Notices by Lukasz Olejnik (lukaszolejnik@mastodon.social)

Russian cyber threat actor is targeting Ukraine military conscript system, trying to infect conscripts systems (Windows, Android, macOS, iOS) with malware, and spreading narratives and content to undermine support for Ukraine's war mobilization. https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives

Russia issued a monetary fine on Google: 2 undecillion rubles ($2,500,000,000,000,000,000,000,000,000,000,000) after refusing to restore the accounts of pro-Kremlin and state-run media outlets. https://www.themoscowtimes.com/2024/10/29/russia-fines-google-25-decillion-over-youtube-bans-rbc-a86846

Major Russian state media are down following to a cyberattack. "Online broadcasting and internal services are not working, there is no Internet or telephony". Reports of data destruction (including backups) and expectation of long down-time. Rossia 1 and Rossia 24 (TV), in addition to more than 80 regional television and radio stations https://www.gazeta.ru/tech/news/2024/10/07/24092647.shtml

Smart-glasses from Meta with an app to instantly discover identity & information (profession, address, etc...) about the person the wearer sees. On the street, on the metro, anywhere. Such times are coming? Everyone will know everything about everyone :) https://www.404media.co/someone-put-facial-recognition-tech-onto-metas-smart-glasses-to-instantly-dox-strangers/

GREAT change is approaching. NIST will standardise prohibition of requirement of composing passwords from various character styles, and requirement for periodic password changes. These are harmful and obsolete rules. Now they will be treated as a cybersecurity weakness https://pages.nist.gov/800-63-4/sp800-63b.html

A new career path in IT? Amazon AWS is recruiting NUCLEAR ENGINEERS. They are to do analysis of SMR reactor use and nuclear fuel. What's next, auctions of uranium, plutonium, others? It's changing. No longer talking exclusively about “renewable energy”. Checkout: up to $252,900.

Cyber security is a very broad field and industry today.

After four years of attempts, Google is backtracking from plans to phase out third-party cookies? https://privacysandbox.com/intl/en_us/news/privacy-sandbox-update/

My comment at WIRED about the global Windows outage. Our civilization depends on software, and that in turn depends on many other software components, of various vendors, suppliers. Something goes accidentally wrong, and a large part of the economy is affected or goes down. https://www.wired.com/story/microsoft-windows-outage-crowdstrike-global-it-probems/

#cybersecurity

Critical vulnerability in RADIUS protocol (=everybody vulnerable) allows forging authentication messages and unauthorized network access. This flaw is due to the use of an obsolete MD5 hash function, and a novel chosen-prefix collision attack.
"If you are an end user, there is nothing that you can or should do" https://www.blastradius.fail/pdf/radius.pdf

The joys of direct democracy! Today, June 9, 2024, a referendum is being held in 🇨🇭Switzerland🇨🇭 regarding the initiative "Pour la liberté et l’intégrité physique" (Stop mandatory vaccinations). This initiative demands that any state intervention in the physical and mental integrity of individuals requires their consent. This means that people who do not wish to be vaccinated cannot be forced to do so nor discriminated against for their choice.

Israel allegedly conducted cyberespionage operations on International Criminal Court (ICC) for 9 years. Allegedly to intimidate the ICC and disrupt investigations into potential Israeli war crimes in Gaza. https://www.theguardian.com/world/article/2024/may/28/spying-hacking-intimidation-israel-war-icc-exposed

Germany recalled its ambassador to Russia for 'consultations in Berlin' following an alleged cyberattack on German political party. Such consequences as a result of a cyberattack happened for the first time in history (world scale). https://apnews.com/article/germany-russia-hacking-ambassador-3de67e3b5ff0aaa0162e1cad36cb7a0b

In the 46-year-old Voyager 1, a processor failed, preventing data transmission. NASA devised a way to reallocate its functions to other hardware, sending an update 24.14 billion kilometers from Earth (taking 45 hours for round-trip communication). It works. https://blogs.nasa.gov/voyager/2024/04/22/nasas-voyager-1-resumes-sending-engineering-updates-to-earth/

My book 'PROPAGANDA: from disinformation and influence to operations and information warfare' treats the subject adequately, comprehensively, broadly, expertly. Information surrounds us. How does information influence work? An expert arrangement of the subject. https://blog.lukaszolejnik.com/propaganda-my-book-on-information-security/

#book #mybook #cybersecurity #propaganda #author #disinformation #informationsecurity

NASA remotely dumped and fetched memory contents of Voyager 1 (24,356,463,824 km from Earth). This is legal - Voyager 1 is not subject to any Earth's State jurisdiction. https://blogs.nasa.gov/sunspot/

The US military tracked Putin's movements. How? His comrades (advisers, drivers, etc.) had smartphones and were browsing the internet, using apps. Ads were displayed to them. And data traces from advertising networks revealed everything. https://www.wired.com/story/how-pentagon-learned-targeted-ads-to-find-targets-and-vladimir-putin/

Apple made a fast change and reverses course. Progressive Web Applications will be available in iOS/iPhone. Digital Markets Act works. The modest campaign helped. It's great that such big and influential companies listen to well-informed points!
https://developer.apple.com/support/dma-and-apps-in-the-eu/#browser-alt-eu
https://letter.open-web-advocacy.org/

Australian supermarket chain Pak'nSave introduced a chatbot suggesting recipes for budget-conscious shoppers with leftover ingredients. Unfortunately, the bit suggested a recipe that, if followed, would have resulted in the creation of a toxic chloramine gas. https://www.sbs.com.au/news/article/supermarket-chatbot-suggests-recipes-for-toxic-gas-and-poisonous-jelly/u4cw51rtw

Security vulnerability in... qsort. Yes, the glibc's sort algorithm. It's all over the place on systems running the Internet. "All versions from at least September 1992 are affected". That makes it a more 32 years old bug. https://www.openwall.com/lists/oss-security/2024/01/30/7