[17901] in athena10
Daily Drop(27)
daemon@ATHENA.MIT.EDU (Bob Bragg from Social Media IO Rou)
Tue Jan 25 04:41:28 2022
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="273333aed06f149276c46026b46194a0d3b84e570d43154fd249994790c4"
From: Bob Bragg from Social Media IO Roundup <infodom@substack.com>
To: debathena@mit.edu
Date: Tue, 25 Jan 2022 09:40:16 +0000
In-Reply-To: <post-47605120@substack.com>
Message-ID: <20220125094016.2.f8e2cb27171d3a8a.uhcopl9v@mg2.substack.com>
Reply-To: Bob Bragg from Social Media IO Roundup
<reply+scccg&181xwy&&ebc58e7b04e9f599f757c9002a521e76910451729007c610bdd58c5c42afff86@mg1.substack.com>
--273333aed06f149276c46026b46194a0d3b84e570d43154fd249994790c4
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
View this post on the web at https://email.mg2.substack.com/c/eJxVkEtuxSAMR=
VfzmDUCA0kYMOik24j4-L2gJoAItMruS5pOKtke-Mqfc52p-Erl1DkdlVxlqWdGHfH72LBWLKQd=
WJbg9cSV4hMTxGvh2SxnEo7lWRB3EzZdS0OSm92CMzWkeE2AEiAYWbXjVs5qtJMDOUqckaMChjg=
qLq0T8j5smg8YHWr8wnKmiGTTa635ePD3B3z0CPGZfNqHo9mjGvc5uLT3du7p-xPnmy8pw0SCBg=
pAGUiqBGXjAMNzRnAWJjYxz81shra6lDf19RB0f8G_laRoj9bUFaO55FAH9O2iW7q6txjquXTNb=
uhv8Hr792vF8sKIpfvqF1M1GwVnlI9McSVuzu6MmEYqGVDSz3YgE6L-Y_sBLumGoA
Tuesday, January 25, 2022 // Contact: Bob Bragg-IG [https://email.mg2.subst=
ack.com/c/eJwlkM2OhCAQhJ9mOBJoGYUDh73saxiQVskqGH7G-PaLY0II6QpV_dVkCi4xXfqIu=
ZD7Gst1oA545g1LwURqxjR6p4dOqW7ggjgtHJdvSXwe54S4G7_pkiqSo9rNT6b4GO4foAQITlbN=
pAJjLZqOM95LzhnYHuYZJJODlPAEm-o8hgk1fjBdMSDZ9FrKkV_dzwt-2znPk_qQi1mS2ekU9zb=
zYY5p_2ZSF3cfTLNoc-I1MADG4c2UaLEU6CwRJgsDH7jrjDS0rlM8NvV5CbYvQHO1zXz6u61J0g=
6tKSsGc8u-UHT1RhybutfgyzU2zW7oHvrylPjtY1wwYGrlutEUzXvRyLueq06JB7bVI4aevTkw0=
mLb5sYHfcO05z_QNoiC] //Weekly Sponsor: T&R [https://email.mg2.substack.com/=
c/eJwlkM2OhSAMhZ_msjT8KbpgMZt5DYO0XskoGCh34tsPjknTND1pT77jHeE75cueqRC720zXi=
Tbib9mRCDOrBfMcwBo1TcoIzcBqEGM_slDmNSMeLuyWckV21mUP3lFI8b6Qk5ZasM2iH0ZjcBn6=
tYceFC5mlFz7fnBixFU-xq5CwOjR4gfzlSKy3W5EZ3mpr5f8bkXZARYXIbsApfPpaEsWrORSciF=
7Pmkuhk5264jSL9III0C50XV18-ncp89L8-Mtu1KXQs7_3C9YtoCLow2ju-VAHUK9WeamHjUGuu=
amLTvCg0lPWv_g8xsj5pYizI6sGLQSXA1iUpN-qFoO2gy8F5KzZgupXUUb4pra-AcsyIDf]
Taking Control of Ransomware and Other Malware with a Zero-Trust Strategy
FROM THE MEDIA:=C2=A0Antivirus, sandboxing and similar detection techniques=
can=E2=80=99t keep up. It=E2=80=99s time for agencies to transform their a=
pproach to thwarting malware. In a classic =E2=80=9CI Love Lucy=E2=80=9D sk=
it, Lucille Ball works at a chocolate factory. Her job is to wrap chocolate=
s as they travel down a conveyor belt, without letting a single candy past.=
To keep up with the surging volume, she resorts to stuffing chocolates in =
her hat, her blouse and, finally, her mouth. Cybersecurity pros dealing wit=
h malware at today=E2=80=99s government agencies might feel like they face =
a similar situation. Taking ransomware as an example, 79 successful attacks=
struck U.S. government organizations in 2020, affecting 71 million people,=
according to Comparitech [https://email.mg2.substack.com/c/eJwlkU2OwyAMhU9=
Tdo2AkB8WLGYz14gccBM0CURgGuX2Q1oJgeXHs82HBcIlpsscMRO7t4muA03AM29IhImVjGnyzg=
yt1u0gFHNGOTF2I_N5eiXEHfxmKBVkR5k3b4F8DLdDaiWVYKuRs-ydlrID--L9iNANrRMWndUoF=
YdvYyjOY7Bo8I3pigHZZlaiIz_an4f8res8z8bG_YDkCe16xzU7b3Gphw-vmPZP82dGW-qdq6aX=
WKuFHQM9E4Qc9xMSPoEI7F-uOvNGcim5kB3Xiou-kc1rRGlnOYhBuBZGaMpq47Hp90PxfZFNLnO=
-_fcALBmHM9CKAW7ZU4Ou3Cimqu4l1DGmqs0bui8l-sL-cJsWDJjqJ7gJyIhetYK3vdCtVl8oFa=
Maet4JyVlt62J1BXO_tYb_RJmY3Q]. Downtime and recovery costs reached an estim=
ated $18.88 million, with downtime sometimes stretching several months. Ove=
rall, the United States suffered 65,000 attacks last year, more than seven =
per hour, NPR reports [https://email.mg2.substack.com/c/eJwlUctuxCAM_JrlRsR=
rEzhw6KW_ETnBbFATiHg02r8v6UrWGGs0HjReoeIr5bc9U6nkhrm-T7QRr7JjrZhJK5jn4OwkjZ=
ETV8RZ5bh-ahLK7DPiAWG3NTckZ1v2sEINKd4KYZRQnGx24dr7rjEMvdFSgkfljAMvBReCw8cYm=
gsYV7T4i_mdIpLdbrWe5SG_HuK713VdQzzzkPKrT4IJ3hsbbzAdOGNq1GrSug-NFlqa95gLTX0h=
nWiGWNJxQUYKtcL6UyhEuqWWaaiFxnRRoPH_-7DTgmvLob5pDuWHBNvtBOPiyYxifBzE4DWKdRE=
Tn7iToGFo25rO3fw-FDteYihtKbfLsKaDZOtwgbphhJsOdUDX7sDmzh4tdqO5c8uO7pNl_ZzkP9=
35hRFzP5WboVo-KsmZHLmRRn2i62GraWRPLhjpti51VbQh-tSff1flocs].
READ THE STORY:=C2=A0=C2=A0Nextgov [https://email.mg2.substack.com/c/eJwlUd=
uOhSAM_JrDmwYQbw887Mv-hqlSlayCgXpc9-sXjglpm046MxkmIFx8uPXhI7FcBroP1A6vuCERB=
nZGDIM1uq36vmqFYkYrI7q6YzYOc0DcwW6awonsOMfNTkDWu3wheyWVYKuexzFdzjPvlKmVmM3Y=
YqWMUmB64DU8wnAai25CjW8Mt3fINr0SHfFVfb3kd3rXdZUOf2nx73Lye9pYgxBTl1zK1LhIheD=
HuqWYvKPgtyKAi36_IGABzhSeVgzFDttn84fBF8l7pCJSyGHciaFqhOCZj1mdmbmQNe8VF00py7=
lDOY2yFa0wFXRQnuvkj61_vxTfF1nGc4wE0092yII2OEKSdJBhSyWaM-c0JHQ_naV7SNi4oXkip=
OcnPqEOCzrMpswApEWjKsGTtb7q1ZNYyli1Da-F5CzJGp-unLZu9mn8BwNLoEE]
A QUICK LOOK:=C2=A0
DTPacker malware steals data, loads second-stage payloads
FROM THE MEDIA:=C2=A0Researchers have uncovered a malware packer being used=
by multiple threat actors to distribute remote access trojans (RATs) used =
to steal information, and load follow-on payloads like ransomware. Research=
ers with Proofpoint in a Monday analysis [https://email.mg2.substack.com/c/=
eJwtkcGOhSAMRb_msXsGEEUXLGYzv2EQqpJRIFCe8e8Hx0lIKb25bXMwGmEN6VIxZCR3mPCKoDy=
ceQdESKRkSJOzSrbj2EomiFXCsqEbiMvTkgAO7XaFqQCJZd6d0eiCvx18FFwwsqlW9nYR49Kzhe=
meSSrtQIU2lFJgi-yewbpYB96Agg-kK3ggu9oQY361Xy_-Xc95nk1MISwxOI-NCUctllzDvIe1X=
rgl0Ph2Prt1w1qwGLX5gfT2gO__1JTkQsn1mfMZkn0z4hSnnFPGOzoKyvqGN8sA3MxcMslsqwfd=
lM2EuI-fl6DHyptc5oy14b0FScrCrHEDr2_ZYQO23Dimqh7FO7ymqs072IcUPsD_2E0reEj1I-y=
kUbFetIy2PRvbUTxgKkohe9oxTkkda0N1eeX8Emr6Cz8ImPw] said that the .NET commod=
ity packer, which they call DTPacker, has been associated with dozens of ca=
mpaigns and multiple threat groups since 2020, and is likely distributed on=
underground forums. DTPacker uses multiple obfuscation techniques to avoid=
analysis, sandboxing and antivirus detection. However, what makes the malw=
are unique is its ability to operate as both a packer and a downloader in o=
rder to distribute multiple RATs and information stealers, including Agent =
Tesla, AsyncRAT and FormBook. =E2=80=9CThe main difference between a packer=
and a downloader is the location of the payload data which is embedded in =
the former and downloaded in the latter,=E2=80=9D said researchers with Pro=
ofpoint. =E2=80=9CDTPacker uses both forms. It is unusual for a piece of ma=
lware to be both a packer and downloader.=E2=80=9D
READ THE STORY:=C2=A0=C2=A0Decipher [https://email.mg2.substack.com/c/eJwlk=
EmKxDAMRU9T3iV4qgwLL3rT1wiKpVRMO3bwUE1u304XCPHRR_riWSj0iukyZ8yF3W0p10km0G_2=
VAolVjOlxaEZ1TyrUWiGRqOYnhNzedkS0QHOm5IqsbOu3lkoLoZ7Q85aasF2A0qvNG980LQN44S=
4qYE_UY7KTghCfoKhoqNgydCb0hUDMW_2Us78UF8P-d0Ka-xtPG5F1p07pVuWE-wPpe4A_wuJul=
wIfO4QCnQ-AuYuk40BmwEv6k64_qfMGcml5EI--ay5GHrZbxNJu8pRjAIVTNDX3cbTz--H5sdL9=
rmu7Yj9ub9gySCtUHYKcNuu9IT1ZrA096jBlWtp3uoJP3jKh_I_sOVFgVKjjwsUIwatBFeDmNWs=
PzQaPz02SkJy1mIxtq1gXNhik39fSJXM]
A QUICK LOOK:=C2=A0
Trickbot Injections Get Harder to Detect & Analyze
FROM THE MEDIA:=C2=A0The authors of the infamous malware family have added =
measures for better protecting malicious code injections against inspection=
and research. The authors of the Trickbot Trojan have added multiple layer=
s of defenses around the malware to make it harder for defenders to detect =
and analyze the injections it uses during malicious operations. The improve=
ments coincide with escalating activity around the malware and appear desig=
ned for attacks in which=C2=A0Trickbot is being used to conduct online bank=
ing fraud =E2=80=94 something the tool was originally designed for before i=
t was repurposed for malware distribution purposes. Researchers from IBM Tr=
usteer analyzed the most recent code injections that Trustbot uses in the p=
rocess of stealing information for conducting banking fraud. They discovere=
d new tweaks to it of the type that the operators of the malware have been =
making since it was first released in 2016.
READ THE STORY:=C2=A0=C2=A0Darkreading [https://email.mg2.substack.com/c/eJ=
wlkMmOwyAMQL-m3BKxZeHAYS7zGxGLmzBNIQLTKvP1Q6aSZVl-smw_ZxDWlE99pILkSgueB-gI7=
7IDImRSC-QleD0JpcTEJPFaejYPMwlluWeApwm7xlyBHNXuwRkMKV4TXEkuGdk0iEncZ2GcYpxK=
TwWD2cIw2FmJceDqs9hUHyA60PCCfKYIZNcb4lFu4uvGv1u83-_em_zIYHyIa-_Ss3VfdY-QjQ1=
7wAClw61xLI1gDu5hE3Yh_oC7zirdCthtJnvIHabOAzbQmWj28xdI0JxyThkfqJKUjT3v7zNwZ_=
nEJuaFmU1fN5eOXb1ukj5X3pdqCxr3uI4hWXuwBjeI5sIBe_D10rI0-qwx4Lk0ZnfwH2P4Ef_vc=
Fnh-gPBLwY1G6VgVIxMCSU_gppSOY10aBJJW-tTm4o6xHtq5R9fe50f]
A QUICK LOOK:=C2=A0=C2=A0
Concerns grow over potential new Russian cyberattacks
FROM THE MEDIA:=C2=A0As the tensions between Russia and Ukraine continue to=
deepen, security researchers have discovered more about the tactics and ma=
lware used in the wiper attacks on Ukrainian organizations and government o=
fficials are warning enterprises in the United States to be prepared for po=
tential intrusions if the U.S. becomes involved in the conflict in some way=
=2E The attacks that hit several Ukrainia=
n organizations and government agenc=
ies 10 days ago used a piece of malware known as WhisperGate that has multi=
ple stages and is designed to overwrite the master boot record (MBR) of inf=
ected computers and delete all of the data on those machines. The malware d=
isguises itself as ransomware, displaying a ransom note after the wiping op=
erations complete. But there=E2=80=99s no way to recover the data and no ra=
nsom mechanism. This is quite similar to the 2017 NotPetya attacks in Ukrai=
ne, which also used ransomware as a facade for a destructive malware infect=
ion and was more widespread than the WhisperGate intrusions. Researchers wi=
th Cisco Talos, who have worked on incident response in Ukraine for many ye=
ars, found that the attackers had access to the target networks for several=
months before actually deploying the WhisperGate malware, and probably use=
d stolen legitimate credentials for initial access.
READ THE STORY:=C2=A0=C2=A0Decipher [https://email.mg2.substack.com/c/eJwlk=
MmKxSAQRb_muUtwyuDCRW_6N4JDJZHO06Dla_L3bTogcuFyqKrjDMKW8qXPVJDc34LXCTrCbzkA=
ETKpBfISvJ6EUmJikngtPZuHmYSyrBngbcKhMVcgZ7VHcAZDijfBleSSkV270anZSWOpdGpiapj=
FYKeJjauTcmT2GWyqDxAdaPhAvlIEcugd8Swv8fXi3-35mnqX3ncCF84dcosuNSbH0m05_Xapsd=
2ZECIGc3Ttji7XUoKJnbssZINo3E8hQXPKOWV8oEpSNva8X2fgzvKJTcwLM5u-7i6dh_q8JH1vv=
C_Vlhu-VyBZe7AGd4jmrgP24OstYGntu8aA19I6e4B_3OCj-N_WskG8VwG_GNRslIJRMTIllHxU=
NHlyGunAOCVtrE-NijrENbX4B06dlK4]
A QUICK LOOK:=C2=A0
Malicious PowerPoint files used to push remote access trojans
FROM THE MEDIA:=C2=A0Since December 2021, a growing trend in phishing campa=
igns has emerged that uses malicious PowerPoint documents to distribute var=
ious types of malware, including remote access and information-stealing tro=
jans. According to a report by Netskope=E2=80=99s Threat Labs shared with B=
leeping Computer before publication, the actors are using PowerPoint files =
combined with legitimate cloud services that host the malware payloads. The=
families deployed in the tracked campaign are Warzone (aka AveMaria) and A=
gentTesla, two powerful RATs and info-stealers that target many application=
s, while the researchers also noticed the dropping of cryptocurrency steale=
rs. The malicious PowerPoint phishing attachment contains obfuscated macro =
executed via a combination of PowerShell and MSHTA, both built-in Windows t=
ools. The VBS script is then de-obfuscated and adds new Windows registry en=
tries for persistence, leading to the execution of two scripts. The first o=
ne fetches AgentTesla from an external URL, and the second disables Windows=
Defender.
