Tag: intel | Page 2

Tokyo risks being carried away by intel craving

August 15, 2023/in Internet Security

Japanese Prime Minister Fumio Kishida speaks during his news conference in Tokyo, Japan, on February 24, 2023. [Photo/Agencies]

The reforms implemented by Tokyo over the past 10 years have seen a break with the so-called postwar Yoshida Doctrine that emphasized concentrating resources on economic development and letting the US take care of the country’s security.

By bolstering its capacity for decision-making and removing some of the legal constraints on the use of force, Tokyo has positioned itself for a more integrated military alliance with the US while giving itself room to act in what it perceives to be its interests.

Japan released three documents last year that defined its change of security policy. With a sharp increase in military spending, the most significant take-away from the three documents is the US-Japan alliance is entering a new phase. With its own combat-credible forces, Japan will be proactively involved in international security affairs.

Since war-fighting requires a much higher level of information acquisition and analysis, as well as information sharing between militaries, to better enable this new approach, Japan is looking to strengthen its intelligence gathering and analysis capabilities by building an intelligence network in the Asia-Pacific. It has been proposed that Japan should be included in the Five Eyes intelligence-sharing group that comprises Australia, Canada, New Zealand, the United Kingdom, and the US, and the plan to set up a NATO liaison office in Tokyo was aimed at facilitating this.

But with that plan stalled, due to the opposition of some NATO members, the Fumio Kishida government has been prompted to take a new tact.

According to Japanese media reports, it intends to build an intelligence network to deal with cyberattacks with countries and regions in the “Indo-Pacific” region. It will begin by building cyber defense capabilities for vulnerable Pacific Island countries, and eventually establish a system that can share information about the symptoms and methods of attacks. This has in part been prompted by the hybrid warfare in Ukraine, where cyberspace…

Source…

Iranian hacking group impersonating nuclear experts to gain intel from Western think tanks

July 6, 2023/in Computer Security

A cyber espionage group linked to the Iranian government has been impersonating think-tank employees to phish Middle Eastern nuclear weapons experts, according to researchers at Proofpoint.

The group — called “TA453,” “Charming Kitten” or “APT35,” depending on the threat intelligence service you’re relying on — has a long track record of targeting U.S. and European government officials, politicians, think tanks and entities involved in critical infrastructure.

The latest campaign detailed by Proofpoint dates from March to May of this year and begins with benign emails that seek to establish a rapport with foreign policy researchers in the West.

Those initial emails were later followed by phishing emails that link to a password-protected DropBox URL, ostensibly to access the research. Instead, it executes .RAR and LNK files and run a PowerShell script that installs a backdoor on the victim’s system, before calling out to a cloud hosting provider for additional malware payloads.

Full infection chain for GorjolEcho, one of the malware payloads deployed by Charming Kitten (Source: Proofpoint)

Joshua Miller, senior threat researcher at Proofpoint, told SC Media the campaign appears to be extremely targeted: thus far they are aware of fewer than 10 individuals who received phishing emails from the group. Miller said their visibility over the campaign is restricted to data and follow-ups culled from Proofpoint customers, and that none were successfully infected.

It’s not the first time Charming Kitten, which U.S. officials have linked to Iran’s Islamic Revolutionary Guard Corps’ intelligence organization, has targeted think tanks and other research institutions, seemingly in an effort to gather intelligence about Western foreign policy decision-making. While the group has targeted government officials in the past, they may find it easier to obtain some of the same information they’re looking for by targeting and compromising parties at the edge of those discussions.

“When we see them go after think tanks [and] academics, basically they’re informing the policy positions of the West and governments for nuclear sanctions or diplomatic policies. The idea is that that…

Source…

Google PassKey Next Gen Security Eliminates 2FA & Sim Swap Scam | How To Use Feature & Sign In Now

May 16, 2023/in Video

Intel Boot Guard private keys have reportedly leaked, compromising the security of many computers

May 7, 2023/in Computer Security

It seems like every other day there are scumbags out there perpetrating a new hack, taking advantage of a vulnerability or trying to extort people with ransomware. MSI is the latest victim, with hackers leaking material stolen from a breach of MSI’s systems last month (opens in new tab).

This one has the potential to be serious. According to tweets by Alex Matrosov (opens in new tab), the founder of Binarly (opens in new tab), at least some of the previously stolen 1.5TB of data has been leaked. The data includes private keys, some of which appear to be Intel Boot Guard keys. The leak of such keys doesn’t just affect MSI systems, but those from other vendors too, including Lenovo and Supermicro.

Boot Guard is a cryptography technology designed to protect PCs from executing fake UEFI firmware or modified BIOS. Should an attacker bypass these checks, they could gain full access to a system, access secure data or use it for any number of scummy purposes.

The use of UEFI keys is especially concerning given the risk of so-called secondary downloads. Using traditional phishing or email delivery techniques, any malware developed subsequent to a firmware update using these keys would appear to be genuine, and antivirus software would ignore it.

Your next machine

Best gaming PC (opens in new tab): The top pre-built machines from the pros
Best gaming laptop (opens in new tab): Perfect notebooks for mobile gaming

The release of the data comes after a group calling itself Money Message claimed responsibility for the breach of MSI’s internal systems (via Bleeping Computer (opens in new tab)). The group demanded a $4,000,000 payment from MSI. The release of the data would suggest that MSI didn’t pay up.

The fallout from this leak will take time to analyze, not to mention the time it could take to develop mitigations. We can expect statements from the relevant parties in the coming days.

In the meantime, take care and avoid downloading any BIOS, firmware, or system apps from anywhere other than the official sites. That goes for all system software, not just MSI’s.

Source…

Tag Archive for: intel