SK Hynix Inc. has opened an investigation into the use of its chips in the latest phone from Huawei Technologies Co., after a teardown of the device revealed its memory and flash storage inside. The handset’s components are almost entirely provided by Chinese suppliers and Hynix’s hardware is an isolated example of materials sourced from overseas, according to TechInsights. Bloomberg

SpaceX cut off Starlink satellite internet service to Ukrainian submarine drones last year just as they were launching an attack on the Russian Black Sea Fleet, according to a new biography of SpaceX founder Elon Musk. The new details of the previously reported incident underscore how dependent the U.S. government has become on a company that once had to fight in court to become part of the Washington establishment. The Washington Post

State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the FBI, and the United States Cyber Command revealed on Thursday. The threat groups behind this breach are yet to be named, but while the joint advisory didn't connect the attackers to a specific state, United States Cyber Command's press release links the malicious actors to Iranian exploitation efforts. Bleeping Computer

World

China, North Korea pursue new targets while honing cyber capabilities

Microsoft

Clint Watts

In the past year, China has honed a new capability to automatically generate images it can use for influence operations meant to mimic U.S. voters across the political spectrum and create controversy along racial, economic, and ideological lines. This new capability is powered by artificial intelligence that attempts to create high-quality content that could go viral across social networks in the U.S. and other democracies. These images are most likely created by something called diffusion-powered image generators that use AI to not only create compelling images but also learn to improve them over time.

North Korea hackers going after Russian targets, Microsoft says

Reuters

Raphael Satter

North Korean hackers targeted Russian diplomats and successfully breached a Russian aerospace research institute earlier this year, Microsoft Corp said in a blog post published Thursday. Microsoft did not identify any of the victims by name and provided little by way of details or evidence, but said the hacking took place in March.

The International Criminal Court will now prosecute cyberwar crimes

WIRED

Andy Greenberg

For years, some cybersecurity defenders and advocates have called for a kind of Geneva Convention for cyberwar, new international laws that would create clear consequences for anyone hacking civilian critical infrastructure, like power grids, banks, and hospitals. Now the lead prosecutor of the International Criminal Court at the Hague has made it clear that he intends to enforce those consequences—no new Geneva Convention required. Instead, he has explicitly stated for the first time that the Hague will investigate and prosecute any hacking crimes that violate existing international law, just as it does for war crimes committed in the physical world.

Australia

Australia’s top police met with Clearview AI after it was slammed for breaking nation’s privacy law

Crikey

Cam Wilson

Top Australian police continued to meet with the CEO of controversial facial-recognition software company Clearview AI after both the company’s and police’s use of its technology was found to have broken Australian privacy law. Crikey revealed in June that Australian Federal Police had secretly met with Clearview AI staff in 2022, but new documents obtained by this masthead provide further insight into how police have continued to work closely with a company that violated the privacy of huge numbers of Australians while defying calls for more transparency about their relationship.

China

Tencent declares AI ‘war’ on Chinese rivals

Financial Times

Eleanor Olcott and Nian Liu

Internet heavyweight Tencent unleashed its key generative AI technology on Thursday, declaring “war has begun” with about a dozen rivals fighting to be China’s national artificial intelligence champion. China’s largest company by market value introduced “Hunyuan”, a large language model of the type powering OpenAI’s ChatGPT, the US service that has inspired a legion of companies to try to emulate its success in AI.

China crypto crackdown: Weibo banishes 80 prominent cryptocurrency influencers

South China Morning Post

Dylan Butts

The accounts of 80 popular cryptocurrency influencers, each with more than 8 million followers, have been removed from one of China’s most popular social media apps, as Beijing maintains its tight grip over crypto activities. The Weibo accounts, which promoted cryptocurrencies, had breached eight regulations in China covering areas such as marketing, internet safety, telecommunications, trade and finance, Weibo Finance said in a statement on Tuesday. The Beijing-based firm said it would continue to “receive complaints from users” and initiate investigations on “illegal virtual currency trading information” in accordance with local laws.

