RSnake Report 20241228

Table of Contents

• Geopolitical

• Technology

• Cybersecurity

• Business

Hello, and thanks for reading! It’s almost New Year’s.🎇 I hope you have some nice plans with friends or family to celebrate. Just remember those fuses on the cheap-o Chinese fireworks aren’t super reliable. Give yourself some distance, or you might end up with a few fewer digits to count. 🧨 

The holiday season offered little respite for Ukraine as Russia unleashed yet another barrage of missiles and drones - over 70 projectiles, including ballistic missiles, targeted critical infrastructure on Christmas Day, according to Zelenskyy. While Ukrainian defenders shot down a significant portion, 20 got through and plunged regions into darkness, in the dead of winter, no less.

An Azerbaijan Airlines flight crashed, reportedly hit by a Russian anti-aircraft missile. Early reports suggested bird strikes, but mounting evidence points to a catastrophic "mistake" by Russian air defenses. The pilots denied emergency landing in Russia heroically saved dozens of lives but lost their own in the process. Putin apologized for the tragedy but did not admit culpability for the attack. Airlines across the region are suspending operations in Russian airspace in response. You can see footage inside the cabin here and a still of the fragments piercing the cabin here. A more detailed analysis can be found here. For anyone like me, who has been on a plane that has lost hydraulic pressure and can only steer with engines, you know, it’s a very scary situation, even without holes throughout the cabin and having to re-route to a totally different airport - it’s a miracle anyone survived at all.

Meanwhile, remember that new super weapon, the Russian "Oreshnik" missile, used in a strike on Dnipro? Well, apparently, it has tech dating back to at least 2017. We discussed how this is likely older tech re-marketed as new tech. Not that it undercuts its ability to deliver munitions, but it’s just another example of marketing/embellishment from Putin. Just another Frankenstein missile cobbled together from Soviet-era blueprints and old stock.

Let’s get low-tech for a minute. First is a video of exclusively civilian vehicles with very crappy-looking cope-cages put on them being sent into combat. The cope cages only cover the top and the front in some cases, meaning they are completely vulnerable to side and rear attacks if you believe cope cages made of chicken wire work at all. I think this is the point when we can reliably say that Russia is extremely low on armor on the Ukrainian front. Russia's air defense is now makeshift systems using AK-47s, shotguns, and flare mortars mounted on unarmored jeeps and aimed by human personnel. Something tells me this system won’t last long near the front.

In slightly higher tech, it looks like the Russians have built an FPV control amplifier, allowing them to increase the signal strength and bypass jammers on the ground. This makes them able to get closer to the target before electronic warfare is able to thwart the drones, if at all. But it also means that the FPV signals are much easier to detect, is my guess.

In other drone news, there was an interesting video of a drone being downed by what looks to be little more than a fishing line and some sort of netting that is placed in the way of the spinning blades. It seemed effective at capturing the drone if gaining access to the drone tech is useful. I will say though, that there are some serious hazards in doing this. Losing your own drone and giving away your position when you land the enemy drone as examples.

Another new tech is a double-barreled shotgun mounted to a drone for air defense, which has the advantage of giving them at least two chances of taking down the enemy drone - the low-cost/reusable shotgun route or the high-cost of slamming their own drone into the enemy drone. Also, there was a low-tech Russian-tracked mine-laying drone that was capable of dropping off two mines. It is very cheap looking, which is generally what you want for situations like this. Lastly, on the drone front, and worth mentioning that Russia is now claiming that western contractors are the ones doing recon missions for the Ukrainian ATACAMS/HIMARS strikes.

North Korean soldiers are being found dead on the front regularly now, with various tidbits of what they are being told, like take drones down with teams of three people, one to act as the target and two to shoot it down. Other things are somewhat Kamikaze reminiscent words of affirmation about dying in the heat of battle is far better than to be captured, and that they should kill themselves with a grenade to avoid capture.

Lastly, it looks like Apple has removed a number of VPN services from its app store for the Russian market to aid Russian censorship. I recall a conversation with Facebook’s CMO where he said that he couldn’t figure out how Apple was able to operate in China when Meta had to pull out - and it likely had to do with their decision to bow to the CCP’s demands. This is the first solid evidence I have seen that that is exactly what they are willing to do. Apple is not the good guy, unfortunately, because Google is also terrible.

Onto the European news where Finland investigates the cutting of its Estlink2 electricity cable and up to four other communication links, with fingers pointed at the Russian dark fleet tanker Eagle S. Finnish authorities seized the vessel, reportedly laden with Russian SIGINT equipment, and suspect it was involved in damaging additional data cables. Good for Finland on seizing the vessel at a minimum. I have heard interesting theories that attacking NATO infrastructure is an act of war, and this should technically trigger Article V. Dangerous waters, no pun intended.

Meanwhile, Germany's Rheinmetall has unveiled a new short-range air defense platform, while the UK, Italy, and Japan have announced a major step forward in their Global Combat Air Programme (GCAP), aiming to produce a cutting-edge fighter jet by 2035.

