Supply Chain Peek’s Post

New Post: Google, Meta and others face tough questions in Australia over cyber extremism threats - https://lnkd.in/gUd3gDE6 - Australia’s online safety regulator has put social media giants on notice, requiring them to explain what they are doing to to protect people from violent extremists and terrorists - #news #business #world -------------------------------------------------- Download: Stupid Simple CMS - https://lnkd.in/g4y9XFgR -------------------------------------------------- or download at SourceForge - https://lnkd.in/gNqB7dnp

They're circling sharks, those competitors. If you search for Kaspersky, you'll find them. Sponsored ads. "Hey, come use us now that...well, you know." We know (or are learning) that the US Government has sanctioned Kaspersky. Just what does that mean, and how do you track the people the government sanctioned? Learn a bit about the Entity List. It's part of the answer to that question. (External link but my writing). https://lnkd.in/gB5Ddp5u #entitylist #ussanctions #restrictedpartyscreening #kaspersky

Ukrainian police detain man who offered services to Russian intelligence on darknet. Key takeaways: 1. The recent arrest of a Ukrainian cybercriminal backed by Russian intelligence highlights the growing trend of foreign powers leveraging the darknet to conduct covert operations, boosting concerns about national security and the dark web's role in international cybercrime. 2. The case illustrates the vast potential of cyber mercenaries advertising their services online, which enables state actors to stir chaos, further emphasizing the need for strengthened cybersecurity measures and sharper monitoring of darknet activities. 3. The continued incidents unearth the alarming trend of Russia using the data of Ukrainian and EU citizens, acquired from the dark web, to disseminate disinformation in an attempt to destabilize regions, underscoring the urgency to clamp down on such activities. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/ekujkkZf

🚨 #DataBreach 🚨 In July, threat actors launched a targeted cyberattack against political figures and government officials in Malaysia, leveraging malicious ISO files to deliver Babylon RAT. The ISO files contained multiple components, including a shortcut file, a hidden PowerShell script, a malicious executable, and a decoy PDF file, designed to deceive users into thinking they were interacting with legitimate documents. Upon opening the ISO file, a PowerShell script executed in the background, launching the decoy PDF and copying the malicious executable to the %appdata% directory, while creating a registry entry to ensure persistence. The campaign was uncovered by Cyble Research and Intelligence Lab, who identified the reuse of Quasar RAT by the same threat actor against Malaysian entities, indicating a pattern. The malicious ISO files featured lure documents tailored to specific audiences, addressing topics like political concerns and government-related subjects. The final payload, Babylon RAT, provided extensive control over infected systems, enabling the threat actor to capture keystrokes, monitor clipboards, extract passwords, and execute remote commands. The RAT's capabilities include real-time remote access, information gathering, anti-detection measures, credential stealing, and the ability to execute DDoS attacks. This incident highlights the advanced methods utilized by the threat actors to compromise high-profile targets and underscores the necessity for robust cybersecurity measures and awareness.

With two weeks until Election Day 2024, the Microsoft Threat Analysis Center (MTAC) observes sustained influence efforts by Russia, Iran, and China aimed at undermining U.S. democratic processes. Since our last two reports, the U.S. government has taken many actions revealing cyber and influence activity from foreign adversaries related to election 2024. Most recently, that includes revealing malicious Iranian cyber actors’ sending of “stolen, non-public material from former President Trump’s campaign” to both individuals then associated with President Biden’s campaign and U.S. media organizations, and the indictment of three Iranian actors for the hack-and-leak operation targeting the Trump-Vance campaign. 

Japan's ruling political party hit by cyberattack from alleged pro-Russian hackers. Key takeaways: 1. The temporary disruption of Japan's main ruling party website amid the general election campaign illustrates the vulnerability of governments to cyberattacks during critical periods. The timing of the DDoS attack—coinciding with the election kickoff—highlights the potential for hackers to derail democratic processes. 2. Claimed by pro-Russian hackers as a form of protest against upcoming Japan-US military exercises, the incident underscores cyberwarfare's role in geopolitical conflicts. The attack comes as an indirect 'warning' from Russia, extending disruptions from the physical to the cyber sphere. 3. The wide range of Japanese targets, from state services to shipbuilding companies, indicates a broader strategy aimed at not just electoral disruption, but crippling essential activities, thereby emphasizing the need for robust, multi-sector cyber defense strategies. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/ey7MRd6m