China moves to widen state employee iPhone curbs

Reuters

Julie Zhu and Kevin Yao

China has in recent weeks widened existing curbs on the use of iPhones by state employees, telling staff at some central government agencies to stop using their Apple mobiles at work, two sources familiar with the matter said. Against a backdrop of tensions between Beijing and Washington, the extension of a ban imposed more than two years ago signals growing challenges for the U.S. company, which relies heavily on China for revenue growth and manufacturing.

CEO of fintech giant Ant Group pledges support for digital yuan at Shanghai conference, promotes cross-blockchain use

South China Morning Post

Tracy Qu and Ann Cao

Eric Jing Xiandong, chairman and CEO of fintech giant Ant Group, pledged support to the Chinese sovereign digital currency e-CNY in his latest public appearance at a conference in Shanghai, the country’s finance capital. The e-CNY could be as valuable to the industrial internet as mobile payments were to the consumer internet, Jing said at the “Inclusion Conference on the Bund” on Thursday, according to Chinese media reports.

USA

United States and United Kingdom sanction additional members of the Russia-based Trickbot cybercrime gang

US Department of the Treasury

Clint Watts

Today, the United States, in coordination with the United Kingdom, sanctioned eleven individuals who are part of the Russia-based Trickbot cybercrime group. Russia has long been a safe haven for cybercriminals, including the Trickbot group. Today’s action was taken by the U.S. Department of the Treasury’s Office of Foreign Assets Control. The U.S. Department of Justice is concurrently unsealing indictments against nine individuals in connection with the Trickbot malware and Conti ransomware schemes, including seven of the individuals designated today.

Chinese hackers stole signing key used to breach US officials’ emails from Microsoft engineer, company says

The Hill

Julia Shapero

Chinese hackers obtained a consumer signing key that was used to breach U.S. officials’ emails earlier this year through a Microsoft engineer’s account, the company said Wednesday. An investigation into the breach found that a consumer signing system crash in April 2021 produced a snapshot of the crash process, also known as a crash dump, that incorrectly contained the consumer signing key, Microsoft said.

The US government is investigating China’s breakthrough smartphone

CNN

Samantha Murphy Kelly

The United States government is seeking more information about the Huawei Mate 60 Pro, a Chinese smartphone powered by an advanced chip. US National Security Adviser Jake Sullivan said during a White House press briefing Tuesday that the US needs “more information about precisely its character and composition” to determine if parties bypassed American restrictions on semiconductor exports to create the new chip.

Willis asks court to protect jurors after doxing in Trump's Georgia case

Axios

Jacob Knutson

Fulton County District Attorney Fani Willis asked a judge on Wednesday to take steps to protect jurors who indicted former President Trump and over a dozen of his allies for their alleged attempts to flip Georgia's election results in 2020. Willis said at least 23 jurors in the case have had their personal information — including their names, ages, addresses and vehicle details —posted anonymously on "conspiracy theory websites" hosted by a Russian company as part of an effort to "harass and intimidate them."

US cybersecurity company with Ukrainian roots offers team members support and second chances

Forbes

The war against Ukraine was already underway when SOC Prime, a cybersecurity tech company, was founded in 2015. In 2022, when the war against Ukraine heightened, they changed the game with their compassionate leadership. When Alex Bredikhin, Ruslan Mikhalov, and Andrii Bezverkhyi started the company, they successfully filled a need for a trusted repository of detection code that could capture a cyber threat before it could become a full-scale attack. Over the years, the project has evolved from a one-time hobby website to a sophisticated SaaS platform that helps people speak any cyber defense language at once.

Americas

Recent cyber-attacks show that we need to get on with Bill C-26

The Hill Times

Laurel Donnellan

Canada needs to raise the baseline level of cybersecurity across the systems we rely on most before we find ourselves making laws in the middle of a national cybersecurity crisis. Prime Minister Justin Trudeau reiterated Canada’s support for Ukraine, and told reporters about a new military aid package designed to help Kyiv fend off Russia’s illegal invasion.