Onto South East Asia, where the entire point of talking about GCAP comes after China’s unveiling of its sixth-generation fighter prototype has caused ripples across the region. The three-engine aircraft is making some interesting waves, both because of GCAP but also because of the fact that it is getting a lot of credit for being the first, when the US flew its own 6th generation prototype some time ago. The real question is, with the added weight of the third-engine it likely will have a very limited range, but to what extent? More analysis here.

Simultaneously, China launched the Sichuan, a Type 076 amphibious assault ship designed to extend its reach across the Pacific. This could likely be used to launch larger drones and fighters alike. This almost certainly has aims for Taiwan and other contested islands.

In another long-term blow to Russia’s economy, China’s ambitious railway project promises to bypass Russia entirely, further isolating Moscow on the Eurasian trade map. I think they are concerned about Russian intervention or intervention by Ukraine or Western forces and would rather cut Russia out entirely, making them less significant in the region, geopolitically and economically, once complete.

In South Korea, Hanwha's proposal for an advanced anti-aircraft cannon to India reflects the region’s focus on countering drone/air threats from the air and sea. Although it seems not that impressive, the idea of having multiple types of rounds, including the fuzed ammo with proximity explosives, is a great way to throw a lot of shrapnel at a drone in a pretty precise manner. I see a system like this having a lot of value at short range, and for relatively low cost. But with a short range and only seven volleys, it would likely need to be a part of a larger mesh of air defense in any sort of swarm scenario, like we saw over Christmas with Russia launching 70 drones/missiles. With that many, you’d need at minimum 10 of these air defense systems perfectly evenly dispersed and with 100% accuracy per volley. That’s extremely unlikely.

Onto the middle east where the the Houthis in Yemen have escalated their rhetoric, declaring war on the US and Israel, even as they face increased shelling from Saudi Arabia and the UAE. Meanwhile, a few days ago Bethlehem saw unrest as Palestinian protesters targeted a church during Christmas preparations. It’s not clear if there will be reprisals.

The IDF destroyed another tunnel network that looks to have been several square blocks in size in Jabaliyah. It’s somehow amazing to me that so many of these were able to be made at all. The amount of construction equipment needed to do this is enormous, and it just signals to me that virtually all of the Palestinians are in on this effort because it cannot have gone unnoticed by the local population.

Syria, too, is making headlines, preparing to sue Iran for $300 billion in damages over its support for the Assad regime. I laughed out loud when I saw this. upport for the Assad regime. I laughed out loud when I saw this. It’s not clear how this will play out, but the interesting thing is that it forces Iran into a weird spot, either having to pay out or lie through its teeth about its involvement, despite the mountain of evidence the new Syrian government has at its disposal. As much as I am wary of the new Syrian (former ISIS offshoot

Speaking of Muslims fighting Muslims, we are now seeing a massive troop build-up along the Afghanistan/Pakistani border. We are also seeing early reports of firefights breaking out along the border as well. I am sure you’ll be shocked to see American-made armored Humvees and other equipment on that border. Keep in mind that Pakistan is a nuclear-capable country and has no love lost for the Taliban.

In Tech news, X’s Grok has found itself under scrutiny for generating racially biased results reminiscent of Gemini. These are the same models, or generally the same as the ones that will likely be teaching your children in the future. I really am increasingly wary of any use of generative LLMs without some strict supervision with actual experts for anything other than brainstorming. For any actual science, physics, math, history, or social sciences, where facts matter, LLMs absolutely cannot be used safely without fact-checkers.

Okay, onto the articles!

Geopolitical

On December 25, 2024, Russia launched a significant missile and drone attack on Ukraine's energy infrastructure, targeting thermal power plants and prompting widespread blackouts. This military action resulted in civilian casualties and disrupted heating for hundreds of thousands of people in Ukraine, while also causing damage in Russia from falling debris of intercepted drones. Ukraine's air defense reported intercepting a considerable number of the attacking missiles and drones.

• Russia conducted a large-scale missile and drone attack on Ukraine's energy facilities.

• The attack led to civilian casualties in both Ukraine and Russia, along with extensive energy disruptions.

[RSnake: This is one of the very few places I think that solar makes tons of sense - heating homes in catastrophic situations. Power outages happen here in Austin regularly, so enough solar and battery to last through a few days at least just makes good sense. I had a friend of mine almost lost his baby because of the cold a few years back. That’s not a good situation to leave your family in. We used to use wood burning fireplaces, but if you don’t have that, or solar, then what do you have?]

Source: https://www.military.com/daily-news/2024/12/25/russia-targets-ukrainian-energy-infrastructure-christmas-day.html

On December 26, 2004, a 9.1 magnitude earthquake triggered a massive tsunami in the Indian Ocean that caused widespread destruction across multiple countries, including Indonesia, Sri Lanka, India, the Maldives, and Thailand. The Andaman and Nicobar Islands experienced extensive damage, with many buildings destroyed and thousands of people rendered homeless, amid a death toll that may be significantly higher than the official reports.

• The tsunami killed an estimated 228,000 people across more than a dozen countries.

