Am I surprised?
Is the pope a Catholic? etc.
Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research. The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the …
Quite. Of course China is trying to steal those sorts of secrets. So too, I hope, are America and Britain and France and Germany and Israel, among others. If anyone were to tell me definitively that any of these countries doesn't have an active espionage programme aimed at these institutions, I would be very disappointed in them.
People keep getting born. That's where the trouble starts.
They grow up, and want to move out of their parents' home. But where to move to? Gone are the days (if ever) when they could just wander into the woods, or the wilderness, and build a cabin for themselves. All the land is already owned by someone. Mostly, by very rich (and therefore influential) people.
So they either have to pay whatever the asking price is for land this week, or resort to shenanigans. Option 1, which you'll note is only available to people who have quite a lot of resources to start with, helps to make the rich richer and keeps the poor in their place.
Option 2 is the beginning of "not getting along". (Although of course you can also use shenanigans to make yourself richer and then buy the land fair and square, thus combining both options. That's also "not getting along".)
Every war ever is ultimately about "who gets to live where". Putin, for instance, thinks that Ukraine should be populated by people who think of themselves as Russians, loyal to Mother Russia, and to that end he's trying to scatter people who think of themselves as "Ukrainian" to far-flung parts of Russia. (Or Europe, that works too, so long as they don't go back.)
Why is all this relevant to the GGP post? Because "Why can't we all just get along?" is hopelessly naive. It's something that can only be said with a straight face by a very young person who not only knows nothing about history or politics or demography or social sciences in general, but is also largely unaware that there is anything to know about these subjects. And so is the GGP sentiment: anyone who's spent more than about two minutes thinking about the subject already knows that it's not going to happen, and why. It falls under the heading of "aww, that's sweet" if the speaker is a teenager or younger, otherwise it's just irritating.
One of the comments attached to Branagh's Henry V U-tube posting is a waif complaining of the war and death of the period. It appears to be one of those that don't follow history.(This class must greater than believed so it must be a terrible shock to find REALITY. Good spying will always resolve intentions and the capabilities attracted to those intentions.
'specially about Chrtistmas in New Jersey
Well that's basically because once the cat was out of the bag you ain't getting it back in again! People love all the gizmos they get inside Word and Excel, and with almost every biz on the planet relying on Excel to run their fianances ( yeah, shake your head all like, you know it to be true! ), if you killed the VB macros engine inside Excel sheets then the world will literally grind to a halt.
Not saying I agree but I'm just saying that I'm a realist, we're stuck with it so just suck it up and keep your AV software updated!
It was specifically Blackadder that taught me that when we do it, it’s ok!
So you see, Blackadder, Field Marshall Haig is most anxious to eliminate all these German spies.
Filthy hun weasels, fighting their dirty underhand war!
And fortunately, one of our spies...
Splendid fellows, brave heroes risking life and limb for Blighty!
Putin at the minimum will get back half of their old private lake if Odessa falls to the Soviets [sic]. A line drawn from the point of the Romanian border on the Black Sea to a corresponding point at the Georgia intersection will provide the rationale that makes the Barents Sea to be restricted waters. The next stunt would to Yell truce and demand a plebiscite with those actually in Ukraine and peace-loving not under arms residents. He cannot lose. The 'be-nicers' will agitate, those ducking fire will soon tire, and the rest are hostage. Cannot lose!
China is doing magician act dancing around Taiwan while was built Icebreakers and the PLAN is practicing operating in the Northern Pacific. I put the boundary of Cinnese Siberia just about a line running North/South of Lake Baikal
Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal.
The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.
While many nations occasionally mention they possess offensive cyber-weapons and won't be afraid to use them, admissions they've been used are rare. US Cyber Command chief General Paul Nakasone's public remarks to that effect were therefore unusual.
The US Department of Defense said it's investigating Chinese disinformation campaigns against rare earth mining and processing companies — including one targeting Lynas Rare Earths, which has a $30 million contract with the Pentagon to build a plant in Texas.
Earlier today, Mandiant published research that analyzed a Beijing-linked influence operation, dubbed Dragonbridge, that used thousands of fake accounts across dozens of social media platforms, including Facebook, TikTok and Twitter, to spread misinformation about rare earth companies seeking to expand production in the US to the detriment of China, which wants to maintain its global dominance in that industry.
"The Department of Defense is aware of the recent disinformation campaign, first reported by Mandiant, against Lynas Rare Earth Ltd., a rare earth element firm seeking to establish production capacity in the United States and partner nations, as well as other rare earth mining companies," according to a statement by Uncle Sam. "The department has engaged the relevant interagency stakeholders and partner nations to assist in reviewing the matter.
Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances.
The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.
This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come.
China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure (CNKI), citing national security concerns.
In its announcement of the investigation, the China Cyberspace Administration (CAC) said:
China's government has outlined its vision for digital services, expected behavior standards at China's big tech companies, and how China will put data to work everywhere – with president Xi Jinping putting his imprimatur to some of the policies.
Xi's remarks were made in his role as director of China’s Central Comprehensively Deepening Reforms Commission, which met earlier this week. The subsequent communiqué states that at the meeting Xi called for "financial technology platform enterprises to return to their core business" and "support platform enterprises in playing a bigger role in serving the real economy and smoothing positive interplay between domestic and international economic flows."
The remarks outline an attempt to balance Big Tech's desire to create disruptive financial products that challenge monopolies, against efforts to ensure that only licensed and regulated entities offer financial services.
Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ.com messaging and social media platform.
In a post to rival social media platform Sina Weibo – a rough analog of Twitter – Tencent apologized for the incident.
The problem manifested on Sunday night and saw an unnamed number of QQ users complain their credentials no longer allowed them access to their accounts. Tencent has characterized that issue as representing "stolen" accounts.
A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.
The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.
It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.
Cisco has decided it's time to leave Russia and Belarus, almost four months after stopping operations in response to Russia's illegal invasion of Ukraine.
The networking giant announced it would halt operations in Russia and Belarus "for the foreseeable future" on March 3 this year.
A June 23 update suggests Cisco sees no future in either nation.
Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.
In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January.
And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse.
Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers.
Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries.
The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.
Biting the hand that feeds IT © 1998–2022