READ THE STORY:=C2=A0=C2=A0Bleeping Computer [https://email.mg2.substack.co=
m/c/eJwlkU1uxCAMhU8z7BIBYfKzYNFNrxERcCa0CSAwE-X2dToSgic9GT9_tgbhFfOlUyzI7mv=
GK4EOcJYdECGzWiDP3umhm6ZuEIo5rZwYnyPzZV4zwGH8rjFXYKkuu7cGfQx3hZyUVIJteh36hY=
-qh1WObuztJKxdzdCv3SAXCfbT2FTnIVjQ8IZ8xQBs1xtiKo_u6yG_6Zzn2S47QPLhZeORKuVrS=
ZB1B6angK3Z40XyMJTFx1qaFE_IKfqAzep3KA2N5BqMTaplazIcEaEx1kIpDeb4Y8L9FfNacim5=
kE8-KS76VrbrCNIuchCDcJ0ZTVs3G9M-vR-KHy_ZlroUNPb3DsWydrAY3CCY2_bYgqs3o5ncowa=
KOZNHA7kPPvxs4R_o_IIAmbbjZoNa9KoTvOvF1E3qQ4v4qqHnTyE5o7YuUlXQPqyR5B_fZaKG]
A QUICK LOOK:
Log4j: Mirai botnet found targeting ZyXEL networking devices
FROM THE MEDIA:=C2=A0 An Akamai researcher has discovered an attempt to use=
Log4j vulnerabilities in ZyXEL networking devices to "infect and assist in=
the proliferation of malware used by the Mirai botnet." Larry Cashdollar, =
a member of the Security Incident Response Team at Akamai Technologies, exp=
lained [https://email.mg2.substack.com/c/eJwlkEGOwyAMRU9Tdo2A0NIsWMxmrhEZcF=
JmCERgGvX2Q6YSAotv61nPAeGay9vsuRI7r5neO5qER41IhIW1imUO3uhxmkYtFPNGefG4PVio8=
1IQNwjRUGnI9mZjcEAhp3NCTkoqwZ5GT0I7i1wrrhfw3qFeFgUO3OhvQvoPGJoPmBwafGF554Qs=
mifRXi_j10V-93McxwC_0IGDy1v_sDGv_anoWgn07uUWCoSrzZSQrmBbDWm99i71c321mLCADbG=
3smAkl5ILeeOT4uI-yGF5oHRWaqGFH-EBQ3u6vMfpdVF8W-VQm60E7veEs2I8WqAnJjjjQAP6dh=
qYe7q11Blzz2xE_5FDH8f_uuYVz1UI_QxkxF2Ngo93MY2T-rjo9pS-8y6Hs471uU8lE9KSe_kH7=
gqVsw]=C2=A0that Zyxel may have been specifically targeted because they=C2=
=A0published a blog [https://email.mg2.substack.com/c/eJwlkM2O3CAQhJ9mOFqA8=
d-BwyhKTjntcS8IQ3vMLgYLmpk4Tx_ISKhUqGh18RmN8IjpkmfMSJoovE6QAV7ZAyIkUjIk5ayc=
-mXpJyaIlcKyeZiJy2pLAId2XmIqQM6yemc0uhjaBF8EF4zs0giqxTxuYlz50o_zRJk129TMZAa=
2vhfrYh0EAxKekK4YgHi5I5751t9v_Fc9r9er-3v9Ad-ZeNR7yVUgVMnlPGPC6j5brjKYkhxeSt=
uny_WDaotJ3U9tdlC_40N8qY8fP9Wz-ABJr87Xt13e8fDESU45p4wPdBGUjR3vthm4WfnEJmZ7P=
euu7CaefnneBD0evMtlzajNd6tFkrSwatwh6BY77MCWhkbV9CihtarZ6sG-qeEb_n-O6gGtEIJV=
GiUbRc9oP7KlX8QbUsUqppEOjFNS19pYp4J0YYvV_gOelJ5u]=C2=A0noting they were imp=
acted by the Log4j vulnerability.=C2=A0 "The first sample I examined contai=
ned functions to scan for other vulnerable devices," Cashdollar wrote in an=
Akamai blog post [https://email.mg2.substack.com/c/eJwlkEGOwyAMRU9Tdo2A0NI=
sWMxmrhEZcFJmCERgGvX2Q6YSAotv61nPAeGay9vsuRI7r5neO5qER41IhIW1imUO3uhxmkYtFP=
NGefG4PVio81IQNwjRUGnI9mZjcEAhp3NCTkoqwZ5GT0I7i1wrrhfw3qFeFgUO3OhvQvoPGJoPm=
BwafGF554QsmifRXi_j10V-93McxwC_0IGDy1v_sDGv_anoWgn07uUWCoSrzZSQrmBbDWm99i71=
c321mLCADbG3smAkl5ILeeOT4uI-yGF5oHRWaqGFH-EBQ3u6vMfpdVF8W-VQm60E7veEs2I8WqA=
nJjjjQAP6dhqYe7q11Blzz2xE_5FDH8f_uuYVz1UI_QxkxF2Ngo93MY2T-rjo9pS-8y6Hs471uU=
8lE9KSe_kH7gqVsw]. "The second sample... did contain the standard Mirai att=
ack functions," he added. "It appears the... attack vectors had been remove=
d in favor of Log4j exploitation. Based on the attack function names and th=
eir instructions, I believe this sample is part of the Mirai malware family=
=2E"
READ THE STORY:=C2=A0=C2=A0ZDnet [https://email.mg2.substack.com/c/eJwlkcuO=
hCAQRb-m2Wl4-VqwmM38hkEobaYRDJTt2F8_OCaEVNXl5lYORiMsMZ1qixnJdY14bqACHNkDIiS=
yZ0ijs6oTwyA6JolV0rK-6YnL45wAVu28wrQD2fbJO6PRxXA5-CC5ZOSpgHWiNXxuZk1bKUQnKQ=
XG-6nlPbUC7mC9WwfBgII3pDMGIF49Ebf8EF8P_l3OcRz1xwbA2sS19DqhMx5K5eMif6rVJe0qa=
2OupojlXYU6LYAuLNXn_AVfldkR0-saWHg7A7mYiVOcck4Zb-ggKWtrXs89cDPxjnXMCt3ren-a=
uPnh_ZB0XXid9ymjNq9rE5KUhUnjE4K-ZIc12P2iMRZ13YPDcyza5MHeoPDm_Y9uXCBAKv9gR42=
KFT6MipYNYpA3l0JSdi1tGKekxNpYXEG5MMdS_gGGxZif]
A QUICK LOOK:
MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists
FROM THE MEDIA:=C2=A0State-sponsored cyberattackers are using Google Drive,=
Dropbox and other legitimate services to drop spyware on Middle-Eastern ta=
rgets and exfiltrate data. Malicious files doctored up to look like legitim=
ate content related to the Israeli-Palestine conflict are being used to tar=
get prominent Palestinians, as well as activists and journalists in Turkey,=
with spyware. That=E2=80=99s according to a disclosure from Zscaler, which=
attributes the cyberattacks to the MoleRats advanced persistent threat (AP=
T). Zscaler=E2=80=99s research team was able to tie MoleRats, an Arabic-spe=
aking group [https://email.mg2.substack.com/c/eJwlkEuOhSAQRVfzmGn4-WHAoCe9D=
YNQKnkKBMrX7e4b26RCKtyqHDjWIKwxXzrFguQ-JrwS6AA_ZQdEyOQskCfv9CCUEgOTxGnp2NiN=
xJdpyQCH8bvGfAJJ57x7a9DHcG9wJblkZNMDHylloleKjZxJCVzI3jrLnGI9F90DNqfzECxo-EC=
-YgCy6w0xlZf4evHvWrhlMHgPtzYe9eKIO2SDpTEJGyipgs0KzWIszDG-G5djmuNvnaycWrUhXn=
PKOWW8o0pS1re8XUbgduYDG5gTZjTtudmYdvV5SXqsvC3nXNDY900lWTuYDW4QzB17bMGd99enm=
h5n8HhNNZt3cI8VfOT-e5pWCPeLwU0GNeulYFT0TAklHwlVmxx62jFOScW6WLeC9mGJtf0DHiqP=
jw] with a history of targeting Palestinian interests, to this campaign bec=
ause of overlap in the .NET payload and command-and-control (C2) servers wi=
th previous MoleRats APT attacks [https://email.mg2.substack.com/c/eJwlkc2u=
pCAQhZ-m2Wn4U9oFi7u5r2FKKJWMgoGiOz1PPzidEKjUSeWc-nBAuKX8sVcqxO5rps-FNuK7HEi=
EmdWCeQ7eGjVNygjNvNVePIcnC2VeM-IJ4bCUK7KrLkdwQCHFe0JOWmrBdutWNa0jrsob7-RgcD=
GAnA8wKb2ANF9jqD5gdGjxhfmTIrLD7kRXeaifh_xt5_1-93-LgwNz79LZOsuRttLegq7mQJ8uY=
0HIbm-9tkOH5WphYMMOiMD96c7UhoFKBxd1BHlDCnHr7iVLdwbvD-wQGotgJZeSCznwSXMx9rJf=
nyjdIo0wwit4Ql93l65jej00PzfZl7qU2-TOxrL1uADtGOGWA_Xo601obupZYws7N2050H_h0fc=
P_uOcN4x3TPQzkBWjVoKrUUxq0l9Wja42Ix-E5KzZ-tSmog1xTa38B4hvodc]. This campaig=
n started last July, Zscaler reported. MoleRats used the Dropbox API for C2=
communications in both this and previous campaigns [https://email.mg2.subs=
tack.com/c/eJwtUUtuxSAMPM1jR8QvvwWLbnqNiICToBKIwHlVevqSphJCNsN4RmNrENaUL32k=
guS-JrwO0BG-SwBEyOQskCfvdC_HUfZcEaeV40M7EF-mJQPsxgeN-QRynHPw1qBP8WaIUQnFyab=
ZYGRrpagsN3M7SAFSdUIMvethAfsIm9N5iBY0vCFfKQIJekM8ykt-vMRnPbhlMHh_bmza60MxhQ=
rGR7qaH0PtNUNeTVzpHCC6Qks6Nl_w3xINdXAo1Ee6-XULF4WliqN_Ay3HX5cy1qlcyVZ1tSBeC=
yaqgGjZqBjvGtEsAwg7i5733EkzmObcbDrC-H4ptq-iKedc0Niv2yHJ2sFscINobthjA-68Y5oq=
up_R4zVVrNp1T4L4LOIv02mFCLkuyE0GNe-U5Ex2fJSjegKrEau-Yy0XjFRZlyorah-XVMtf3py=
gng], as well as Google Drive and other established cloud-hosting services =
to host the payloads, according to Zscaler.
READ THE STORY:=C2=A0=C2=A0Threatpost [https://email.mg2.substack.com/c/eJw=
lkEFuxCAMRU8z7BIBYUKyYNFNrxE54ExoCURgWuX2JR1hIcvfX996FghfKV_mTIXY_S10nWgi_p=
aARJhZLZgX74we5nnQQjFnlBPTc2K-LFtGPMAHQ7kiO-savAXyKd4OOSupBNuNddv4HCRsYpz0t=
OoJ5DqNgG2hPcvfwVCdx2jR4A_mK0VkwexEZ3kMHw_52Yr2jED3cm_T0QZHCpiBSgcndeW8uhXi=
N-bSnSl48tZDLN1XqjlC8IVKswitZ65bw7yRXEou5JPPiouxl_02obSr1EILN8AEfd1tOsP881D=
8eMm-1LUQ2O87nmXjcAXaMcIte-rR1ZvB0tSjRk_X0rQ1oHvjoTflf2DLC-N9OroFyIhRDYIPo5=
iHWb1pNH5Kj_wpJGct1qXmisbHLbX2D5TLlKs]
A QUICK LOOK:
The Ransomware Files, Episode 4: Maersk and NotPetya
FROM THE MEDIA:=C2=A0What if malware disguised as ransomware destroyed ever=
y copy of a company's Active Directory except for one? That's exactly what =
happened to global shipping and logistics company Maersk on June 27, 2017. =
Maersk was one of dozens of organizations crippled by the NotPetya malware =
in one of the strangest and most devasting global cyberattacks. Gavin Ashto=
n [https://email.mg2.substack.com/c/eJwlUMGuhCAM_JrlaABR5MDhXfY3CEJV8hQMlN3=
49w-fSdO0mUynM84irClf-kwFyd0MXifoCN-yAyJkUgtkE7yWvVK9ZIJ4LTybhomEYpYMcNiwa8=
wVyFnnPTiLIcWbwZXggpFNzyOTyrORLtJaJQcYhRRCzd4rSQflHmFbfYDoQMMH8pUikF1viGd59=
T8v_m6F33C_1Ll0tG39xLJhJEFzyjllfKBKUDZ2vFsm4G7mkknmezvZrm4unbv6vAQ9Vt6VOhe0=
7ve-RLL2MFvcINobDtiBr7cX09CjxoCXadi8g39s4pPWv3GzQoTcUvTGomaj6BntR6Z6JR5XLQc=
hRzowTkmT9amxog5xSW38A9ZsgKk] was Maersk's identity and access management s=
ervice owner at the time. "We talk about milestones and project plans and t=
hree, five-year plans," Ashton says. "And the thing about ransomware, or ex=
tortion, where whatever you want to call it these days, is it doesn't reall=
y care about any of that. It could literally strike this afternoon. That wa=
s our wake up call." Bharat Halai [https://email.mg2.substack.com/c/eJwlUEm=
OxCAMfE1zjNiycOAwl_lGxOJ0UBOIiOkovx8ykSzLdsllVzmD8M7l0ns-kNxpxmsHneA8IiBCIf=
WAMgevR6GUGJkkXkvPpn4i4ZiXArCZEDWWCmSvNgZnMOR0b3AluWRk1dIosDCYkcq-nxinwg-cc=
7BSucnC-Bw21QdIDjR8oVw5AYl6RdyPl_h58d8W53l2MaQP-JA6l7c2Cqklu5picDXRhNaRoDnl=
nDLeUyUpGzreLRNwZ_nIRuaFmUxXV5f3qL4vSbc3745qDzTuc7OSoj3YxgfJ3HDADny9xc0N3Wo=
KeM0NsxH8oxsf-_6dmN-QoH0Dfjao2SAFo2JgSij5yGzGyHGgfbOBtLM-t62kQ1pyK_8AaTKGCA=
] was Maersk's former head of identity and access management. The attack kn=
ocked out all of Maersk's copies of Active Directory. Halai's quick thinkin=
g uncovered the last remaining uncorrupted copy in Lagos, Nigeria, which ha=
d experienced a wide area network outage.
READ THE STORY:=C2=A0=C2=A0Govinfo security [https://email.mg2.substack.com=
/c/eJwlkcuOhCAQRb-m2Wl4-WDBYjbzGwahVNIKBoo2_v3gdFJUitxU7uVgDcIa063PmJE8bcL7=
BB3gyjsgQiIlQ5q804NQSgxMEqelY2M3Ep-nJQEcxu8aUwFylnn31qCP4dngSnLJyKaVncd67Ay=
CctGZXsluHNi8CMUoDOPX2BTnIVjQ8IF0xwBk1xvimV_i58V_a13X1a7x48MSM9iSPN6tjUdVfK=
hRP76mrpdkQo7HZRI0i98hN3D6HB00sjkMpPxuQsQT8DaNbzpan-Q1p5xTxjuqJGV9y9tlBG5nP=
rCBOWFG05bNxnNXn5ekx8rbXOaMxr6fACRpB7PBDYJ5ZI8tuPLgmKp6lFCDTlWbd3BfUvgF_s9u=
WiFAqh_hJoOa9VIwKnqmhJJfMBWlHHraMU5JtXWxbgX9UKjjHwrbmXU]
A QUICK LOOK:
Kaspersky finds firmware bootkit MoonBounce shows major advancement
FROM THE MEDIA:=C2=A0Kaspersky researchers found that firmware bootkit Moon=
Bounce hides in one of the computer=E2=80=99s essential parts: Unified Exte=
nsible Firmware Interface (UEFI) firmware. According to the cybersecurity s=
olutions company, MoonBounce was first detected in 2021 and demonstrated a =
sophisticated attack flow, with evident advancement in comparison to former=
ly reported UEFI firmware bootkits. It was linked to well-known advanced pe=
rsistent threat (APT) actor APT41. According to Kaspersky, MoonBounce is on=
ly the third reported UEFI bootkit found in the wild that has been found us=
ing the firm=E2=80=99s Firmware Scanner. When compared to the two previousl=
y discovered bootkits, LoJax and MosaicRegressor, MoonBounce has a more com=
plicated attack flow and greater technical sophistication.
READ THE STORY:=C2=A0=C2=A0Backendnews [https://email.mg2.substack.com/c/eJ=
wlkcuurSAMhp9mMdNw88KAwZ6c1zAIdclWwUBZK779wW3SNE3_tH_z1RqEd0yXPmNGcqcJrxN0g=
G_eARESKRnS5J0ehFJiYJI4LR0bu5H4PC0J4DB-15gKkLPMu7cGfQz3BFeSS0ZW3auuG_tBOSGo=
ZFZ1YhhNpyhnC6VssY-xKc5DsKDhA-mKAciuV8Qzv8TPi_-rMRu7QXD3cW0ArJ3N5BNS3q5m8cH=
lmtPxNQmaOUbcPDZHjGGOpa5t8hq_uTnMb0yNcR9TeweEewvxmlPOKeMdVZKyvuXtMgK3Mx_YwJ=
wwo2nLauO5q89L0uPN21zmjPWe1saDJO1gNrhCMLfssQVXbhxTVY8SPF5T1eYd3EMKH-B_7KY3B=
Ej1EW4yqFkvBaOiZ0oo-YCpKOXQ045xSqqti3UqaB-WWMv_cXyZdg]
A QUICK LOOK:=20
Port of LA Launches Cyber Resilience Center
FROM THE MEDIA:=C2=A0North America's largest seaport said it is bolstering =
its cybersecurity readiness and enhancing its threat-sharing and recovery c=
apabilities among supply chain stakeholders with the launch of its new stat=
e-of-the-art port community cyber defense solution. The Port of Los Angeles=
' Cyber Resilience Center (CRC) was designed through a collaborative proces=
s with participating stakeholders and will be operated by International Bus=
iness Machines (IBM). =E2=80=9CWe must take every precaution against potent=
ial cyber incidents, particularly those that could threaten or disrupt the =
flow of cargo,=E2=80=9D said Port of Los Angeles Executive Director Gene Se=
roka. =E2=80=9CThis new Cyber Resilience Center provides a new level of awa=
reness for our stakeholders by providing enhanced intelligence, better coll=
ective knowledge sharing and heightened protection against cyber threats wi=
thin our supply chain community.=E2=80=9D=20
READ THE STORY:=C2=A0=C2=A0Marinelink [https://email.mg2.substack.com/c/eJw=
lkMuOwyAMRb-m7BLxyoMFi9nMb0QE3AYNgQhMo_z9kFaybOQr--JjDcIr5UsfqSC504LXATrCWQ=
IgQia1QF6805NQSkxMEqelY_MwE1-WZwbYjQ8acwVy1DV4a9CneE9wJblkZNNiGKZxYsBhXtVsZ=
Gu7QcxUgnRyduprbKrzEC1oeEO-UgQS9IZ4lIf4efDfFud59rvJPkLw8a-3aW_N-6utHCljF0yL=
Gu0GpbPXCrnLUHz4rO0sxHZPJ9sVAyVec8o5ZXygSlI29rx_zsDtyic2MSfMbPq62XQE9X5Iur9=
4X-pa0NiPMcnawWpwg2hu2WMPrt4ElqbuNXq8lqatAdwXDn4Zf3AtL4iQG3u3GNRslIJRMTIllP=
yyaPTkNNKBcUqarUttKmofn6k9_wFY2ZMp]
A QUICK LOOK:
Items of interest
A Super Dragon Taming the Flood - Why the Cyberspace Administration of Chin=
a Has Become a Globally Important Government Agency(Paper)
FROM THE MEDIA: READS LIKE PROPAGANDA W/ RU LINKS - Speaks of CCP Cyberspac=
e Administration
Water was central to life in ancient China, as it was the source of life an=
d prosperity but also brought calamity. Not surprisingly, the ability to co=
ntrol water became the central task of China=E2=80=99s rulers, as it was ce=
ntral to the nation=E2=80=99s survival as well as their political legitimac=
y. This dynamic has also given rise to a saying: =E2=80=9CNine dragons tryi=
ng to tame the flood,=E2=80=9D which refers to multiple entities fighting t=
o solve a single problem but falling short because of an inability to coord=
inate and cooperate.
READ THE STORY:=C2=A0=C2=A0Valdaiclub(propaganda) [https://email.mg2.subst=
ack.com/c/eJwlkUmOxCAMRU9T7BIxVYYFi970NSIGJ0FNIAJTpdy-SZWEEfbXt9Gz1Qhbypc6U=
0FyXwteJ6gI7xIAETKpBfLinRrFPIuRSeKUdGx6TsSXZc0Ah_ZBYa5AzmqCtxp9ireDz5JLRnYl=
JVsH8xR2NNROE1udZbNdx3EQmlE3fAfr6jxECwpekK8UgQS1I57lIX4e_Ledlw5Oexuq6W06WkG=
32P22hxZY7kJX6gm5c1lvKXaoDx-3Dnfo1pCS69779cnsZSCXU1toJuIVp5xTxp90lpQNPe_XCb=
g1fGQjc0JPuq-7TWeYXw9Jj433pZqC2v7dHyFZOTC69Y36lj324OpNY2nqUaPHa2maCeC-oPDL-=
4Nu2SBCbntwi0bFBikYFQObxSy_XBpJOQ70yTglbaxLzRWVj2tqz3-CGphS]
Security Flaws in China=E2=80=99s My2022 Olympics App Could Allow Surveilla=
nce(Video)
FROM THE MEDIA:=C2=A0=C2=A0Marietje Schaake, International Policy Director =
at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former =
MEP, discusses trends in big tech, privacy protection and cyberspace: Does =
the Beijing 2022 Olympics app have security flaws? Well, the researchers at=
the Citizen Lab of the University of Toronto do believe so. And if their r=
evelations, this time, will set off a similar storm as they did with the fo=
rensics on NSO Group's spyware company, then there will be trouble ahead fo=
r China. The researchers found that the official My2022 app for the sports =
event, which attendees are actually required to download and to use for doc=
umenting their health status, has flaws in the security settings. Loopholes=
they found could be used for intrusion and surveillance.