• The Andaman and Nicobar Islands faced severe impacts, with 1,310 confirmed deaths and over 5,600 missing.

• A major relief effort was mounted, involving the army, navy, and air force to assist affected populations.

[RSnake: The article is interesting, out of the 100 or so islands in that region, “[o]nly 38 of them were inhabited. They were home to 400,000 people, including six hunter-gatherer groups who had lived isolated from the outside world for thousands of years.”]

Source: https://www.bbc.com/news/articles/c6230646435o

Armed men in Haiti attacked journalists and police during a briefing at the country's largest public hospital, resulting in multiple fatalities, including two journalists and a police officer. Gangs continue to exert control over significant portions of Port-au-Prince, with an estimated 85% of the city under their influence, amidst a broader climate of violence that has claimed thousands of lives this year.

• A recent gang-related attack in Haiti highlights ongoing violence and instability.

• The international response, including a Kenyan-led force, has yet to significantly improve the situation.

[RSnake: A huge chunk of their revenue has historically been tourism. That has got to be all but dried up both because of the winter months and this activity.]

Source: https://www.bbc.com/news/articles/cx2vpdnd2jmo

Japan is transferring an additional $3 billion from frozen Russian assets to Ukraine to support energy equipment and shelter construction amid ongoing attacks on Ukraine's infrastructure. The US is also increasing military aid to Ukraine following a series of missile strikes by Russia, further escalating the conflict in the region.

• Japan is providing $3 billion to Ukraine from frozen Russian assets.

• The US is instructed to increase military aid to Ukraine due to recent attacks.

[RSnake: We really do need to be careful with this kind of policy. It makes it far more dangerous for countries to peg themselves to Western monetary systems if they think they will ever end up siding against the West for any reason. The Biden administration is also offering up a lot prior to Trump taking office.]

Source: https://www.pravda.com.ua/eng/news/2024/12/25/7490715/

The Houthi maritime attacks have severely impacted Egypt's Suez Canal revenue, resulting in a loss of at least $7 billion in 2024. The ongoing conflict has effectively closed the southern Red Sea to Western shipping firms, disrupting a crucial trade route that significantly contributes to Egypt's economy.

• Houthi attacks have caused a major drop in Suez Canal revenue for Egypt.

• The conflict has disrupted shipping routes essential for global trade between Europe and Asia.

[RSnake: That’s interesting. I hadn’t considered that Egypt may actually start siding against Yemen at some point. But it does make sense if they become enough of a scourge to their ability to tax ships crossing theuez.]

Source: https://www.supplychainbrain.com/articles/40896-red-sea-disruptions-cost-egypt-7-billion-in-suez-revenues

TSMC will begin mass production of advanced chips at its new facility in Arizona in 2025, representing a significant expansion of semiconductor manufacturing capabilities in the United States. This venture is supported by the CHIPS Act, aimed at stabilizing the semiconductor supply chain amidst geopolitical tensions and supply chain vulnerabilities exacerbated by the COVID-19 pandemic.

• TSMC's Arizona plant will produce advanced 4-nanometer technology chips.

• The move is part of a broader strategy to reduce dependence on Taiwanese semiconductor production due to geopolitical tensions.

[RSnake: Good, now just build 9 more of them, and we’re talking. One is just a target. We need to diversify.]

Source: https://spectrum.ieee.org/tsmc-arizona

Authorities in Mexico's northern border state of Chihuahua have discovered 12 bodies in clandestine graves linked to ongoing violence from organized crime and drug trafficking. The skeletal remains were found in 11 separate graves, and the investigation is part of a broader issue, with thousands of missing persons reported across Mexico due to years of instability and violence related to these criminal activities.

• 12 bodies discovered in hidden graves in Chihuahua linked to organized crime.

• Approximately 120,000 people are missing across Mexico due to violence and instability.

[RSnake: If the Trump administration starts doing sicario-type missions into Mexico, I would expect the violence to escalate significantly as the cartels begin to clean house and kill informants, cops, etc.]

Source: https://www.aljazeera.com/news/2024/12/27/authorities-find-12-bodies-in-clandestine-graves-in-northern-mexico?traffic_source=rss

China has approved the construction of the world's largest hydropower dam on the Yarlung Tsangpo river, which could significantly impact local communities in Tibet and the environment in India and Bangladesh. The project aims to enhance China's renewable energy capacity.

• The Yarlung Tsangpo dam will generate three times more energy than the Three Gorges Dam.

• The dam's construction may displace local Tibetan communities and disrupt ecosystems.

• China's control over the river could affect water flow to neighboring countries like India and Bangladesh.

[RSnake: Trans-border water will always be an issue, but this is a good example of it. Who owns water when it flows from one country to another? Could they simply block the water upstream from China ,too, and divert it elsewhere if they felt like it. Whose water is it, then? What if India/Bangladesh gets no water at all now? Ugly/thorny issue. China knows what we know - access to consistent power is going to be increasingly important.]

