August 1st: I Had To Write About CrowdStrike, And More Bad Stuff Happened
Audio format will be available on both the Steady and Spotify/general publication RSS feed after the mid-month newsletter (usually published around the 15th).
🦉 A Note:
I didn’t originally plan to put out newsletters at the beginning of the month, but I realized that the amount of news stories I felt like sharing was stacking up way too much. I also wanted to put the word out for my unhinged journal entry about the CrowdStrike/Windows outage.
I don’t know if I’ll make a habit out of the newsletter being twice-monthly, but what I can say is that any month that I do so, I’ll add the contents of these to the audio version that uploads in the third week.
🦉 Before we get started: I‘m continuing to ask you to please consider donating to the World Central Kitchen (Abre numa nova janela). They’re one of a handful of organizations left still trying to work in Gaza. They take donations in a number of formats, including PayPal tips and crypto.
World Central Kitchen has resumed operations in Gaza following the April 1, 2024 Israeli Defense Forces attack that killed seven team members.
As well, some of you may have noticed that my old mailing list for non-technical writing has been combined with this one. More details on what I’ll be doing with my other project in the future.
My Work Since The Last Newsletter
🦉 Virtual Verity Podcast:
Chivo Wallet Episode 3 is dropping in just a few days! This one will focus more on the repression-related topics in El Salvador.
(Abre numa nova janela)🦉 Blog Articles:
In the last two weeks, I’ve only produced this one article. It’s long, but I encourage you all to check it out:
(Abre numa nova janela)I know it’s potentially prohibitively long, and I realize now that that my desire to put the cyberattacks front-and-center might have discouraged those more interested in the disinfo/conflict side of my writing, but I did this because of the very specific potential for danger, and I felt that was more important in the moment. If you need some convincing, the elevator pitch is:
Microsoft and CrowdStrike’s mistake has enabled cyberattacks, yes. But this massive act of incompetence within a pseudo-monopoly also created a gap to be filled by misinformation, disinformation, and conspiracies related to the US elections, World Economic Forum, etc.
AI is being fed with people authoritatively spreading misinformation about important, world-impacting events.
Disinformation/Misinformation narratives are entrenching themselves in the beliefs of individuals who have the ability to influence actual policy.
False narratives related to subjects that are easy to feign expertise on (as cybersecurity can be, depending on the audience) can spread quickly.
It’s also a journal entry, so the style is kind of all over the place. Still, I think it’s valuable.
What’s In The News? - What I’ve Been Reading
🦉 DDoS Threat Actor, Anonymous KSA , Claims To Move Into More Advanced Tactics - Broader Implications For Islamic Hacktivism?
Radical Islamic hacktivism is something I’m monitoring again, especially since the Israeli assassination of Ismail Haniyeh, yesterday. Anonymous KSA caught my attention with some alleged data leaks of Indian government staff members’ IDs on the 25th, but the group has continued to heat up in the last 24 hours.
While the group themselves might not stand out tremendously in the field of Muslim hacktivists (who I should note, have an extremely broad swath of beliefs, and come from all over Asia, Africa, and Europe), I think their constant back-and-forth with other threat actors in support of India and Israel is a topic worth examining.
Even before the day was over on October 7th, lines were drawn in cyberspace between the two loudest factions (Pro-Israel/India and Pro-Hamas/Iran/Pakistan), with broader anti-authoritarian groups at the time being a bit more split (though have all more-or-less fallen on being against Israel as the atrocities in Gaza continue).
Let me be clear that, no matter what your feelings are on the IDF/IAF’s brutality, or Israel’s international relations in general, these threat actors have largely engaged in abominable behavior (overt racism, Ransomware attacks on civilian hospitals, online sexual harassment of both Israeli and Arab women for just existing on the internet, etc.) , and shouldn’t be sanctified. Take each of these actors as individuals.
🦉 Holy CRAP the UN Cybercrime Treat is a Nightmare (Abre numa nova janela) - from the newsletter of Cory Doctorow
The UN Cybercrime Treaty expands state surveillance powers, potentially allowing authoritarian governments to label dissent as cybercrime and share surveillance data globally
🦉 Pro-Palestinian Actor Levels 6-Day DDoS Attack on UAE Bank (Abre numa nova janela) - read on DarkReading by Romert Lemos
A UAE bank faced a six-day DDoS attack by pro-Palestinian actors, causing significant disruptions. The attack was likely conducted by BlackMeta, who are suspected of being a re-brand of Anonymous Sudan (a Russian DDoS group).
🦉 The CrowdStrike Incident Happened Just Hours After Another Huge Microsoft Outage (Abre numa nova janela) - read on BleepingComputer by Sergiu Gatlan
A Microsoft 365 outage occurred due to a faulty Azure configuration change, impacting services like Teams, OneDrive, and Xbox Live.