China and Russia: MI6=E2=80=99s top concerns(Video)
FROM THE MEDIA:=C2=A0MI6 chief Richard Moore speaks to the =E2=80=9CThe Eco=
nomist Asks=E2=80=9D podcast about the world's biggest threats=E2=80=94from=
a possible Russian invasion of Ukraine to China=E2=80=99s increasing acces=
s to personal data.
About this Product
These open source products are reviewed from analysts at InfoDom Securities=
and provide possible context about current media trends in regard to the r=
ealm of cyber security. The stories selected cover a broad array of cyber t=
hreats and are intended to aid readers in framing key publicly discussed th=
reats and overall situational awareness.=C2=A0InfoDom Securities does not s=
pecifically endorse any third-party claims made in their original material =
or related links on their sites, and the opinions expressed by third partie=
s are theirs alone. Contact InfoDom Securities at=C2=A0dominanceinformation=
@gmail.com [mailto:dominanceinformation@gmail.com]
Unsubscribe https://email.mg2.substack.com/c/eJxVkltvozAQhX9NeFvkC5Dw4Iek2X=
SpCru9JU1ekLGH4AYMBVMCv35Nsy8rWSNrjsZndD4LbuBctyNr6s44c0nN2ADTMHQlGAOt03fQp=
kqyJQ1DusSeI5kn8cpfOapL8xag4qpkpu3BafqsVIIbVet5goQe8bBTMA4IA8dC-DgjxPNFTmhI=
PUDIRz4m_s2Y91KBFsDgC9qx1uCUrDCm6RZ0vSA7e5TOa1lXbtdnneHi4oq6sm0uZkd7karjWQn=
p90oLujP1BfSCbmF8wILsx3dSXqKPmsbTxY8ncU3uBiXuw0nuwuZ0FwXJVpB4-3aNP9ZdVJWFtL=
349Yji6ecQT8fr75dB8fdksm8o8WuvHl8jP9lGKH6Jukgn-KiiIKqeG2FXze73-emAC34YVP7kr=
pI8PWRFOP74U8ewP10-Nw_6bfM01NfxE2DTt93zo2hPXbJ2FCOIEGSDQaGHcOASN18BERlZ4iWW=
lK-42xeibsrwa-Gh6kz-S8RpmYSMmwI0n2VlXJD9DCe1atVrZcbUajYpeeNmbvi_Y0vPoKG130K=
m3DAceBQjGuCQht4NkwXrLYOZG3KsreXBlWb_0PwFP8_Ing
--273333aed06f149276c46026b46194a0d3b84e570d43154fd249994790c4
Content-Type: text/html; charset="ascii"
Content-Transfer-Encoding: quoted-printable
<html><head><title>Daily Drop(27)</title><style>
@media all and (-ms-high-contrast: none), (-ms-high-contrast: active) {
.typography .markup table.image-wrapper img,
.typography.editor .markup table.image-wrapper img,
.typography .markup table.kindle-wrapper img,
.typography.editor .markup table.kindle-wrapper img {
max-width: 550px;
}
}
@media screen and (max-width: 540px) {
.typography .markup iframe.spotify-wrap,
.typography.editor .markup iframe.spotify-wrap,
.typography .markup a.spotify-wrap,
.typography.editor .markup a.spotify-wrap {
width: auto !important;
}
}
@media screen and (max-width: 540px) {
.typography .markup div.youtube-wrap div.youtube-screen,
.typography.editor .markup div.youtube-wrap div.youtube-screen,
.typography .markup div.vimeo-wrap div.youtube-screen,
.typography.editor .markup div.vimeo-wrap div.youtube-screen {
display: none !important;
}
}
@media screen and (max-width: 540px) {
.typography .markup div.embedded-publication-wrap .embedded-publication.s=
how-subscribe,
.typography.editor .markup div.embedded-publication-wrap .embedded-public=
ation.show-subscribe {
padding: 28px 24px;
}
}
@media screen and (max-width: 540px) {
.typography .markup div.subscription-widget-wrap .subscription-widget.sho=
w-subscribe,
.typography.editor .markup div.subscription-widget-wrap .subscription-wid=
get.show-subscribe,
.typography .markup div.captioned-button-wrap .subscription-widget.show-s=
ubscribe,
.typography.editor .markup div.captioned-button-wrap .subscription-widget=
=2Eshow-subscribe {
padding: 28px 24px;
}
}
@media screen and (max-width: 540px) {
.typography .markup div.subscription-widget-wrap .subscription-widget.sho=
w-subscribe .subscription-widget-subscribe .button,
.typography.editor .markup div.subscription-widget-wrap .subscription-wid=
get.show-subscribe .subscription-widget-subscribe .button,
.typography .markup div.captioned-button-wrap .subscription-widget.show-s=
ubscribe .subscription-widget-subscribe .button,
.typography.editor .markup div.captioned-button-wrap .subscription-widget=
=2Eshow-subscribe .subscription-widget-subscribe .button {
padding: 10px 12px;
min-width: 110px;
}
}
@media print {
.typography .markup .button-wrapper,
.typography.editor .markup .button-wrapper {
display: none;
}
}
@media screen and (max-width: 540px) {
.typography .markup .apple-podcast-container,
.typography.editor .markup .apple-podcast-container {
width: unset;
}
}
@media screen and (min-width: 481px) {
.share-button-container {
height: 38px;
}
}
@media screen and (min-width: 481px) {
.share-button-container a.comment {
height: 38px;
line-height: 38px;
padding-right: 10px;
}
}
@media screen and (max-width: 480px) {
.share-button-container .separator {
display: block;
margin: 0;
height: 8px;
border-left: none;
}
}
@media screen and (max-width: 480px) {
.share-button-container a.share.first img {
padding-left: 0;
}
}
@media screen and (min-width: 481px) {
.share-button-container a.mobile {
display: none !important;
}
}
@media screen and (max-width: 1000px) {
.congrats-box {
flex-direction: column;
}
.congrats-box .congrats-box-right {
margin-left: 38px;
margin-top: 16px;
}
}
@media screen and (max-width: 500px) {
.congrats-box {
display: none;
}
}
@media screen and (min-width: 768px) {
.post {
padding: 15px 0 24px;
}
}
@media screen and (max-width: 540px) {
.post .post-header .meta-author-wrap.alternative-meta .meta-right-column =
table.post-meta {
margin-top: 6px;
}
}
@media screen and (max-width: 540px) {
.post-contributor-footer .post-contributor-bio-table {
display: block;
}
.post-contributor-footer .post-contributor-bio-table-row {
display: flex;
flex-direction: row;
}
.post-contributor-footer .post-contributor-bio-userhead-cell,
.post-contributor-footer .post-contributor-bio-body-cell {
display: block;
}
.post-contributor-footer .post-contributor-bio-body-cell {
flex-grow: 1;
}
.post-contributor-footer .post-contributor-bio-body-table {
display: block;
}
.post-contributor-footer .post-contributor-bio-body-table-row {
display: block;
}
.post-contributor-footer .post-contributor-bio-copy-cell,
.post-contributor-footer .post-contributor-bio-controls-cell {
display: block;
}
.post-contributor-footer .post-contributor-bio-copy-cell {
margin: 0 0 16px 0;
}
.post-contributor-footer .post-contributor-bio-controls-cell {
width: auto;
}
.post-contributor-footer .post-contributor-bio-controls {
margin: auto;
}
.post-contributor-footer .post-contributor-bio-controls .button.primary {
width: 100%;
}
.post-contributor-footer .post-contributor-bio-text {
font-size: 14px;
}
}
@media screen and (min-width: 768px) {
.post-silhouette {
padding: 15px 0;
}
}
@media screen and (max-width: 540px) {
.post-silhouette .post-silhouette-title {
margin-top: 10.44225025px;
height: 120px;
}
}
@media screen and (max-width: 540px) {
.post-silhouette .post-silhouette-meta {
width: 75%;
}
}
@media screen and (max-width: 540px) {
.post-silhouette .post-silhouette-meta.with-byline-image {
margin: 20px 0;
}
}
@media screen and (max-width: 540px) {
.use-theme-bg table.post-meta.alternative-meta tr td.post-meta-item,
table.post-meta.alternative-meta tr td.post-meta-item {
padding-right: 16px;
}
}
@media screen and (max-width: 370px) {
.use-theme-bg table.post-meta.alternative-meta tr td.post-meta-item,
table.post-meta.alternative-meta tr td.post-meta-item {
font-size: 14px;
}
}
@media screen and (max-width: 540px) {
.use-theme-bg table.post-meta.alternative-meta tr td.post-meta-item.guest=
-author-publication,
table.post-meta.alternative-meta tr td.post-meta-item.guest-author-public=
ation {
display: none;
}
}
@media screen and (max-width: 370px) {
table.post-meta tr td.post-meta-item .post-meta-button {
height: 36px !important;
}
table.post-meta tr td.post-meta-item .post-meta-button .meta-button-label=
{
display: none;
}
table.post-meta tr td.post-meta-item .post-meta-button > svg {
margin-right: 0;
}
}
@media screen and (max-width: 370px) {
table.post-meta tr td.post-meta-item {
font-size: 12px;
}
}
@media screen and (max-width: 540px) {
.post-preview > .post-preview-image {
display: none;
}
}
@media screen and (max-width: 540px) {
.post-preview-silhouette .post-preview-silhouette-image {
display: none;
}
}
@media all and (-ms-high-contrast: none), (-ms-high-contrast: active) {
body .markup table.image-wrapper img,
body .markup table.kindle-wrapper img {
max-width: 550px;
}
}
@media screen and (max-width: 540px) {
body .markup iframe.spotify-wrap,
body .markup a.spotify-wrap {
width: auto !important;
}
}
@media screen and (max-width: 540px) {
body .markup div.youtube-wrap div.youtube-screen,
body .markup div.vimeo-wrap div.youtube-screen {
display: none !important;
}
}
@media screen and (max-width: 540px) {
body .markup div.embedded-publication-wrap .embedded-publication.show-sub=
scribe {
padding: 28px 24px;
}
}
@media screen and (max-width: 540px) {
body .markup div.subscription-widget-wrap .subscription-widget.show-subsc=
ribe,
body .markup div.captioned-button-wrap .subscription-widget.show-subscrib=
e {
padding: 28px 24px;
}
}
@media screen and (max-width: 540px) {
body .markup div.subscription-widget-wrap .subscription-widget.show-subsc=
ribe .subscription-widget-subscribe .button,
body .markup div.captioned-button-wrap .subscription-widget.show-subscrib=
e .subscription-widget-subscribe .button {
padding: 10px 12px;
min-width: 110px;
}
}
@media print {
body .markup .button-wrapper {
display: none;
}
}
@media screen and (max-width: 540px) {
body .markup .apple-podcast-container {
width: unset;
}
}
@media screen and (min-width: 500px) {
body .header a.logo {
width: 42px;
height: 42px;
border-radius: 6px;
}
}
@media screen and (max-width: 420px) {
body .subscription-receipt table:first-of-type .subscription-amount .subs=
cription-discount {
width: 72px !important;
}
}
@media screen and (min-width: 481px) {
body .share-button-container {
height: auto;
}
}
@media screen and (max-width: 480px) {
body .share-button-container .separator {
display: block !important;
margin: 0 !important;
height: 8px !important;
border-left: none !important;
}
}
@media screen and (max-width: 540px) {
body .footer {
outline: 8px solid #f8f8f8 !important;
}
}
@media screen and (max-width: 540px) {
.digest .item .post-meta-item.audience {
display: none;
}
}
@media screen and (min-width: 500px) {
.digest-publication .logo img {
width: 42px;
height: 42px;
border-radius: 6px;
}
}
@media screen and (max-width: 540px) {
.comments-page .container .comment-list .collapsed-reply {
margin-left: 18px;
}
}
@media screen and (max-width: 540px) {
.comment > .comment-list {
padding-left: 25px;
}
}
@media screen and (max-width: 540px) {
.finish-magic-login-modal .modal-content .container {
padding: 24px 0;
}
}
@media screen and (min-width: 541px) {
.user-profile-modal {
padding-left: 12px;
padding-right: 12px;
}
}
@media screen and (max-width: 540px) {
.subscribe-widget form.form .sideBySideWrap button.rightButton {
padding: 10px 12px;
min-width: 110px;
}
}
@media screen and (min-width: 541px) {
.pub-icon:hover .logo-hover,
.feed-item-icon:hover .logo-hover {
display: block;
}
}
@media screen and (max-width: 768px) {
.file-embed-wrapper {
padding: 0;
}
}
@media screen and (max-width: 768px) {
.file-embed-wrapper-editor {
padding: 0;
}
}
@media screen and (max-width: 768px) {
.file-embed-wrapper-editor:active {
padding: 0;
}
}
@media only screen and (max-width: 630px) {
.file-embed-button.wide,
.file-embed-error-button.wide {
display: none;
}
}
@media only screen and (min-width: 630px) {
.file-embed-button.narrow,
.file-embed-error-button.narrow {
display: none;
}
}
@media screen and (max-width: 540px) {
.audio-player-wrapper .audio-player .audio-player-progress {
border-left-width: 16px;
border-right-width: 16px;
}
}
@media screen and (max-width: 540px) {
.audio-player-wrapper .audio-player .audio-player-progress .audio-player-=
progress-bar .audio-player-progress-bar-popup {
top: -54px;
}
}
@media screen and (max-width: 540px) {
.audio-player-wrapper-fancy .audio-player .audio-player-progress {
border-left-width: 16px;
border-right-width: 16px;
}
}
@media screen and (max-width: 540px) {
.audio-player-wrapper-fancy .audio-player .audio-player-progress .audio-p=
layer-progress-bar .audio-player-progress-bar-popup {
top: -54px;
}
}
@media screen and (max-width: 540px) {
.video-player-wrapper .video-player-button {
padding-top: 22.8%;
}
}
@media screen and (max-width: 540px) {
.video-player-wrapper .video-player-button.no-text {
padding-top: 18%;
}
}
</style></head><body class=3D"email-body" style=3D"font-kerning: auto;"><im=
g src=3D"https://mailgun.substack.com/api/v1/email/open?token=3DeyJtIjoiPDI=
wMjIwMTI1MDk0MDE2LjIuZjhlMmNiMjcxNzFkM2E4YS51aGNvcGw5dkBtZzIuc3Vic3RhY2suY2=
9tPiIsInUiOjczOTkzNzE0LCJyIjoiZGViYXRoZW5hQG1pdC5lZHUiLCJkIjoibWcyLnN1YnN0Y=
WNrLmNvbSIsInAiOjQ3NjA1MTIwLCJzIjoyOTQyNDEsImMiOiJwb3N0IiwiZiI6dHJ1ZSwiaWF0=
IjoxNjQzMTAzNjE5LCJpc3MiOiJwdWItMCIsInN1YiI6ImVvIn0.ugqHnXhI9Ec_UoiWKtrC2oq=
TAKogrCy5LwFtt_CoboU" alt=3D"" width=3D"1" height=3D"1" border=3D"0" style=
=3D"height:1px !important;width:1px !important;border-width:0 !important;ma=
rgin-top:0 !important;margin-bottom:0 !important;margin-right:0 !important;=
margin-left:0 !important;padding-top:0 !important;padding-bottom:0 !importa=
nt;padding-right:0 !important;padding-left:0 !important;"/><div style=3D"di=
splay:none;font-size:1px;color:#333333;line-height:1px;max-height:0px;max-w=
idth:0px;opacity:0;overflow:hidden;" class=3D"preview">1-25-22 ‌=
 ‌ ‌ ‌ ‌ ‌ R=
04; ‌ ‌ ‌ ‌ ‌ &=
#8204; ‌ ‌ ‌ ‌ ‌=
0;‌ ‌ ‌ ‌ ‌ ‌&=
#160;‌ ‌ ‌ ‌ ‌ ̴=
4; ‌ ‌ ‌ ‌ ‌ &#=
8204; ‌ ‌ ‌ ‌ ‌ =
;‌ ‌ ‌ ‌ ‌ ‌&#=
160;‌ ‌ ‌ ‌ ‌ ‌=
; ‌ ‌ ‌ ‌ ‌ =
204; ‌ ‌ ‌ ‌ ‌ =
‌ ‌ ‌ ‌ ‌ ‌=
60;‌ ‌ ‌ ‌ ‌ ‌=
 ‌ ‌ ‌ ‌ ‌ R=
04; ‌ ‌ ‌ ‌ ‌ &=
#8204; ‌ ‌ ‌ ‌ ‌=
0;‌ ‌ ‌ ‌ ‌ ‌&=
#160;‌ ‌ ‌ ‌ ‌ ̴=
4; ‌ ‌ ‌ ‌ ‌ &#=
8204; ‌ ‌ ‌ ‌ ‌ =
;‌ ‌ ‌ ‌ ‌ ‌&#=
160;‌ ‌ ‌ ‌ ‌ ‌=
; ‌ ‌ ‌ ‌ ‌ =
204; ‌ ‌ ‌ ‌ ‌ =
‌ ‌ ‌ ‌ ‌ ‌=
60;‌ ‌ ‌ ‌ ‌ ‌=
 ‌ ‌ ‌ ‌ ‌ R=
04; ‌ ‌ ‌ ‌ ‌ &=
#8204; ‌ ‌ ‌ ‌ ‌=
0;‌ ‌ ‌ ‌ ‌ ‌&=
#160;‌ ‌ ‌ ‌ ‌ ̴=
4; ‌ ‌ ‌ ‌ ‌ &#=
