đŸ”„The Second Solar Winds Attack That Wasn't

What a near miss with xUtils revealed about the nation state risks to open source software

Good Morning. Yesterday marked the somber anniversary of D Day at the British Normandy Memorial, at Ver-sur-Mer, where a solemn ceremony was held, with an equally grave warning about the potential of war in Europe yet to come.

In attendance were British monarch King Charles III, the Prince of Wales, the American President Joe Biden, and Canadian Prime Minister Justin Trudeau, who are the leaders of the Allied powers whose predecessors launched the charge that day.

Aging warriors also made an appearance. Christian Lamb was honored as a “hero in the shadows,” as a now 103-year-old veteran of the Women’s Royal Naval Service, who helped D-Day landings from Winston Churchill’s secret war rooms out of London. Also in attendance was the 99-year-old Joe Mines who, as a youth 80 years before, had made his landing on Gold Beach.

There were others among the brave gathered who had lost limbs, but never spirit, as they made their way back to the place where they as one had paid in good faith on the principal debt of freedom for those who gathered before, and in 2024, and for those born free who have not yet breathed.

One U.S. Navy veteran, Robert “Al” Persichitti of Rochester, New York, died en route to the memorial, United States veteran services confirmed to the BBC, and so passed into the epochal memory of they brave whose sacrifice has forever hallowed those shores.

— 🐈‍⬛ Acoustic Kitty

THE BOTTOM LINE UP FRONT

A ‘Frightfully Close’ Encounter That Almost Became the Second Solar Winds Attack

Photo by US Cyber Command. It’s not only national defenders who are advised by experts to guard against nation state attackers at present.

The recent xz Utils backdoor incident was all too close to infecting the world because of malicious updates that were made to xz Utils, a “ubiquitous tool” that Ars Technica describes as “available on almost all installations of Linux.” The impact had the potential to cause similar devastation to the SolarWinds attack in 2020 that allowed Russian hackers to penetrate the core of many United States government agencies.

The attack was “frightfully close” to success, and was described by software and cryptography engineer Filippo Valsorda as perhaps the “best executed supply chain attack” that had been observed to date, Ars Technica reports.

Much of the internet’s crowdsourced code is vulnerable to infiltration by bad actors and nation-states. Open source software is at the “heart of the internet,” it is largely maintained by a handful of volunteers and that makes it a major security risk for corporations and governments alike, The Economist reported. Open source software is commonly deployed across digital infrastructure because of its low cost. That infrastructure, which is embedded across the digital world, is under attack by various enemy nation-states.


Want the whole story? Read it at Frontsight Media.

INTERNATIONAL SECURITY & DIPLOMACY

Counterterrorism

  • Nicholas Rasmussen, the U.S. counterterrorism chief, has resigned, leaving a significant vacancy at the Department of Homeland Security. Rasmussen, who has served in various high-profile national security roles including director of the National Counterterrorism Center, is stepping down amid ongoing efforts to counter domestic terrorism and violent extremism. His resignation was confirmed by DHS Secretary Alejandro Mayorkas, who praised Rasmussen's contributions and leadership during a critical period for the department. The DHS continues to refine its strategies against evolving terror threats.

  • French counterterrorism police have detained a man holding both Russian and Ukrainian citizenship, believed to be planning an attack. The arrest took place in Lyon, following an investigation that flagged the suspect’s connections to radical extremist groups. New counterterrorism efforts highlights the ongoing security challenges faced by Europe amid rising geopolitical tensions and the presence of foreign extremists. The detained individual is currently under interrogation as authorities assess the extent of his network and potential threats to public safety.

  • The United States recently concluded its largest annual military exercise in Africa, known as African Lion, which took place across Morocco, Tunisia, Ghana, and Senegal. The exercise involved approximately 8,100 military personnel from nearly three dozen countries. These drills mark the 20th anniversary of African Lion, included live-fire demonstrations, field hospitals, and humanitarian assistance operations, highlighting the U.S. military's commitment to a comprehensive strategy that extends beyond combat training to address underlying causes of instability such as climate change and displacement.

Military & Defense

  • On the sidelines of the Shangri-La Dialogue in Singapore, U.S. Defense Secretary Lloyd Austin and Chinese Defense Minister Li Shangfu held a significant meeting aimed at restoring military communications between their nations. Open dialogue comes amid escalating tensions in the Indo-Pacific region, particularly over the South China Sea and Taiwan. Sideline meetings marked the first face-to-face discussion between top defense officials from the U.S. and China since their communications broke down in 2022.