🦉 There’s Been A Huge Uptick In Crypto Theft - Read in various places, related to both state and non-state actors.
Cryptocurrency theft surged by 112% in Q2, with centralized exchanges being primary targets, resulting in losses of over $572 million, according to a late-June article (Abre numa nova janela).
🦉 Uncle Sam accuses telco IT pro of decade-long spying campaign for China (Abre numa nova janela) - read on The Register by Connor Jones
A U.S. IT professional has been charged with spying for China, allegedly passing information to China's Ministry of State Security since 2012.
🦉 How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter (Abre numa nova janela) - read on Wired by Andy Greenberg
Details have been released about how in January, Russia-based hackers targeted a Ukrainian heating utility in Lviv, using malware to disable heat and hot water services to 600 buildings during a winter freeze, marking the first confirmed case of direct sabotage of a heating utility by Russian threat actors.
🦉 US Department of Homeland Security Now Has An Electronic Warfare Dog Robot (Abre numa nova janela) - read on 404 Media by Jason Koebler
The Department of Homeland Security has developed a dog-like robot, "NEO," equipped with an antenna array to disable home networks, allowing law enforcement to remotely disable Internet of Things devices in homes suspected of being booby-trapped during raids. Scary shit.
🦉 Meta nukes massive Instagram sextortion network of 63,000 accounts (Abre numa nova janela) - read on BleepingComputer by Bill Toulas
Meta removed 63,000 Instagram accounts linked to Nigerian sextortion scams, targeting mainly adult men in the U.S., and identified the group as 'Yahoo Boys.' They also deleted additional accounts and groups on Facebook, implementing measures to prevent new scam accounts from being created.
🦉 Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking (Abre numa nova janela) - read on The Hacker News by Ravie Lakshmanan
A Chinese organized crime syndicate known as Vigorish Viper, linked to money laundering and human trafficking, is using a sophisticated technology suite called "baowang" to support its operations. The group utilizes a seemingly-legitimate network of online assets to advertise illegal gambling, often through European football club sponsorships. The syndicate also engages in similar sponsorships in Indian sports.
🦉 Malaysia is working on an internet 'kill switch', says minister (Abre numa nova janela) - read on The Register by Laura Dobberstein
Malaysia is preparing legislation for an internet "kill switch," set to be presented in October, to enhance digital security. The law will require social media and messaging platforms with over eight million Malaysian users to obtain a license starting January 1, 2025. The government seeks to hold these platforms accountable for online crimes, while international human rights groups express concerns about potential stifling of public participation and abuse of power. (also: website article coming on this topic)
🦉 New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries (Abre numa nova janela) - read on The Hacker News by Ravie Lakshmanan
The SideWinder nation-state threat actor, linked to India, has launched a new cyber espionage campaign targeting maritime facilities in the Indian Ocean and Mediterranean Sea. The campaign uses spear-phishing tactics with emotionally charged lures, exploiting vulnerabilities in Microsoft Office to deliver malicious payloads aimed at intelligence gathering. It’s been targeting entities from Pakistan, Egypt, Sri Lanka, and others.
🦉 China ponders creating a national 'cyberspace ID' (Abre numa nova janela) read on The Register by Laura Dobberstein
China is considering introducing "cyberspace IDs" for citizens, aimed at protecting personal information and streamlining online identity verification. The IDs, which would link to real-life identities, could reduce the need for sharing personal data with ISPs and social media platforms. While currently voluntary and in a proposal stage, the policy raises concerns about potential implications for free speech and state surveillance.
🦉 The Heritage Foundation’s Bizarre Reporting On The Trump Shooter
I’m not sure where I wanted to direct people’s eyes for this story. Somehow, The Heritage Foundation’s “Oversight Project” got their hands on marketing data traced to Crooks’ phone. The narrative was used to drive some idea that Crooks had an association with the FBI, and it’s fucking wild. I find The Heritage Foundation pretty evil in general, and it’s my opinion that The Oversight Project relies on the general public’s lack of familiarity with OSINT and research-reliant topics to spread lies. This situation, as I understand it, is no different.
🦉 Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection (Abre numa nova janela) - read on The Hacker News by Ravie Lakshmanan
Meta agreed to a $1.4 billion settlement with Texas over allegations of illegally collecting biometric data without user consent. The lawsuit claimed Meta violated Texas laws by using facial recognition software on photos uploaded to Facebook without proper disclosure or consent. Meta has since discontinued its "Face Recognition" system and deleted related data. This case is one of the largest penalties against Meta for privacy violations.
Thanks for reading all of that (if you, in fact, did)! As you can see, a lot’s been going on in my corner of the internet. There are a lot of other important stories that I know I left out, but I think I’ve bummed you out enough for the time being.
Hail Moloch!