8204; ‌ ‌ ‌ ‌ ‌ =
;‌ ‌ ‌ ‌ ‌ ‌&#=
160;‌ ‌ ‌</div><table role=3D"presentation" wid=
th=3D"100%" border=3D"0" cellspacing=3D"0" cellpadding=3D"0" class=3D"email=
-body-container"><tr><td></td><td width=3D"550" class=3D"content"></td><td>=
</td></tr><tr><td></td><td align=3D"left" width=3D"550" class=3D"content"><=
div style=3D"font-size: 16px; line-height: 26px; margin: 0 auto; max-width:=
550px; overflow-wrap: break-word; width: 100%;"><div class=3D"post typogra=
phy" style=3D"font-size: 16px; line-height: 26px; padding: 9px 0;"><div cla=
ss=3D"post-header" style=3D"font-size: 16px; line-height: 26px;"><h1 class=
=3D"post-title short published" style=3D"-moz-osx-font-smoothing: antialias=
ed; -webkit-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF C=
ompact Display', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Hel=
vetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
Symbol'; font-size: 40px; font-weight: bold; line-height: 130%; margin: 0.=
378em 0 0 0;"><a href=3D"https://email.mg2.substack.com/c/eJxVkkuTmkAQxz-N3=
KTmwWsOHFyNCUlwY3SN5EINM43MCgMFwyp8-owxl1R196H_1Y_qXwtu4NL2U9y1g3EeITdTB7GG=
21CDMdA74wB9rmQcUsZoiD1Hxp7EkR85asjLHqDhqo5NP4LTjUWtBDeq1Y8KwjziYaeKGeAgQAG=
PvJJxJvySlwj8qAQUIcAUnoP5KBVoATF8QD-1Gpw6rozphgVdLcjWmtJlK9vGHcZiMFxcXdE2Nt=
1Zl3aJaSn7tiPhgm5NewW9oBuYvmJBTtOZ1NfkvaXpfPXTWdx365sSn9kst6z7vU6C3UaQdPN2T=
99XQ9LUlbS59JihdP50S-fs_nq4KX7ezbaHEl9O6vsx8XebBKWHZEj0DmcqCRL98iHo3ojmVGX0=
Z1cQT5V71z8rsnzdpsflt1-X5n7w8H4d9F22vJ6OP4p5_2JubypbJsdq5aiYIEIQJj5iHsKBS9w=
yAiIKEuIQS8oj7o6VaLuafSw81FzIf7dw-lhCwU0Fmj9kZVyQ4wNLbtVm1MpMudWKGuSTmHmC_8=
swv4CG3j6EzLmJceBRjGiAGWXeE5BF6oUB8jFBjh1rSXCl439Q_gDspcR6" style=3D"color:=
#1a1a1a; text-decoration: none;">Daily Drop(27)</a></h1><h3 class=3D"subti=
tle" style=3D"-moz-osx-font-smoothing: antialiased; -webkit-font-smoothing:=
antialiased; color: #767676; font-family: 'SF Compact Display', -apple-sys=
tem, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, =
'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 20px; =
font-weight: normal; line-height: 1.16em; margin: 4px 0 0; margin-top: 8px;=
">1-25-22</h3><table class=3D"meta-author-wrap with-photo" style=3D"margin:=
1em 0;"><tr class=3D"meta-author-wrap-row"><td><div class=3D"user-head " s=
tyle=3D"font-size: 16px; line-height: 26px;"><a href=3D"https://email.mg2.s=
ubstack.com/c/eJxNUMtuxCAM_JrlthEY8uDAoZf-RsTDSVATiHhslb8v6fZQ2bLGGtmjGasLr=
jFd6oy5kHvM5TpRBfzOO5aCidSMafZOjVxKPjJBnBKOTf1EfJ6XhHhov6uSKpKzmt1bXXwM9wVI=
AYKRTRnBmWgFdqLMOWcFakM5l9PSw2jFW1hX5zFYVPjCdMWAZFdbKWd-8I8HfLbO1eSi7Vdn49H=
WM8XF79gQSAocGHuaaJ4m6XUlXgEFoAx6KgVlQwfdMiFYAyMbmeN60l3dbDx3-XoIeqzQ_X9Pkn=
JodNkw6Jv2pUNXb4dzY48afLnmxpkd3dt8eWf4G8e8YsDUsnWzLooNzT_lA5Nc_nlt6YhxoD0DS=
pqsi-0qKB-W2OAPLk2GpQ"><div class=3D"profile-img-wrap" style=3D"font-size: =
16px; line-height: 26px; position: relative;"><img src=3D"https://cdn.subst=
ack.com/image/fetch/w_90,h_90,c_fill,f_auto,q_auto:good,fl_progressive:stee=
p/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws=
=2Ecom%2Fpublic%2Fimages%2Ff288a2dc-e2b6-=
4a9b-afe8-c132bc14931c_280x180.jpeg"=
height=3D"45" width=3D"45" alt=3D"" style=3D"border: none !important; bord=
er-radius: 50%; cursor: pointer; display: block; height: 45px; max-width: 5=
50px; vertical-align: middle; width: 45px;"></div></a></div></td><td class=
=3D"meta-author-contents"><div class=3D"meta-right-column" style=3D"font-si=
ze: 16px; line-height: 1em; margin-left: 12px;"><div class=3D"meta-author" =
style=3D"color: #767676; font-family: -apple-system, BlinkMacSystemFont, 'S=
egoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe=
UI Emoji', 'Segoe UI Symbol'; font-size: 14px; line-height: 17px;"><a href=
=3D"https://email.mg2.substack.com/c/eJxNUMtuxCAM_JrlthEY8uDAoZf-RsTDSVATiH=
hslb8v6fZQ2bLGGtmjGasLrjFd6oy5kHvM5TpRBfzOO5aCidSMafZOjVxKPjJBnBKOTf1EfJ6Xh=
Hhov6uSKpKzmt1bXXwM9wVIAYKRTRnBmWgFdqLMOWcFakM5l9PSw2jFW1hX5zFYVPjCdMWAZFdb=
KWd-8I8HfLbO1eSi7Vdn49HWM8XF79gQSAocGHuaaJ4m6XUlXgEFoAx6KgVlQwfdMiFYAyMbmeN=
60l3dbDx3-XoIeqzQ_X9PknJodNkw6Jv2pUNXb4dzY48afLnmxpkd3dt8eWf4G8e8YsDUsnWzLo=
oNzT_lA5Nc_nlt6YhxoD0DSpqsi-0qKB-W2OAPLk2GpQ" style=3D"color: #1a1a1a; text=
-decoration: none;">Bob Bragg</a></div><table cellpadding=3D"0" cellspacing=
=3D"0" class=3D"post-meta custom" style=3D"margin: 4px 0 0 0;"><tr><td ti=
tle=3D"2022-01-25T09:40:17.574Z" class=3D"post-meta-item post-date" style=
=3D"color: #767676; font-family: -apple-system, BlinkMacSystemFont, 'Segoe =
UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI E=
moji', 'Segoe UI Symbol'; font-size: 14px; font-weight: 400; height: 14px; =
line-height: 100%; padding: 0px 12px 0px 0; padding-bottom: 0; padding-top:=
0; position: relative; text-decoration: none; vertical-align: middle; whit=
e-space: nowrap;"><time dateTime=3D"2022-01-25T09:40:17.574Z">Jan 25</time>=
</td><td class=3D"post-meta-item icon" style=3D"color: #767676; font-family=
: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, =
sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-=
size: 14px; font-weight: 400; height: 14px; line-height: 100%; padding: 0px=
12px 0px 0; padding-bottom: 0; padding-top: 0; position: relative; text-de=
coration: none; text-indent: 3px; vertical-align: middle; white-space: nowr=
ap;"><span class=3D"post-meta-icon"><a href=3D"https://email.mg2.substack.c=
om/c/eJxVUttu2zAM_Zr4bYYuvunBD0Eyb8nqFB3WpO2LIUtMLN_k2HIS5-snN93DAIGESFGHPI=
eCGzjpfoo7PRhnNpmZOohbuA41GAO9Mw7QZ0rGIWWMhthzZOxJHPmRo4bs2AM0XNWx6UdwujGvl=
eBG6XauIMwjHnaKOIw8nEsZMZmDoIHwEaLMD0DkAY5CYA9gPkoFrYAYLtBPugWnjgtjumFBlwuS=
2KPao5a6cYcxHwwXlSt0Y8O8U9ZesDXzR9Z99vStBy7mXhY0MboC69cwbbEg--mN1NWm1DS9V35=
6F7fd6qrED3aXCes-VptgtxYkXb_e0nI5bNpt_X7YIX5go61RXkeqjboqfkiQvd925cs9_bO878=
rv_tNq2wmaqme1vcrDxqRlhdLy5Ta_F3Sv5nrR7It3-rvLiaeOL-56XRrbX7L098_TSSVH__ITG=
Sz5ufnQb9tztMp_Fa_m3D5ZFoLRNNmgx16AneYfD1_xBqQam3nKeXxHxQQRgjDxEfMQDlziHiMg=
IichDrGkPOLuWAjd1eyy8FBzIv8R6_SxhJybAlo-p5VxQY6zxpnNNmOrzJTZXF6DfMhvHlv0iZ6=
doIXebpfMuIlx4FGMaIAZZd5DbbsfXhggHxPkWFgrK1dt_KXwX4X04Yg" class=3D"like-but=
ton" style=3D"color: #767676; display: block; text-decoration: none;"><img =
src=3D"https://cdn.substack.com/image/fetch/w_28,c_scale,f_png,q_auto:good,=
fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2FHeartIconRounded%3=
Fv%3D3%26height%3D28%26fill%3D%2523757575%26stroke%3D%2523757575%26strokeWi=
dth%3D2" width=3D"14" height=3D"14" style=3D"border: none !important; displ=
ay: inline-block; float: left; height: 14px; max-width: 14px; vertical-alig=
n: top; width: auto;" alt=3D""></a></span></td><td class=3D"post-meta-item =
icon" style=3D"color: #767676; font-family: -apple-system, BlinkMacSystemFo=
nt, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', =
'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; font-weight: 400; hei=
ght: 14px; line-height: 100%; padding: 0px 12px 0px 0; padding-bottom: 0; p=
adding-top: 0; position: relative; text-decoration: none; text-indent: 3px;=
vertical-align: middle; white-space: nowrap;"><a class=3D"" href=3D"https:=
//email.mg2.substack.com/c/eJxVUsuSmzAQ_BpzM4UkXjpw2LXjhCR449jrmFwoIY2N1iBR=
INaGr4-IN4dUSSpppkY93T2cGbjobkxa3RtnPgoztpAouPU1GAOdM_TQFVIkEaGURMh3ROILFAe=
xI_vi3AE0TNaJ6QZw2qGsJWdGajVXYOpjHzlVIkBEEWICYQJnjwJlmENEY2YvJIzZA5gNQoLikM=
A7dKNW4NRJZUzbL8jTAm_skuqshW7cfih7w_jV5bqx4dZuYZsYl6LTLY7s0yYaUMaWboy-glqQN=
YxfEcfH8YTra_qmSTZdg2zi9-3qJvlnOokNbX-v0nC75jhbv96zt6c-bepK2Fh2yL1s-nTLpvz-=
sr9JdtpO9g_Jvxzl90MabNepl-3TPlVblMs0TNXzOyc7w5tjlZOfbYl9ed65wUni5csmOyy__bo=
0972Pdquwa_Pl9Xj4UU67Z3N7lfkyPVSWcDiYpuj10HGw3f-j_BFvQMihmVnN6jsywR7GHsKBR3=
0PhS52zzFgXuIIRUgQFjN3qLhua_q-8L3mgv_T0OmsRSUzFSg2p6VxQQyzncUs5KCkGQubK2sQD=
6fNY2D-ohcXUNDZQRIFMwkKfYI8EiJKqP8w1o6CH4VegLDnWFjrIJMq-TDzDw392N8" style=
=3D"color: #767676; display: block; text-decoration: none;"><img src=3D"htt=
ps://cdn.substack.com/image/fetch/w_28,c_scale,f_png,q_auto:good,fl_progres=
sive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2FCommentIconRounded%3Fv%3D3%2=
6height%3D28%26fill%3D%2523757575%26stroke%3D%2523757575%26strokeWidth%3D2"=
width=3D"14" height=3D"14" style=3D"border: none !important; display: inli=
ne-block; float: left; height: 14px; max-width: 14px; vertical-align: top; =
width: auto;" alt=3D"Comment" class=3D"comment-icon post-meta-icon"></a></t=
d><td class=3D"post-meta-item icon" style=3D"color: #767676; font-family: -=
apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, san=
s-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
e: 14px; font-weight: 400; height: 14px; line-height: 100%; margin-right: 0=
; padding: 0px 12px 0px 0; padding-bottom: 0; padding-right: 0; padding-top=
: 0; position: relative; text-decoration: none; text-indent: 3px; vertical-=
align: middle; white-space: nowrap;"><span><a href=3D"https://email.mg2.sub=
stack.com/c/eJxVkt1ymzAQhZ_G3JnRn8G64CKx65a2OHXjuHZvGCEtRjEIBkRsePqKOJ1pZyT=
N6FtJu9pzpLBwrtshaurOetOS2qGByMC1K8FaaL2-gzbVKgop5zTEzFMRU3i5WHq6S_MWoBK6jG=
zbg9f0WamlsLo20w3CGWHYKyKRM44oyjJJBJICs4CHIQm4WmKe54G8Jxa90mAkRPAG7VAb8Mqos=
LbpZvRhRjZuaJPXqq78rs86K-TFl3XlcOOmckUMc9XWDQlndNPbKu3qvpUwo-u_x2ckmHgFSveV=
4--Vf0BZGwvGTqcL0YKjQk7_-AfY-gLTHoavWJLDcCTlJX6taTJeFskob9vVVcvPfFQb3vxexcF=
2LUmyfrklrw9dXJWFcizZn1Ayfrom4-n29HzV4rgd3Rtafjno7_t4sV3HKHmOu9hs8UnHQWwe3y=
TdWVkdihP92WSE6XznL46azJ82yX7-7de5uj0zvFsFbXOaXw77H9m4e7TXF32ax_viwdMRQYQgT=
BaIM4QDn_j5EojMSIhDrKhYCr8vZN2U_G3GUHUm__XXayMFmbAFGDGFtfVB9ZPUrmdV1Rtth9TF=
shLU3QX2bqb37qZnMNA6k6lU2AgHjGJEA8wpZ3fRnU1YGKAFJshzaZ26QpvoQ-g_3UjiGg" sty=
le=3D"color: #767676; display: block; text-decoration: none;"><img src=3D"h=
ttps://cdn.substack.com/image/fetch/w_32,c_scale,f_png,q_auto:good,fl_progr=
essive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2FRecommendIconRounded%3Fv%3=
D2%26height%3D32%26fill%3D%2523757575%26stroke%3Dnone%26strokeWidth%3D2" wi=
dth=3D"16" height=3D"16" style=3D"border: none !important; display: inline-=
block; float: left; height: 16px; max-width: 550px; vertical-align: top; wi=
dth: 16px;" alt=3D"Share" class=3D"recommend-icon post-meta-icon"></a></spa=
n></td></tr></table></div></td></tr></table></div></div><div class=3D"post =
typography" style=3D"font-size: 16px; line-height: 26px; padding: 9px 0;"><=
div class=3D"body markup" style=3D"font-size: 16px; line-height: 26px; marg=
in-bottom: 12px; width: 100%; word-break: break-word;"><p style=3D"color: #=
1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0; margin-top: =
0;">Tuesday, January 25, 2022 // Contact: <a href=3D"https://email.mg2.subs=
tack.com/c/eJwlkM2OhCAQhJ9mOBJoGYUDh73saxiQVskqGH7G-PaLY0II6QpV_dVkCi4xXfqI=
uZD7Gst1oA545g1LwURqxjR6p4dOqW7ggjgtHJdvSXwe54S4G7_pkiqSo9rNT6b4GO4foAQITlb=
NpAJjLZqOM95LzhnYHuYZJJODlPAEm-o8hgk1fjBdMSDZ9FrKkV_dzwt-2znPk_qQi1mS2ekU9z=
bzYY5p_2ZSF3cfTLNoc-I1MADG4c2UaLEU6CwRJgsDH7jrjDS0rlM8NvV5CbYvQHO1zXz6u61J0=
g6tKSsGc8u-UHT1RhybutfgyzU2zW7oHvrylPjtY1wwYGrlutEUzXvRyLueq06JB7bVI4aevTkw=
0mLb5sYHfcO05z_QNoiC" rel=3D"" style=3D"color: #1a1a1a; text-decoration: un=
derline;">Bob Bragg-IG</a> //Weekly Sponsor: <a href=3D"https://email.mg2.s=
ubstack.com/c/eJwlkM2OhSAMhZ_msjT8KbpgMZt5DYO0XskoGCh34tsPjknTND1pT77jHeE75=
cueqRC720zXiTbib9mRCDOrBfMcwBo1TcoIzcBqEGM_slDmNSMeLuyWckV21mUP3lFI8b6Qk5Za=
sM2iH0ZjcBn6tYceFC5mlFz7fnBixFU-xq5CwOjR4gfzlSKy3W5EZ3mpr5f8bkXZARYXIbsApfP=
paEsWrORSciF7Pmkuhk5264jSL9III0C50XV18-ncp89L8-Mtu1KXQs7_3C9YtoCLow2ju-VAHU=
K9WeamHjUGuuamLTvCg0lPWv_g8xsj5pYizI6sGLQSXA1iUpN-qFoO2gy8F5KzZgupXUUb4pra-=
AcsyIDf" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">T&a=
mp;R</a></p><h1 style=3D"-moz-osx-font-smoothing: antialiased; -webkit-font=
-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Compact Display',=
-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, s=
ans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-s=
ize: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0 0.625em 0;"=
><strong>Taking Control of Ransomware and Other Malware with a Zero-Trust S=
trategy</strong></h1><p style=3D"color: #1a1a1a; font-size: 16px; line-heig=
ht: 26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </strong>Antivir=
us, sandboxing and similar detection techniques can’t keep up. ItR=
17;s time for agencies to transform their approach to thwarting malware. In=
a classic “I Love Lucy” skit, Lucille Ball works at a chocolat=
e factory. Her job is to wrap chocolates as they travel down a conveyor bel=
t, without letting a single candy past. To keep up with the surging volume,=
she resorts to stuffing chocolates in her hat, her blouse and, finally, he=
r mouth. Cybersecurity pros dealing with malware at today’s governmen=
t agencies might feel like they face a similar situation. Taking ransomware=
as an example, 79 successful attacks struck U.S. government organizations =
in 2020, affecting 71 million people, <a href=3D"https://email.mg2.substack=
=2Ecom/c/eJwlkU2OwyAMhU9Tdo2AkB8WLGYz14gc=
cBM0CURgGuX2Q1oJgeXHs82HBcIlpsscMRO7=
t4muA03AM29IhImVjGnyzgyt1u0gFHNGOTF2I_N5eiXEHfxmKBVkR5k3b4F8DLdDaiWVYKuRs-y=
dlrID--L9iNANrRMWndUoFYdvYyjOY7Bo8I3pigHZZlaiIz_an4f8res8z8bG_YDkCe16xzU7b3=
Gphw-vmPZP82dGW-qdq6aXWKuFHQM9E4Qc9xMSPoEI7F-uOvNGcim5kB3Xiou-kc1rRGlnOYhBu=
BZGaMpq47Hp90PxfZFNLnO-_fcALBmHM9CKAW7ZU4Ou3Cimqu4l1DGmqs0bui8l-sL-cJsWDJjq=
J7gJyIhetYK3vdCtVl8oFaMaet4JyVlt62J1BXO_tYb_RJmY3Q" rel=3D"" style=3D"color=
: #1a1a1a; text-decoration: underline;">according to Comparitech</a>. Downt=
ime and recovery costs reached an estimated $18.88 million, with downtime s=
ometimes stretching several months. Overall, the United States suffered 65,=
000 attacks last year, more than seven per hour, <a href=3D"https://email.m=
g2.substack.com/c/eJwlUctuxCAM_JrlRsRrEzhw6KW_ETnBbFATiHg02r8v6UrWGGs0HjReo=
eIr5bc9U6nkhrm-T7QRr7JjrZhJK5jn4OwkjZETV8RZ5bh-ahLK7DPiAWG3NTckZ1v2sEINKd4K=
YZRQnGx24dr7rjEMvdFSgkfljAMvBReCw8cYmgsYV7T4i_mdIpLdbrWe5SG_HuK713VdQzzzkPK=
rT4IJ3hsbbzAdOGNq1GrSug-NFlqa95gLTX0hnWiGWNJxQUYKtcL6UyhEuqWWaaiFxnRRoPH_-7=
