Seems like everything is Russia, Russia,
Russia. Yeah. One thing I read that might be interesting is that, there's a, hacking group that was started that's recruited? 300,000. Hackers to support Ukraine
I saw, Russia revoked all the anti-piracy laws. Did you hear about that? So now people can pirate, movies and music and all that. Legally.
That's crazy Yeah. This was on the guardian, 300,000 volunteer hackers come together to fight Russia. Yeah. So apparently there's this big, recruitment on the, telegram chat app and it's called the it army of Ukraine. It says through which participants are assigned tasks designed to take the fight to Putin and try to level the playing field between one or two of the world's superpowers. And Ukraine is a faceless bombardment and innovation.
This was an interesting one. So yesterday apple released 39, fixes for security defects and iOS. I've got O S Mac oh S cause they found security vulnerabilities in all of their operating systems. Macko has Catalina VIX or Monterey T V O S watcher west iTunes in X code 39. Documented vulnerabilities. I could have. Lead to a remote code execution attacks. If an iPhone user opens a malicious PDF file or views malicious web content.
Geez. That's a big one.
Yeah.
Yeah, so definitely update your iPhone and your Mac. here's a good one. nearly 34 ransomware variants observed and hundreds of cyber attacks in
quarter four of 21.
Oh, happy Tuesday, I guess it is patch Tuesday. Isn't it. So launch off with patch Tuesday and the, huge, 39 documented iOS and iPad vulnerabilities that are patched in iOS 15.4, iPad iOS 15.4, as well as Macco S so basically update, update, reboot, and update again.
That's a big one.
I think the 300,000 volunteer hackers is interesting too. So the there's a 300,000 volunteers that have signed up on the telegram channel to support Ukraine and fight Russia. In the guardian this morning,
So let's topic today.
I think it's, more cyber headlines of the day. I don't think there's a singular topic. BJ. Did you figure anything out today?
just that thing I sent about the government visiting the whole topic of cloud security and, people doing their part. the wording was government anxiety returns about the clouds.
I think the big thing was the 300,000 volunteer hackers supporting Ukraine.
I think that, that I didn't even see. So that is a really big deal that ties into what you were talking about yesterday, Craig, about the people doing something and that's actually a nonviolent way. So
yeah, if it attacks. Scotto, what happened with Stuxnet? They could be pretty devastating, I guess. I don't know what the, orchestration of that is, but it's certainly, for the good, ultimately
So tell us what happened. Again.
300,000 hackers have banded together to help support Ukraine, defend and fight against Russia.
Well, that's cool. And how are they doing that? Exactly.
They set up, a telegram channel for the recruitment and this was published in the guardian.
Do you know the origins of it?
they're kind of anonymizing some of it for obvious reasons, but I could tell you that it's called the it army of Ukraine.
Oh, wow. Really? That's quite a name.
they said that there have already been successful in disrupting Russian web services. According to net blocks. So since the availability of websites of the Kremlin and Duma Russia's lower house of parliament have been intermittent since the invasion started state owned media services, several banks in the energy giant Gazprom have also been targeted. So it's basically crowdsourcing cyber attacks.
Wow.
Organized anonymous, cyber attacks.
Yeah, there's a guy, on Twitter in this article, I don't know how to say his name. M Y K H a I L O. Is that how you say it? And the Kelly L Federoff, F E D O R O V.
And what's his name?
he's just the one that, tweeted this. His tweet says we are creating an it army. We need digital talent. All operational tasks will be given here. And he links to the telegram link of it. Army of. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on channel for cyber specialist.
just for argument's sake, if they deployed an XDR, this it army of Ukraine, just for an example, if they deployed an XDR tool amongst their escape status systems and stuff like that, couldn't they have it programmed to block. Russian traffic just to be on the safe side. it wasn't that possible.
some scatter systems are, have to be air gapped or disconnected. they're networking. Sometimes isn't the same as a typical PC. So it really depends on what protocols it supports and how modern scatter system is, would depend on what capabilities it could have, but oftentimes SCADA system. Use dated or outdated Microsoft, windows operating systems, for example, where yes, the next type tool would definitely be able to help an unpatched monitor a block and stop and unpatched sit pinpoint.
