Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380

Speaker 20s - 24.92s

It's the Security Weekly News. I'm Doug White, and it's episode 380. Welcome to the week of 21 April 2024. We've got Roboflies, Crush FTP, GitHub, Palo Alto, Miter, Fancy Bear, Deep Fakes PRODUCT, Aaron Leland, and more stories on this edition of the Security Weekly News.

Speaker 125.98s - 37.7s

This is a Security Weekly ORG production for security professionals by security professionals. Please visit security weekly.com forward ORG slash subscribe to subscribe to all the shows on our network.

Speaker 242.88s - 47s

It's the show that keeps you up to date on the latest security news twice a week.

Speaker 147.36s - 50.74s

Your trusted source for accurate security information and expert analysis.

Speaker 251.08s - 53.42s

It's time for the Security Weekly News.

Speaker 054.34s - 108.3s

Hi folks. I'm Adrian Sinabria, the host of Enterprise Security Weekly ORG. Every week, we interview the most interesting folks we can find talking about the most pressing cybersecurity issues and challenges facing the enterprise today. Myself and my co-hosts have each been in the industry for decades, long enough to see the patterns in the industry and explore where trends are going. In addition to enterprise challenges, we also follow the vendor space, the most interesting security startups emerging, technology and product trends, all the most interesting fundingand acquisition announcements. Finally, we love to discuss the latest trends in tech and how they'll impact cybersecurity. If you're wondering how the latest in AI, quantum computing, cloud, and DevOps is going to impact security a few years down the road. You should follow the Enterprise Security Weekly ORG podcast. All right, it's the Security Weekly News from exile on the island of Elba LOC.

