Whether Trump can deliver for his base or not, climate action from many of the US’s individual states will continue

#ClimateChange

A letter from Scotland

https://open.substack.com/pub/jackie125/p/what-will-trumps-election-mean-for

The vulnerability is triggered by interacting with specially crafted URL files disguised as legitimate documents.

A single right-click on a malicious file (affects all Windows versions).
Deleting the file (Windows 10/11).
Dragging the file to another folder (Windows 10/11 and some older versions).

ClearSky researchers have also identified overlaps with techniques used by other Russian-affiliated groups, suggesting using a common ttoolkit

newly discovered zero-day vulnerability, CVE-2024-43451, has been actively exploited in the wild, targeting Windows systems across various versions. This critical vulnerability, uncovered by the ClearSky Cyber Security team in June 2024, has been linked to attacks aimed specifically at Ukrainian organizations - affects nearly all versions of Windows

#Windows #CoSoSec

https://www.clearskysec.com/0d-vulnerability-exploited-in-the_wild/

The onion plans to reintroduce Infowars in January as a parody of itself, mocking “weird internet personalities” like Mr. Jones

😂😂

Bazinga

Have I Been Pwned warns that an alleged data breach compromised the private data of 56,904,909 Hot Topic, Box Lunch, and Torrid users. Hot Topic is an American retail franchise that specialises in counterculture-themed clothes, accessories, and licensed music merchandise.

#CoSoSec

According to HIBP, the exposed information includes full names, email addresses, birth dates, phone numbers, physical addresses, transaction history, and partial credit card data

There was a time when Donald Trump actually had to withdraw some of his nominations for cabinet posts over objections by members of his own party, not to mention Democrats. No longer

#SpyTalk

https://open.substack.com/pub/spytalk/p/trump-picks-shock-national-security

This video first showed up on TikTok and ostensibly showed an Israeli sniper shooting a laser at a Palestinian journalist.

#Israel #Gaza

https://open.substack.com/pub/ryanmcbeth/p/is-this-an-israeli-sniper-targeting

“Snipers” do not normally choose to reveal their location.

The PEQ-15 laser sight does not have a visible green light.

If Israelis were using a commercial laser pointer to intimidate a journalist, they would likely be very far away and the laser beam divergence would likely be very large (30cm at 200m if it showed up at all).

Join Dan at Rome's Colosseum he separates fact from fiction in the world of the gladiators. He traces the origins of gladiatorial fighting from funerary celebrations to elaborate spectacles in the arena. With the help of expert historians, Dan explores the myths perpetuated in Hollywood movies, the role of the games in Roman political life and what you'd actually see if you got a ticket to the greatest show on earth

#HistoryHits #Podcasts

Gladiators: Myths vs Reality

https://player.fm/1BnmuEs

From Nov 2023

TA402 (aka Molerats and Frankenstein), which has been active for more than a decade, rolled out a new sophisticated tool named IronWind, which it used in three campaigns aimed at compromising systems within government agencies throughout the Middle East and Northern Africa, security firm Proofpoint stated in an analysis published on Nov. 14.

https://www.proofpoint.com/us/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government

Wirte has sometimes made use of the IronWind loader, starting in October 2023. IronWind uses a complex, multistage infection chain to drop malware, with the goal of frustrating analysis. It employs geofencing, and reflective loaders that run code directly in memory, rather than on the disk, where it might otherwise be spotted by antivirus software.

The link first tried to connect to the website for Israel's Home Front Command, a wing of the Israel Defense Forces (IDF) responsible for protecting civilians. Its site is accessible only to those within Israel, so if the redirection succeeded, the attack would proceed.

https://counter.social/@ecksmc/113335079089027236

Next, a downloaded zip file dropped and decrypted a pro-Hamas wallpaper JPG, a propaganda video, a tool designed to enable lateral movement within targeted networks, and the SameCoin wiper.

Last month, Wirte puppetted the email address of a legitimate Israeli reseller of ESET software. Its lure message — sent to hospitals, municipal governments, and others — warned recipients that "Government-based attackers may be trying to compromise your device!" and included a download link.

In recent weeks and months, Wirte has leveraged the Gaza war to spread phishing attacks against government entities spread across the region. It has also been carrying out wiper attacks in Israel. "It shows that Hamas still has cyber capabilities, even with the ongoing war," says Sergey Shykevich, threat intelligence group manager at Check Point.

https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/

Thread: #Hamas

longstanding threat actor affiliated with Hamas has been conducting espionage against governments across the Middle East and destructive wiper attacks in Israel.

"Wirte" is a 6 1/2-year-old advanced persistent threat (APT) working to support Hamas' political agenda. Check Point Research identifies it as a subgroup of the Gaza Cybergang (aka Molerats), which is also thought to overlap with TA402.

Salt Typhoon

https://counter.social/@ecksmc/113387185305568115

The announcement gets close to verifying almost everything that has been previously reported about the incident: That, after breaking into telcos' networks, the entities – which have sometimes been labelled "Salt Typhoon" – compromised the wiretapping systems used for court-ordered surveillance; and that the snoops also targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican president-elect Donald Trump and VP-elect JD Vance.

It comes over a month after reports emerged that indicated a Chinese government-backed spy crew had breached US telecommunications networks Verizon, AT&T, and Lumen Technologies.

https://www.theregister.com/2024/09/25/chinas_salt_typhoon_cyber_spies/

Earlier this week, security researchers warned that a different Chinese government-backed spy crew – Volt Typhoon – is once again compromising old Cisco routers to build a botnet to break into critical infrastructure networks and kick off cyber attacks

https://www.theregister.com/2024/11/13/china_volt_typhoon_back/

"theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to US law enforcement requests pursuant to court orders."

https://www.fbi.gov/news/press-releases/joint-statement-from-fbi-and-cisa-on-the-peoples-republic-of-china-targeting-of-commercial-telecommunications-infrastructure

This is a step up from the two agencies' late October admission that they were on the case and actively providing assistance to affected companies and potential victims.

The US government has detected "a broad and significant cyber espionage campaign" conducted by China-linked attackers and directed at "multiple" US telecommunications providers' networks.

#China #CoSoSec

In a joint statement issued on Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency (CISA), the two government bodies revealed the digital assaults resulted in....

It is called scotoma

Iykyk