Politico [excerpt]: The #CzechRepublic's foreign minister and #Britain's #Europe minister were among the targets of Beijing's #cyberespionage campaign revealed this week. The United States, United Kingdom and others called out a 2021 online campaign by Chinese state-linked #hackers earlier this week. The U.S. Department of Justice released an indictment and the U.K. imposed #sanctions on the hacking group, known as APT31, saying the hackers had ties to China's Ministry of State Security. The group in 2021 sent "more than 1,000 emails to more than 400 unique accounts" of members of a coalition of lawmakers critical of Beijing called the Inter-Parliamentary Alliance on China (IPAC) to try to gather data on members' internet activities and digital devices, the U.S. indictment said. Among the targets of the attacks: British Minister for Europe Nusrat Ghani, an IPAC member at the time of the attacks who was appointed in her role as minister on Tuesday, and Czech Foreign Minister Jan Lipavský, also a member of the group. "This just proves the assessment in our Security Strategy, which states that the rising assertiveness of China is a systemic challenge that needs to be dealt with in coordination with our trans-Atlantic allies," Lipavský told POLITICO in a comment. The cyberattacks took place about a year before Lipavský became a minister. Ghani, while a parliament backbencher in 2021, told the U.K. parliament in July 2021 that China hacked IPAC accounts and called on the government to act swiftly. The U.S. indictment says China targeted 43 U.K. parliamentary accounts, most of whom were members of IPAC. Invited to respond, Ghani did not dismiss she was among the group of politicians that was targeted by the campaign. The Foreign, Commonwealth and Development Office did not provide a comment in time for publication. U.S. prosecutors said in their indictment that the Chinese #hacking group had conducted cyberattacks on American political and state officials since at least 2015, including by posing as prominent American journalists to trick victims into clicking links that extract information on their whereabouts and digital devices. The hackers used more harmful software tools in other campaigns targeted at the U.S.; the indictment did not say these tools were used against European targets in the 2021 email campaign targeted at IPAC members. The #EuropeanUnion has not yet made any public declaration acknowledging the impact on European lawmakers as was detailed in the U.S. indictment, instead releasing a statement expressing solidarity with the U.K. An EU official, granted anonymity to speak freely on the ongoing development, told POLITICO they were still looking into the assertions made by the U.S. #news #geopolitics

IT Security has many faces. One important goal is to identify malicious activity e.g. by fraud or counterfeiting. Beside any payment related targets, this might also target e.g. news sites. The methods described by CORRECTIV are probably known to IT security folks from other context like phishing. https://lnkd.in/eBPfKDEA

There is a broad consensus about the danger TikTok poses to Americans. The bipartisan Protecting Americans from Foreign Adversary Controlled Applications Act reflects that consensus. The Clean Store approach, prohibiting app store availability of this digital weapon of the Chinese Communist Party and other untrusted apps, is an effective way to prevent America’s foreign adversaries from invading our privacy, proliferating viruses, spreading propaganda, and threatening US national security. Here’s the text of the bill: https://lnkd.in/g7HjcE2E

Thanks so much, Bill, for your thoughts on this. We miss you so much in ODNI! You're the best! The sad thing is that insider threats are not always even aware that they are being used to harm others within their organizations or families. If they were, they surely would do what they could to close the breach they opened. As you suggest, each of us has a direct role in keeping us all safe online. As the former USG whole-of-government lead in the Comprehensive National Cybersecurity Initiative (CNCI) on Cyber Deterrence, among other things, I (sadly) know that we should always assume that what we do or post online is not private, and our own cyber actions, behaviors and habits could impact a great number of others, and even national security. So what can each of us do? Easy! Good Cyber Hygiene is a great start. It's an odd term, but "Cyber Hygiene" is something we all must practice. It's as important online as washing your hands is to keep yourself healthy, and you don't put much thought into that; it's second nature. Think of the pandemic and how each of our behaviors had a direct effect on others' health across the nation. Good Cyber Hygiene is no less impactful! Core Components of Cyber Hygiene Regular maintenance:  Cyber hygiene practices are part of a routine to ensure the safety of identity and other details that could be stolen or corrupted. These maintenance measures include keeping software and operating systems current, applying security patches, and regularly archiving data. Security improvement:  By maintaining good cyber hygiene, individuals and organizations can minimize the risk of operational interruptions, data compromise, and data loss, thus improving their overall security posture. Practicing fundamental cyber hygiene best practices goes a long way in minimizing nefarious threats to privacy and information. Training and awareness:  Cyber hygiene requires individuals and organizations to adopt a security-centric mindset and habits that help minimize potential online breaches. Don't just click that link to see what pops up. You may not like it, and you may not even realize you've let the bad guys into your system, and your whole network and people you know and communicate with. Ongoing effort:  Cyber hygiene is not once-and-done, but a continual routine process. Be sure you continually keep an eye on your computers and devices and note any strange new behaviors; keep your operating systems updated automatically, and become aware of cybersecurity news stories so you may adapt to emerging threats. Collaboration:  Cyber hygiene is a collective effort involving security specialists and end users. IT security teams cannot sustain good cyber hygiene on their own and need the support and cooperation of all users within the families or organizations. I hope this helps even one person be safe!