DTgmvLob5pDuWHBNvtBOPiyYxifBzE4DWKdRETn7iToGFo25rO3fw-FDteYihtKbfLsKaDZOtwg=
bphhJsOdUDX7sDmzh4tdqO5c8uO7pNl_ZzkP935hRFzP5WboVo-KsmZHLmRRn2i62GraWRPLhjp=
ti51VbQh-tSff1flocs" rel=3D"" style=3D"color: #1a1a1a; text-decoration: und=
erline;">NPR reports</a>.</p><p style=3D"color: #1a1a1a; font-size: 16px; l=
ine-height: 26px; margin: 0 0 1em 0;"><strong>READ THE STORY:</strong> =
; <a href=3D"https://email.mg2.substack.com/c/eJwlUduOhSAM_JrDmwYQbw88=
7Mv-hqlSlayCgXpc9-sXjglpm046MxkmIFx8uPXhI7FcBroP1A6vuCERBnZGDIM1uq36vmqFYkY=
rI7q6YzYOc0DcwW6awonsOMfNTkDWu3wheyWVYKuexzFdzjPvlKmVmM3YYqWMUmB64DU8wnAai2=
5CjW8Mt3fINr0SHfFVfb3kd3rXdZUOf2nx73Lye9pYgxBTl1zK1LhIheDHuqWYvKPgtyKAi36_I=
GABzhSeVgzFDttn84fBF8l7pCJSyGHciaFqhOCZj1mdmbmQNe8VF00py7lDOY2yFa0wFXRQnuvk=
j61_vxTfF1nGc4wE0092yII2OEKSdJBhSyWaM-c0JHQ_naV7SNi4oXkipOcnPqEOCzrMpswApEW=
jKsGTtb7q1ZNYyli1Da-F5CzJGp-unLZu9mn8BwNLoEE" rel=3D"" style=3D"color: #1a1=
a1a; text-decoration: underline;">Nextgov</a></p><p style=3D"color: #1a1a1a=
; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>A QUICK L=
OOK:</strong> </p><a href=3D"https://email.mg2.substack.com/c/eJwlkN2K=
hDAMhZ_GXkr__OlFL2ZZ5hn2TmqbGctoKzVV3KffukIIIYfkcD5rEN4xnXqNG5KrDXiuoAMc2wy=
IkEjeIA3e6U4oJTomidPSsb7pid-GVwJYjJ81pgxkzePsrUEfw3XBleSSkUkzJUyn-k61bUuho0=
3fWEmlatyoVGPcbWyy8xAsaNghnTEAmfWEuG6VeFT8Weo4jvqMGfMItY3LtTFop0o890p870egH=
__4-vn9EK855Zwy3lAlKWtrXr964HbkHeuYE6Y3dZ5sXGe1V5Iub15vedzQ2M_1mSTtYDQ4QTCX=
7LEGl698Q1GXHDyeQ9HGGdwdHW-C_zCGNwRIhawbDGrWSsGoaAsEJe-khY3sWtowTkmxdbFcBe3=
DK5bxD2HAhos" target=3D"_blank" class=3D"youtube-wrap" rel=3D"" style=3D"di=
splay: block; margin: 1.6em 0;"><img src=3D"https://cdn.substack.com/image/=
youtube/w_550,c_limit/l_youtube_play_qyqt8q,w_120/vwn0kiABXzk" style=3D"-ms=
-interpolation-mode: bicubic; border: none !important; display: block; heig=
ht: auto; margin: 0 auto; max-width: 550px; vertical-align: middle; width: =
100%;"></a><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; =
margin: 0 0 1em 0;"></p><h1 style=3D"-moz-osx-font-smoothing: antialiased; =
-webkit-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Compa=
ct Display', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helveti=
ca, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
bol'; font-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0=
0.625em 0;"><strong>DTPacker malware steals data, loads second-stage paylo=
ads</strong></h1><p style=3D"color: #1a1a1a; font-size: 16px; line-height: =
26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </strong>Researchers=
have uncovered a malware packer being used by multiple threat actors to di=
stribute remote access trojans (RATs) used to steal information, and load f=
ollow-on payloads like ransomware. Researchers with Proofpoint <a href=3D"h=
ttps://email.mg2.substack.com/c/eJwtkcGOhSAMRb_msXsGEEUXLGYzv2EQqpJRIFCe8e8=
Hx0lIKb25bXMwGmEN6VIxZCR3mPCKoDyceQdESKRkSJOzSrbj2EomiFXCsqEbiMvTkgAO7XaFqQ=
CJZd6d0eiCvx18FFwwsqlW9nYR49KzhemeSSrtQIU2lFJgi-yewbpYB96Agg-kK3ggu9oQY361X=
y_-Xc95nk1MISwxOI-NCUctllzDvIe1Xrgl0Ph2Prt1w1qwGLX5gfT2gO__1JTkQsn1mfMZkn0z=
4hSnnFPGOzoKyvqGN8sA3MxcMslsqwfdlM2EuI-fl6DHyptc5oy14b0FScrCrHEDr2_ZYQO23Di=
mqh7FO7ymqs072IcUPsD_2E0reEj1I-ykUbFetIy2PRvbUTxgKkohe9oxTkkda0N1eeX8Emr6Cz=
8ImPw" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">in a =
Monday analysis</a> said that the .NET commodity packer, which they call DT=
Packer, has been associated with dozens of campaigns and multiple threat gr=
oups since 2020, and is likely distributed on underground forums. DTPacker =
uses multiple obfuscation techniques to avoid analysis, sandboxing and anti=
virus detection. However, what makes the malware unique is its ability to o=
perate as both a packer and a downloader in order to distribute multiple RA=
Ts and information stealers, including Agent Tesla, AsyncRAT and FormBook. =
“The main difference between a packer and a downloader is the locatio=
n of the payload data which is embedded in the former and downloaded in the=
latter,” said researchers with Proofpoint. “DTPacker uses both=
forms. It is unusual for a piece of malware to be both a packer and downlo=
ader.”</p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 2=
6px; margin: 0 0 1em 0;"><strong>READ THE STORY: </strong> <a hre=
f=3D"https://email.mg2.substack.com/c/eJwlkEmKxDAMRU9T3iV4qgwLL3rT1wiKpVRMO=
3bwUE1u304XCPHRR_riWSj0iukyZ8yF3W0p10km0G_2VAolVjOlxaEZ1TyrUWiGRqOYnhNzedkS=
0QHOm5IqsbOu3lkoLoZ7Q85aasF2A0qvNG980LQN44S4qYE_UY7KTghCfoKhoqNgydCb0hUDMW_=
2Us78UF8P-d0Ka-xtPG5F1p07pVuWE-wPpe4A_wuJulwIfO4QCnQ-AuYuk40BmwEv6k64_qfMGc=
ml5EI--ay5GHrZbxNJu8pRjAIVTNDX3cbTz--H5sdL9rmu7Yj9ub9gySCtUHYKcNuu9IT1ZrA09=
6jBlWtp3uoJP3jKh_I_sOVFgVKjjwsUIwatBFeDmNWsPzQaPz02SkJy1mIxtq1gXNhik39fSJXM=
" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">Decipher</=
a></p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; margi=
n: 0 0 1em 0;"><strong>A QUICK LOOK: </strong></p><a href=3D"https://e=
mail.mg2.substack.com/c/eJwlkMtqxDAMRb8m3jX4NXG88KJQpqtC190EP5SJaWKHRJ6Qv6_=
TASGEDtLlXm8RHnk7zZp3JFcb8FzBJDj2GRBhI2WHbYjBKKG1UEySYGRg_a0ncR_GDWCxcTa4FS=
BrcXP0FmNO1wXXkktGJqO8Fy70o2RKhqCdV8K7nmrhRl6ZfQnbEiIkDwaesJ05AZnNhLjujXhv-=
L3WcRztmQsWB63Py7Wx6KdG3J-N-HDlS36__Xxmn0k0nHJOGb9RLSnrWt6OPXDvuGKKBWF725bJ=
53XWz0bS5cHbvbgdrf-9PpPNBHAWJ0j2whFbCOXyN1S6lBTxHCpzM4SXdXwl-B_G8IAEW002DBY=
N66RgVHRMCy1fTms2UnX0xjglVTbkepVMTGOu4x_acIe3" target=3D"_blank" class=3D"y=
outube-wrap" rel=3D"" style=3D"display: block; margin: 1.6em 0;"><img src=
=3D"https://cdn.substack.com/image/youtube/w_550,c_limit/l_youtube_play_qyq=
t8q,w_120/buM4P-ZGoco" style=3D"-ms-interpolation-mode: bicubic; border: no=
ne !important; display: block; height: auto; margin: 0 auto; max-width: 550=
px; vertical-align: middle; width: 100%;"></a><p style=3D"color: #1a1a1a; f=
ont-size: 16px; line-height: 26px; margin: 0 0 1em 0;"></p><h1 style=3D"-mo=
z-osx-font-smoothing: antialiased; -webkit-font-smoothing: antialiased; col=
or: #1a1a1a; font-family: 'SF Compact Display', -apple-system, BlinkMacSyst=
emFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 2em; font-weight: bold;=
line-height: 1.16em; margin: 1em 0 0.625em 0;"><strong>Trickbot Injections=
Get Harder to Detect & Analyze</strong></h1><p style=3D"color: #1a1a1a=
; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>FROM THE =
MEDIA: </strong>The authors of the infamous malware family have added =
measures for better protecting malicious code injections against inspection=
and research. The authors of the Trickbot Trojan have added multiple layer=
s of defenses around the malware to make it harder for defenders to detect =
and analyze the injections it uses during malicious operations. The improve=
ments coincide with escalating activity around the malware and appear desig=
ned for attacks in which Trickbot is being used to conduct online bank=
ing fraud — something the tool was originally designed for before it =
was repurposed for malware distribution purposes. Researchers from IBM Trus=
teer analyzed the most recent code injections that Trustbot uses in the pro=
cess of stealing information for conducting banking fraud. They discovered =
new tweaks to it of the type that the operators of the malware have been ma=
king since it was first released in 2016.</p><p style=3D"color: #1a1a1a; fo=
nt-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>READ THE STOR=
Y: </strong> <a href=3D"https://email.mg2.substack.com/c/eJwlkMmO=
wyAMQL-m3BKxZeHAYS7zGxGLmzBNIQLTKvP1Q6aSZVl-smw_ZxDWlE99pILkSgueB-gI77IDImR=
SC-QleD0JpcTEJPFaejYPMwlluWeApwm7xlyBHNXuwRkMKV4TXEkuGdk0iEncZ2GcYpxKTwWD2c=
Iw2FmJceDqs9hUHyA60PCCfKYIZNcb4lFu4uvGv1u83-_em_zIYHyIa-_Ss3VfdY-QjQ17wAClw=
61xLI1gDu5hE3Yh_oC7zirdCthtJnvIHabOAzbQmWj28xdI0JxyThkfqJKUjT3v7zNwZ_nEJuaF=
mU1fN5eOXb1ukj5X3pdqCxr3uI4hWXuwBjeI5sIBe_D10rI0-qwx4Lk0ZnfwH2P4Ef_vcFnh-gP=
BLwY1G6VgVIxMCSU_gppSOY10aBJJW-tTm4o6xHtq5R9fe50f" rel=3D"" style=3D"color:=
#1a1a1a; text-decoration: underline;">Darkreading</a></p><p style=3D"color=
: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>=
A QUICK LOOK: </strong></p><a href=3D"https://email.mg2.substack=
=2Ecom/c/eJwlkNuKrjAMhZ_GXkpPHnrRiw3DP8zl=
PIH0ELV7tBVNf_Htp44QQsgiWazPGYQp7Zfe=
0oHkbgNeG-gI57EAIuwkH7APwetOKCU6JonX0rO-6Uk4hnEHWE1YNO4ZyJbtEpzBkOJ9wZXkkpF=
ZK2t9I0curLICfN9x00jVeiaE7VUjHmOTfYDoQMMb9itFIIueEbejEv8q_ip1nmd9pYzZQu3Sem=
8MurkSr3clPl7D_-_l84uim0jQnHJOGW-okpS1Na_HHrizvGMd88L0ps6zS9ui3pWk68TrI9sDj=
fu5P5Nde7AGZ4jmlgPW4POdbyjqmmPAayiaXcA_0fEh-AdjmCDCXsj6waBmrRSMipYpoeSTtLCR=
XUsbxikptj6Vq6hDHFMZfwHwO4bj" target=3D"_blank" class=3D"youtube-wrap" rel=
=3D"" style=3D"display: block; margin: 1.6em 0;"><img src=3D"https://cdn.su=
bstack.com/image/youtube/w_550,c_limit/l_youtube_play_qyqt8q,w_120/F_jQlGI0=
tcg" style=3D"-ms-interpolation-mode: bicubic; border: none !important; dis=
play: block; height: auto; margin: 0 auto; max-width: 550px; vertical-align=
: middle; width: 100%;"></a><p style=3D"color: #1a1a1a; font-size: 16px; li=
ne-height: 26px; margin: 0 0 1em 0;"></p><h2 style=3D"-moz-osx-font-smoothi=
ng: antialiased; -webkit-font-smoothing: antialiased; color: #1a1a1a; font-=
family: 'SF Compact Display', -apple-system, BlinkMacSystemFont, 'Segoe UI'=
, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoj=
i', 'Segoe UI Symbol'; font-size: 1.625em; font-weight: bold; line-height: =
1.16em; margin: 1em 0 0.625em 0;">Concerns grow over potential new Russian =
cyberattacks</h2><p style=3D"color: #1a1a1a; font-size: 16px; line-height: =
26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </strong>As the tens=
ions between Russia and Ukraine continue to deepen, security researchers ha=
ve discovered more about the tactics and malware used in the wiper attacks =
on Ukrainian organizations and government officials are warning enterprises=
in the United States to be prepared for potential intrusions if the U.S. b=
ecomes involved in the conflict in some way. The attacks that hit several U=
krainian organizations and government agencies 10 days ago used a piece of =
malware known as WhisperGate that has multiple stages and is designed to ov=
erwrite the master boot record (MBR) of infected computers and delete all o=
f the data on those machines. The malware disguises itself as ransomware, d=
isplaying a ransom note after the wiping operations complete. But thereR=
17;s no way to recover the data and no ransom mechanism. This is quite simi=
lar to the 2017 NotPetya attacks in Ukraine, which also used ransomware as =
a facade for a destructive malware infection and was more widespread than t=
he WhisperGate intrusions. Researchers with Cisco Talos, who have worked on=
incident response in Ukraine for many years, found that the attackers had =
access to the target networks for several months before actually deploying =
the WhisperGate malware, and probably used stolen legitimate credentials fo=
r initial access.</p><p style=3D"color: #1a1a1a; font-size: 16px; line-heig=
ht: 26px; margin: 0 0 1em 0;"><strong>READ THE STORY: </strong> <=
a href=3D"https://email.mg2.substack.com/c/eJwlkMmKxSAQRb_muUtwyuDCRW_6N4JD=
JZHO06Dla_L3bTogcuFyqKrjDMKW8qXPVJDc34LXCTrCbzkAETKpBfISvJ6EUmJikngtPZuHmYS=
yrBngbcKhMVcgZ7VHcAZDijfBleSSkV270anZSWOpdGpiapjFYKeJjauTcmT2GWyqDxAdaPhAvl=
IEcugd8Swv8fXi3-35mnqX3ncCF84dcosuNSbH0m05_Xapsd2ZECIGc3Ttji7XUoKJnbssZINo3=
E8hQXPKOWV8oEpSNva8X2fgzvKJTcwLM5u-7i6dh_q8JH1vvC_Vlhu-VyBZe7AGd4jmrgP24Ost=
YGntu8aA19I6e4B_3OCj-N_WskG8VwG_GNRslIJRMTIllHxUNHlyGunAOCVtrE-NijrENbX4B06=
dlK4" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">Deciph=
er</a></p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; m=
argin: 0 0 1em 0;"><strong>A QUICK LOOK: </strong></p><a href=3D"https=
://email.mg2.substack.com/c/eJwlUFuKrTAQXI35lLx85CMfA8PZhuTRHsNoIqajuPsbr9A=
0TRdVRZUzCN903HpPGcmzJrx30BGuvAIiHKRkOKbg9SCUEgOTxGvp2diNJORpPgA2E1aNRwGyF7=
sGZzCk-DC4klwysui-k2PfdcZTpgblDbeCz4ZTbplQnehfY1N8gOhAwwnHnSKQVS-Ie27ET8M_d=
a7rau9UsFhoXdqej0G3NOJzNuI3xM-EypxrziToqs4p4x1VkrK-5e08AneWD2xgXpjRtGVxaV_V=
2Ui6fXmbi81o3N-jTA7twRpcIJoHDtiCL0--qaJbiQHvqWJ2Bf9Gx7fB_2VMX4hw1Gb9ZFCzXgp=
GRc-UUPJNWruRQ087ximptj5VVtQhzqme_wCaWYbJ" target=3D"_blank" class=3D"youtu=
be-wrap" rel=3D"" style=3D"display: block; margin: 1.6em 0;"><img src=3D"ht=
tps://cdn.substack.com/image/youtube/w_550,c_limit/l_youtube_play_qyqt8q,w_=
120/inF_t9avlss" style=3D"-ms-interpolation-mode: bicubic; border: none !im=
portant; display: block; height: auto; margin: 0 auto; max-width: 550px; ve=
rtical-align: middle; width: 100%;"></a><p style=3D"color: #1a1a1a; font-si=
ze: 16px; line-height: 26px; margin: 0 0 1em 0;"></p><h1 style=3D"-moz-osx-=
font-smoothing: antialiased; -webkit-font-smoothing: antialiased; color: #1=
a1a1a; font-family: 'SF Compact Display', -apple-system, BlinkMacSystemFont=
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'S=
egoe UI Emoji', 'Segoe UI Symbol'; font-size: 2em; font-weight: bold; line-=
height: 1.16em; margin: 1em 0 0.625em 0;"><strong>Malicious PowerPoint file=
s used to push remote access trojans</strong></h1><p style=3D"color: #1a1a1=
a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>FROM THE=
MEDIA: </strong>Since December 2021, a growing trend in phishing camp=
aigns has emerged that uses malicious PowerPoint documents to distribute va=
rious types of malware, including remote access and information-stealing tr=
ojans. According to a report by Netskope’s Threat Labs shared with Bl=
eeping Computer before publication, the actors are using PowerPoint files c=
ombined with legitimate cloud services that host the malware payloads. The =
families deployed in the tracked campaign are Warzone (aka AveMaria) and Ag=
entTesla, two powerful RATs and info-stealers that target many applications=
, while the researchers also noticed the dropping of cryptocurrency stealer=
s. The malicious PowerPoint phishing attachment contains obfuscated macro e=
