a substantial fine for exporting sensitive defense technology.
The situation emphasizes critical risks associated with outsourcing in national defense.
Great. Great, great, great. Great. Some might call that treason.
Source: https://sofrep.com/news/green-beret-takes-half-dozen-foreign-languages-successfully-part-two/
Venezuelan security forces and pro-government armed groups have committed widespread abuses following the disputed presidential election, resulting in the deaths of 23 protesters.
Venezuelan security forces and pro-government armed groups have committed widespread abuses following the disputed presidential election, resulting in the deaths of 23 protesters.
The international rights group Human Rights Watch has documented these abuses, including mass arrests, arbitrary detentions, and a campaign to encourage people to report relatives and acquaintances who participated in protests or questioned the election results.
A New York state government aide, Linda Sun, has been indicted for allegedly acting as a spy for China for over 14 years, helping the Chinese government gain access to official communications and blocking Taiwanese diplomats.
Linda Sun allegedly provided the Chinese government with access to sensitive state communications.
Sun and her husband reportedly received substantial financial benefits from Beijing in exchange for her actions.
Federal prosecutors claim that Sun and her husband received millions in kickbacks and lavish gifts in exchange for her actions, which included manipulating public health communications during the Covid-19 pandemic.
They have pleaded not guilty to various charges, including failing to register as foreign agents and money laundering.
She is not the only one, and not by a long shot. I am starting to see the right-wing wisdom in the idea of ejecting anyone who either is in the CCP or has family who is in the CCP.
Poland is set to sign contracts worth approximately $515 million with various manufacturers during the MSPO defense show, coinciding with the government's approval of a historic military budget of around $51.9 billion for 2025. The planned defense spending is projected to reach 4.7% of Poland's GDP, which would surpass all NATO member states. The MSPO event, running from September 3 to 6, features 769 exhibitors from 35 countries, indicating a strong focus on defense industry collaboration.
Poland plans to sign defense contracts worth $515 million at the MSPO defense show.
The country's defense budget for 2025 will be approximately $51.9 billion, representing 4.7% of GDP.
I am impressed with Poland's stepping up. Seriously, they could take a back seat like many of the EU countries have, but I think they have ingrained wisdom about the danger of letting others drive their future.
Ukraine's Foreign Minister Dmytro Kuleba has resigned ahead of a major Cabinet reshuffle as Russia continues its military assaults, which have recently resulted in the deaths of seven people in Lviv.
Dmytro Kuleba has resigned as Ukraine's Foreign Minister amid a situation with escalating Russian strikes.
Russian attacks have led to civilian casualties in multiple locations, further necessitating Ukraine's call for more international military support.
Israeli Prime Minister Benjamin Netanyahu is insisting that his military must retain control over Gaza's southern border area with Egypt, known as the Philadelphi Corridor, despite threats to derail ceasefire efforts. The corridor has become a key obstacle to reaching a ceasefire deal in Gaza, and Hamas is calling for pressure on Netanyahu to stick to an agreed-upon plan. Netanyahu refused to give a timeline for Israel ending its war on Gaza, saying that it will continue as long as needed to achieve victory.
Netanyahu's insistence on maintaining control over the Philadelphi Corridor threatens to derail ceasefire efforts in Gaza.
The corridor has become a key obstacle to reaching a ceasefire deal in Gaza, and Hamas is calling for pressure on Netanyahu to stick to an agreed-upon plan.
Netanyahu refused to give a timeline for Israel ending its war on Gaza, saying that it will continue as long as needed to achieve victory.
I completely understand Israel’s perspective on this one. But it will come at a cost. The question is which cost is greater: letting their adversaries have access to that corridor or shutting down the tunnels Hamas has been using? One problem I have with Netanyahu’s words is that it’s not exactly clear how he defines victory. Likely, it is whatever is politically and socially expedient, allowing him the maximum latitude to make whatever deal he can get that looks good to his voting bloc.
Fresh Russian attacks on Ukraine have resulted in multiple deaths and destruction, with Kinzhal hypersonic weapons fired at defense industry facilities in Lviv and a strike on a military institute in Poltava causing widespread damage. The Ukrainian air force reported shooting down 35 missiles and drones, but more were targeted at cities across the country. President Zelensky renewed calls for Western allies to fire long-range weapons further into Russia.
Russia fired Kinzhal hypersonic weapons at defense industry facilities in Lviv, with multiple buildings damaged or destroyed.
A strike on a military institute in Poltava resulted in the deaths of 53 people and widespread destruction.
The Ukrainian air force reported shooting down 35 missiles and drones targeted at cities across Ukraine.
