🔥 APT28 Goes Phishing

The Russia-linked threat actor has been linked to multiple ongoing campaigns in Europe, the South Caucasus, Central Asia, and North and South America.

Good Morning. In a development that surprised absolutely no one, Vladimir Putin has been re-elected as the President of Russia.

In the aftermath of his electoral win, Putin has strongly reaffirmed Russia's stance on its military activities in Ukraine, including the consideration of a "buffer zone" aimed at reducing Ukrainian strikes and forestalling incursions into the country.

THE BOTTOM LINE UP FRONT

APT28 Spreads Global Net in Massive Phishing Scheme

Extending global ambitions, APT28, a Russia-linked threat actor, is executing phishing campaigns with documents mimicking various organizations across multiple regions, as detailed in a recent IBM X-Force report.

Magnitude of the Campaign: APT28, also known by multiple aliases including Fancy Bear and Sofacy, is conducting widespread phishing campaigns across various global regions, spanning the Americas, South Caucasus, Europe, and Central Asia, and using documents that mimic those from governments and NGOs.

Exploiting Conflicts: APT28 has targeted entities in Ukraine, Poland, and others with phishing attacks to deploy malware and steal information, leveraging the Israel-Hamas conflict and exploiting Microsoft Outlook vulnerabilities.

Exploiting tactics involve the use of custom backdoors and information stealers, alongside techniques to capture and misuse NTLMv2 hashes.

INTERNATIONAL SECURITY & DIPLOMACY

Counterterrorism

  • Pakistan acknowledged conducting anti-terrorist operations in Afghanistan in retaliation to an attack that killed seven Pakistani soldiers, an action the Taliban criticized for resulting in civilian casualties.

  • Israeli forces killed a senior Hamas commander during a operation to retake Gaza City's Al-Shifa Hospital. Despite initial control, Israel faces resistance across Gaza, signaling preparations for further military actions in Rafah, south of Gaza.

  •  A 20-year-old student from Liverpool, Jacob Graham, motivated by anti-government sentiment and ecological concerns, has been sentenced to 13 years in a young offenders' institute for writing and distributing a guide on using bombs, guns, and poisons.

  • Basel Bassel Ebbadi, a 22-year-old Lebanese migrant caught in Texas near the Mexico border, claimed to be a Hezbollah member intending to create a bomb in New York.

Military & Defense

  • South Korea's defense minister revealed that North Korea has sent approximately 7,000 containers of munitions and military equipment to Russia since last year to support its war in Ukraine.

  • Ukrainian lawmakers are debating a crucial bill far from the front lines that could significantly impact the war's outcome by potentially raising up to half a million new soldiers, thereby increasing the country's army size by 50%.

  • The Japanese government is moving to permit the export of a stealth fighter jet being developed in collaboration with the United Kingdom and Italy, marking a significant shift in Japan's post-war security and export strategy.

Cybersecurity

  • Since launching its vulnerability disclosure program in November 2016, the DoD Cyber Crime Center has processed over 50,000 submitted vulnerabilities. The program encourages ethical hacking to identify and fix security flaws.

  • Nadav Aharon-Nov, CTO and co-founder of KTrust, reported vulnerabilities to Argo in September 2023, which Argo plans to fix in a future product update. Aharon-Nov emphasized the discovery as a reminder for continuous security protocol enhancement.

  • The International Monetary Fund (IMF) is investigating a cybersecurity breach detected on February 16 that compromised internal email accounts. Remediation actions were taken following an investigation with independent cybersecurity experts.

Counterintelligence & Espionage

  • U.S. government researchers found no significant evidence of brain injury in federal employees experiencing "Havana syndrome" symptoms, according to medical journal studies, in a discovery at odds with previous findings.

  • Six countries, including Finland, Germany, Ireland, Japan, Poland, and South Korea, have joined an international initiative against the misuse of commercial spyware. This expands a coalition that already includes the U.S. and 10 other countries advocating for spyware regulation.

  • The U.S. is still uncovering the scope of a Chinese espionage campaign against American infrastructure, an NSA official revealed. Efforts to address threats from the Chinese hacking group Volt Typhoon are ongoing, Rob Joyce, the NSA's Cybersecurity Directorate outgoing director, announced.

