Bleeping Computer: Chinese Intelligence Agencies Are Doctoring the Country’s Vulnerability Database. “Chinese intelligence agencies are doctoring the Chinese National Vulnerabilities Database (CNNVD) to hide security flaws that government hackers might have an interest in, according to a report released on Friday by US threat intelligence firm Recorded Future. The US company says it noticed in recent months mass edits to the CNNVD website. Recorded Future says CNNVD operators have been backdating the publication dates for hundreds of vulnerabilities.”
Ars Technica: Potent malware that hid for six years spread through routers. “Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide. Slingshot—which gets its name from text found inside some of the recovered malware samples—is among the most advanced attack platforms ever discovered, which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday. The sophistication of the malware rivals that of Regin—the advanced backdoor that infected Belgian telecom Belgacom and other high-profile targets for years—and Project Sauron, a separate piece of malware suspected of being developed by a nation-state that also remained hidden for years.”
The Daily Beast: Russians Used Reddit and Tumblr to Troll the 2016 Election. “A leak of internal data from the Kremlin-backed Internet Research Agency discovered by The Daily Beast serves as the first confirmation that the Russian troll farm deployed its online agitators on Reddit as part of its campaign to interfere in American politics. The leak also reveals 21 Tumblr accounts, including login credentials, run by the Internet Research Agency (IRA). The listing for the leak offers ‘American proxies’ for Reddit and viral meme site 9Gag. The leak comes after months of speculation from Reddit users that the site had been targeted by a foreign influence campaign.”
TechCrunch: Fake news is an existential crisis for social media . “The claim and counter claim that spread out around ‘fake news’ like an amorphous cloud of meta-fakery, as reams of additional ‘information’ — some of it equally polarizing but a lot of it more subtle in its attempts to mislead (for e.g., the publicly unseen ‘on background’ info routinely sent to reporters to try to invisible shape coverage in a tech firm’s favor) — are applied in equal and opposite directions in the interests of obfuscation; using speech and/or misinformation as a form of censorship to fog the lens of public opinion. This bottomless follow-up fodder generates yet more FUD in the fake news debate. Which is ironic, as well as boring, of course. But it’s also clearly deliberate.” One of those articles that deserves a better headline than it gets. A deep dive with lots of links to other news articles and background. Very good stuff.
CNET: US charges Russian social media trolls over election tampering. “US special counsel Robert Mueller has filed charges against 13 Russian nationals and three Russian groups for allegedly interfering with the 2016 presidential election. In an indictment released Friday (PDF), Mueller and the Justice Department call out the Internet Research Agency, a group linked to Russian propaganda efforts across social media. Employees for the IRA created troll accounts and used bots to stage arguments and sow political chaos during the 2016 campaign.”
Los Angeles Times: The goal was espionage. The tactics were social media 101. “If a brand today wants to promote a new product, it would order its social media team to tailor posts that resonate with its audience, buy targeted ads to reach impressionable eyeballs, and closely monitor the performance of its messaging to ensure it reaches, and influences, as many viewers as possible. If a Russian troll farm wanted to disrupt an American election and amplify discord in an open society, it would apparently do the exact same things.”
Talos Intelligence: Olympic Destroyer Takes Aim At Winter Olympics. “Talos have identified the samples, with moderate confidence, used in this attack. The infection vector is currently unknown as we continue to investigate. The samples identified, however, are not from adversaries looking for information from the games but instead they are aimed to disrupt the games. The samples analysed appear to perform only destructive functionality.”