xecuted via a combination of PowerShell and MSHTA, both built-in Windows to=
ols. The VBS script is then de-obfuscated and adds new Windows registry ent=
ries for persistence, leading to the execution of two scripts. The first on=
e fetches AgentTesla from an external URL, and the second disables Windows =
Defender.</p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px=
; margin: 0 0 1em 0;"><strong>READ THE STORY: </strong> <a href=
=3D"https://email.mg2.substack.com/c/eJwlkU1uxCAMhU8z7BIBYfKzYNFNrxERcCa0CS=
AwE-X2dToSgic9GT9_tgbhFfOlUyzI7mvGK4EOcJYdECGzWiDP3umhm6ZuEIo5rZwYnyPzZV4zw=
GH8rjFXYKkuu7cGfQx3hZyUVIJteh36hY-qh1WObuztJKxdzdCv3SAXCfbT2FTnIVjQ8IZ8xQBs=
1xtiKo_u6yG_6Zzn2S47QPLhZeORKuVrSZB1B6angK3Z40XyMJTFx1qaFE_IKfqAzep3KA2N5Bq=
MTaplazIcEaEx1kIpDeb4Y8L9FfNacim5kE8-KS76VrbrCNIuchCDcJ0ZTVs3G9M-vR-KHy_Zlr=
oUNPb3DsWydrAY3CCY2_bYgqs3o5ncowaKOZNHA7kPPvxs4R_o_IIAmbbjZoNa9KoTvOvF1E3qQ=
4v4qqHnTyE5o7YuUlXQPqyR5B_fZaKG" rel=3D"" style=3D"color: #1a1a1a; text-dec=
oration: underline;">Bleeping Computer</a></p><p style=3D"color: #1a1a1a; f=
ont-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>A QUICK LOOK=
:</strong></p><a href=3D"https://email.mg2.substack.com/c/eJwlUMuKhDAQ_BpzF=
PNSc8hhmUVY2MP-gSSmHcNqItoZcb5-4wpNd9NFdVE1GIRn3E69xh3J1Xo8V9ABjn0GRNhI2mHr=
vdMNV4o3VBCnhaOtbInf-3EDWIyfNW4JyJrs7AeDPoaLwZRggpJJy3FUY61GKUFIK3meFmwtpDT=
UjZTfwiY5D2EADS_YzhiAzHpCXPeCfxSsy3UcR3nGhMlCOcTluhgcpoJ3r4J_cvP47t6P90_3Rb=
xmFWMVZbJSoqJ1ycqxBTZY1tCGOm5aU6ZpiOusXoWolicr92R3NMPv9Zls2oE1OEEwF-yxBJcuf=
31GlxQ8nn3G7Azuto53gv9h9E8IsOVkXW9Q01pwWvGaKq7E7TRnI5q6kpRVJMu6mFlB-zDGvP4B=
IgaG_Q" target=3D"_blank" class=3D"youtube-wrap" rel=3D"" style=3D"display:=
block; margin: 1.6em 0;"><img src=3D"https://cdn.substack.com/image/youtub=
e/w_550,c_limit/l_youtube_play_qyqt8q,w_120/3aCLFzCzPFI" style=3D"-ms-inter=
polation-mode: bicubic; border: none !important; display: block; height: au=
to; margin: 0 auto; max-width: 550px; vertical-align: middle; width: 100%;"=
></a><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; margin=
: 0 0 1em 0;"></p><h1 style=3D"-moz-osx-font-smoothing: antialiased; -webki=
t-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Compact Dis=
play', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Ar=
ial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; =
font-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0 0.625=
em 0;"><strong>Log4j: Mirai botnet found targeting ZyXEL networking devices=
</strong></h1><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26p=
x; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </strong>An Akamai res=
earcher has discovered an attempt to use Log4j vulnerabilities in ZyXEL net=
working devices to "infect and assist in the proliferation of malware used =
by the Mirai botnet." Larry Cashdollar, a member of the Security Incident R=
esponse Team at Akamai Technologies, <a href=3D"https://email.mg2.substack.=
com/c/eJwlkEGOwyAMRU9Tdo2A0NIsWMxmrhEZcFJmCERgGvX2Q6YSAotv61nPAeGay9vsuRI7r=
5neO5qER41IhIW1imUO3uhxmkYtFPNGefG4PVio81IQNwjRUGnI9mZjcEAhp3NCTkoqwZ5GT0I7=
i1wrrhfw3qFeFgUO3OhvQvoPGJoPmBwafGF554QsmifRXi_j10V-93McxwC_0IGDy1v_sDGv_an=
oWgn07uUWCoSrzZSQrmBbDWm99i71c321mLCADbG3smAkl5ILeeOT4uI-yGF5oHRWaqGFH-EBQ3=
u6vMfpdVF8W-VQm60E7veEs2I8WqAnJjjjQAP6dhqYe7q11Blzz2xE_5FDH8f_uuYVz1UI_Qxkx=
F2Ngo93MY2T-rjo9pS-8y6Hs471uU8lE9KSe_kH7gqVsw" rel=3D"" style=3D"color: #1a=
1a1a; text-decoration: underline;">explained</a> that Zyxel may have b=
een specifically targeted because they <a href=3D"https://email.mg2.su=
bstack.com/c/eJwlkM2O3CAQhJ9mOFqA8d-BwyhKTjntcS8IQ3vMLgYLmpk4Tx_ISKhUqGh18R=
mN8IjpkmfMSJoovE6QAV7ZAyIkUjIk5ayc-mXpJyaIlcKyeZiJy2pLAId2XmIqQM6yemc0uhjaB=
F8EF4zs0giqxTxuYlz50o_zRJk129TMZAa2vhfrYh0EAxKekK4YgHi5I5751t9v_Fc9r9er-3v9=
Ad-ZeNR7yVUgVMnlPGPC6j5brjKYkhxeStuny_WDaotJ3U9tdlC_40N8qY8fP9Wz-ABJr87Xt13=
e8fDESU45p4wPdBGUjR3vthm4WfnEJmZ7Peuu7CaefnneBD0evMtlzajNd6tFkrSwatwh6BY77M=
CWhkbV9CihtarZ6sG-qeEb_n-O6gGtEIJVGiUbRc9oP7KlX8QbUsUqppEOjFNS19pYp4J0YYvV_=
gOelJ5u" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">pub=
lished a blog</a> noting they were impacted by the Log4j vulnerability=
=2E "The first sample I examined co=
ntained functions to scan for other =
vulnerable devices," Cashdollar wrote in an <a href=3D"https://email.mg2.su=
bstack.com/c/eJwlkEGOwyAMRU9Tdo2A0NIsWMxmrhEZcFJmCERgGvX2Q6YSAotv61nPAeGay9=
vsuRI7r5neO5qER41IhIW1imUO3uhxmkYtFPNGefG4PVio81IQNwjRUGnI9mZjcEAhp3NCTkoqw=
Z5GT0I7i1wrrhfw3qFeFgUO3OhvQvoPGJoPmBwafGF554QsmifRXi_j10V-93McxwC_0IGDy1v_=
sDGv_anoWgn07uUWCoSrzZSQrmBbDWm99i71c321mLCADbG3smAkl5ILeeOT4uI-yGF5oHRWaqG=
FH-EBQ3u6vMfpdVF8W-VQm60E7veEs2I8WqAnJjjjQAP6dhqYe7q11Blzz2xE_5FDH8f_uuYVz1=
UI_QxkxF2Ngo93MY2T-rjo9pS-8y6Hs471uU8lE9KSe_kH7gqVsw" rel=3D"" style=3D"col=
or: #1a1a1a; text-decoration: underline;">Akamai blog post</a>. "The second=
sample... did contain the standard Mirai attack functions," he added. "It =
appears the... attack vectors had been removed in favor of Log4j exploitati=
on. Based on the attack function names and their instructions, I believe th=
is sample is part of the Mirai malware family."</p><p style=3D"color: #1a1a=
1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>READ TH=
E STORY: </strong> <a href=3D"https://email.mg2.substack.com/c/eJ=
wlkcuOhCAQRb-m2Wl4-VqwmM38hkEobaYRDJTt2F8_OCaEVNXl5lYORiMsMZ1qixnJdY14bqACH=
NkDIiSyZ0ijs6oTwyA6JolV0rK-6YnL45wAVu28wrQD2fbJO6PRxXA5-CC5ZOSpgHWiNXxuZk1b=
KUQnKQXG-6nlPbUC7mC9WwfBgII3pDMGIF49Ebf8EF8P_l3OcRz1xwbA2sS19DqhMx5K5eMif6r=
VJe0qa2OupojlXYU6LYAuLNXn_AVfldkR0-saWHg7A7mYiVOcck4Zb-ggKWtrXs89cDPxjnXMCt=
3ren-auPnh_ZB0XXid9ymjNq9rE5KUhUnjE4K-ZIc12P2iMRZ13YPDcyza5MHeoPDm_Y9uXCBAK=
v9gR42KFT6MipYNYpA3l0JSdi1tGKekxNpYXEG5MMdS_gGGxZif" rel=3D"" style=3D"colo=
r: #1a1a1a; text-decoration: underline;">ZDnet</a></p><p style=3D"color: #1=
a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>A QU=
ICK LOOK:</strong></p><a href=3D"https://email.mg2.substack.com/c/eJwlUMtux=
CAM_JpwjMCweRw4VGq3qnroJyACzgY1gTQxu8rfl-xKlmV5NB7POEt4S9uh17QTO5uhY0Ud8bHP=
SIQbyztuJnjdyr6XrVDMa-VFd-lY2M24IS42zJq2jGzNwxycpZDiyYBegRJs0u04cuik7wRYKVW=
n1Og4SHAwtLaF5iVssw8YHWq843akiGzWE9G6V_Ktgmupx-NRHylTHrB2aTk3ltxUyeu9ku8ff5=
9B_nyZ716xoIEDcAEX3isumhrqsUNwA7SiFV7aztZ5cmmd-3ul-HKDes_DTtb9npfZpj0OliaM9=
oQD1ejz6c8UdMkx0GEKNszoX9bpleAzDHPDiFtJ1htLWjRKCi4b0cvy2NNpyUa1Db8I4KzI-lRY=
UYc4pjL-AwTKhes" target=3D"_blank" class=3D"youtube-wrap" rel=3D"" style=3D=
"display: block; margin: 1.6em 0;"><img src=3D"https://cdn.substack.com/ima=
ge/youtube/w_550,c_limit/l_youtube_play_qyqt8q,w_120/EqGi3OI_K94" style=3D"=
-ms-interpolation-mode: bicubic; border: none !important; display: block; h=
eight: auto; margin: 0 auto; max-width: 550px; vertical-align: middle; widt=
h: 100%;"></a><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26p=
x; margin: 0 0 1em 0;"></p><h1 style=3D"-moz-osx-font-smoothing: antialiase=
d; -webkit-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Co=
mpact Display', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helv=
etica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI =
Symbol'; font-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1e=
m 0 0.625em 0;"><strong>MoleRats APT Launches Spy Campaign on Bankers, Poli=
ticians, Journalists</strong></h1><p style=3D"color: #1a1a1a; font-size: 16=
px; line-height: 26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA:</strong>=
State-sponsored cyberattackers are using Google Drive, Dropbox and ot=
her legitimate services to drop spyware on Middle-Eastern targets and exfil=
trate data. Malicious files doctored up to look like legitimate content rel=
ated to the Israeli-Palestine conflict are being used to target prominent P=
alestinians, as well as activists and journalists in Turkey, with spyware. =
That’s according to a disclosure from Zscaler, which attributes the c=
yberattacks to the MoleRats advanced persistent threat (APT). Zscaler’=
;s research team was able to tie <a href=3D"https://email.mg2.substack.com/=
c/eJwlkEuOhSAQRVfzmGn4-WHAoCe9DYNQKnkKBMrX7e4b26RCKtyqHDjWIKwxXzrFguQ-JrwS6=
AA_ZQdEyOQskCfv9CCUEgOTxGnp2NiNxJdpyQCH8bvGfAJJ57x7a9DHcG9wJblkZNMDHylloleK=
jZxJCVzI3jrLnGI9F90DNqfzECxo-EC-YgCy6w0xlZf4evHvWrhlMHgPtzYe9eKIO2SDpTEJGyi=
pgs0KzWIszDG-G5djmuNvnaycWrUhXnPKOWW8o0pS1re8XUbgduYDG5gTZjTtudmYdvV5SXqsvC=
3nXNDY900lWTuYDW4QzB17bMGd99enmh5n8HhNNZt3cI8VfOT-e5pWCPeLwU0GNeulYFT0TAklH=
wlVmxx62jFOScW6WLeC9mGJtf0DHiqPjw" rel=3D"" style=3D"color: #1a1a1a; text-d=
ecoration: underline;">MoleRats, an Arabic-speaking group</a> with a histor=
y of targeting Palestinian interests, to this campaign because of overlap i=
n the .NET payload and command-and-control (C2) servers with <a href=3D"htt=
ps://email.mg2.substack.com/c/eJwlkc2upCAQhZ-m2Wn4U9oFi7u5r2FKKJWMgoGiOz1PP=
zidEKjUSeWc-nBAuKX8sVcqxO5rps-FNuK7HEiEmdWCeQ7eGjVNygjNvNVePIcnC2VeM-IJ4bCU=
K7KrLkdwQCHFe0JOWmrBdutWNa0jrsob7-RgcDGAnA8wKb2ANF9jqD5gdGjxhfmTIrLD7kRXeai=
fh_xt5_1-93-LgwNz79LZOsuRttLegq7mQJ8uY0HIbm-9tkOH5WphYMMOiMD96c7UhoFKBxd1BH=
lDCnHr7iVLdwbvD-wQGotgJZeSCznwSXMx9rJfnyjdIo0wwit4Ql93l65jej00PzfZl7qU2-TOx=
rL1uADtGOGWA_Xo601obupZYws7N2050H_h0fcP_uOcN4x3TPQzkBWjVoKrUUxq0l9Wja42Ix-E=
5KzZ-tSmog1xTa38B4hvodc" rel=3D"" style=3D"color: #1a1a1a; text-decoration:=
underline;">previous MoleRats APT attacks</a>. This campaign started last =
July, Zscaler reported. MoleRats used the Dropbox API for C2 communications=
in both this and previous <a href=3D"https://email.mg2.substack.com/c/eJwt=
UUtuxSAMPM1jR8QvvwWLbnqNiICToBKIwHlVevqSphJCNsN4RmNrENaUL32kguS-JrwO0BG-SwB=
EyOQskCfvdC_HUfZcEaeV40M7EF-mJQPsxgeN-QRynHPw1qBP8WaIUQnFyabZYGRrpagsN3M7SA=
FSdUIMvethAfsIm9N5iBY0vCFfKQIJekM8ykt-vMRnPbhlMHh_bmza60MxhQrGR7qaH0PtNUNeT=
VzpHCC6Qks6Nl_w3xINdXAo1Ee6-XULF4WliqN_Ay3HX5cy1qlcyVZ1tSBeCyaqgGjZqBjvGtEs=
Awg7i5733EkzmObcbDrC-H4ptq-iKedc0Niv2yHJ2sFscINobthjA-68Y5oqup_R4zVVrNp1T4L=
4LOIv02mFCLkuyE0GNe-U5Ex2fJSjegKrEau-Yy0XjFRZlyorah-XVMtf3pygng" rel=3D"" s=
tyle=3D"color: #1a1a1a; text-decoration: underline;">campaigns</a>, as well=
as Google Drive and other established cloud-hosting services to host the p=
ayloads, according to Zscaler.</p><p style=3D"color: #1a1a1a; font-size: 16=
px; line-height: 26px; margin: 0 0 1em 0;"><strong>READ THE STORY: </s=
trong> <a href=3D"https://email.mg2.substack.com/c/eJwlkEFuxCAMRU8z7BI=
BYUKyYNFNrxE54ExoCURgWuX2JR1hIcvfX996FghfKV_mTIXY_S10nWgi_paARJhZLZgX74we5n=
nQQjFnlBPTc2K-LFtGPMAHQ7kiO-savAXyKd4OOSupBNuNddv4HCRsYpz0tOoJ5DqNgG2hPcvfw=
VCdx2jR4A_mK0VkwexEZ3kMHw_52Yr2jED3cm_T0QZHCpiBSgcndeW8uhXiN-bSnSl48tZDLN1X=
qjlC8IVKswitZ65bw7yRXEou5JPPiouxl_02obSr1EILN8AEfd1tOsP881D8eMm-1LUQ2O87nmX=
jcAXaMcIte-rR1ZvB0tSjRk_X0rQ1oHvjoTflf2DLC-N9OroFyIhRDYIPo5iHWb1pNH5Kj_wpJG=
ct1qXmisbHLbX2D5TLlKs" rel=3D"" style=3D"color: #1a1a1a; text-decoration: u=
nderline;">Threatpost</a></p><p style=3D"color: #1a1a1a; font-size: 16px; l=
ine-height: 26px; margin: 0 0 1em 0;"><strong>A QUICK LOOK:</strong></p><a =
href=3D"https://email.mg2.substack.com/c/eJwlUNuuhCAM_Bp5NNy88MDDSTb7GwShru=
QoGCxr_PuDx6Rpm07a6YyzCJ-UL72nA8mdDF476AjnsQIiZFIOyCZ4PQilxMAk8Vp6NnYjCYeZM=
8Bmw6oxFyB7mdbgLIYU7w2uJJeMLNqpHjztR6Y65_quUwPjlg2OMuZqVQ-xLT5AdKDhC_lKEciq=
F8T9aMRPw981zvNsr1SwTNC6tN0Ti25pxPvbiNfr9TMsZubjVF_TnHJOGe-okpT1LW_nEbib-MA=
G5oUdbVsWl_ZVfRtJtw9vjzIdaN3vfZlk7WGyuEC0NxywBV9ufaaiW4kBL1OxaQX_SMfHwX8zzA=
ci5OqsNxY166VgVPRMCSUfpdUbOfS0Y5ySSutT3Yo6xDnV9g8BboXg" target=3D"_blank" c=
lass=3D"youtube-wrap" rel=3D"" style=3D"display: block; margin: 1.6em 0;"><=
img src=3D"https://cdn.substack.com/image/youtube/w_550,c_limit/l_youtube_p=
lay_qyqt8q,w_120/DDA7h_f28b8" style=3D"-ms-interpolation-mode: bicubic; bor=
der: none !important; display: block; height: auto; margin: 0 auto; max-wid=
th: 550px; vertical-align: middle; width: 100%;"></a><p style=3D"color: #1a=
1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"></p><h1 style=
=3D"-moz-osx-font-smoothing: antialiased; -webkit-font-smoothing: antialias=
ed; color: #1a1a1a; font-family: 'SF Compact Display', -apple-system, Blink=
MacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Col=
or Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 2em; font-weight=
: bold; line-height: 1.16em; margin: 1em 0 0.625em 0;"><strong>The Ransomwa=
re Files, Episode 4: Maersk and NotPetya</strong></h1><p style=3D"color: #1=
a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>FROM=
THE MEDIA: </strong>What if malware disguised as ransomware destroyed=
every copy of a company's Active Directory except for one? That's exactly =
what happened to global shipping and logistics company Maersk on June 27, 2=
017. Maersk was one of dozens of organizations crippled by the NotPetya mal=
ware in one of the strangest and most devasting global cyberattacks. <a hre=
f=3D"https://email.mg2.substack.com/c/eJwlUMGuhCAM_JrlaABR5MDhXfY3CEJV8hQMl=
N349w-fSdO0mUynM84irClf-kwFyd0MXifoCN-yAyJkUgtkE7yWvVK9ZIJ4LTybhomEYpYMcNiw=
a8wVyFnnPTiLIcWbwZXggpFNzyOTyrORLtJaJQcYhRRCzd4rSQflHmFbfYDoQMMH8pUikF1viGd=
59T8v_m6F33C_1Ll0tG39xLJhJEFzyjllfKBKUDZ2vFsm4G7mkknmezvZrm4unbv6vAQ9Vt6VOh=
e07ve-RLL2MFvcINobDtiBr7cX09CjxoCXadi8g39s4pPWv3GzQoTcUvTGomaj6BntR6Z6JR5XL=
QchRzowTkmT9amxog5xSW38A9ZsgKk" rel=3D"" style=3D"color: #1a1a1a; text-deco=
ration: underline;">Gavin Ashton</a> was Maersk's identity and access manag=
ement service owner at the time. "We talk about milestones and project plan=
s and three, five-year plans," Ashton says. "And the thing about ransomware=
, or extortion, where whatever you want to call it these days, is it doesn'=
t really care about any of that. It could literally strike this afternoon. =
That was our wake up call." <a href=3D"https://email.mg2.substack.com/c/eJw=
lUEmOxCAMfE1zjNiycOAwl_lGxOJ0UBOIiOkovx8ykSzLdsllVzmD8M7l0ns-kNxpxmsHneA8Ii=
BCIfWAMgevR6GUGJkkXkvPpn4i4ZiXArCZEDWWCmSvNgZnMOR0b3AluWRk1dIosDCYkcq-nxinw=
g-cc7BSucnC-Bw21QdIDjR8oVw5AYl6RdyPl_h58d8W53l2MaQP-JA6l7c2Cqklu5picDXRhNaR=