President Zelensky renewed calls for Western allies to fire long-range weapons further into Russia.
US District Judge Alvin Hellerstein rejected Donald Trump's request to move his New York criminal case to federal court ahead of sentencing. Trump was convicted in May of 34 counts of falsifying business records and is scheduled to be sentenced on September 18. The Supreme Court's decision on presidential immunity does not impact the New York case, according to Hellerstein.
Donald Trump convicted in May of 34 counts of falsifying business records
Trump scheduled to be sentenced on September 18
US District Judge Alvin Hellerstein rejected request to move case to federal court
I will be watching this one - it is curious that they still believe going after him will somehow hurt him at the polls when, every time something like this happens, he rebounds.
A 76-year-old dual US-Iranian citizen was arrested at George Bush International Airport for allegedly smuggling UAV components and other controlled technology to Iran, posing a direct threat to US national security.
A dual US-Iranian citizen was arrested for smuggling UAV components and other controlled technology to Iran.
The arrest is part of a broader crackdown on Iranian smuggling networks and efforts to block Iran from acquiring sensitive military technology.
US law enforcement has targeted those attempting to supply Tehran with advanced military technology, including indicting individuals for aiding Iran's weapons program.
Iran should just talk to RTX. I hear they’re selling! 🙄
Researchers have achieved record-breaking data transmission speeds over long distances using advanced signal processing techniques.
Scientists have successfully transmitted data at speeds of up to 1.6 Tb/s over 9075 km and 2.4 Tb/s over 1210 km using single-carrier signals with dual-polarization and probabilistic constellation shaping.
These achievements demonstrate significant advancements in optical transmission systems, which could potentially revolutionize high-speed data communication networks.
This will also have many military applications since RF jamming is becoming so frequent on the battlefield. Fiber optics are much more reliable when reliability really matters.
Source: https://arxiv.org/abs/2409.00057
The Wireless Power Consortium (WPC) is launching the Ki standard for wireless power transfer in kitchens, aiming to eliminate power cords in appliances by enabling charging through magnetic induction. This innovation is set to modernize kitchen design, making appliances smarter and more convenient while enhancing safety and space utilization.
The Ki standard allows kitchen appliances to be powered wirelessly, removing the need for cords.
The technology is expected to transform kitchen designs and improve safety by automatically shutting off appliances when removed from their power source.
I heard about a similar tech but, using directional energy, and it sounds both extremely cool and very scary. If anything in the area happens to be at the right angles/widths it could cause sparks. I’ll definitely be one of the late adopters on this tech. But magnetic induction is far safer by comparison.
Recent advancements in CSS have led to the support of the @property at-rule by all modern browsers, allowing for greater control over custom properties. This opens up new possibilities for animating CSS elements, enhancing web design with features like dynamic gradient backgrounds and hover effects without the need for JavaScript.
The @property at-rule support allows developers to define a syntax, initial value, and inheritance for CSS custom properties.
The new capabilities facilitate smooth animations and improved visual elements for web interfaces.
If you are a CSS/front-end developer, there are some cool features here that might come in handy if you are trying to avoid bulky animated gifs or want granular control.
Innovative research is being conducted in the field of radio frequency (RF) engineering, specifically with origami-inspired antenna designs that allow for physical reconfiguration to create various radiation patterns.
Origami-inspired antennas allow for dynamic physical reconfiguration to create diverse radiation patterns.
This technology enables faster beam steering and greater adaptability for 5G and future wireless communication systems.
One of the coolest parts of this tech is that it is foldable. That could make it more resilient to severe weather, make them easier to fold down for temporary usage - like at concerts, etc. - or change their configuration based on directionality/distance.
A new AI search assistant has been launched, integrating various leading language models while prioritizing user privacy by not tracking or harvesting data. The assistant aims to enhance information retrieval and task management, allowing users to customize their experience significantly.
Kagi has introduced an AI-powered assistant that offers personalized search and information retrieval functionalities.
The assistant prioritizes user privacy, avoiding data tracking and offering customization options.
I am super excited about a future where I have a second brain in the computer. But we aren’t there yet. In similar news and worth checking out the video of Project Sid has 1000+ autonomous agents living in Minecraft.
Chief information security officers (CISOs) are facing significant challenges in effectively communicating cyber-risk to their leadership teams. Many struggle to translate complex cyber threats into comprehensible narratives, especially amidst a plethora of competing business risks; this gap leads to poor awareness of critical cybersecurity issues and a disconnect between security data and organizational decision-making.
CISOs are finding it difficult to convey the nuances of cyber-risk due to overwhelming traditional risk communication tools.
