The Danger of Weaponizing Disinformation: The controversial actions of the global disinformation index
The Global Disinformation Index (GDI) has been making headlines recently for its controversial actions in pressuring tech giants like Google to cut advertising from conservative websites that dared to give credibility to the COVID-19 lab leak theory.
Despite subsequent proof supporting the theory, the GDI continued its censorship campaign, previously overseeing the blacklisting of so-called “conspiracy theories” surrounding COVID-19.
With the help of the State Department-backed group National Endowment for Democracy, the GDI received $665,000 in funding to further its mission. Using a secret “dynamic exclusion list,” the group targeted and froze out conservative sites from receiving ad revenue.
Even Microsoft felt the pressure to suspend its partnership with the group after the GDI used its Xandr advertising and analytics subsidiary to silence conservative voices.
But as the lab leak theory gained more traction and credibility, the GDI’s actions became increasingly exposed. The Department of Energy and the FBI eventually came forward to support the theory, leaving the GDI’s censorship efforts in the spotlight.
Sadly, this is just one example of how pressure can be used to suppress investigation and silence important discussions around the origins of COVID-19. Former State Department official Mike Benz criticized the GDI’s tactics as part of a “disturbing constellation of pop-up censorship organizations” working to stifle online discourse around COVID origins.
The need for transparency and accountability in non-profit organizations that are backed by government agencies is more important than ever.
The GDI’s actions have highlighted the dangers of weaponizing hysteria over “fake news” and “disinformation” to justify censorship and cover-ups. As we continue to navigate the pandemic, it’s crucial that we have an open and honest dialogue, free from undue pressure and influence.
The GDI’s actions raise questions about the role of non-profit organizations in shaping public discourse and the potential influence of government-backed groups. It is a reminder of the need for transparency and accountability in all institutions, especially those that claim to be working for the greater good.
Read: https://www.zerohedge.com/political/state-department-funded-censorship-group-punished-conservative-websites-circulating-lab
The Effect of the Ukraine War on Cyberspace and Cyber Crime
Russia’s war in Ukraine has left an indelible mark on every aspect of cyberspace, says a new report by Recorded Future. Under the shadow of war, the report stipulates that online cybercrime activity seems to have entirely reorganized itself. Alex Leslie, associate threat intelligence analyst at Recorded Future, told Dark Reading that he believed that this was at least partially due to mass emigration caused by the war: “Some threat actor groups based in Ukraine…fled when the war began, similar to their Russian counterparts.”
Using the case study of Mark Sokolovsky (the core developer of the information stealing malware, Raccoon Stealer), Leslie argues that this case is “indicative of a larger trend in which threat actors have fled Russia, Ukraine, and even Belarus to avoid (conscription).“
The war has also led to a “brain drain” in Russia, with IT and cybersecurity professionals escaping to neighboring Georgia, Kazakhstan, Finland, and Estonia, and causing a depletion in Russian hacker reserves. “What we identify is that the overall volume of activities, particularly on Russian cybercriminal forums, marketplaces, and social media channels, has decreased dramatically in waves,” says Leslie. He further comments that all of this has contributed to the overall decentralization of cybercrime activity.
Where Russian and Ukrainian cybercriminals used to once work together, the war has also led to significant infighting between previous allies. The authors of Recorded Future write that “the so-called ‘brotherhood’ of Russian-speaking threat actors located in the CIS (Commonwealth of Independent States) has been damaged by insider leaks and group splintering.” Alex Leslie also commented on the major hit that Russian-language Dark Web marketplaces have taken due to the war. He speculated that “the epicenter of cybercrime may shift to English-speaking Dark Web forums, shops, and marketplaces over the next year.“
Read: https://www.darkreading.com/analytics/ukraine-war-fault-line-cybercrime-forever
Concerns over US federal funding for the compilation of the Global Disinformation Index
The National Endowment for Democracy (NED), which has been providing US federal funding to the compilation of the Global Disinformation Index (GDI), contacted the American attorney, legal scholar, and commentator Jonathan Turley to inform him that it would no longer be funding the GDI. This information came on the back of a column Turley had published in The Hill that suggested that the NED should also come under broader investigations by Congress, so that Americans could fully understand the extent of free speech censorship in their country.
The GDI allegedly used biased analyses to target conservative and libertarian sites as sites of dangerous disinformation. In fact, all ten of its “riskiest” listed sites are websites that are more popularly visited by conservatives. Jonathan Turley states that his greatest concern is how the GDI contributes to a broader effort to target non-liberal voices on the Internet and why further congressional investigation is warranted.
“After yielding to an outcry over the creation of the Disinformation Governance Board, the Administration disbanded it. It never mentioned that a far larger censorship effort was being carried out with an estimated 80 federal employees in targeting citizens and others. While the GDI effort is smaller in comparison and effect, it is an additional facet of this effort.”