Source: https://www.bbc.com/news/articles/crmn127kmr4o

Christmas celebrations in Bethlehem and other regions of the world are subdued due to ongoing conflicts and security issues. In Bethlehem, tourism has dropped drastically from approximately 2 million annual visitors in 2019 to fewer than 100,000 in 2024, heavily impacting the local economy. Other areas, like Gaza, witness displaced individuals attending church services under dire conditions, while cities like Paris and Saydnaya hold more festive events, albeit still against a backdrop of conflict.

• Bethlehem's economy is suffering due to a drastic reduction in tourism amidst ongoing violence.

• Displaced individuals in Gaza celebrate Christmas under difficult circumstances, while some regions like Paris host large gatherings.

[RSnake: And it sure doesn’t help that mobs are firing at Christians during the most likely time the tourists will want to visit it. Some of this is COVID, but a lot of it is caused by regional conflicts.]

Source: https://www.military.com/daily-news/2024/12/25/cities-worldwide-hold-subdued-christmas-eve-celebrations-amid-conflicts.html

The U.S. Navy's Aegis Ballistic Missile Defense (BMD) program is expanding to address potential threats from countries like Iran and North Korea. By the end of Fiscal Year 2025, the number of BMD-capable Aegis ships is set to increase to 56, with funding requests totaling approximately $1.3 billion for procurement and development, including projects in Europe.

• The Aegis BMD program is crucial for regional defense in Europe and the Pacific against ballistic missile threats.

• Funding is being requested to support the expansion and operation of Aegis BMD capabilities, indicating ongoing military readiness efforts.

[RSnake: This is a series of Aegis ships. From the paper: “Aegis ship combat system—an integrated collection of sensors, computers, software, displays, weapon launchers, and weapons named for the mythological shield that defended Zeus.” As of 2023 it was 49 ships, so that is only an increase of 7 ships. But by 2030 it should be 69 ships, so an increase of 20.]

Source: https://news.usni.org/?p=113934

Taiwan’s presidential hopeful Ko has been charged with bribery and misusing donations, facing a potential sentence of 28.5 years in prison. Several members of his party have also been accused of misuse of political donations. The charges come amid controversy surrounding the redevelopment of a shopping centre during his time as mayor.

• Ko Wen-je has been indicted over property development and campaign finance scandals.

• Prosecutors are seeking a sentence of 28.5 years in prison for Ko.

• Charges have also been brought against several members of Ko’s party over misuse of political donations.

[RSnake: Ouch - that is a big sentence. He has been historically moderate in his views of China, seeing them as “two sides of the straight, one family”.]

Source: https://www.aljazeera.com/news/2024/12/26/taiwans-presidential-hopeful-ko-charged-with-bribery-misusing-donations?traffic_source=

Technology

Elon Musk's AI company, xAI, has successfully raised $6 billion in a Series C financing round, increasing its valuation to $45 billion. The funds will be used to accelerate research and development for its generative AI model, Grok, amid intense competition in the AI industry.

• xAI has raised a total of $12 billion since its inception.

• Investments from major firms like Kingdom Holdings and Sequoia Capital highlight significant interest and support for xAI.

[RSnake: I am surprised that it is receiving such a high valuation when options like Meta’s Llama3.3 70B are open source. It’s clear that Meta is undermining many of these offerings, and it’s uncertain what the larger LLMs will be able to provide the public, considering they will likely have to sacrifice a lot of information to use the LLMs. I would be cautious about these inflated valuations from OpenAI and Anthropic.]

Source: https://techcrunch.com/?p=2922142

The tech industry is facing a potential slowdown in artificial intelligence development due to a depletion of data used to train AI systems. Researchers and executives are expressing concerns that diminishing returns on AI performance might hinder future advancements despite ongoing investments in AI technologies.

• AI companies are running out of digital text data for training systems.

• Experts warn of a potential slowdown in advancements in AI technologies.

[RSnake: No, they are running out of novel well-sourced data; there is tons of garbage on the Internet created by LLMs that the LLMs can incestuously train on. I don’t think we are going to see a slowdown in development. I think we are going to see that the practical limits of the training data have been reached or nearly reached and now it’s time to focus on truth and fact-finding/problem solving and reducing the token generation cost.]

Source: https://www.nytimes.com/2024/12/19/technology/artificial-intelligence-data-openai-google.html

President Joe Biden signed the SHARE IT Act, which mandates federal agencies to share custom-developed software code to reduce inefficiencies and costs related to software development. This legislation is expected to save approximately $12 billion annually by preventing duplicate software contracts among government agencies. The law requires agencies to implement new policies to ensure compliance within 180 days.

• The SHARE IT Act aims to promote efficiency by requiring federal agencies to share software code.

• This initiative is projected to save the federal government approximately $12 billion each year.

[RSnake: Interesting. One of the few pieces of law that actually makes tons of sense. Why are the tax payers spending the money over and over for the same thing?]

Source: https://fedscoop.com/agencies-must-share-custom-source-code-under-new-share-it-act/

Digital travel documents utilizing face recognition technology and smartphones are being implemented across various countries, signaling a significant shift away from traditional paper passports. Governments and airports are trialing these systems to enhance travel efficiency, but there are prevailing concerns regarding privacy, data security, and the implications of widespread surveillance.

