Saturday, May 27, 2023

Weeked Round-Down: Bleeping Computer

CosmicEnergy was discovered after a sample was uploaded to the VirusTotal malware analysis platform in December 2021

"Although we have not identified sufficient evidence to determine the origin or purpose of COSMICENERGY, we believe that the malware was possibly developed by either Rostelecom-Solar or an associated party to recreate real attack scenarios against energy grid assets," Mandiant said.

New Russian-linked CosmicEnergy malware targets industrial systems

By 
 
  • May 25, 2023
    •  
  • 11:27 AM
    •  
  • 0

Malware

"Mandiant security researchers have discovered a new malware called CosmicEnergy designed to disrupt industrial systems and linked to Russian cybersecurity outfit Rostelecom-Solar (formerly Solar Security).

The malware specifically targets IEC-104-compliant remote terminal units (RTUs) commonly used in electric transmission and distribution operations across Europe, the Middle East, and Asia.

CosmicEnergy was discovered after a sample was uploaded to the VirusTotal malware analysis platform in December 2021 by someone with a Russian IP address.

Analysis of the leaked malware sample has revealed several noteworthy aspects regarding CosmicEnergy and its functionality.

First, the malware shares similarities with previous OT malware like Industroyer and Industroyer.V2, both used in attacks targeting Ukrainian energy providers in December 2016 and April 2022.

Additionally, it's Python-based and uses open-source libraries for OT protocol implementation, just like other malware strains targeting industrial control systems, including IronGateTriton, and Incontroller.

Just like Industroyer, CosmicEnergy likely gains access to the target's OT systems via compromised MSSQL servers using the Piehop disruption tool.

Once inside the victims' network, the attackers can control RTUs remotely by issuing IEC-104 "ON" or "OFF" commands via the Lightwork malicious tool.

CosmicEnergy execution chain
CosmicEnergy execution chain (Mandiant)

  • ​Mandiant believes this newly discovered malware may have been developed as a red teaming tool designed to simulate disruption exercises by Russian cybersecurity company Rostelecom-Solar.
  • Based on public information showing that Rostelecom-Solar received funding from the Russian government for cybersecurity training and simulating electric power disruption, Mandiant suspects CosmicEnergy could also be used by Russian threat actors in disruptive cyberattacks targeting critical infrastructure like other red team tools.

"During our analysis of COSMICENERGY, we identified a comment in the code that indicated the  sample uses a module associated with a project named 'Solar Polygon.' We searched for the unique string and identified a single match to a cyber range (aka polygon) developed by Rostelecom-Solar," Mandiant said.

"Although we have not identified sufficient evidence to determine the origin or purpose of COSMICENERGY, we believe that the malware was possibly developed by either Rostelecom-Solar or an associated party to recreate real attack scenarios against energy grid assets," Mandiant said.

"Given that threat actors use red team tools and public exploitation frameworks for targeted threat activity in the wild, we believe COSMICENERGY poses a plausible threat to affected electric grid assets."

As Microsoft reported in April 2022, after Russia invaded Ukraine, Russian hacking groups have deployed many malware families (some of them never before seen in the wild) in destructive attacks against Ukrainian targets, including critical infrastructure.

The list includes but is not limited to 

The Sandworm Russian military hackers used the Industroyer2 malware to target the ICS network of a prominent Ukrainian energy provider but failed to take down its high-voltage electrical substations and disrupt energy delivery across the country."

Related Articles:

FBI nukes Russian Snake data theft malware with self-destruct command

US, UK warn of govt hackers using custom malware on Cisco routers

‘Operation Magalenha’ targets credentials of 30 Portuguese banks

New PowerExchange malware backdoors Microsoft Exchange servers

GoldenJackal state hackers silently attacking govts since 2019

 

 

SERGIU GATLAN  
Sergiu Gatlan has covered cybersecurity, technology, and other news beats for more than a decade. Email or Twitter DMs for tips.
POPULAR STORIES

MORE 

at No comments:

OUT OF THE BOX: Mattel's Barbie | Main Trailer 14,204,998 views May 25, 2023 #2 on Trending

To live in Barbie Land is to be a perfect being in a perfect place. Unless you have a full-on existential crisis. Or you’re a Ken. . .
 
