A classified report by the National Intelligence Council found that even a large-scale assault on Iran launched by the United States would be unlikely to oust the Islamic republic’s entrenched military and clerical establishment.....
🔗 www.washingtonpost.c...
The White House is blocking the FBI and top US intelligence agencies from warning law enforcement across the country about new terror threats to the homeland tied to the war with Iran.
🔗
As the Berlin Wall fell, FBI counterintelligence confronted a Soviet Bloc deep-cover spy in San Francisco. It would help set off an explosive chain of events leading to a shocking gambit by a European intel chief.
🔗 www.politico.com/news/magazin...
Growing Surveillance in America 👇
"The laws will lead to more data being collected on kids, which predatory companies can then use to target them in a more invasive way".
✍️ Taylor Lorenz for #TheIntercept.
Read her report 🔗 interc.pt/4szOqfP
The FBI and European partners dismantled Leakbase, a cybercrime forum with 142,000+ members. "Operation Leak" spanned 13 arrests, 100 law enforcement actions across a dozen countries, and full seizure of the forum:
🔗
Now, they’re using Mobile Fortify, an app that allows officers to photograph a person’s face and immediately query DHS databases for matches on anyone they snap a picture of.
READ the full report 👇
🔗
Palantir prove DHS with wide range of surveillance software, that combine location data (harvested from apps on people’s phones), cellphone tracking tools (stingrays), license plate readers, social media posts, etc.
Some are not new, but the way it’s being deployed is new.
And in February, reports emerged that data analytics firm Palantir landed a new five-year, $1 billion software purchase agreement with DHS.
🔗
DHS is now looking to consolidate its various facial recognition and fingerprint databases into a single biometric platform, according to recent reporting by Wired.
🔗
In early February, Sen. Ed Markey (D-Mass.) and other Democratic lawmakers announced the ICE Out of Our Faces Act to “stop this unaccountable, authoritarian use of facial recognition technologies.”
🔗
US DHS quietly removed a Biden-era policy from its website that outlined oversight & privacy safeguards for facial recognition & other biometric tools.
“This is taking a big & very scary step toward a kind of totalitarian checkpoint society,” a privacy advocate warns...
US DHS quietly removed a Biden-era policy from its website that outlined oversight & privacy safeguards for facial recognition & other biometric tools.
“This is taking a big & very scary step toward a kind of totalitarian checkpoint society,” a privacy advocate warns...
371 digital rights advocates, including a Turing Award winner, issued a letter against the age verification laws, the very foundation for global surveillance Infrastructure.
As Edward Snowden said, #SurveillanceCapitalism is about power, not security.
🔗
Meanwhile, Chinese satellite imagery provider MizarVision can still supply near-real-time satellite images, meaning the information restriction from Western providers may have limited practical impact.
But, the imagery over Iran is not delayed.
The company says the measure is "temporary and meant to protect personnel and operations during the war."
U.S.-based satellite imagery company Planet Labs announced a temporary 96-hour delay on new satellite imagery over Gulf states, Iraq, and Kuwait during the current conflict "to prevent near-real-time analysis of damage to U.S. and allied military sites."
The transition towards vibe-coded malware, aka vibeware, has been characterized by Bitdefender as Distributed Denial of Detection.
In this framework, the objective is not to bypass security through technical brilliance, but to exhaust the defenders through automated volume.
9/9
The vibeware model also naturally facilitates the adoption of Living Off Trusted Services (LOTS) for both command and control and data exfiltration. In India's cyber defence enclaves, such strategies are studied & necessary improvement are deployed.
8/9
Despite these flaws, the vibeware model offers some strategic advantages... For example by adopting niche languages like Nim, Zig, or Crystal, the actor resets the detection baseline for security engines. This gonna increase the cost for the defenders at Cert-In & NCIIPC.
7/9
For example an instance where a basic Go binary was deployed to steal browser credentials, but developers left a template placeholder where the command and control (C2) URL should have been, meaning the tool could never actually exfiltrate data. Pakistan at its best 😂
6/9
Hence the campaign spreads polyglot implants in Nim, Zig, and Crystal and hides C2 inside Slack, Supabase, and Google Sheets.
Though limitations of this lazy approach are also obvious when looking at the malware fleet & IoCs...
5/9
Using niche languages like Nim, Zig, and Crystal, the actor seeks to evade standard detection engines while leveraging trusted cloud services, including Slack, Discord, Supabase, and Google Sheets, for command and control (C2).
4/9
This research highlight the growing influence of vibe coding & the transition of cyber actors toward #vibeware industrialization that allows the actor to flood target environments with disposable, polyglot binaries. Lazy buggers 😂
3/9
This research provides a direct look at the new reality of vibeware, an emerging malware category deployed by the Pakistani threat group APT36, primarily targeting the Indian government and diplomatic missions.
2/9
Researchers at the Romanian cybersecurity firm Bitdefender discovered Pakistan-aligned Transparent Tribe (APT36) is targeting Indian government entities with AI-generated malware. 😂 🤣
🔗 Inside: phishing chain, malware tools, and infrastructure →
businessinsights.bit...
1/9
From helium extraction in Qatar to shipping lanes in the Strait of Hormuz, the semiconductor industry depends on fragile links across the Gulf. Escalation could ripple through global chip production.
🔗
Check out this link for other essays from this series including by Susanna Blume, Veronica Daigle & Grace Newsom, & Frank Kendall.
www.cnas.org/the-new-amer...
U.S. defense indsutry is built for short, sharp wars not protracted ones. New from Jenny McArdle in the @cnas.bsky.social New American DIB series: allied manufacturing strength can close the gaps domestic industry can't fill fast enough.
cnas.org/publications/commentary/deterrence-at-scale
When I'm fired from my job, I too hope my boss softens the blow with a made up title like "Special Envoy to Shield of Americas" or some such...