North Asia

Active North Korean campaign targeting security researchers

Google Threat Analysis Group

Clement Lecigne and Maddie Stone

In January 2021, Threat Analysis Group publicly disclosed a campaign from government backed actors in North Korea who used 0-day exploits to target security researchers working on vulnerability research and development. Over the past two and a half years, TAG has continued to track and disrupt campaigns from these actors, finding 0-days and protecting online users. Recently, TAG became aware of a new campaign likely from the same actors based on similarities with the previous campaign. TAG is aware of at least one actively exploited 0-day being used to target security researchers in the past several weeks. The vulnerability has been reported to the affected vendor and is in the process of being patched.

Southeast Asia

Asia-Pacific urged to use AI to combat cyber threats

Việt Nam News

Experts have called on the Asia-Pacific region to embrace artificial intelligence to combat cyber threats. Speaking at a conference in Bali, Indonesia, at the end of last month, Adrian Hia, managing director for Asia Pacific, Kaspersky, a global cybersecurity firm, said: “AI has emerged as a powerful tool in the field of cybersecurity and beyond. “The Asia-Pacific region is at the forefront of the AI revolution.” Several research studies have predicted that the Asia-Pacific region will be the fastest-growing market for AI globally.

Ukraine - Russia

‘How am I in this war?’: New Musk biography offers fresh details about the billionaire’s Ukraine dilemma

CNN

Sean Lyngaas

Elon Musk secretly ordered his engineers to turn off his company’s Starlink satellite communications network near the Crimean coast last year to disrupt a Ukrainian sneak attack on the Russian naval fleet, according to an excerpt adapted from Walter Isaacson’s new biography of the eccentric billionaire titled “Elon Musk.” As Ukrainian submarine drones strapped with explosives approached the Russian fleet, they “lost connectivity and washed ashore harmlessly,” Isaacson writes.

Middle East

Big Tech

In its first monopoly trial of modern internet era, U.S. sets sights on Google

The New York Times

David McCabe, Cecilia Kang

The Justice Department has spent three years over two presidential administrations building the case that Google illegally abused its power over online search to throttle competition. To defend itself, Google has enlisted hundreds of employees and three powerful law firms and spent millions of dollars on legal fees and lobbyists.

Inside Musk’s Twitter transformation: Impulsive decisions, favors for friends

The Wall Street Journal

Georgia Wells, Alexa Corse and Kirsten Grind

The social-media platform had suspended West in December for violating its rule against hate speech after he posted an image of a swastika merged with a Star of David. The musician and designer, who goes by the name Ye, has been considering a 2024 presidential run, according to people familiar with his plans, and his campaign advisers wanted him back on. Previously, Twitter wouldn’t have reinstated anyone’s account without a formal company review. After Musk bought the company, which he recently renamed X Corp., he upended that process, current and former employees said, making many content decisions himself.

Artificial Intelligence

Google: Political adverts must disclose use of AI

BBC

Shiona McCallum

Google will soon require that political ads on its platforms let people know when images and audio have been created using artificial intelligence. The rules have been created as a response to the "growing prevalence of tools that produce synthetic content", a Google spokesperson told the BBC. The change is scheduled for November, about a year ahead of the next US presidential election.

Ghostwriter returns with an A.I. Travis Scott song, and industry allies

The New York Times

Joe Coscarelli

Earlier this year, when the anonymous musical creator known as Ghostwriter released an unauthorized track that used artificial intelligence voice effects to mimic the pop superstars Drake and the Weeknd, the fallout was immediate and far-reaching. The mostly original song, “Heart on My Sleeve,” was promptly removed from official streaming services, even as experts acknowledged that its use of A.I. fell into a rapidly expanding legal gray area. But while the major record labels sought to protect their intellectual property and scrambled to prepare for disruptions to come, the track also proliferated on social media, earning millions of listens and helping to inspire a wave of similarly novel compositions. Throughout the aftermath, Ghostwriter stayed silent — at least in public.

Misc

‘Modern cars are a privacy nightmare,’ the worst Mozilla’s seen

The Verge

Jess Weatherbed

According to a report published by the Mozilla Foundation on Wednesday, cars are “the official worst category of products for privacy” that it’s ever reviewed. The global nonprofit found that 92 percent of the reviewed automakers provide drivers with little (if any) control over their personal data, with 84 percent sharing user data with outside parties.