• Face recognition technology may replace traditional paper passports in international travel.

• Concerns exist regarding privacy, data protection, and the potential for increased surveillance with digital travel credentials.

[RSnake: It doesn’t make me feel super great when I know that phones often use those same biometrics. It doesn’t take a genius to think maybe one could co-opt the other with some engineering magic to re-use the biometric data found when scanning the user’s face.]

Source: https://www.wired.com/story/the-paper-passport-is-dying/

DeepSeek, a Chinese AI lab, has released a new AI model that claims to be a version of OpenAI's GPT-4. Concerns have arisen regarding the potential use of GPT-4 outputs in training this model, which could lead to inaccuracies and issues with intellectual property. The growing prevalence of AI-generated content on the web complicates the training and quality of AI models.

• DeepSeek V3 is an AI model that identifies itself as ChatGPT, which raises questions about its training data.

• The contamination of training datasets by AI-generated content is becoming increasingly problematic for the quality and authenticity of AI outputs.

[RSnake: GPT-4 trained data means it’s less accurate than GPT-4. The hallucinations will only be worse.]

Source: https://techcrunch.com/?p=2936858

NASA’s Parker Solar Probe has made history by completing the closest-ever flyby of the Sun, reaching within 3.8 million miles of its surface and successfully transmitting signals back to Earth. This mission is crucial for advancing understanding of solar phenomena, including solar wind and the heating of the Sun's corona.

• NASA's Parker Solar Probe reached a record proximity to the Sun.

• The probe will provide valuable data on solar winds and energetic particles.

[RSnake: That’s pretty cool. I wonder what the next milestone will be and at what point we’ll really start to understand solar weather.]

Source: https://www.theverge.com/2024/12/27/24330216/nasa-parker-solar-probe-touch-the-sun

Air pollution from data centers powering AI is projected to contribute significantly to public health issues, potentially leading to up to 1,300 premature deaths annually by 2030. The financial burden associated with this pollution could reach around $20 billion each year, as it may surpass pollution levels from the entire transportation sector in California.

• AI data centers are producing fine particulate air pollution linked to serious health conditions.

• Projected health costs from AI-related pollution could exceed those associated with major industrial sectors.

[RSnake: This is a good selling point but a weird way of making the argument for nuclear power. Fine particulates are due to mining and power generation of things that require burning something. Nuclear has some mining, but it doesn’t require burning. And in another article, FastCompany makes the point that we’ll need a lot more of this.]

Source: https://www.fastcompany.com/91253026/air-pollution-from-ai-could-surpass-that-of-all-the-cars-in-california

The U.S. Marine Corps is advancing the use of Tactical 5G technology to improve communications and operational capabilities in expeditionary environments, amid concerns about satellite vulnerabilities and high-tech threats. A new tech lab will be established to develop secure, mobile 5G networks that can support various military operations, ensuring interoperability with existing systems and preparing for future conflicts.

• The Marine Corps is conducting experiments with 5G technology to enhance communication in tactical operations.

• A new lab will be created to focus on security and interoperability challenges of deploying 5G networks in military settings.

[RSnake: Okay, but only as a first line of defense, please. Those systems are pretty vulnerable. There should be easy-to-use fallbacks.]

Source: https://news.usni.org/?p=113921

Cybersecurity

Apache has released critical security updates for MINA, HugeGraph-Server, and Traffic Control products due to severe vulnerabilities that can lead to remote code execution and SQL injection attacks.

• MINA versions 2.0 through 2.0.26, 2.1 through 2.1.9, and 2.2 through 2.2.3 are vulnerable to a critical severity score of 10 out of 10 due to an unsafe Java deserialization issue.

• Apache HugeGraph-Server versions 1.0 through 1.3 have an authentication bypass problem that can be exploited by improper validation of authentication logic.

• Traffic Ops versions 8.0.0 to 8.0.1 are vulnerable to an SQL injection problem caused by insufficient input sanitization of SQL queries.

[RSnake: Time to patch up. That’s pretty bad.]

Source: https://www.bleepingcomputer.com/news/security/apache-warns-of-critical-flaws-in-mina-hugegraph-traffic-control/

Data breaches and cyberattacks continue to escalate, affecting major companies across different sectors including healthcare and finance. Significant incidents this past year include the hacking of Change Healthcare, resulting in the theft of private health information for over 100 million people, and a ransomware attack on the U.K.-based Synnovis that disrupted healthcare services for months.

• 23andMe suffered a data breach affecting nearly 7 million customers due to insufficient account security measures.

• A cyberattack on Change Healthcare disrupted U.S. healthcare services and compromised data for over 100 million individuals.

[RSnake: If you add it all up, we’re talking about almost half of the US population has had their PII compromised in healthcare breaches in the last year. Incredible. And the only people that really suffer are us, the users of the heathcare systems. No one is getting fired/fined/sued over any of this.]