  • In his likely third term, Indian Prime Minister Narendra Modi is expected to further strengthen defense ties with the United States as part of a broader strategy to counter China’s growing influence. A deepening relationship is signified by significant defense deals, including a potential agreement for the joint production of fighter jet engines by General Electric and Hindustan Aeronautics Limited.

  • The U.S. Army is advancing its electronic warfare capabilities with a comprehensive new strategy designed to counter sophisticated threats and enhance battlefield effectiveness. This approach involves the integration of advanced technologies and the development of specialized units capable of conducting offensive and defensive electronic operations.

Cybersecurity

  • Bangladeshi police agents have been implicated in a scandal involving the sale of citizens' personal information on Telegram. The data breach reportedly exposed the personal details of millions of Bangladeshi citizens, including names, phone numbers, email addresses, and National Identification (NID) numbers. Information was made accessible through a specialized Telegram bot, allowing users to retrieve detailed personal data by inputting NID numbers and dates of birth.

  • Snowflake, a prominent cloud data platform, has been implicated in a series of significant data breaches affecting major companies like Santander Bank, Ticketmaster, and Advance Auto Parts. These breaches have reportedly exposed sensitive data of millions of customers. The breaches were linked to compromised accounts of Snowflake employees, where hackers used stolen credentials to gain unauthorized access to customer data.

  • Live Nation and Ticketmaster are facing a class action lawsuit following a data breach that allegedly exposed the personal information of 560 million customers. The suit, filed in a California federal court, accuses the companies of negligence and failing to implement basic security measures. The breach, linked to the hacker group ShinyHunters, reportedly includes sensitive customer details such as names, addresses, and credit card information. Plaintiffs seek compensation for increased risks of identity theft and emotional distress caused by the breach.

Counterintelligence & Espionage

  • Russian authorities have detained a French citizen on charges of espionage, according to the country's Investigative Committee. The individual, whose identity has not been disclosed, is accused of attempting to gather classified military information on behalf of France. The arrest underscores the heightened tensions between Russia and Western nations, particularly amid the ongoing conflict in Ukraine and escalating espionage activities.

  • Iranian authorities have arrested Hossein Shanbehzadeh, a prominent blogger, alleging he is a "fugitive Mossad agent" involved in insulting religious figures and having ties to Israeli intelligence. The arrest, reported by the IRGC-affiliated Tasnim News, occurred in Ardabil, northwestern Iran. The local prosecutor's office accused Shanbehzadeh of contacting high-ranking Mossad officers and having a history of disrespecting Shia imams.

  • Belarusian state-sponsored hackers, linked to the group UNC1151 also known as Ghostwriter, have been targeting Ukrainian and Polish military and governmental entities with a sophisticated cyber espionage campaign. According to Ukraine's Computer Emergency Response Team (CERT-UA), these hackers have been attempting to compromise email accounts of Ukrainian military personnel by sending mass phishing emails. The campaign aims to steal sensitive information and gain permanent remote access to compromised systems. The attacks have also involved the use of malicious Microsoft Office documents and downloader malware, including PicassoLoader and AgentTesla.

Transnational Organized Crime

  • Swedish rapper C.Gambino, born in 1998, was fatally shot in what police suspect was a gang-related attack in the city of Gothenburg. The incident has intensified concerns over gang violence in Sweden, which has seen a rise in such incidents in recent years. C.Gambino, whose real name was Karar Ramadan , ( not to be confused with the American artist Childish Gambino), was a well-known figure in the Swedish rap scene, with several chart-topping hits and a substantial social media following.

  • The United States has imposed sanctions on the Ecuadorian crime gang Los Choneros and its leader, JosĂ© Adolfo MacĂ­as Villamar, also known as "Fito." The sanctions, announced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), target the gang's involvement in drug trafficking, extortion, and murder, which have contributed significantly to the rising violence in Ecuador. New sanctions move to freeze any U.S. assets of Los Choneros and bars Americans from conducting transactions with them.

  • The bodies of Natalie Lloyd, 21, and Davy Lloyd, 23, a missionary couple from Missouri, were returned to their family on Friday after they were killed by gang members in Haiti’s capital, Port-au-Prince. The couple, along with Judes Montis, a local missionary director, were fatally shot last week after leaving a youth group activity at a church. Montis leaves behind a wife and two young children.

