End of August: Start with the Bad News, or the Badder News?
Audio format will be available on both the Steady and Spotify/general publication RSS feed in the next few days. It will include the content of both August newsletters. The archived version of this newsletter will be updated with the audio file once it’s done.
Big apologies to everyone: August ended up being a much slower month on the blog/podcast than I would have liked. On the personal life side, I had two certification exams that I had to study up for and took back to back (thankfully I passed both tests). I took these near the end of the second week of the month, and the brain bruises just started recovering in the last few days. Then, the sheer amount of news that seemed worth reporting on took way off and I wasn’t sure where to even begin. Anyone familiar with the space should know that this can happen any time you blink.
🦉 Before we get started: I wanted to draw attention to another organization that has recently worked in both Gaza and Ukraine, and continue to put themselves in danger: CADUS, who specialize in medical aid and infrastructure (Si apre in una nuova finestra).
As well, some of you may have noticed that my old mailing list for non-technical writing has been combined with this one. More details on what I’ll be doing with my other project in the future.
My Work Since The Last Newsletter
🦉 Virtual Verity Podcast:
Chivo Wallet Episode 3 needed to be re-worked. Quite frankly, it was ready to go out about 11 days ago, and I ended up just… not liking it? It didn’t feel coherent, it felt like it had no thesis, and I’m trying to see what can be kept as I re-outline it. Fear not! I promise promise promise that it’s coming out soon! A reminder that I’m a one-person operation here, and I’m still working out issues as they come.
🦉 Blog Articles:
(Si apre in una nuova finestra)Authoritarian Trends: Malaysia Next With An “Internet Killswitch” (Si apre in una nuova finestra)
I threw together this article about how Malaysia is the next country trying to implement an “internet killswitch”—the ability for the government to selectively shut down online communications—in instances related to national security. The Malaysian government is claiming this is all part of a plan to update its legislation for combating modern cybercrime.
My personal take is that this is laughable. As I mention in the article, Malaysia has had a pretty terrible track record in human rights, particularly regarding free speech, despite some genuine attempts to reform specific policies since 2018. The government in Malaysia has given me no indication that this wouldn’t be abused like similar tools deployed in India or Iran.
Speaking to concerns I first saw outlined by Cory Doctorow (Si apre in una nuova finestra), this is in line with a trend of what now seems to be UN-sanctioned government overreach in the name of stopping cybercrime:
The treaty has an extremely loose definition of cybercrime, and that looseness is deliberate. In authoritarian states like China and Russia (whose delegations are the driving force behind this treaty), "cybercrime" has come to mean "anything the government disfavors, if you do it with a computer." "Cybercrime" can mean online criticism of the government, or professions of religious belief, or material supporting LGBTQ rights.
What’s In The News? - What I’ve Been Reading
The stretch from the end of July to the past week has been a ride. I always apologize for not getting to everything, but part of my paralysis in getting “back on the horse” two weeks ago was in just how much was happening.
I’ve decided to break my coverage down into a few significant or under-reported stories in several categories.
State Intervention And Surveillance
🦉 Telegram CEO Arrested In France
Read on Reuters (Si apre in una nuova finestra) by Ingrid Melander and Guy Faulconbridge
Pavel Durov, the billionaire founder of Telegram, was arrested at Le Bourget airport in France upon arrival from Azerbaijan, reportedly due to an outstanding French arrest warrant linked to a lack of moderation on the platform that allegedly allowed various crimes. The arrest has sparked criticism from Russia, which is rich, as Durov has actively fled the Russian government since 2014. Some prominent figures like Elon Musk, whose own platform is about to be banned in Brazil, argued that free speech in Europe is under threat. Telegram insists Durov has nothing to hide and that the platform is compliant with EU laws. Spoiler: it’s probably not.
🦉 Update On Sellafield Nuclear Plant Cyber Security Failure: Pleads Guilty
Read on The Guardian (Si apre in una nuova finestra) by Anna Isaac and Alex Lawson
Sellafield, the UK's largest nuclear site, has publicly apologized after pleading guilty to serious cybersecurity breaches that left 75% of its servers vulnerable to attack for several years. These failings, which occurred between 2019 and 2023, posed a significant risk to national security, although no successful attacks were reported. Gotta hand it to The Guardian’s team here for being at the front of this push.
🦉 US Pushes To Make Ransomware “Terrorism” Under Law
Read on CYBERSCOOP (Si apre in una nuova finestra) by Cynthia Brumfield
The 2025 National Defense Authorization Act (NDAA) includes provisions to classify certain types of ransomware attacks as terrorism, because, let’s be honest, they pose a threat to national security. This legislative move could lead to harsher penalties and more aggressive responses to ransomware incidents.
🦉 Vietnamese Human Rights Group Targeted By Government Threat Actor, APT32
Read on The Hacker News (Si apre in una nuova finestra) by Ravie Lakshmanan
A Vietnamese human rights group has been targeted in a sophisticated cyber-espionage campaign, believed to be linked to a Vietnamese state-backed or operated threat actor, APT32.
🦉 Former Polish Deputy Justice Minister Charged With Illegally Purchasing Pegasus Spyware, Using It On Journalists
Read on the Polish Government’s Website (Si apre in una nuova finestra)
The former Deputy Minister of Justice, Michał Woś, has been charged with criminal offenses related to his conduct in office. The specifics of the charges involve alleged misconduct and abuse of power, although further details are pending the legal proceedings.