Source: https://techcrunch.com/?p=2936535

Two individuals, including an airman at Joint Base Elmendorf-Richardson, have been arrested on federal charges related to the distribution and possession of child sexual abuse material (CSAM), some of which involved AI-generated images. The investigation revealed that the airman secretly took photographs of children to create child sexual abuse material, and both suspects are currently held without bail pending trial due to the severity of the allegations and potential threat to children.

• An airman was indicted for possessing and distributing child pornography created using AI.

• The FBI investigation uncovered over 10,000 images of children and evidence of ongoing illegal activities.

[RSnake: AI images of CSAM are a weird thing to process. They aren’t technically hurting or exploiting anyone directly, but obviously are bad. But it does make it significantly more difficult to identify using the typical method - hashing and comparing the hashes. That is because each image can be unique/bespoke. This is one of those situations where the law hasn’t quite caught up with the state of the art. Another article on the topic here.]

Source: https://www.military.com/daily-news/2024/12/27/alaska-airman-facing-federal-charges-tied-ai-generated-child-sexual-abuse-images.html

In 2024, ransomware attacks reached unprecedented levels, with significant data theft incidents affecting millions globally. High-profile victims included government entities, healthcare services, and major corporations, leading to financial losses and operational disruptions.

• Ransomware incidents increased dramatically in frequency and sophistication throughout 2024.

• Major attacks affected thousands of individuals and critical services, causing widespread disruptions.

[RSnake: This is largely because of the rise of semi-anonymous cryptocurrencies. Jeremiah Grossman predicted this would happen, and here we are. An article about Clop ransomware using an exploit in Cleo software is here.]

Source: https://techcrunch.com/?p=2936770

A North Korean hacker group called TraderTraitor has stolen $308 million worth of cryptocurrency from the Japanese exchange DMM Bitcoin. The attack utilized social engineering tactics that involved posing as a legitimate recruiter to infiltrate the cryptocurrency wallet software company Ginco, allowing the hackers to access DMM's systems and manipulate transactions.

• TraderTraitor targeted DMM Bitcoin by compromising an employee through a job proposal.

• The theft of 4,502.9 BTC was facilitated by exploiting session cookies and unencrypted communication.

[RSnake: Speaking of bad actors using semi-anonymous cryptocurrencies, this is a good example of one.]

Source: https://www.bleepingcomputer.com/news/security/fbi-links-north-korean-hackers-to-308-million-crypto-heist/

A new Mirai-based botnet is actively exploiting vulnerabilities in DigiEver DS-2105 Pro NVRs and TP-Link routers with outdated firmware, targeting multiple network video recorders and devices.

• The new Mirai malware variant exploits a remote code execution (RCE) flaw in DigiEver NVRs, as well as CVE-2023-1389 on TP-Link devices and CVE-2018-17532 on Teltonika RUT9XX routers.

• The botnet targets a broad range of system architectures, including x86, ARM, and MIPS, using XOR and ChaCha20 encryption.

[RSnake: Check your attack surface - make sure none of this is running externally.]

Source: https://www.bleepingcomputer.com/news/security/new-botnet-exploits-vulnerabilities-in-nvrs-tp-link-routers/

As digital technologies expand across Africa, organizations are increasingly vulnerable to cyber threats, particularly DDoS attacks, which have surged significantly in several North African countries. High internet penetration rates have contributed to this increase, leading to heightened risks of cyber espionage, organized crime, and attacks on critical infrastructure, while geopolitical tensions further exacerbate the cyber threat landscape.

• A 30% increase in DDoS attacks was observed in the Middle East and Africa in the last quarter.

• Countries like Morocco, Egypt, and Tunisia reported substantial numbers of DDoS attacks, with Morocco experiencing the highest at 61,000 in the first half of 2024.

• Concerns include the rising risks of cyber espionage, organized crime, and attacks on critical infrastructure as businesses increase their online presence.

[RSnake: As their attack surface grows so too does their vulnerability to DDoS, yes. It’s like saying the more cars your company has the more likely you’re going to get door dings.]

Source: https://www.darkreading.com/cloud-security/ddos-attacks-surge-africa-digital-footprint

North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign targeting software developers, which can steal cryptocurrency wallet keys and other valuable information.

• OtterCookie is a new piece of malware that delivers via a loader and executes as JavaScript code, using Socket.IO WebSocket tool to establish secure communications with its command and control infrastructure.

• The malware can steal cryptocurrency wallet keys, documents, images, and other valuable information, and has been seen in some cases deployed alongside BeaverTail or on its own.

[RSnake: Beware any devs you haven’t met or cannot carefully vet.]

Source: https://www.bleepingcomputer.com/news/security/new-ottercookie-malware-used-to-backdoor-devs-in-fake-job-offers/

Significant advancements in quantum computing have been reported, particularly with Google's Willow chip promising improved performance. As the technology progresses, experts warn of potential risks to encryption and cybersecurity within the next 15 years, urging organizations to adopt post-quantum cryptography strategies to protect sensitive data.

• Google's Willow chip marks a leap toward more reliable quantum computing.

• There is an urgency for industries to prepare for the encryption threats posed by future quantum computers.