The average cost of a data breach is rising, emphasizing the need for improved communication of cybersecurity risks.
The Demo Day we did with Pellonium shows one way we could improve this process: We could talk in dollars and cents instead of arbitrary thresholds of critical, high, medium, low, and informational. How many highs is a critical worth? If you can’t do that math, then it isn’t math. CFOs speak in dollars and cents.
South Korea is hosting an international cyber defense exercise, APEX 2024, in Seoul from September 10 to 12, with participation from security experts across 24 nations, including the United States and Japan. The exercise focuses on fostering cooperation among countries to respond to cyber crises through simulated attacks and defenses, while also aiming to improve national cybersecurity strategies. South Korea is enhancing its cybersecurity efforts, as evidenced by its commitment to establishing an international training center and strengthening ties with NATO.
APEX 2024 international cyber exercise will involve teams from 24 nations responding to simulated cyber crises.
South Korea is investing over $30 million to establish a dedicated cybersecurity training center by 2027.
Like Poland, I think they know how dangerous this climate is for them.
Global leaders are urging for greater public-private action to bridge the cyber protection gap and boost resilience, emphasizing the need for innovative solutions to close the risk-insurance gap. The insurance industry and public sector must collaborate to develop strategies that secure digital future.
The severe threat presented by cyber risks requires collective action to bridge the protection gap.
Establishing a common framework for data sharing, greater and more meaningful collaboration, and innovation between the insurance industry and public sector is required to help tackle this protection gap.
The funny thing is that the insurance industry has found that only a few hundred vulns are exploited, leading to losses. So, while there needs to be data sharing, it would fit in a very small spreadsheet.
A SQL injection vulnerability in a TSA air transport security system has been discovered, potentially allowing unauthorized access to aircraft cockpits. Additionally, the New York Times reported a significant breach involving GitHub tokens that led to unauthorized access to repositories, while North Korean hackers have resumed targeting the npm code repository. In response to continuous threats, new cybersecurity measures and projects have been proposed by researchers from notable institutions for verifying online identity without revealing personal information.
A critical security vulnerability was identified in the TSA's air transport security system.
A significant breach involving GitHub tokens has raised alarms about unauthorized access to sensitive data.
North Korean hackers are targeting npm to spread malware, indicating renewed cybersecurity threats.
As someone who has broken into similar systems, yeah, it’s a mess and largely antiquated systems. Matt Johansen did another good video about this as well.
A campaign targeting Roblox developers with malicious npm packages has been ongoing since at least August 2023. These packages impersonate a popular library and utilize advanced social engineering tactics to steal sensitive user data and persistently install malware on targeted systems.
Attackers have created malware-laden npm packages to target the large development community around Roblox.
The malware employs tactics like brandjacking and novel persistence mechanisms to evade detection and successfully compromise systems.
Supply chain is not just a physical thing; it’s also a software thing. People have long ago figured out you don’t need to compromise Node.js. Still, if you get a few small packages to go bad, you more or less get the same people, especially if it’s a relatively popular package and people auto-update.
A new ransomware tool called 'Cicada3301' has emerged, built upon the capabilities of the existing BlackCat ransomware-as-a-service. Over the past two and a half months, Cicada3301 has reportedly compromised 21 companies across various industries in Europe and North America, utilizing advanced tactics to evade detection and leverage stolen credentials for deeper network infiltration.
Cicada3301 is a Rust-based ransomware tool that has been used to target various sized companies.
The malware demonstrates advanced evasion techniques, including using stolen credentials to navigate within victim networks.
Source: https://www.darkreading.com/threat-intelligence/blackcat-spinoff-cicada3301-stolen-creds-skirts-edr
Palo Alto Networks has acquired IBM's QRadar SaaS assets to enhance cybersecurity solutions across various industries. The partnership aims to streamline security operations and improve threat prevention capabilities using advanced AI technologies.
Palo Alto Networks has completed the acquisition of IBM's QRadar Software as a Service assets.
This acquisition focuses on improving security operations and threat prevention for global customers.
FBI warns North Korean actors are preparing to launch sophisticated cyberattacks aimed at stealing cryptocurrency and deploying malware, using advanced social engineering tactics.
North Korean threat actors are planning aggressive cyberattacks targeting organizations involved with cryptocurrency.
These attacks will employ deceptive social engineering tactics to gain access to sensitive information and systems.
Yep, more of the same from North Korea. They have absolutely no incentive to play by the rules. They’re already living in the dark.