SCIENCE & TECHNOLOGY

Taken on 12 July 2023

NASA's Starling mission has successfully demonstrated the autonomous operation of a swarm of small CubeSats, marking a significant milestone in satellite technology. The mission, involving four CubeSats, tested complex swarm maneuvers, autonomous coordination, and communication without direct ground control. These advancements pave the way for future deep Space exploration missions, where swarms of satellites could self-navigate and conduct scientific experiments autonomously. The success of Starling represents a leap forward in making distributed spacecraft missions more feasible and cost-effective.

In other news


🩣 SpaceX successfully launched and landed its Starship rocket for the first time, marking a pivotal achievement in reusable spacecraft technology. The 400-foot-tall rocket took off from Boca Chica, Texas, completing a controlled descent and landing back on Earth, demonstrating the viability of its ambitious plans for future missions to the Moon and Mars. With a successful mammoth launch, SpaceX's progress highlights its rapid development in fully reusable spacecraft capable of carrying large payloads and passengers, significantly reducing space travel costs and paving the way for deeper Space exploration.

đŸ˜€ Arati Prabhakar, director of the White House Office of Science and Technology Policy, highlighted the U.S. strategy to maintain technological superiority over China. Speaking at a recent event, Prabhakar emphasized the importance of innovation and investment in emerging technologies to stay ahead in the global tech race. The U.S. is focusing on areas like artificial intelligence, quantum computing, and biotechnology, aiming to outpace China's advancements and secure economic and national security.

đŸ›°ïž NASA has decided against launching a rescue mission for the aging Hubble Space Telescope, opting instead to scale back its scientific operations due to deteriorating hardware. The decision marks a significant shift in NASA's approach to managing its legacy space observatory, which has been instrumental in many astronomical discoveries since its launch in 1990.

DEALS & FUNDING

Robinhood has announced its acquisition of Bitstamp, a major global cryptocurrency exchange, for $200 million. With acquisition moves, Robinhood is poised to expand its crypto offerings and enhance its presence in the international market. Bitstamp, founded in 2011 and known for its compliance and regulatory efforts, will provide Robinhood with a robust platform and a significant user base across Europe and other regions. Onboarding Bitstamp aligns with Robinhood's broader goal of diversifying its financial services and tapping into the growing cryptocurrency market.

In other news


📈 The technology sector is significantly outperforming the rest of the S&P 500 this year, driven by major advancements in artificial intelligence (AI) and strong investor enthusiasm for tech stocks. The "Magnificent 7" — Alphabet, Amazon, Apple, Meta, Microsoft, Nvidia, and Tesla — have collectively surged by 75% this year, far outpacing the broader market. These tech giants now account for nearly a third of the S&P 500's market capitalization, underscoring their dominant influence.

📍 Microsoft's $650 million deal with Inflection AI is under scrutiny by the Federal Trade Commission (FTC). The deal involves Microsoft paying $620 million to license Inflection's AI models and an additional $30 million to waive legal rights related to the hiring of Inflection's staff, including its co-founders. This arrangement, which resembles an "acqui-hire" without a full acquisition, has raised antitrust concerns due to its unusual structure and potential market implications.

đŸ€– Greylock Partners has led a $36 million financing round for cybersecurity startup Seven AI. This funding round also saw participation from other notable investors, including Lightspeed Venture Partners and Sequoia Capital. Seven AI, known for its advanced threat detection and prevention technologies, plans to use the funds to accelerate product development and expand its market presence. The investment underscores the increasing importance of cybersecurity solutions amid rising cyber threats and highlights Greylock's continued focus on backing innovative technology companies in the cybersecurity space.

LOOKING FOR MORE CONTENT?

Check out our Podcasts:

The America Builds podcast sits at the nexus of national security, technology, and venture capital. We highlight the brilliant operators and investors pushing the boundaries of frontier technology.

Hosted by Will Allen and Hayley Menser.

Stay tuned for our brand new podcast Safehouse coming soon!

Join Our Covert Communities:

Syndicate by Frontsight: Engage with like-minded strategists, tech enthusiasts, and defense mavens.

Range 400: Entry is exclusive, and for those chosen, the doors to unparalleled knowledge and network open wide.

What'd you think of today's edition?

Login or Subscribe to participate in polls.