[RSnake: I am here once again to warn you to be careful of these articles claiming quantum superiority. It is largely not well reported, and the tests they are using to validate their claims cannot be validated, only approximated.]

Source: https://www.darkreading.com/cyber-risk/quantum-computing-advances-2024-security-spotlight

Palo Alto Networks has reported that hackers are actively exploiting a denial of service vulnerability in their PAN-OS software, allowing unauthorized attackers to reboot firewalls by sending malicious packets. This vulnerability affects devices with 'DNS Security' logging enabled, leading to service outages and requiring manual intervention for restoration. A patch has been issued for some versions, but one impacted version will not be patched as it has reached its end-of-life.

• Hackers are exploiting a denial of service vulnerability in Palo Alto Networks PAN-OS software.

• The flaw affects devices with 'DNS Security' logging enabled, causing firewalls to reboot.

[RSnake: Ouch - that would be obnoxious, especially if they had a sense of how long it took for them to reboot - sending the next packet immediately afterward. Those malicious packets will be small and easy to send and, therefore, won’t require a huge botnet to initiate.]

Source: https://www.bleepingcomputer.com/news/security/hackers-exploit-dos-flaw-to-disable-palo-alto-networks-firewalls/

A coordinated attack has compromised at least five Chrome extensions, allowing a threat actor to inject malicious code that steals sensitive user information. The breach was initiated through a phishing attack targeting an administrator account for the Google Chrome store, resulting in a malicious version of a Cyberhaven extension being published.

• A coordinated attack compromised multiple Chrome extensions to steal sensitive user data.

• The attack was executed through a phishing incident targeting a Google Chrome store administrator account.

[RSnake: Google Chrome store along with the other stores that Google has maintained over the years aren’t particularly well monitored. Tom Stracener and I did a presentation about it years ago.]

Source: https://www.bleepingcomputer.com/news/security/cybersecurity-firms-chrome-extension-hijacked-to-steal-users-data/

The U.S. Supreme Court is set to review a case regarding a potential ban on TikTok, which requires its Chinese owner, ByteDance, to sell the company or face restrictions due to national security allegations. President-elect Donald Trump has requested a delay in the court's decision while he seeks a political resolution to the matter, expressing opposition to the ban despite previous support during his presidency.

• Trump's legal team has filed for a delay in a TikTok ban pending a political resolution.

• The Supreme Court will hear arguments on the law mandating TikTok's divestiture due to national security concerns.

[RSnake: I am really curious how this turns out in the end. The time frame is rapidly approaching.]

Source: https://www.bbc.com/news/articles/cr4r1qrqw2vo

The incoming Trump administration is poised to alter the role of the Cybersecurity and Infrastructure Security Agency (CISA), which may lead to reduced federal involvement in cybersecurity and increased opportunities for private sector engagement. Key changes could involve deregulation and a focus on public-private partnerships to strengthen cyber defense mechanisms, amidst a background of rising cyber threats and geopolitical tensions.

• The Trump administration may significantly downsize CISA's role in cybersecurity and oversight.

• There could be increased public-private partnerships and deregulation in the cybersecurity space.

[RSnake: We need to force the states to start being accountable for failures to know what their attack surface is, then know what the vulnerabilities are and finally fix them. Federal funding is a big stick. CISA isn’t doing what it needs to do. I’m not sure who’s been running the show since CISAJen left, but I suspect they’ll need some new blood.]

Source: https://www.darkreading.com/cybersecurity-operations/trump-20-portends-shift-cybersecurity-policies

Business

OpenAI is transitioning from a nonprofit model to a for-profit structure to secure funding needed for its ambitious AI projects, with plans to establish a public benefit corporation. This shift aims to attract significant investments, as the company faces increasing development costs and ambitious goals in the field of artificial intelligence.

• OpenAI will set up a public benefit corporation to facilitate its commercial operations.

• This transformation is necessary to attract larger investments while maintaining its nonprofit goals.

[RSnake: I hope they change their name to ClosedAI. 😉 ]

Source: https://www.fastcompany.com/91253031/openai-pivots-to-for-profit-model-to-secure-massive-ai-funding

Iran's Ministry of Agriculture is involved in a scandal after importing 60,000 tons of sub-standard rice, leading to potential financial losses in the millions of euros. Investigations are underway as the scandal adds to the country's economic challenges, including rising food prices and overall sluggish growth amid sanctions.

• The agriculture ministry imported contaminated rice instead of the intended high-quality variety.

• The financial fallout from the scandal is significant, coinciding with rising food prices and economic strain in Iran.

[RSnake: Ouch, especially as inflation is hitting the population of Iran hard. This won’t go over well.]

Source: https://www.iranintl.com/en/202412256768

PharmEasy, an Indian online pharmacy, has been drastically revalued to approximately $456 million by its investor Janus Henderson, down from a previous valuation of $5.6 billion. The company has faced financial difficulties, including deferred IPO plans and challenges in repaying loans in a deteriorating market, despite raising significant capital earlier this year.

• PharmEasy's valuation has dropped by 92% due to financial struggles.