From Oscar-nominated writer/director Greta Gerwig (“Little Women,” “Lady Bird”) comes “Barbie,” starring Oscar-nominees Margot Robbie (“Bombshell,” “I, Tonya”) and Ryan Gosling (“La La Land,” “Half Nelson”) as Barbie and Ken, alongside America Ferrera (“End of Watch,” the “How to Train Your Dragon” films), Kate McKinnon (“Bombshell,” “Yesterday”), Issa Rae (“The Photograph,” “Insecure”), Rhea Perlman (“I’ll See You in My Dreams,” “Matilda”), and Will Ferrell (the “Anchorman” films, “Talladega Nights”). The film also stars Michael Cera (“Scott Pilgrim vs. the World,” “Juno”), Ariana Greenblatt (“Avengers: Infinity War,” “65”), Ana Cruz Kayne (“Little Women”), Emma Mackey (“Emily,” “Sex Education”), Hari Nef (“Assassination Nation,” “Transparent”), Alexandra Shipp (the “X-Men” films), Kingsley Ben-Adir (“One Night in Miami,” “Peaky Blinders”), Simu Liu (“Shang-Chi and the Legend of the Ten Rings”), Ncuti Gatwa (“Sex Education”), Scott Evans (“Grace and Frankie”), Jamie Demetriou (“Cruella”), Connor Swindells (“Sex Education,” “Emma.”), Sharon Rooney (“Dumbo,” “Jerk”), Nicola Coughlan (“Bridgerton,” “Derry Girls”), Ritu Arya (“The Umbrella Academy”), Grammy Award-winning singer/songwriter Dua Lipa and Oscar-winner Helen Mirren (“The Queen”). Gerwig directed “Barbie” from a screenplay by Gerwig & Oscar nominee Noah Baumbach (“Marriage Story,” “The Squid and the Whale”), based on Barbie by Mattel. The film’s producers are Oscar nominee David Heyman (“Marriage Story,” “Gravity”), Robbie, Tom Ackerley and Robbie Brenner, with Gerwig, Baumbach, Ynon Kreiz, Richard Dickson, Michael Sharp, Josey McNamara, Courtenay Valenti, Toby Emmerich and Cate Adams serving as executive producers. Gerwig’s creative team behind the camera included Oscar-nominated director of photography Rodrigo Prieto (“The Irishman,” “Silence,” “Brokeback Mountain”), six-time Oscar-nominated production designer Sarah Greenwood (“Beauty and the Beast,” “Anna Karenina”), editor Nick Houy (“Little Women,” “Lady Bird”), Oscar-winning costume designer Jacqueline Durran (“Little Women,” “Anna Karenina”), visual effects supervisor Glen Pratt (“Paddington 2,” “Beauty and the Beast”) and music supervisor George Drakoulias (“White Noise,” “Marriage Story”), with music by Oscar winners Mark Ronson and Andrew Wyatt (“A Star Is Born”). Warner Bros. Pictures Presents a Heyday Films Production, a LuckyChap Entertainment Production, a NB/GG Pictures Production, a Mattel Production, “Barbie.” The film will be distributed worldwide by Warner Bros. Pictures and released in theaters only nationwide on July 21, 2023 and beginning internationally on July 19, 2023.
at No comments:

NEW ERA IN EDUCATION: AI is potentially “the biggest positive transformation that education has ever seen.” | Khan Academy

 

Personalized AI Tutors? Sal Khan on Transforming Education | Amanpour and Company



2,939 views May 26, 2023 #amanpourpbs

The dangers of AI have prompted global calls for regulation, but Sal Khan also sees an upside, and says AI is potentially “the biggest positive transformation that education has ever seen.” He’s the founder and CEO of Khan Academy, an online tutoring service that recently piloted an AI tutor and teaching assistant. He tells Walter Isaacson how he thinks AI can supercharge world-class education. Originally aired on May 26, 2023

Sal Khan’s 2023 TED Talk: AI in the classroom can transform education

POSTED ON 

Sal Khan believes that artificial intelligence (AI) has the potential to transform education for the better. “We’re at the cusp of using AI for probably the biggest positive transformation that education has ever seen,” he said in his 2023 TED talk.

Get a glimpse of a new era in education—one where every student has access to an AI-powered personal tutor and every teacher has an AI teaching assistant. 

The “Two Sigma Problem” and AI’s solution:

Benjamin Bloom’s 1984 “Two Sigma” study highlighted the benefits of one-to-one tutoring, which resulted in a two standard deviation improvement in students’ performance. Bloom referred to this finding as the “Two Sigma Problem,” since providing one-to-one tutoring to all students has long been unattainable due to cost and scalability issues. 

Sal shared how AI has the potential to scale this tutoring economically and provide personalized instruction to students on a global level with the help of an AI-powered assistant. During his talk, Sal gave a live demo of Khan Academy’s new AI-powered guide, Khanmigo.

Khanmigo: A comprehensive AI tutor

Instead of worrying about students using AI to cheat, Sal said we should focus on the positive use cases. Khanmigo not only detects students’ mistakes, but it also identifies misconceptions in their understanding and provides effective feedback. It can help students with math and computer programming exercises and can provide context-aware help for video content. 

Khanmigo encourages Socratic dialogue and debate by providing a safe space for students to fine-tune their arguments, which can give them more confidence in class. It has been designed to write with students rather than for them. It encourages collaborative story writing and provides feedback on drafts, which helps students improve their writing abilities.

Want to see Khanmigo in action? Khan Academy invites users based in the United States to explore and test AI’s capabilities by joining the Khanmigo waitlist. Your feedback is crucial in shaping the future of education.

Join the waitlist to test Khanmigo

A teaching assistant, powered by AI

For teachers, Khanmigo acts as a comprehensive teaching assistant by explaining answers and teaching methods, helping with lesson planning, and creating progress reports. This allows teachers to spend more time and energy on one-on-one interactions with their students.