Cyberwarfare and Espionage
🦉 Ukraine’s GUR Cyber Operators Attack Russian Nuclear Warfare Infrastructure
Read on Interfax-Ukraine (Si apre in una nuova finestra)
Ukrainian cyber specialists from GUR, alongside the BO Team hacker group, successfully paralyzed the operations of Vega, the sole internet provider for a key Russian nuclear weapons developer in Snezhinsk, Chelyabinsk. This attack disrupted critical communications and destroyed sensitive data.
🦉 Russian State Threat Actor, APT29 (“Cozy Bear”) Using Exploits Potentially Linked To Spyware Vendors
Read on Google’s Threat Analysis Blog (Si apre in una nuova finestra) by Clement Lecigne
Google’s Threat Analysis Group emphasized in this report that state-backed attackers and commercial surveillance vendors often reuse the same exploits across different campaigns. There is an implication that is perhaps over-reported at the moment that allegedly unethical firms like NSO Group are sharing tools with APT29, but the connection is tenuous, and no relationship established in the report.
🦉 Trump Campaign Emails Hacked And Leaked By Iranian Threat Actor
Read on Security Week (Si apre in una nuova finestra)
Donald Trump’s campaign reported that its emails were hacked, leading to a breach that may have exposed sensitive communications. The campaign is investigating the extent of the breach and its implications on the ongoing election efforts.
Info/Psyop/Influence Campaigns
🦉 OpenAI Claims Iranian Campaign Was Using ChatGPT For US Election Influence Purposes
Read on Techopedia (Si apre in una nuova finestra) by Yana Khlebnikova
OpenAI banned a network of accounts involved in an Iranian campaign using ChatGPT to generate content aimed at influencing the U.S. presidential election. Despite the operation's efforts, its impact was minimal, with little engagement from real users. It is unclear if this is related to the previously mentioned incident.
🦉 Russian Government Publishes Statement Welcoming The Anti-Woke
Read on Business Insider (Si apre in una nuova finestra) by Chris Panella
Vladimir Putin described Russia as a sanctuary for those seeking refuge from Western liberal ideals in an official press release, portraying the country as a defender of traditional values amid growing global tensions. The announcement welcomes citizens of countries such as the US to move to Russia. Anyone who falls for this isn’t worth the inevitable hostage negotiation.
🦉 Indian Disinfo Campaign Also Double Dips For Google Ad Money
Read on Bellingcat (Si apre in una nuova finestra) by Pooja Chaudhuri
Bellingcat's investigation reveals that Google Ads inadvertently funded disinformation campaigns in India that relied heavily on Islamophobia and other hyper-nationalist narratives. Always check out Bellingcat’s articles!
Hacktivism And Cybercrime
🦉 There’s A Chance Every US Social Security Number Was Stolen (They Probably Weren’t)
Read on NBC News (Si apre in una nuova finestra) by Kevin Collier
Findings from a court case against threat actor, USDoD indicates that every Social Security number in the U.S. may have been compromised, following a breach that potentially exposed the personal information of millions. The lawsuit questions the adequacy of the government's security measures and could have significant implications for data privacy. That said, the data very likely could have been padded with outdated or irrelevant details.
🦉 DDoSecrets Co-Founder Had Dark Web Drug Side-Hustle
Read on 404 Media (Si apre in una nuova finestra) by Joseph Cox
A co-founder of DDoSecrets, a website known for leaking sensitive data, was revealed to have been a dark web drug kingpin. This revelation adds a complex layer to the group's controversial activities, not unlike its spiritual predecessor, WikiLeaks.
🦉 Ransomware Incident At Dairy Farm Shows Vulnerabilities In Food Supply Chain
Read on Security Affairs (Si apre in una nuova finestra) by Pierluigi Paganini
A threat actor compromised a cow-milking robot, disrupting dairy farm operations by tampering with the robot's software. The incident, as reported, left a lot of questions unanswered. However, it’s worth mentioning that it demonstrates some of the vulnerabilities in agricultural technology and the potential risks of cyberattacks on the food supply chain.
Other OSINT/SIGINT/VIBESINT
🦉 Ukrainian F-16s Retrofitted With New EWO Suite
Read on Yahoo News (Si apre in una nuova finestra) by Joseph Trevithick
The U.S. Air Force has been working closely with Ukraine to optimize the electronic warfare (EW) systems on Ukrainian F-16 fighter jets to counter Russian threats. The collaboration involves reprogramming these systems, with Ukraine providing combat data to further refine these capabilities. The 68th Electronic Warfare Squadron at Eglin Air Force Base played a key role in this effort, overcoming challenges with unfamiliar EW systems and developing effective countermeasures to enhance the survivability of Ukraine’s air force in dense air defense environments.
Housekeeping
Steady and OnlySocial updated a bunch of their features in ways that make them significantly better, but will require a few re-works of the website and social media manager back-ends. I appreciate your patience while I get that all sorted out over the next week. Some features and pages may look a little different or have some jank involved with the internal links. However, this should have no impact on the article pages.
Thanks for reading all of that (if you, in fact, did)! As you can see, a lot’s been going on in my corner of the internet. There are a lot of other important stories that I know I left out, but I think I’ve bummed you out enough for the time being.
Hail Moloch!