oDnlnDLeUyUpGzreLRNwZ_nIRuaFmUxXV5f3qL4vSbc3745qDzTuc7OSoj3YxgfJ3HDADny9xc0=
N3WoKeM0NsxH8oxsf-_6dmN-QoH0Dfjao2SAFo2JgSij5yGzGyHGgfbOBtLM-t62kQ1pyK_8AaT=
KGCA" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">Bharat=
Halai</a> was Maersk's former head of identity and access management. The =
attack knocked out all of Maersk's copies of Active Directory. Halai's quic=
k thinking uncovered the last remaining uncorrupted copy in Lagos, Nigeria,=
which had experienced a wide area network outage.</p><p style=3D"color: #1=
a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>READ=
THE STORY: </strong> <a href=3D"https://email.mg2.substack.com/c=
/eJwlkcuOhCAQRb-m2Wl4-WDBYjbzGwahVNIKBoo2_v3gdFJUitxU7uVgDcIa063PmJE8bcL7BB=
3gyjsgQiIlQ5q804NQSgxMEqelY2M3Ep-nJQEcxu8aUwFylnn31qCP4dngSnLJyKaVncd67AyCc=
tGZXsluHNi8CMUoDOPX2BTnIVjQ8IF0xwBk1xvimV_i58V_a13X1a7x48MSM9iSPN6tjUdVfKhR=
P76mrpdkQo7HZRI0i98hN3D6HB00sjkMpPxuQsQT8DaNbzpan-Q1p5xTxjuqJGV9y9tlBG5nPrC=
BOWFG05bNxnNXn5ekx8rbXOaMxr6fACRpB7PBDYJ5ZI8tuPLgmKp6lFCDTlWbd3BfUvgF_s9uWi=
FAqh_hJoOa9VIwKnqmhJJfMBWlHHraMU5JtXWxbgX9UKjjHwrbmXU" rel=3D"" style=3D"co=
lor: #1a1a1a; text-decoration: underline;">Govinfo security</a></p><p style=
=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"=
><strong>A QUICK LOOK:</strong></p><a href=3D"https://email.mg2.substack.co=
m/c/eJwlkMtqxDAMRb8mXga_8vDCi0Jb2mW_IPihmbiT2MGRJ-Tv63RACKGLdDnXGYR7yqfe0o7=
kahOeG-gIx74AImRSdshT8HoQSomBSeK19GzsRhL26ZYBVhMWjbkA2YpdgjMYUrwuuJJcMjLrgX=
FQ1Hprvel7JXrGR2GkANp5x7vhZWyKDxAdaHhCPlMEsugZcdsb8dbwz1rHcbRnKlgstC6t18agm=
xvx-WzE-_Ezfn3_Pj5AJRI0p5xTxjuqJGV9y9vbCNxZPrCBeWFG05bZpW1Rz0bS9c7bvdgdjXtc=
n0nWHqzBGaK55IAt-HLxTVVdSwx4TlWzC_gXOr4S_A9jukOEXJP1k0HNeikYrcxKKPkirdnIoac=
d45RUW5_qVdQh3lId_wDHrIa9" target=3D"_blank" class=3D"youtube-wrap" rel=3D"=
" style=3D"display: block; margin: 1.6em 0;"><img src=3D"https://cdn.substa=
ck.com/image/youtube/w_550,c_limit/l_youtube_play_qyqt8q,w_120/wQ8HIjkEe9o"=
style=3D"-ms-interpolation-mode: bicubic; border: none !important; display=
: block; height: auto; margin: 0 auto; max-width: 550px; vertical-align: mi=
ddle; width: 100%;"></a><p style=3D"color: #1a1a1a; font-size: 16px; line-h=
eight: 26px; margin: 0 0 1em 0;"></p><h1 style=3D"-moz-osx-font-smoothing: =
antialiased; -webkit-font-smoothing: antialiased; color: #1a1a1a; font-fami=
ly: 'SF Compact Display', -apple-system, BlinkMacSystemFont, 'Segoe UI', Ro=
boto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', =
'Segoe UI Symbol'; font-size: 2em; font-weight: bold; line-height: 1.16em; =
margin: 1em 0 0.625em 0;">Kaspersky finds firmware bootkit MoonBounce shows=
major advancement</h1><p style=3D"color: #1a1a1a; font-size: 16px; line-he=
ight: 26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </strong>Kaspe=
rsky researchers found that firmware bootkit MoonBounce hides in one of the=
computer’s essential parts: Unified Extensible Firmware Interface (U=
EFI) firmware. According to the cybersecurity solutions company, MoonBounce=
was first detected in 2021 and demonstrated a sophisticated attack flow, w=
ith evident advancement in comparison to formerly reported UEFI firmware bo=
otkits. It was linked to well-known advanced persistent threat (APT) actor =
APT41. According to Kaspersky, MoonBounce is only the third reported UEFI b=
ootkit found in the wild that has been found using the firm’s Firmwar=
e Scanner. When compared to the two previously discovered bootkits, LoJax a=
nd MosaicRegressor, MoonBounce has a more complicated attack flow and great=
er technical sophistication.</p><p style=3D"color: #1a1a1a; font-size: 16px=
; line-height: 26px; margin: 0 0 1em 0;"><strong>READ THE STORY: </str=
ong> <a href=3D"https://email.mg2.substack.com/c/eJwlkcuurSAMhp9mMdNw8=
8KAwZ6c1zAIdclWwUBZK779wW3SNE3_tH_z1RqEd0yXPmNGcqcJrxN0gG_eARESKRnS5J0ehFJi=
YJI4LR0bu5H4PC0J4DB-15gKkLPMu7cGfQz3BFeSS0ZW3auuG_tBOSGoZFZ1YhhNpyhnC6VssY-=
xKc5DsKDhA-mKAciuV8Qzv8TPi_-rMRu7QXD3cW0ArJ3N5BNS3q5m8cHlmtPxNQmaOUbcPDZHjG=
GOpa5t8hq_uTnMb0yNcR9TeweEewvxmlPOKeMdVZKyvuXtMgK3Mx_YwJwwo2nLauO5q89L0uPN2=
1zmjPWe1saDJO1gNrhCMLfssQVXbhxTVY8SPF5T1eYd3EMKH-B_7KY3BEj1EW4yqFkvBaOiZ0oo=
-YCpKOXQ045xSqqti3UqaB-WWMv_cXyZdg" rel=3D"" style=3D"color: #1a1a1a; text-=
decoration: underline;">Backendnews</a></p><p style=3D"color: #1a1a1a; font=
-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>A QUICK LOOK: <=
/strong></p><a href=3D"https://email.mg2.substack.com/c/eJwlkMtuhDAMRb-GLFF=
ewGSRRaXOLNpF112hPMwQFRIKziD-vqFIlmX5yr66xxmEZ1oPvaQNydl6PBbQEfZtAkRYSd5g7Y=
PXnVBKdEwSr6Vnt-ZGwtYPK8BswqRxzUCWbKfgDIYUzwuuJJeMjJrablDWd-BaQ50wA_WydZwrA=
zA0gl3GJvsA0YGGF6xHikAmPSIuWyXeKv4ote97faSM2ULt0nxuDLqxEo9XJd6__O9H89ne5f2b=
BM0p55TxhipJWVvzergBd5Z3rGNemJup8-jSMqlXJen85PWW7YbG_Zyfyao9WIMjRHPKAWvw-cz=
XF3XOMeDRF81O4K_oeBH8h9E_IcJayPreoGatFIyKlimh5JW0sJFdSxvGKSm2PpWrqEMcUhn_AH=
TJhy8" target=3D"_blank" class=3D"youtube-wrap" rel=3D"" style=3D"display: =
block; margin: 1.6em 0;"><img src=3D"https://cdn.substack.com/image/youtube=
/w_550,c_limit/l_youtube_play_qyqt8q,w_120/OdqJ5K6E4EY" style=3D"-ms-interp=
olation-mode: bicubic; border: none !important; display: block; height: aut=
o; margin: 0 auto; max-width: 550px; vertical-align: middle; width: 100%;">=
</a><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; margin:=
0 0 1em 0;"></p><h1 style=3D"-moz-osx-font-smoothing: antialiased; -webkit=
-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Compact Disp=
lay', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Ari=
al, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; f=
ont-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0 0.625e=
m 0;"><strong>Port of LA Launches Cyber Resilience Center</strong></h1><p s=
tyle=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em=
0;"><strong>FROM THE MEDIA:</strong> North America's largest seaport =
said it is bolstering its cybersecurity readiness and enhancing its threat-=
sharing and recovery capabilities among supply chain stakeholders with the =
launch of its new state-of-the-art port community cyber defense solution. T=
he Port of Los Angeles' Cyber Resilience Center (CRC) was designed through =
a collaborative process with participating stakeholders and will be operate=
d by International Business Machines (IBM). “We must take every preca=
ution against potential cyber incidents, particularly those that could thre=
aten or disrupt the flow of cargo,” said Port of Los Angeles Executiv=
e Director Gene Seroka. “This new Cyber Resilience Center provides a =
new level of awareness for our stakeholders by providing enhanced intellige=
nce, better collective knowledge sharing and heightened protection against =
cyber threats within our supply chain community.” </p><p style=3D"col=
or: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><stron=
g>READ THE STORY: </strong> <a href=3D"https://email.mg2.substack=
=2Ecom/c/eJwlkMuOwyAMRb-m7BLxyoMFi9nMb0QE=
3AYNgQhMo_z9kFaybOQr--JjDcIr5UsfqSC5=
04LXATrCWQIgQia1QF6805NQSkxMEqelY_MwE1-WZwbYjQ8acwVy1DV4a9CneE9wJblkZNNiGKZ=
xYsBhXtVsZGu7QcxUgnRyduprbKrzEC1oeEO-UgQS9IZ4lIf4efDfFud59rvJPkLw8a-3aW_N-6=
utHCljF0yLGu0GpbPXCrnLUHz4rO0sxHZPJ9sVAyVec8o5ZXygSlI29rx_zsDtyic2MSfMbPq62=
XQE9X5Iur94X-pa0NiPMcnawWpwg2hu2WMPrt4ElqbuNXq8lqatAdwXDn4Zf3AtL4iQG3u3GNRs=
lIJRMTIllPyyaPTkNNKBcUqarUttKmofn6k9_wFY2ZMp" rel=3D"" style=3D"color: #1a1=
a1a; text-decoration: underline;">Marinelink</a></p><p style=3D"color: #1a1=
a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>A QUIC=
K LOOK:</strong></p><a href=3D"https://email.mg2.substack.com/c/eJwlkN2KhDA=
MhZ_GXkr__OlFL4ZZBvZu30BqG8ey2kpNR3z7rSuEEHJIDuezBuEd06m3uCO52oDnBjrAsS-ACI=
nkHdLgne6EUqJjkjgtHeubnvh9mBLAavyiMWUgWx4Xbw36GK4LriSXjMzadNJ0VE2s7dlkbO9ay=
SxvzTg1dGqcvY1Ndh6CBQ0fSGcMQBY9I257JR4Vf5U6jqM-Y8Y8Qm3jem0M2rkSr08lvo6fp6T8=
Ma_um3jNKeeU8YYqSVlb83rqgduRd6xjTpje1Hm2cVvUp5J0ffN6z-OOxv5en0nSDkaDMwRzyR5=
rcPnKNxR1zcHjORRtXMDd0fEm-A9jeEOAVMi6waBmrRSMipYpoeSdtLCRXUsbxikpti6Wq6B9mG=
IZ_wAk-ob9" target=3D"_blank" class=3D"youtube-wrap" rel=3D"" style=3D"disp=
lay: block; margin: 1.6em 0;"><img src=3D"https://cdn.substack.com/image/yo=
utube/w_550,c_limit/l_youtube_play_qyqt8q,w_120/wPC402AhmdI" style=3D"-ms-i=
nterpolation-mode: bicubic; border: none !important; display: block; height=
: auto; margin: 0 auto; max-width: 550px; vertical-align: middle; width: 10=
0%;"></a><h1 style=3D"-moz-osx-font-smoothing: antialiased; -webkit-font-sm=
oothing: antialiased; color: #1a1a1a; font-family: 'SF Compact Display', -a=
pple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans=
-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size=
: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0 0.625em 0;">It=
ems of interest</h1><h1 style=3D"-moz-osx-font-smoothing: antialiased; -web=
kit-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Compact D=
isplay', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, =
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'=
; font-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1em 0 0.6=
25em 0;"><strong>A Super Dragon Taming the Flood - Why the Cyberspace Admin=
istration of China Has Become a Globally Important Government Agency(Paper)=
</strong></h1><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26p=
x; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: READS LIKE PROPAGANDA W/ RU =
LINKS - Speaks of CCP Cyberspace Administration</strong></p><p style=3D"col=
or: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;">Water =
was central to life in ancient China, as it was the source of life and pros=
perity but also brought calamity. Not surprisingly, the ability to control =
water became the central task of China’s rulers, as it was central to=
the nation’s survival as well as their political legitimacy. This dy=
namic has also given rise to a saying: “Nine dragons trying to tame t=
he flood,” which refers to multiple entities fighting to solve a sing=
le problem but falling short because of an inability to coordinate and coop=
erate.</p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: 26px; m=
argin: 0 0 1em 0;"><strong>READ THE STORY: </strong> <a href=3D"h=
ttps://email.mg2.substack.com/c/eJwlkUmOxCAMRU9T7BIxVYYFi970NSIGJ0FNIAJTpdy=
-SZWEEfbXt9Gz1Qhbypc6U0FyXwteJ6gI7xIAETKpBfLinRrFPIuRSeKUdGx6TsSXZc0Ah_ZBYa=
5AzmqCtxp9ireDz5JLRnYlJVsH8xR2NNROE1udZbNdx3EQmlE3fAfr6jxECwpekK8UgQS1I57lI=
X4e_Ledlw5Oexuq6W06WkG32P22hxZY7kJX6gm5c1lvKXaoDx-3Dnfo1pCS69779cnsZSCXU1to=
JuIVp5xTxp90lpQNPe_XCbg1fGQjc0JPuq-7TWeYXw9Jj433pZqC2v7dHyFZOTC69Y36lj324Op=
NY2nqUaPHa2maCeC-oPDL-4Nu2SBCbntwi0bFBikYFQObxSy_XBpJOQ70yTglbaxLzRWVj2tqz3=
-CGphS" rel=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">Vald=
aiclub(propaganda) </a></p><h1 style=3D"-moz-osx-font-smoothing: antialiase=
d; -webkit-font-smoothing: antialiased; color: #1a1a1a; font-family: 'SF Co=
mpact Display', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helv=
etica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI =
Symbol'; font-size: 2em; font-weight: bold; line-height: 1.16em; margin: 1e=
m 0 0.625em 0;">Security Flaws in China’s My2022 Olympics App Could A=
llow Surveillance<strong>(Video)</strong></h1><p style=3D"color: #1a1a1a; f=
ont-size: 16px; line-height: 26px; margin: 0 0 1em 0;"><strong>FROM THE MED=
IA: </strong>Marietje Schaake, International Policy Director at =
Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP=
, discusses trends in big tech, privacy protection and cyberspace: Does the=
Beijing 2022 Olympics app have security flaws? Well, the researchers at th=
e Citizen Lab of the University of Toronto do believe so. And if their reve=
lations, this time, will set off a similar storm as they did with the foren=
sics on NSO Group's spyware company, then there will be trouble ahead for C=
hina. The researchers found that the official My2022 app for the sports eve=
nt, which attendees are actually required to download and to use for docume=
nting their health status, has flaws in the security settings. Loopholes th=
ey found could be used for intrusion and surveillance.</p><a href=3D"https:=
//email.mg2.substack.com/c/eJwlUMtuhDAM_BpyRHlBwiGHStXeKvXQOwqJWaJCgsBZlr9v=
KJJlWR6NxzPOIjzTdpo17Uiu1uO5golw7DMgwkbyDlsfvFGi64RikngjPdONJmHvxw1gsWE2uGU=
gax7m4CyGFC8G7ySXjExGacUUbbgfuAOQohmclkrLsXFead3dwjb7ANGBgRdsZ4pAZjMhrnslPi=
r-KHUcR32mjHmA2qXl2lh0UyUer0p8_jjxVu07f4cvEgynnFPGG9pJytqa16MG7gZePmFeWG3rP=
Lm0zt2rknR58nrPw47W_V6XyWY8DBYniPaCA9bg8-WvL-iSY8CzL9gwg7-t453gfxj9EyJsJVnf=
WzSslYJR0bJOdPJ2WrKRqqUN45QUWZ8KK5oQx1TGP7lvhrk" target=3D"_blank" class=3D=
"youtube-wrap" rel=3D"" style=3D"display: block; margin: 1.6em 0;"><img src=
=3D"https://cdn.substack.com/image/youtube/w_550,c_limit/l_youtube_play_qyq=
t8q,w_120/Tc3x76xuPiM" style=3D"-ms-interpolation-mode: bicubic; border: no=
ne !important; display: block; height: auto; margin: 0 auto; max-width: 550=
px; vertical-align: middle; width: 100%;"></a><h1 style=3D"-moz-osx-font-sm=
oothing: antialiased; -webkit-font-smoothing: antialiased; color: #1a1a1a; =
font-family: 'SF Compact Display', -apple-system, BlinkMacSystemFont, 'Sego=
e UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI=
Emoji', 'Segoe UI Symbol'; font-size: 2em; font-weight: bold; line-height:=
1.16em; margin: 1em 0 0.625em 0;">China and Russia: MI6’s top concer=
ns<strong>(Video)</strong></h1><p style=3D"color: #1a1a1a; font-size: 16px;=
line-height: 26px; margin: 0 0 1em 0;"><strong>FROM THE MEDIA: </stro=
ng>MI6 chief Richard Moore speaks to the “The Economist Asks” p=
odcast about the world's biggest threats—from a possible Russian inva=
sion of Ukraine to China’s increasing access to personal data.</p><a =
href=3D"https://email.mg2.substack.com/c/eJwlkMtuhTAMRL-GLFFeBLLIoupj0a6rLl=
FIzCUqJAici_j7hiJZluWRPZrjLMIjbadZ047kaj2eK5gIxz4DImwk77D1wZtWaC1aJok30rOu6=