Wow.
Yeah. So that was a big, big post this morning.
That's a pretty big deal. that's a lot of people to crowdsource that quick. I mean, I guess maybe it's not that quickly. They're just announcing now maybe it's been in the works since the beginning of the invasion, but still that's, quite a number to organize.
Yeah. it's probably bigger now
now that it's got publicity, right?
Yeah. This was just published. this was six in the morning, Eastern.
Wow.
we've come across people just in our line of work that, you remember? I won't name them, but some of the people that do pen testing and stuff that are like, white hat, hackers and stuff didn't really have a cause, but with a cause, there's quite a few of them out there, right?
Yeah, absolutely.
Some of them are very highly skilled. We ran into a few ourselves Twitter and LinkedIn and stuff that were obviously very highly skilled.
That's
interesting.
Yeah,
for sure. I saw a headline last night. I don't know if you guys saw this yet, I'm not really too familiar with Microsoft Craig, I'm sure you are.
Yeah, it's just basically their cloud, offering similar to Amazon, AWS.
Oh, okay. So that's interesting then. I didn't know that what it was. I never really looked into it as viewer, but because Amazon has its quantum center. Now they have Amazon bracket for quantum computing and then now they have a Zoomer quantum. they're letting people onboard to Azure. Quantum. Now I saw that last.
Yeah, that doesn't surprise me. I would think that all the big players like that would be wanting to support those kinds of efforts
That's interesting. Well, that's a major development then 300,000 people. would venture to say that parties are involved in this crisis we're not accounting for something like that to develop.
Yup. And I think the other thing that Blake found too, with 30 plus patches for, pretty much all apple devices today is ironically patched Tuesday. So I'm sure Microsoft has their, treasure trove of patches, announced for the day they usually come out every Tuesday of the week. And then if there's.
a rush patch or a patch that needs to be put on mid-week because of a high vulnerability than That'll be announced as well, but definitely want to make sure that you're updating all of your end points and devices, especially at this time with all the stuff going on,
were there pretty major apple patches announced. Yeah.
There's a new iOS for iPhone iPad iOS as well as.
And apple watch. Yeah. every operating system, iOS. So there's corruption, flaws, and Mac and iPads and, my
bones. What does that mean? What's the corruption?
I guess whenever a software writes to that memory, it creates some type of corrupted data or something. It says iPad, iOS updates, fixes memory, corruption, flaws, and multiple iOS software components, including Abe video and coder for media based time. You drivers, iTunes, Colonel sandbox, Syrian software updates.
39 documented iPad iOS vulnerabilities, which also included patches to Catalina, big Sur Monterey TBOs watch your res iTunes and X code, which is the software that you used to write apps, the flaws could expose users to remote code execution, attacks, whatever
that is.
Yeah.
that was the log for J wasn't it Craig that was the risk with that was that it exposed them to remote code execution. Yeah.
Similar where, you open a link or you open a, PDF file or something. And then there could be cross site scripting or access us or remote code execution where, a bad actor could remotely drop the bad, payload of some sort, some type of malware, key logger, et cetera. This was just 40 minutes ago where banks are on alert for the Russian reprisal, It says big banks, fear that swift faces a growing threat of Russian cyber attacks.
After seven of the countries, lenders were kicked off the global payments messaging system over the.
seven of the Russian banks that were planned to be kicked off, or are we talking about seven attacks that caused banks to be kicked off?
So seven of the country's lenders were kicked off the swift global payment messaging system over the weekend.
which country? Russia or United States?
Big banks, fear that swift faces a growing threat of Russian cyber attacks. After seven of the country's lenders were kicked off the global payment messaging system over the weekend says VTV Russia's second biggest bank, which finances Russia's war machine or among the lenders removed on Saturday from swift as part of the west sanctions campaign against Moscow in response to its invasion of Ukraine. So swift is like a. standard to wire money for international payments and things like that.