• The company raised over $200 million in new capital but is still facing debt repayment issues.

[RSnake: Oof, that is a big change! I tend to think most companies are overvalued, btw.]

Source: https://techcrunch.com/?p=2936517

Tesla is implementing a radical approach to manufacturing, focusing on rethinking production processes rather than relying on cheap labor. This innovation could significantly reduce production costs by enhancing efficiency, potentially setting a new standard for the manufacturing industry.

• Tesla's manufacturing efficiency may lead to a decrease in production costs approaching zero.

• The company's approach could transform manufacturing practices across various industries.

[RSnake: Them and everyone else. People are expensive.]

Source: https://www.zerohedge.com/technology/musk-led-manufacturing-revolution-nobody-talking-about

Bitcoin continues to attract significant attention as retail investors show interest during market bull runs. Experts warn investors about the risks of entering the market without a clear strategy, especially as cryptocurrency prices fluctuate dramatically.

• Retail investors are driven by emotion during market trends, often leading to poor investment choices.

• It is crucial for new investors to understand market cycles and avoid the fear of missing out.

[RSnake: Good luck if Bitcoin is the primary strategy!]

Source: https://www.zerohedge.com/crypto/bitcoin-christmas-how-give-family-friends-useful-crypto-advice

Temu, a Chinese-owned ecommerce platform, has seen rapid growth and expansion in the US market, surpassing major competitors like Amazon in app downloads and sales projections. Despite its success, Temu faces challenges including potential changes to US tariff policies favoring its business model and scrutiny over its labor practices and environmental impact. The continued evolution of Temu's supply chain strategy, particularly its shift towards local inventory in the US, will be crucial for its competitiveness moving forward.

• Temu has quickly become a significant player in the US ecommerce market since its launch in late 2022, earning over $50 billion in sales projections for 2024.

• The company is responding to mounting regulatory pressures and competition by adapting its supply chain, shifting from reliance on direct shipping from China to local inventory in the US.

[RSnake: I would recommend staying truly far away from Temu. People I know who focus on CCP involvement have warned me to steer clear.]

Source: https://www.wired.com/story/temus-takeover-is-now-complete/

Apple has decided not to develop its own search engine to compete with Google, citing the high costs and risks involved. The company is currently involved in a legal matter regarding its partnership with Google and the implications of potential changes to their agreement, which could significantly impact their business model and revenue. Eddy Cue has emphasized that any changes could disadvantage both Apple and its customers.

• Apple will not create a search engine due to economic risks and costs involved.

• The ongoing legal battle may affect Apple's revenue and partnership dynamics with Google.

[RSnake: Understandable for now. But I still think they go after consumer AI.]

Source: https://www.theverge.com/2024/12/26/24329148/apple-eddy-cue-search-engine-ai-google-doj-antitrust-intervene

Japan's Nikkei 225 stock index is poised for its best year-end close since 1989, driven by strong performances from domestic companies such as Toyota, Sony, and Fast Retailing. The increase in the index surpasses previous bubble-era levels, largely due to local investor participation and a series of corporate share buybacks, despite foreign investors withdrawing from the market.

• The Nikkei 225 index is expected to close above 40,000 points, marking a significant milestone since 1989.

• Local investors have played a crucial role in this year's market rally, which contrasts with the historical dependence on foreign investment.

[RSnake: Interesting. I have heard mixed feelings about investor sentiment toward Japan, but this one seems more bullish.]

Source: https://www.ft.com/content/1a377056-0866-4da7-99cc-7a45bd0f77e9

Do Kwon, the South Korean cryptocurrency entrepreneur, is set to be extradited to the United States from Montenegro following allegations of orchestrating a multi-billion dollar fraud involving the failed TerraUSD and Luna tokens. The collapse of these digital assets resulted in around $40 billion in losses for investors, leading to significant disruptions in global cryptocurrency markets.

• Do Kwon will be extradited to the US over charges related to cryptocurrency fraud.

• The collapse of the TerraUSD and Luna tokens caused major losses in the cryptocurrency market.

[RSnake: Interesting. Maybe he can use Hawk Tua’s lawyers. 😉 ]

Source: https://www.bbc.com/news/articles/cn7r8xr3v76o

The IRS has implemented new rules requiring gig economy platforms to report earnings for workers, lowering the reporting threshold to $5,000 starting in 2024. A federal court has authorized the IRS to obtain information about gig workers on JustAnswer LLC, particularly those earning over $5,000 from 2017 to 2020, in an effort to enforce tax compliance across the growing gig economy.

• New IRS regulations require gig platforms to report worker earnings below previous thresholds.

• The IRS is taking action against tax evasion in the gig economy by seeking information through court orders.

[RSnake: Huh, this will affect a lot of Fiverr types, is my guess.That the IRS is bothering to go after such low-ball amounts is a little strange.]

Source: https://gizmodo.com/?p=2000543669

Thanks so much for reading. Once again, please forward this newsletter to anyone you think should be reading it. It’s how the newsletter grows, how I know you love it, and how it encourages me to keep going. I’d really appreciate it!