Positive and appropriate interactions 

We believe that AI can transform education, but we also understand that it comes with limitations and risks.That’s why we clearly communicate these limitations to every parent, teacher, and child who uses Khanmigo. We limit the amount of interaction individuals can have with the AI per day. Additionally, each child’s chat history and activities are visible to parents or guardians and teachers so they can stay informed and involved in their child’s education. Our platform also uses moderation technology to detect inappropriate interactions, and when it does, it sends an automatic email alert to an adult.

Your role in the future of AI

Sal emphasized that everyone has a role to play in shaping the future of AI in education. “We all have to fight like hell for the positive use cases,” he said. 

Through responsible and innovative AI applications like Khanmigo, education has the potential to undergo an unprecedented transformation, accelerating learning and fostering human potential like never before.

at No comments:

Share of dollar in global reserves lowest in 28 years – IMF. . .Global central banks are currently seeking to diversify their assets, scooping up corporate debt, tangible assets such as real estate, and other currencies

TAKE-AWAY: The long-standing status of the dollar as the world’s dominant currency has been steadily eroded in recent years amid concerns over soaring US debt and widely implemented sanctions using the currency as leverage.

26 May, 2023 14:23
HomeBusiness News

Share of dollar in global reserves lowest in 28 years – IMF

The freezing of Russia’s forex holdings has accelerated de-dollarization around the world, experts say
Share of dollar in global reserves lowest in 28 years – IMF
© Getty Images / Oleksandr Shchus











"The process of diversifying away from the greenback by countries around the world is gathering pace, according to the latest data from the International Monetary Fund.

The statistics tracked by the Washington-based institution show that the dollar’s share of official gold and foreign currency reserves dropped to a nearly three-decade low of 58% in the fourth quarter of 2022.

The move has reportedly been gradual and the dollar share of central banks’ foreign reserves is now nearly down to a level last seen in 1995.

The long-standing status of the dollar as the world’s dominant currency has been steadily eroded in recent years amid concerns over soaring US debt and widely implemented sanctions using the currency as leverage.

The shift was more pronounced when adjusted for exchange rates, according to Stephen Jen, CEO of Eurizon SLJ Capital Limited, as quoted by Reuters.

“What happened in 2022 was a very sharp plummeting in the dollar share in real terms,” he said, calling the decline a reaction to the freezing of half of Russia’s $640 billion in gold and FX reserves.

Yuan displacing dollar on Moscow ExchangeREAD MORE: Yuan displacing dollar on Moscow Exchange

According to Jen, the drastic step sparked a rethink in countries like Saudi Arabia, China, India and Türkiye about diversifying their reserves to other currencies.

The yuan’s share of global over-the-counter forex transactions has increased from nearly zero 15 years ago to 7%, according to the Bank for International Settlements (BIS).

After the move against Russia, other countries are questioning “What if you fall on the wrong side of sanctions?” BNY Mellon strategist Geoffrey Yu told the media.

He said global central banks are currently seeking to diversify their assets, scooping up corporate debt, tangible assets such as real estate, and other currencies.

“This is the process that is underway,” Mark Tinker, managing director of Toscafund Hong Kong, told the agency. “The dollar is going to be used less in the global system.”

RELATED 

GLOBAL FINANCIAL STABILITY REPORT

Global Financial Stability Report

The Global Financial Stability Report provides an assessment of the global financial system and markets, and addresses emerging market financing in a global context. It focuses on current market conditions, highlighting systemic issues that could pose a risk to financial stability and sustained market access by emerging market borrowers. The Report draws out the financial ramifications of economic imbalances highlighted by the IMF's World Economic Outlook. It contains, as special features, analytical chapters or essays on structural or systemic issues relevant to international financial stability.


at No comments:

In a Fog of Uncertainty, It’s Best to Diversify. . . | New York Times 26 May 2023

 STRATEGIES

It’s Not Just the Debt Ceiling

A host of issues face the markets, beyond the prospect of a possible default on U.S. debt. Hedge your bets and ride it out, our columnist says.

Credit...Robert Neubecker

By Jeff Sommer

Jeff Sommer is the author of Strategies, a weekly column on markets, finance and the economy.

On the surface, the stock market has been remarkably calm.

Despite occasional declines, the S&P 500 has returned roughly 8 percent over the past year, including dividends. If that solid performance were the only information you had about the state of the markets, it might lead you to believe that there was nothing much to worry about.

But you would be wrong. The relatively calm markets of recent weeks are extraordinary, considering what lurks beneath them. Invest in the markets, certainly, but hedge your bets. The peaceful mood could sour quickly.

Just for a start, the debt ceiling crisis is still unfolding. If an agreement isn’t reached in Washington before early June, the United States could run out of money to pay all of its bills. This has never happened before, so we don’t really know how bad it would be — but it’s safe to say that it would range somewhere between awful to catastrophic. . ."

Read more > NY Times

X

at No comments:

YEAH Driverless Car Draws Attention

at No comments:
Subscribe to: Comments (Atom)