And it looks like there were sanctions in post to kick off and sanction and punish Russia. So they're saying that because that happens because seven of the country's lenders were kicked off this with system, they can't make, payments and exchanges. Now they're fearing that Russia will retaliate with cyber attacks.
and you said that one of those lenders that was kicked off, the wording that they used was that it funds the war machine.
well, swift system does not fund the war machine, but Russia,
will not directly anywhere.
people that are in support, how did they get money to Russia? That was a way would use the Swiss system to wire money to Russia. And it just cut off that tie Here's another headline says Russian cyber attacks have been well-tested on us. This was posted four hours ago, Russian based cyber attacks against us targets have been well tested. As the work with Ukraine continues.
Cyber professionals have warned about possibility of Russian cyber capabilities being used on the U S Russia already has a proven ability to infiltrate us systems.
It says they've demonstrated
be it, the solar winds or colonial pipeline issue and energy across the board. They have evidenced the capability. Everybody should be pretty much on a high alert
and make sure that the updates you're doing are verified official. Cause here's one headline about a fake antivirus update, launching cobalt strike malware in Ukraine.
Yeah. never click on a link. Always go direct to the manufacturer.
That's very good advice. Don't click the link. Yeah, type it yourself.
I don't know if you guys have seen, but I've noticed that a large increase in phishing email, X across the board of all different kinds of companies obviously verify the sender. Don't click on links.
interestingly in addition to all that is if there's not enough going on in the world right now, right. I guess, if we're going to have a climax, it's going to be all inclusive, right? from another perspective, you know how there's a lot of the internet cables, right? Now we have the global satellite internet up in space, but then we also have the internet cables on the opposite end of the spectrum in the deepest part of the oceans.
there's news now just recently holds the size of city blocks are forming in the Arctic C4. An ice shelf that was blocking the flow from Antarctica in three days has basically split apart sea ice that slowed the flow of Antarctic glacier abruptly shatters in three days. There's an odd connection to where some of this is manmade. Like the crisis. And the war is manmade, but then you have scientific stuff, converging at the same time of an epic steel as well.
Yeah,
you know how they're always talking about asteroids recently and but this one's gonna miss earth that one's gonna miss her. not to be alarm me, but there was a headline about this one that was a near hit it says asteroid discovered only two hours before earth impact. to spin it in a positive way, the encouraging side is only development with the quantum stuff, because that opens up a whole new realm of early detection possibilities.
Russia just announced that they're putting sanctions on Joe Biden and Jen Psaki and Hillary Clinton and hunter Biden and all this random people. And if they have any assets in Russia, they're freezing those assets and they're preventing them from traveling to Russia, scary
stuff, or the elites all turning on each other.
I doubt any of you have assets in
Russia. Yeah, probably not, but whatever the framework is that they all work from when they do these things, it seems like they're all trying to kind of follow the same protocol. But it kind of seems like they're starting to spin out of control a little bit. starting to seem a little bit absurd. Yeah.
Well, one thing I just dug up that was interesting. It says Russia, who paid 3.5 million to Biden's brother, hunter Biden, was paid 3.5 million by a Russian oligarch.
I saw a meme of Eric Trump, like, oh yeah if my dad was president and my dad understands boudin and Ms KGB. And he realized that my dad's a strong person and all this stuff and then he goes on to brag that we get all the funding we need from Russia, dah, dah, dah. You know, even though when Trump was in white house, they were denying that they were getting funds from Russia. And then he goes on to say that,
well, there's growth in other areas like the people uniting whatever, cause they're uniting. And then on the flip side, it seems like there's a bit of chaos and suing with the upper echelons.
I think a hunter Biden worked for a firm that Yeah, but they raise funds, right? Hedge fund or something like that.
he was on the board of directors for our Ukrainian company.
it's safe to say that there seems to be a lot of connections between all of the politicians at the high levels. They all seem to share some connections at the high levels.
Yeah.
But good thing it looks like the people sharing some connections too. So that's good news.