UjY-3EDWGyYDW4ZyJqHOTiLIcXrgmvJJSOTYUyNAM2oWaekHhwwqRoJVolxdEr529hmHyA6MPCE=
7UwRyGwmxHWvxEvFP0odx1GfKWMeoHZpuTYW3VSJj2cl3r6O9Dm__7w2-E2C4ZRzynhDtaRM1bw=
eO-Bu4C1rmRe2s3WeXFpn_awkXR683vOwo3W_12eyGQ-DxQmiveSANfh85euLuuQY8OyLNszg7-=
h4E_yH0T8gwlbI-t6iYUoKRoViWmh5Jy1sZKtowzglxdanchVNiGMq4x9S54dD" target=3D"_=
blank" class=3D"youtube-wrap" rel=3D"" style=3D"display: block; margin: 1.6=
em 0;"><img src=3D"https://cdn.substack.com/image/youtube/w_550,c_limit/l_y=
outube_play_qyqt8q,w_120/KwoJlEWC5tU" style=3D"-ms-interpolation-mode: bicu=
bic; border: none !important; display: block; height: auto; margin: 0 auto;=
max-width: 550px; vertical-align: middle; width: 100%;"></a><p style=3D"co=
lor: #1a1a1a; font-size: 16px; line-height: 26px; margin: 0 0 1em 0;">About=
this Product</p><p style=3D"color: #1a1a1a; font-size: 16px; line-height: =
26px; margin: 0 0 1em 0; margin-bottom: 0;">These open source products are =
reviewed from analysts at InfoDom Securities and provide possible context a=
bout current media trends in regard to the realm of cyber security. The sto=
ries selected cover a broad array of cyber threats and are intended to aid =
readers in framing key publicly discussed threats and overall situational a=
wareness. InfoDom Securities does not specifically endorse any third-p=
arty claims made in their original material or related links on their sites=
, and the opinions expressed by third parties are theirs alone. Contact Inf=
oDom Securities at <a href=3D"mailto:dominanceinformation@gmail.com" r=
el=3D"" style=3D"color: #1a1a1a; text-decoration: underline;">dominanceinfo=
rmation@gmail.com</a></p></div></div><table cellpadding=3D"0" cellspacing=
=3D"0" class=3D"post-meta big centered custom" style=3D"margin: 0 auto;"><t=
r><td class=3D"post-meta-item icon" style=3D"color: #767676; font-family: -=
apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, san=
s-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
e: 14px; height: 18px; line-height: 18px; padding: 0px 12px 0px 0; padding-=
right: 16px; position: relative; text-decoration: none; text-indent: 3px; v=
ertical-align: middle; white-space: nowrap;"><span class=3D"post-meta-icon"=
><a href=3D"https://email.mg2.substack.com/c/eJxVUttu2zAM_Zr4bYYuvunBD0Eyb8=
nqFB3WpO2LIUtMLN_k2HIS5-snN93DAIGESFGHPIeCGzjpfoo7PRhnNpmZOohbuA41GAO9Mw7QZ=
0rGIWWMhthzZOxJHPmRo4bs2AM0XNWx6UdwujGvleBG6XauIMwjHnaKOIw8nEsZMZmDoIHwEaLM=
D0DkAY5CYA9gPkoFrYAYLtBPugWnjgtjumFBlwuS2KPao5a6cYcxHwwXlSt0Y8O8U9ZesDXzR9Z=
99vStBy7mXhY0MboC69cwbbEg--mN1NWm1DS9V356F7fd6qrED3aXCes-VptgtxYkXb_e0nI5bN=
pt_X7YIX5go61RXkeqjboqfkiQvd925cs9_bO878rv_tNq2wmaqme1vcrDxqRlhdLy5Ta_F3Sv5=
nrR7It3-rvLiaeOL-56XRrbX7L098_TSSVH__ITGSz5ufnQb9tztMp_Fa_m3D5ZFoLRNNmgx16A=
neYfD1_xBqQam3nKeXxHxQQRgjDxEfMQDlziHiMgIichDrGkPOLuWAjd1eyy8FBzIv8R6_SxhJy=
bAlo-p5VxQY6zxpnNNmOrzJTZXF6DfMhvHlv0iZ6doIXebpfMuIlx4FGMaIAZZd5DbbsfXhggHx=
PkWFgrK1dt_KXwX4X04Yg" class=3D"like-button button post-meta-button" style=
=3D"background-color: transparent; border: 1px solid #e4e5f2; border-radius=
: 3px; box-sizing: border-box; color: #767676; cursor: pointer; display: bl=
ock; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, He=
lvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe U=
I Symbol'; font-size: 16px; height: auto; line-height: 15px; margin: 0; opa=
city: 1; outline: none; padding: 10px 16px; text-align: center; text-decora=
tion: none;"><img src=3D"https://cdn.substack.com/image/fetch/w_28,c_scale,=
f_png,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2F=
HeartIconRounded%3Fv%3D3%26height%3D28%26fill%3D%2523757575%26stroke%3D%252=
3757575%26strokeWidth%3D2" width=3D"14" height=3D"14" style=3D"border: none=
!important; display: inline-block; float: left; height: 14px; margin-right=
: 4px; max-width: 14px; vertical-align: top; width: auto;" alt=3D""><span c=
lass=3D"meta-button-label">Like</span></a></span></td><td class=3D"post-met=
a-item icon" style=3D"color: #767676; font-family: -apple-system, BlinkMacS=
ystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color E=
moji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; height: 18px; =
line-height: 18px; padding: 0px 12px 0px 0; padding-right: 16px; position: =
relative; text-decoration: none; text-indent: 3px; vertical-align: middle; =
white-space: nowrap;"><a href=3D"https://email.mg2.substack.com/c/eJxVUsuSm=
zAQ_BpzM4UkXjpw2LXjhCR449jrmFwoIY2N1iBRINaGr4-IN4dUSSpppkY93T2cGbjobkxa3Rtn=
PgoztpAouPU1GAOdM_TQFVIkEaGURMh3ROILFAexI_vi3AE0TNaJ6QZw2qGsJWdGajVXYOpjHzl=
VIkBEEWICYQJnjwJlmENEY2YvJIzZA5gNQoLikMA7dKNW4NRJZUzbL8jTAm_skuqshW7cfih7w_=
jV5bqx4dZuYZsYl6LTLY7s0yYaUMaWboy-glqQNYxfEcfH8YTra_qmSTZdg2zi9-3qJvlnOokNb=
X-v0nC75jhbv96zt6c-bepK2Fh2yL1s-nTLpvz-sr9JdtpO9g_Jvxzl90MabNepl-3TPlVblMs0=
TNXzOyc7w5tjlZOfbYl9ed65wUni5csmOyy__bo0972Pdquwa_Pl9Xj4UU67Z3N7lfkyPVSWcDi=
Ypuj10HGw3f-j_BFvQMihmVnN6jsywR7GHsKBR30PhS52zzFgXuIIRUgQFjN3qLhua_q-8L3mgv=
_T0OmsRSUzFSg2p6VxQQyzncUs5KCkGQubK2sQD6fNY2D-ohcXUNDZQRIFMwkKfYI8EiJKqP8w1=
o6CH4VegLDnWFjrIJMq-TDzDw392N8" class=3D"post-meta-button button" style=3D"=
background-color: transparent; border: 1px solid #e4e5f2; border-radius: 3p=
x; box-sizing: border-box; color: #767676; cursor: pointer; display: block;=
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvet=
ica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sy=
mbol'; font-size: 16px; height: auto; line-height: 15px; margin: 0; opacity=
: 1; outline: none; padding: 10px 16px; text-align: center; text-decoration=
: none;"><img src=3D"https://cdn.substack.com/image/fetch/w_28,c_scale,f_pn=
g,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2FComm=
entIconRounded%3Fv%3D3%26height%3D28%26fill%3D%2523757575%26stroke%3D%25237=
57575%26strokeWidth%3D2" width=3D"14" height=3D"14" style=3D"border: none !=
important; display: inline-block; float: left; height: 14px; margin-right: =
4px; max-width: 14px; vertical-align: top; width: auto;" alt=3D"Comment" cl=
ass=3D"comment-icon post-meta-icon"><span class=3D"meta-button-label">Comme=
nt</span></a></td><td class=3D"post-meta-item icon" style=3D"color: #767676=
; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helve=
tica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI S=
ymbol'; font-size: 14px; height: 18px; line-height: 18px; margin-right: 0; =
padding: 0px 12px 0px 0; padding-right: 0; position: relative; text-decorat=
ion: none; text-indent: 3px; vertical-align: middle; white-space: nowrap;">=
<span><a href=3D"https://email.mg2.substack.com/c/eJxVkt1ymzAQhZ_G3JnRn8G64=
CKx65a2OHXjuHZvGCEtRjEIBkRsePqKOJ1pZyTN6FtJu9pzpLBwrtshaurOetOS2qGByMC1K8Fa=
aL2-gzbVKgop5zTEzFMRU3i5WHq6S_MWoBK6jGzbg9f0WamlsLo20w3CGWHYKyKRM44oyjJJBJI=
Cs4CHIQm4WmKe54G8Jxa90mAkRPAG7VAb8MqosLbpZvRhRjZuaJPXqq78rs86K-TFl3XlcOOmck=
UMc9XWDQlndNPbKu3qvpUwo-u_x2ckmHgFSveV4--Vf0BZGwvGTqcL0YKjQk7_-AfY-gLTHoavW=
JLDcCTlJX6taTJeFskob9vVVcvPfFQb3vxexcF2LUmyfrklrw9dXJWFcizZn1Ayfrom4-n29HzV=
4rgd3Rtafjno7_t4sV3HKHmOu9hs8UnHQWwe3yTdWVkdihP92WSE6XznL46azJ82yX7-7de5uj0=
zvFsFbXOaXw77H9m4e7TXF32ax_viwdMRQYQgTBaIM4QDn_j5EojMSIhDrKhYCr8vZN2U_G3GUH=
Um__XXayMFmbAFGDGFtfVB9ZPUrmdV1Rtth9TFshLU3QX2bqb37qZnMNA6k6lU2AgHjGJEA8wpZ=
3fRnU1YGKAFJshzaZ26QpvoQ-g_3UjiGg" class=3D"button post-meta-button" style=
=3D"background-color: transparent; border: 1px solid #e4e5f2; border-radius=
: 3px; box-sizing: border-box; color: #767676; cursor: pointer; display: bl=
ock; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, He=
lvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe U=
I Symbol'; font-size: 16px; height: auto; line-height: 15px; margin: 0; opa=
city: 1; outline: none; padding: 10px 16px; text-align: center; text-decora=
tion: none;"><img src=3D"https://cdn.substack.com/image/fetch/w_32,c_scale,=
f_png,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Ficon%2F=
RecommendIconRounded%3Fv%3D2%26height%3D32%26fill%3D%2523757575%26stroke%3D=
none%26strokeWidth%3D2" width=3D"16" height=3D"16" style=3D"border: none !i=
mportant; display: inline-block; float: left; height: 16px; margin-right: 4=
px; max-width: 550px; vertical-align: top; width: 16px;" alt=3D"Share" clas=
s=3D"recommend-icon post-meta-icon"><span class=3D"meta-button-label">Share=
</span></a></span></td></tr></table><div class=3D"container-border" style=
=3D"border-top: 1px solid #e4e5f2; box-sizing: border-box; font-size: 16px;=
line-height: 26px; margin: 32px 0 0; width: 100%;"></div><div class=3D"pos=
t-cta" style=3D"font-size: 16px; line-height: 26px; margin: 24px 0 40px;"><=
p style=3D"color: #1a1a1a; font-size: 16px; font-style: italic; line-height=
: 26px; margin: 24px 0 0; margin-top: 0;"><span>If you liked this post from=
<a href=3D"https://email.mg2.substack.com/c/eJxVkEtuxCAQRE8zLC1oM9gsWGSTa1=
h8mjGKDRafiXz74DibSK1edKm69Mrqiq-UT3WkUsm1lnoeqCJ-lw1rxUxawbwEp6ZRynFinDjFH=
ZufMwll8Rlx12FTNTckRzNbsLqGFC8HSA6ckVWB8FZL6zw1wClQrw14L2cxmYkLLu5g3VzAaFHh=
G_OZIpJNrbUe5TF-POCzT4g-ubQPpZlStf0abNr7mQQFFIAyeFLJKRMDDH5GsAYmNjE36lkPbbX=
p2OT7wen-gn8vSFYOja4rRn3JoQ7o2kWzdHVvMdRz6ZrZ0N2g9e7rF315YcTce3SLrooJPjI6Ci=
ZHyW-u3gSfBH0yoKTHdgAdovpj-QErM4GC" style=3D"color: #1a1a1a; text-decoratio=
n: underline;">Social Media IO Roundup</a>, why not share it?</span></p><p =
class=3D"cta-box" style=3D"color: #1a1a1a; font-size: 16px; font-style: ita=
lic; line-height: 26px; margin: 24px 0 0; text-align: center;"><a role=3D"b=
utton" href=3D"https://email.mg2.substack.com/c/eJxVkc2OpSAQRp9GdmP4U3TBYpJ=
Jv4YpobySETBYdMe3b-w7m0mAhO8LqZODA8JXLrc980XsORa6T7QJv64DibCwemFZgrdGzbMyQj=
NvtRfTMLFwLVtBjBAOS6UiO-t6BAcUcnpeyFlLLdhu_eTdKCc03DtYzWDWediUHCc5bAJAvQdD9=
QGTQ4ufWO6ckB12JzqvTv3u5EdbIW3Z59hfdb0I3N_e5djis23fIO5fvuRTmk59VIpLRB9q7NSf=
H8JOjk_oIJ4QXqnFjqCF4B7cdr12KMiClVxKLuTAZ83F2Mt-m1C6VRphhFcwQV93l89j_uw0jy_=
5Hw0r1uMKtGOCpw7Uo6-PmKW1saZA99K69UD_dkZv9T-MywsTlvYlfgGyYtRKcDWKWc36rahJ1W=
bkg5CctbHNBYRk_2n5BtTTm3k" class=3D"button primary twitter-link" style=3D"b=
ackground-color: #99A2F1; border: 0px solid #99A2F1; border-radius: 4px; bo=
rder-width: 13px 20px 13px 18px; box-sizing: content-box; color: #ffffff !i=
mportant; cursor: pointer; display: inline-block; font-family: -apple-syste=
m, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'A=
pple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 17px; fo=
nt-style: normal; font-weight: 300; height: 24px; line-height: 24px; margin=
: 0; opacity: 1; outline: none; padding: 0; text-align: center; text-decora=
tion: none !important; vertical-align: middle;"><img src=3D"https://cdn.sub=
stack.com/image/fetch/w_23.1,c_scale,f_png,q_auto:good,fl_progressive:steep=
/https%3A%2F%2Fsubstack.com%2Ficon%2FShareIcon%3Fv%3D2%26height%3D42%26stro=
ke%3D%2523FFF%26strokeWidth%3D2" width=3D"11.55" height=3D"21" style=3D"bor=
der: none !important; display: inline-block; height: 21px; margin-right: 8p=
x; max-width: 11.55px; vertical-align: middle; width: 21px;" alt=3D""><span=
style=3D"color: #ffffff; text-decoration: none;">Share</span></a></p></div=
><div class=3D"footer" style=3D"background: #f8f8f8 !important; color: #bcb=
cbc; font-size: 16px; line-height: 26px; margin-top: 24px; padding: 32px; t=
ext-align: center;"><p class=3D"small" style=3D"color: #bcbcbc; font-family=
: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, =
sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-=
size: 13px; line-height: 26px; margin: 0 0 1em 0; margin-bottom: 0; padding=
-bottom: 30px;">© 2022 <span>Bob Bragg</span> <a href=3D"https://email=
=2Emg2.substack.com/c/eJxVkltvozAQhX9NeFv=
kC5Dw4Iek2XSpCru9JU1ekLGH4AYMBVMCv35=
Nsy8rWSNrjsZndD4LbuBctyNr6s44c0nN2ADTMHQlGAOt03fQpkqyJQ1DusSeI5kn8cpfOapL8x=
ag4qpkpu3BafqsVIIbVet5goQe8bBTMA4IA8dC-DgjxPNFTmhIPUDIRz4m_s2Y91KBFsDgC9qx1=
uCUrDCm6RZ0vSA7e5TOa1lXbtdnneHi4oq6sm0uZkd7karjWQnp90oLujP1BfSCbmF8wILsx3dS=
XqKPmsbTxY8ncU3uBiXuw0nuwuZ0FwXJVpB4-3aNP9ZdVJWFtL349Yji6ecQT8fr75dB8fdksm8=
o8WuvHl8jP9lGKH6Jukgn-KiiIKqeG2FXze73-emAC34YVP7krpI8PWRFOP74U8ewP10-Nw_6bf=
M01NfxE2DTt93zo2hPXbJ2FCOIEGSDQaGHcOASN18BERlZ4iWWlK-42xeibsrwa-Gh6kz-S8Rpm=
YSMmwI0n2VlXJD9DCe1atVrZcbUajYpeeNmbvi_Y0vPoKG130Km3DAceBQjGuCQht4NkwXrLYOZ=
G3KsreXBlWb_0PwFP8_Ing" style=3D"color: #bcbcbc; text-decoration: underline=
;"><span style=3D"color: #bcbcbc; text-decoration: underline;">Unsubscribe<=
/span></a><br>548 Market Street PMB 72296, San Francisco, CA 94104</p><p cl=
ass=3D"small powered-by-substack" style=3D"color: #bcbcbc; font-family: -ap=
ple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size:=
13px; line-height: 26px; margin: 0 0 1em 0; margin-bottom: 0; padding-bott=
om: 0;"><a href=3D"https://email.mg2.substack.com/c/eJxNkd1qxCAUhJ8mXgb_8uO=
FF4WyrxGMnmykiQY9bsnb12xaKIjKNxxmHK1BeMZ06iNmJNc24XmADvCdN0CEREqGNHmnB6GUGJ=
gkTkvHxm4kPk9LAtiN3zSmAuQo8-atQR_DNcGV5JKRVZt56JjgYjHQjUPX23owJaWBRY3z0t3Gp=
jgPwYKGF6QzBiCbXhGP3IiPhj_qymXOaOxXa-N-EfEouE85lmShEZ9_csP7i-_gfNkrfyf8hTYG=
hICVLjFez_OaU84p4x1VkrK-5e0yArczH9jAnDCjactq47GpVyPp_uTt_xgkaQezwRWCuWSPLbh=
yNVGt9r0Ej-dUtXkDd5eEd9fvUNMTAqT6B24yqFkvBaOiZ0ooeXdSW5RDTzvGKam2LtapoH1YYr=
3-ACAulvc" style=3D"color: #bcbcbc; text-decoration: none;"><img alt=3D"Pub=
lish on Substack" src=3D"https://cdn.substack.com/image/fetch/w_340,c_limit=
,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Fimg%2=
Fpublish-on-substack.png" width=3D"170" height=3D"32" style=3D"border: none=
!important; margin-top: 3px; max-width: 550px; vertical-align: middle;"></=
a></p></div></div></td><td></td></tr></table><img width=3D"1px" height=3D"1=
px" alt=3D"" src=3D"https://email.mg2.substack.com/o/eJwlkMGOhCAQRL9mORpoUO=
TAt5AW2hmyCgZhJv794nrrVHW6XpfHSq9cLnvkszLaMW7uRYlK14PDasWkpOByEkYaxYJVQczjz=
OLp1kL_-7aWRuxoyxY91piTi8GCUaAEe1sgNDCGlWs_SqM9GS5hpSVobrREZHewwxYiJU-WPlSu=
nOiR-yGlJz4K4Cxa4ABcwMiN4mIaYFhnAr-AFloEiTMO7e3zsZnPj-L7C4azLWdF_zv4vLNiAy1=
Y35TwtmMdKLQb23V3bynWy3Vv2Sg8H9Wnk3ZSuUG0NEZqoR6yeh1kE33PjWqlwnpUyL2NZGNacx=
__AI0PdCw"></body></html>
--273333aed06f149276c46026b46194a0d3b84e570d43154fd249994790c4--
