I’ve been adding two classes of YouTube sources - the first are individual analysts like Peter Zeihan, Asianometry, China Update, and Just Have A Think. The second are non-US news - Al Jazeera English, BBC Channel 4, Singapore’s Channel News Asia, Deutsche Welle, France 24, and maybe Focus Taiwan is not terrible, but the jury is out on all China/Taiwan sources. There’s a bit o’ Jerry Springer in all of ‘em from what I’ve seen thus far.

Today’s Additional Source is written, but Burn After Reading is full of important links every morning at 0200 my time.

Here’s the cybersecurity section from this morning:

• Poland's national computer emergency response team, CERT-PL, has identified a phishing attack by Russian military intelligence hackers targeting Polish government institutions. The campaign involved deceiving targets into downloading a seemingly innocuous file that, once opened, allowed hackers to collect sensitive information from the compromised systems.

• Security vulnerabilities have been discovered in Telit Cinterion cellular modems used across various sectors, allowing hackers to potentially control devices remotely via SMS. Kaspersky's research, presented in detail at the OffensiveCon conference, highlights critical security flaws that could impact the integrity and confidentiality of data on these widely used industrial IoT devices.

• Europol has confirmed a security breach of its online platform for experts, though no operational data was compromised. The incident, which is currently under investigation, involved unauthorized access to non-personal documents, while the core systems of Europol remained secure.

• The FIN7 hacker group, also known as Carbon Spider, has escalated its cybercrime activities by deploying malicious Google ads that mimic reputable brands to spread malware. This strategy delivers the NetSupport RAT through deceptive MSIX installers, as part of broader attacks that include data theft and ransomware, highlighting a significant shift towards more sophisticated cyber-attacks.

• The North Korean hacking group Kimsuky has introduced a new malware named 'Durian', using it in targeted attacks against South Korean cryptocurrency firms. The malware, which is written in Golang, offers extensive backdoor capabilities and is part of an ongoing cyber espionage campaign that also uses spear-phishing and other sophisticated methods.

The Telit Cinterion piece is what caught my eye, both for what it is, and for the fact that they’re using Kaspersky as a source. Baseband (radio) processors don’t get nearly the attention that the ARM chips in mobile devices do and they’re just a straight up hazard in my book. Way back when we used to get an iPod Touch, which has no baseband, and a cellular hotspot. Kaspersky must be treated as an annex to Russian intel, but I guess if they’re the first on the scene there isn’t an alternate source.