Crowdstrike and Mandiant are entering some sort of partnership? What the hell is the backstory here.
https://www.cyberscoop.com/crowdstrike-mandiant-strategic-partnership/
Story time!
Today’s insight.
A bit old, but I missed this at the time. People with bionic eye implants going blind, again, because the company shutdown and the code is proprietary. Cyberpunk got this one 100%. Only install open source cybernetics people!
https://spectrum.ieee.org/bionic-eye-obsolete
The use of information technology to enable einsatzgruppen murder squads is an important point that might get lost in the “i can’t believe it’s not cyberwar” debate.
This stems from something that I think ppl don’t quite understand about modern security services—just how much more they know about everything thanks to cyber. They don’t need to do surveillance. They just need to follow your phone.
They have access to huge amounts of databases and historical information that is all cross linked. Much of that information is from hacked sources because that’s where everything is these days. In an unprotected S3 bucket or MySQL database sitting on the internet somewhere.
Add to that the long long history of lists. That’s what intelligence services are: list makers. Then there is the history of liquidating people on lists.
The point is that cyber makes creating lists easy and more comprehensive. And enriching them much easier. And then they end up in the hands of murder squads…
Cyber security and cyber warfare can easily become matters of life and death.
Speaking of military stuff and cyber, @GossiTheDog is spitting straight fire.
Facebook dropped their threat report for Q1 yesterday. A number of interesting aspects of modern cyber warfare are mentioned (in the summary).
There is major effort to get back in the information ops game. Russian threat actors are trying hard to get accounts.
We’re also sharing an update on our enforcements in Ukraine, including attempts by previously disrupted state and non-state actors to come back on the platform,
This is actually an interesting side note here. Whenever there is a major event, there is fraud trying to exploit it. It’s like one of the four horsemen of cyberwar, “topical spam and phishing content”
in addition to spam networks using deceptive tactics to monetize public attention to the ongoing war.
This one is actually really really interesting. As we know, every reporting tools will be abused by malicious actors targeting things they don’t like. Facebook has detection mechanisms in place to try and prevent this from happening. They discovered and blocked groups trying to silence accounts over the Ukraine war. It’s important to remember that an extremely powerful info war weapon is “censorship.” Just block the other side from presenting their narratives.
Under our Inauthentic Behavior policy against mass reporting, we removed a network in Russia for abusing our reporting tools to repeatedly report people in Ukraine and in Russia for fictitious policy violations of Facebook policies in an attempt to silence them
https://about.fb.com/news/2022/04/metas-adversarial-threat-report-q1-2022/
Next generation tracking via mobile apps.
Microsoft is calling out the GRU for hacking in Ukraine.
Strontium was using this infrastructure to target Ukrainian institutions including media organizations. It was also targeting government institutions and think tanks in the United States and the European Union involved in foreign policy. We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information. We have notified Ukraine’s government about the activity we detected and the action we’ve taken.
Microsoft says that they’ve been dealing with an increase of cyber attacks in Ukraine since the invasion began.
The Strontium attacks are just a small part of the activity we have seen in Ukraine. Before the Russian invasion, our teams began working around the clock to help organizations in Ukraine, including government agencies, defend against an onslaught of cyberwarfare that has escalated since the invasion began and has continued relentlessly. Since then, we have observed nearly all of Russia’s nation-state actors engaged in the ongoing full-scale offensive against Ukraine’s government and critical infrastructure, and we continue to work closely with government and organizations of all kinds in Ukraine to help them defend against this onslaught. In the coming weeks we expect to provide a more comprehensive look at the scope of the cyberwar in Ukraine.
https://blogs.microsoft.com/on-the-issues/2022/04/07/cyberattacks-ukraine-strontium-russia/