  • China's foreign ministry , following disclosures of a covert operation against Beijing authorized by former President Trump, accused the U.S. of "spreading rumors” against the PRC.

Transnational Organized Crime

  • Gangs launched deadly attacks in two affluent neighborhoods of Haiti's capital, killing at least a dozen and looting homes in Laboule and Thomassin. Despite previous peace, these areas were overwhelmed by violence that has surged across Port-au-Prince since February 29.

  • Sandu Boris Diaconu, a 31-year-old Moldovan, was sentenced to 42 months in U.S. prison for running E-Root Marketplace, a site selling compromised credentials.

  • Filipino police rescued 875 individuals, including 504 foreigners, from a firm disguised as an online gaming company but actually a forced labor camp for romance scam operations, in a raid on the Tarlac Pogo firm.

SCIENCE & TECHNOLOGY

Electric vehicles with built-in camera drones have debuted in China, a feat that has impressed the West, as automakers in the Western world still consider copters in vehicles to be concept material.

Fancy Flights: Camera drones are aimed at drivers wanting to capture videos of themselves driving, and are part of the long list of luxuries being added to Chinese EVs. Drone flights can be voice-controlled for safe operation.

Dream Day: At present, Chinese automakers have only highlighted the value a camera drone brings content creators, amplifying partnerships at 2024 Dream Day product launch at automaker BYD’s Shenzhen headquarters earlier this year.

In other news…

🐶 The United States Air Force, collaborating with Asylon, showcased robotic dog capacities during the first Synchronized Nuclear Readiness Operations Training, held at MacDill Air Force Base in Florida on March 6, 2024.

📲 The CSL Group unveiled Resilient SIM, also known as rSIM, which could reportedly be the “next big thing” in mobile and IoT cellular communication. rSIM was unveiled at MWC in partnership with Deutsche Telekom IoT and Tele2 IoT, showcasing “always on” connectivity.

🌊 The Barcelona-based sustainable food technology developer Poseidona is working on converting invasive algae and seaweed into proteins.

DEALS & FUNDING

An Apple-Google team up is in the exploration phase, as Apple seeks to put Gemini-powered features on iPhones, Bloomberg reported.

Leveraging Gemini: Apple is in discussions to integrate Google's Gemini AI into upcoming iPhone features, exploring licensing agreements to enhance its software capabilities. This move, alongside considerations to use OpenAI's model, highlight’s the company’s strategic shift towards leveraging advanced AI technologies in Apple's ecosystem, potentially transforming user experiences and setting new industry standards.

Markets React: Alphabet shares rose over 4% with news that Apple is negotiating to integrate Google's Gemini AI suite into future iPhones. These discussions reportedly aim to license Gemini for new iPhone features set to launch later this year, slightly boosting Apple's stock by under 1%.

In other news…

🚀 Algeria is reportedly buying four WJ700 drones from China, that are undergoing a final testing face and will soon be commissioned. The drones are developed by Haiying General Aviation Equipment, a subsidiary of China’s state-owned defense entity China Aerospace Science and Industry Cooperation (CASIC).

💸 Cisco has completed the process for a $28 billion acquisition of Splunk. Shares of Splunk were bought by Cisco at $157 per share in cash.

🦾 App analytics leader Sensor Tower acquires its rival Data.ai, in a move to consolidate the mobile intelligence industry and create a powerhouse within the space.

🌱 Zone, a blockchain fintech in Nigeria, has raised $8.5M in seed funding to scale its decentralizing payments infrastructure and enable digital currencies acceptance.

LOOKING FOR MORE CONTENT?

Check out our Podcasts:

The America Builds podcast sits at the nexus of national security, technology, and venture capital. We highlight the brilliant operators and investors pushing the boundaries of frontier technology.

Hosted by Will Allen and Hayley Menser.

Stay tuned for our brand new podcast Safehouse coming soon!

Join Our Covert Communities:

Syndicate by Frontsight: Engage with like-minded strategists, tech enthusiasts, and defense mavens.

Range 400: Entry is exclusive, and for those chosen, the doors to unparalleled knowledge and network open wide.

What'd you think of today's edition?

Login or Subscribe to participate in polls.