When reaching out to Turley, the NED wanted to put on record that the decision to fund GDI was its own choice and not directed by the Biden Administration. Turley made the addendum to his column but still stood by his concern that federal funding was being provided to organizations that minimize free speech.
The NED confirmed that “given our commitment to avoid the perception that the NED is engaged in any work domestically, directly or indirectly, we will no longer provide financial support to GDI.”
Read: https://www.zerohedge.com/political/state-department-funded-censorship-group-punished-conservative-websites-circulating-lab
Hackers used Namecheap’s email system to send fake DHL and Metamask phishing emails
Hackers compromised the Namecheap email system and sent fake MetaMask and DHL delivery status notification emails to customers, requesting their personal and crypto wallet information. The hackers impersonated MetaMask and requested the victims to complete the Know Your Customer (KYC) verification process to avoid losing access to their crypto wallets.
Richard Kirkendall, CEO of Namecheap, suggests the hack most likely came from MailChimp, SendGrid, and Mailgun API leaks. “We have evidence that the upstream system we use for sending emails (third-party) is involved in mailing unsolicited emails to our clients. As a result, some unauthorized emails might have been received by you,” said the domain registrar.
Criminals have gained access to legitimate email accounts and are sending phishing emails. These emails bypass gateway filters and reach the victims’ inboxes, said Javvad Malik, lead awareness advocate at KnowBe4.
Despite having SendGrid headers in the phishing emails, Twilio, SendGrid’s parent company denied ever being responsible for the Namecheap hack and recommended a multi-pronged approach to protect accounts and email phishing attempts. In the meantime, Namecheap deactivated all SendGrid emails, including code delivery, two-factor authentication, device verification, and password reset requests, and terminated the phishing link embedded in the phishing emails. Namecheap also assured its customers that their products and account information remain secure.
Read: https://www.cpomagazine.com/cyber-security/namecheap-email-system-hacked-to-send-dhl-and-metamask-phishing-emails/
Crypto Exchange Coinbase Foils Hacker’s Attempt to Breach System Through Employee Credentials
Hackers tried to breach Coinbase, a cryptocurrency exchange platform, by stealing login credentials from one of its employees. Luckily, multi-factor authentication (MFA) saved the day, and the hacker only got contact information for multiple Coinbase employees, with no impact on customer data or funds.
The hacker sent SMS messages urging several Coinbase engineers to log into their accounts to read important messages, with one employee falling for the trick and giving away their credentials.
The hacker then tried and failed to gain access to Coinbase’s internal systems, but they called the victim, pretending to be from Coinbase IT, and instructed them to log in to their workstation and follow instructions.
Luckily, Coinbase’s CSIRT team detected the attack within ten minutes and contacted the victim to investigate. Coinbase has shared its investigation findings to help other companies defend themselves against similar attacks.
It’s not just Coinbase that’s a target for hackers. Cybersecurity company Group-IB reported that nearly 1,000 corporate access logins were stolen by a hacker who sent phishing links via SMS to company employees.
Companies that manage digital assets and have a strong online presence are more likely to be targeted by social engineering actors. Coinbase recommends using MFA protection and physical security tokens to safeguard consumer and corporate accounts.
Read: https://www.bleepingcomputer.com/news/security/coinbase-cyberattack-targeted-employees-with-fake-sms-alert/
Calling all Amiga fans!
easyDNS’s own Chief Technology Officer Ranko Rodic is reviving a part of retro computing. Namely Amiga.
He is producing brand new systems, with his own improvements, that can run all of Amiga’s software, at times faster and better than the original hardware. He calls it the MiniMig.
He visits retro computing conferences and presents his creations.
Have a look at his presentation from World of Commodore 2022.
See: https://m.youtube.com/watch?v=686rwv2R5pQ
If you’re interested in more, his website is: https://www.MiniMig.ca/
Elsewhere online:
PlugX Malware Masquerades as Legitimate Windows Debugger Tool to Evade Detection and Take Control
Read: https://thehackernews.com/2023/02/plugx-trojan-disguised-as-legitimate.html
New Edgio Security Platform Delivers Full Spectrum DDoS Protection
Read: https://www.darkreading.com/application-security/edgio-strengthens-security-offering-with-waap-enhancements-and-ddos-scrubbing-solution
North Korean Threat Actors Allegedly Behind RambleOn Malware Malware Targeting South Korean Journalists’ Android Devices
Read: https://thehackernews.com/2023/02/experts-warn-of-rambleon-android.html
The Art of Deception: Earth Kitsune Lures Victims with Social Engineering Tactics to Deploy WhiskerSpy Backdoor
Read: https://thehackernews.com/2023/02/north-korean-cyber-espionage-group.html
Pakistani Threat Actor, SideCopy, Deploying Backdoor ReverseRAT to Target Indian Government Agencies
Read: https://thehackernews.com/2023/02/researchers-warn-of-reverserat-backdoor.html
My guess is Edward Bernays.