Subterms
A list detailing the top 25 “most dangerous” software flaws, some of which could allow attackers to take over a system, has been published The list was developed by the Homeland Security Systems Engineering and Development Institute, sponsored by the Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE. It uses Common Vulnerabilities and […] More
Image: Dzelat/Shutterstock Scammers or criminals are using deepfakes and stolen personally identifiable information during online job interviews for remote roles, according to the FBI. The use of deepfakes or synthetic audio, image and video content created with AI or machine-learning technologies has been on the radar as a potential phishing threat for several years. ZDNet […] More
Cyberattackers are targeting rare earth mining companies in a new campaign designed to keep China in a dominant market position.On June 28, Mandiant published new research into Dragonbridge, a misinformation program focused on disrupting rare earth facilities. The rare earths market is driven by demand for consumer products, including smartphones and PCs, due to their role in the development of electronics, circuit boards, and batteries. The aerospace and military tech industries also rely on rare earth supplies. China is one of the world’s largest exporters of rare earth elements. Despite the country’s current dominant position, the Dragonbridge group, known to promote the political interests of the People’s Republic of China (PRC), is working to disrupt suppliers and rare earth processors outside of the country. Dragonbridge is a vast network comprising thousands of accounts on numerous social networks and communication channels. According to Mandiant, the network has been active since 2019, twisting and publishing narratives online that benefit China’s ruling party. However, recently, the researchers have monitored a change in tactics, leading to an expansion into misinformation campaigns targeting mining companies. Among the firms on the target list are Australian mining company Lynas Rare Earths Ltd. Now, Dragonbridge is turning its attention to Canada and the United States. This month, the misinformation group was linked to propaganda activities focused on tarnishing the reputations of Canada’s Appia Rare Earths and Uranium Corp., as well as USA Rare Earth. Specifically, the group appears to be promoting material in criticism of new mining and production facilities. Appia has located a potential site for mining in Northern Saskatchewan, Canada, while USA Rare Earth intends to construct a new facility in Oklahoma later this year. The misinformation network runs thousands of fake accounts on platforms including Facebook and Twitter. The majority of content is posted by fake concerned US “citizens” in English, with a scattering of posts also written in the Chinese and Malay languages. A potential reason for this shift in tactics is the US 2022 Defense Production Act (DPA) Title III. The act has been signed by US President Biden to encourage the domestic production of rare earths and other materials, thereby lessening reliance on exports from other countries, including China. It should also be noted that companies targeted by Dragonbridge are large enough that they could potentially threaten China’s dominant position in the future. “While the activity we detail here does not appear to have been particularly effective and received only limited engagement by seemingly real individuals, the campaign’s microtargeting of specific audiences suggests the possibility of using similar means to manipulate public discourse surrounding other US political issues to the PRC’s advantage,” the researchers said.Mandiant has contacted the companies at the heart of Dragonbridge’s campaigns, alongside the social networks used by the group to promote its narratives. “An economic decoupling with China will only encourage more victimization of the private sector by Chinese actors,” commented John Hultquist, VP of Mandiant Intelligence. “Unfortunately, businesses will be on the front lines of a fight that may not be fair.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More
Software Bill of Materials (SBOM)s aren’t optional anymore. If we really want the applications we’re running in containers to be secure, we must know what’s what within them. To make that easier, Codenotary, a leading software supply chain security company, is launching its new SBOM Operator for Kubernetes in both its open-source Community Attestation Service and its flagship service, Codenotary’s Trustcenter.
Open Source
An SBOM (pronounced S-Bomb) is a record containing the details and supply chain relationships of the components used in building software. Since most programs today are made by assembling existing open-source and commercial software components, it’s essential to know the name and specific versions of all these elements. For instance, a program using Apache Log4j2 versions 2.17.0 is vulnerable to Log4Shell attacks. One using Log4j2 2.17.1 or newer is as safe as houses. Now, you could check for that and thousands of other potential vulnerabilities by hand, or you could turn to a service like Codenotary’s new offering. I know which one I’d pick. The SBOM Operator for Kubernetes mitigates the risk of software supply chain attacks by tracking all software and software dependencies running in Kubernetes. It does this by generating SBOMs of your running container images and maintaining up-to-date records of all builds, and dependencies. SBOM Operator builds its SBOMs using its own SBOM generator. When a new vulnerability shows up — and trust me, one will — this lets you know that it’s time to make a fix when dangerous or vulnerable artifacts are detected.To make this keep working properly, Codenotary continuously updates its SBOM records, This data is kept in its open-source speedy, immutable database, Immudb. This is a zero-trust tamper-proof, auditable database. The container image files are kept in a Git repository.Codenotary claims this information is instantly available for search. With it, you can locate the software artifacts in your code in seconds. The program also keeps a history of verified image content changes.”By itself, the SBOM is not very useful without continuously being updated and maintained as the information is deprecated with every new deployment or update,” said Dennis Zimmer, Codenotary’s co-founder and CTO. “Now, users know exactly what is running in containers, with the most recent information, so they have the ability to immediately remediate something if necessary.”SBOM Operator’s chief programmer, Christian Kotzbauer, said, “I am pleased to contribute to the wider adoption and use of SBOMs with the Codenotary integration in my Kubernetes operator, especially the additional security, timestamp, and search capabilities across the infrastructure were key to developing the extension. This is another step forward in Codenotary’s efforts to provide comprehensive tools for cataloging and securing the software development lifecycle. Its programs and services, both free and paid, deserve Kubernetes developers’ attention.Related Stories: More
Ransomware is the biggest cybersecurity threat facing the world today, with the potential to significantly affect whole societies and economies – and the attacks are unrelenting, the head of the National Cyber Security Centre (NCSC) has warned. “Even with a war raging in Ukraine – the biggest global cyber threat we still face is ransomware. […] More
Getty Images Welcome to the latest installment of Ask ZDNet, where we answer the questions that make your IT guy reach for the Tums. In the mailbag this week: A user wants to get through one workday without having to recharge their laptop battery. As you’ve discovered, there’s really no industry standard to measure battery […] More
Getty Images/Nitat Termmee Many businesses will fail to see the benefits of their zero trust efforts over the next few years, while legislation around paying off ransomware gangs will be extended and attacks on operational technology may have real-life consequences, according to set of cybersecurity predictions. The list comes from tech analyst Gartner, which said […] More
StackCommerce The following content is brought to you by ZDNet partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. ZDNet Recommends Cybersecurity is one of the tech sector’s most rewarding fields, which likely won’t change as long as big companies have data to protect. Unfortunately, it’s also […] More