Source: https://www.darkreading.com/threat-intelligence/fbi-north-korean-actors-aggressive-cyberattack-wave
Ethereum has been targeted by a significant and emerging threat, known as payload-based transaction phishing (PTXPHISH), which has caused losses exceeding $341.9 million in 300 days. A comprehensive study of PTXPHISH on Ethereum has been conducted, resulting in the creation of a ground-truth dataset and a rule-based multi-dimensional detection approach that achieved over 99% accuracy.
Ethereum has been targeted by payload-based transaction phishing (PTXPHISH), resulting in losses exceeding $341.9 million.
A comprehensive study of PTXPHISH on Ethereum has created a ground-truth dataset and developed a rule-based multi-dimensional detection approach that achieved over 99% accuracy.
All the traceability of credit cards and all of the theft risk of cash - except I don’t even need to go to your door. Some day, some crypto-bro is going to have to try to school me on why crypto actually works because, as far as I can tell, it’s a super risky asset class. It made sense when it was early, speculatively, but now? Tokenization has some utility, but that’s not what I mean.
Baseband commands from Android's Radio Interface Layer can be automatically reverse engineered, revealing security issues such as remote code execution vulnerabilities. This has been achieved through the development of a tool called BaseMirror, which uses static binary analysis to uncover vendor-specific baseband commands.
Automatic reverse engineering of baseband commands from Android's Radio Interface Layer has been achieved through the development of a tool called BaseMirror.
BaseMirror has uncovered 873 unique baseband commands undisclosed to the public and successfully derived and validated 8 zero-day vulnerabilities that trigger denial of cellular service and arbitrary file access on a Samsung Galaxy A53 device.
Source: https://arxiv.org/abs/2409.00475
Content delivery networks have security risks when handling compression requests, allowing attackers to exhaust network bandwidth. A novel HTTP amplification attack has been discovered that affects multiple popular CDNs. Experimental results show all affected CDNs are vulnerable to the attack.
Content delivery networks have security risks when handling compression requests, allowing attackers to exhaust network bandwidth.
A novel HTTP amplification attack has been discovered that affects multiple popular CDNs.
Experimental results show all affected CDNs are vulnerable to the attack.
Cool attack. It reminds me a little of the work Jeremiah and Matt Johansen did on using JavaScript botnets to cause traffic congestion, only this is at a hardware level.
Source: https://arxiv.org/abs/2409.00712
Ilya Sutskever, co-founder of OpenAI, has launched a new startup called Safe Superintelligence (SSI), which raised $1 billion to develop advanced AI systems focused on safety.
SSI has secured $1 billion in funding to pursue advanced AI development.
The startup aims to ensure AI safety and mitigate associated risks.
Funding in the space is down a bit because people are fearful of the coming copyright lawsuits and regulation. Also, there’s not really a moat because software is too easy to build and too difficult to protect.
A new artificial intelligence technology has been developed to solve the 'cocktail party problem,' allowing clear audio separation of overlapping voices in noisy environments.
Wave Sciences has created an AI that can differentiate overlapping voices by analyzing sound reflections in a room.
The technology has been successfully used in forensic cases, transforming previously unusable audio into crucial evidence.
Future applications may extend to various fields, including military, automotive, and consumer electronics.
This innovation has significant implications for forensic audio analysis. It has already proven its worth in court cases and is being marketed to the military and other industries for applications such as hostage negotiations and audio recording devices.
The Dataset Providers Alliance is calling for an opt-in system to allow creators and rights holders to choose whether their material can be used for training purposes, rather than relying on opt-out systems or no opt-outs at all. The alliance also advocates for standardized compensation structures and transparency in the use of synthetic data. This represents a significant shift from the way most major AI companies currently operate.
The Dataset Providers Alliance is promoting an opt-in system to allow creators and rights holders to choose whether their material can be used for training purposes, rather than relying on opt-out systems or no opt-outs at all.
The alliance advocates for standardized compensation structures, including subscription-based models, to smooth the road for mainstream adoption of data licensing.
The DPA also endorses the use of synthetic data, but emphasizes the need for proper licensing and transparency in its creation and evaluation to mitigate biases and ethical issues.
I like this. Basically, the idea is if you want your site indexed by Google, you have to agree - similar to AI. If you want your ideas to be part of the AI, you have to agree to be brought into the dataset. I think data autonomy is always going to be an important aspect of how these models get built. The problem is that it creates brain damage when trying to carve out something in pop culture, like Harry Potter. I can remove Harry Potter, but I can’t remove short young wizards with lightning bolts on their forehead costumes.
Thanks so much for reading, and once again, please forward this newsletter to anyone you think should be reading it. It’s how the newsletter grows, how I know you love it and encourages me to keep going. I’d really appreciate it!