Speaker 2108.64s - 1515.7s

I'm Doug White PERSON, and welcome to the show. Don't forget to hit that like and subscribe button on your favorite platform because, well, it makes me feel like I have value. And to all my fans I met on Sunday, thanks for listening. We appreciate you. All right. Crush FTP issued a warning today that there's an active zero day in their product, which is FTP serving, I suppose. That zero dayenables unauthenticated attackers to escape the virtual file system. Uh, oh, and download any of your system files from your server, which would include comps, you know, robot files, all that good stuff. Uh, oh, and download any of your system files from your server, which would include comps, you know, robot files, all that good stuff. Uh, the zero day was reported by Airbus cert and is now fixed in versions 10.7.1 and 11.1.0. Uh, they basically seem to be focused on versions, uh, nine and earlier. Uh, so, you know, basically if you set up your file servers and, you know, you want to set them up correctly,well, you use some kind of tool, which is called a root jail or some kind of jail that creates a virtual file structure that looks pretty much like it's a live file structure, but it, I mean, the ones I used to set up look pretty much just like the regular directory structure, but it was completely isolated to that person. Yeah, I know there's ways to break all that stuff, but it's a lot harder. And it's really just a partition. And I guess the ideal in FTP serving was to set that up for every single user. So each user had their own file structure. And of course,you could share directories or whatever. So if people were sharing files. Now, if you have anonymous file servers, does anybody still do that? I'm sure they do because sometimes you do need to serve people files that are anonymous. They don't want people to log in and whatnot. And if you do, you're probably using virtual file structures or you probably get compromised a lot.So basically, this problem combines all this stuff so that you have virtual directory structures and you still get compromised a lot. So CrowdStrike ORG said that Falcon Overwatch and Falcon Intelligence ORG, which is their Intel ORG groups,have been seeing this Crush FTP Zero Day being exploited in the wild and that the threat actors are targeting Crush FTP servers at multiple U.S. GPE organizations with the evidence pointing that it's an intelligence gathering campaign. The recommendation is, of course, that Crush FTP PRODUCT users should follow the vendor's instructions and prioritize patching this. They did have some information in this article that said that if you had a DMZnetwork in front of the main instance, it should be protected. I didn't really follow that. I mean, I mean, I understand what a DMZ is and I've put plenty of them up and your file servers and everything should be in DMZs, particularly they should be isolated even from each other. But I'm not sure why that would prevent somebody from having this kind of access. I'm sure some of you will figure that out as well. But maybe it's something to do with a VPN that connects into a DMZ. I'm just really not sure.But regardless of that, if you have older versions of Crush PRODUCT FTP server, you should very likely patch. And even if you're just using the client side of that, you probably should older versions of Crush PRODUCT FTP server, you should very likely patch. And even if you're just using the client side of that, you probably should check it out to make sure. Shodon said that there are at least 2,700 Crush PRODUCT FTP instances with exposed web interfaces currently online. They said they could not determine how many of those had been patched. But 1,375 of those were in the United States, which was the largest group, and 257 in Germany was the second most.So look, 1,375 of you in the United States GPE have this. So fix it today, really. GitHub file upload is being abused, and attackers were using a new Luw PRODUCT malware loader, which is distributed through what appears to be a legitimate Microsoft ORG GitHub repository. And it apparently they can't get rid of it. And I'll tell you why in a second.This was in the repository for the C++ library manager for Windows, Linux, and Mac OS, which is called VC package, if you have ever worked with that. It's also the STL library. So that's the two components that people use in C++ PRODUCT. Now, it was a mystery because bleeping computers said they were shocked that this malware was still being distributed via the Microsoft GitHub ORG. And it was a legitimate MicrosoftGitHub repository. And they couldn't figure out where the malware actually was. They deconstructed VC package and they said they couldn't find anything. But what they did find was that if a GitHub ORG user starts a comment, not post a comment even, but just starts a comment, well, you can attach a file to that, because you see the comments on these things saying attach, you know, error logs or whatever. And once that file is attached to the comment that's been started, it's uploaded the CDN and then it's associated with that project andassign a unique URL that attaches to that file. Now, GitHub ORG doesn't generate the URL until after the comment is posted, but it generates a download leak the minute you add the file to an unsaved comment. And then you can, of course, attach whatever you want to that comment, and so people were attaching malware to it. Now, if you put malware in a comment section on most sites,there's minutes somebody realizes it's malware, they will take your comments down. But in this case, it's quite interesting because the file and the unsaved comment gets uploaded and housed on that CDN. And so even if you never actually post the comment, it's an unsaved comment or you post it and then delete it, the file is still there on their server. And you can hand out links to it, the file's still there on their server.And you can hand out links to it because the link was already generated. And so the owner of the repository has no way to see that there's anything there. And it seems to be quite a problem. Unpack Me did a live stream about this on Twitch ORG. And they said that the tactic was being actively exploited in the wild. An update on the article said that the malware on the Microsoft ORG repository had been removed,meaning I guess those links have been taken down, or the files deleted or something, but there are others that are out there. And of course, obviously putting that right back on the Microsoft ORG link wouldn't be very difficult since that feature seems to still work. But they were noting active malware links on the HTTP router and Amy PRODUCT as well. So scary stuff when you're downloading repositories these days.Palo Alto firewalls PanOS first released that there was an issue on the 12th of April, and we've talked about it quite a bit, but Unit 42, which is the Palo Alto GPE threat intelligence team, updated this brief to include information on the current scope of the attacks, which are targeting the critical command injection vulnerability that we've talked about repeatedly.The problem is in PanOS Global Protect and it has a CVSS score of 10, and it was originally seen in an attack by a likely state-sponsored attacker called UTA 0218 per Vlexity. Unit 42 ORG says it is aware of an increasing number of attacks after the proof of concept exploits were published last week. Imagine that. Shocking news that the minute they put out proof of concepts with code, people start exploiting it. They went on and said that new attacks were apparently unrelated to the original UTA0218 campaign. And I mean, you know, it makes total sense to me. It's like there's a proof of concept out there. Everybody's jumping on board. But as of Monday, Shadow Server reported that there were 6,200 Global Protect PRODUCT instances up that were vulnerable to this attack. So just like that other stuff, you know,there's a lot of servers sitting out there that are vulnerable and have not been patched. The vulnerability is patchable at this point, and there are hot fixes for other betas, I guess, and the patches were all rolled out between the 50th of April and the 18th of April. The article does have a full review of how the flaws allow command injection on theplatform or how you can get the proof of concepts as well if you want them. If you have one of those 6,200 instances, though, let's get to work and get that down to zero pretty quick, okay, because this stuff is incredibly dangerous. Well, we all get preached. You may like to tell yourself that you won't, but you will. I'm the same way. I'm always like, well, yeah, this is all nice and safe and then somebody takes it out. Mider. So Mider Corporation disclosed that one of their unclassified research of prototyping networks was breached by an undisclosed nation state.The post said that in January, the attacker performed reconnaissance of the networks and then exploited one of their VPNs using wait for it. Ivanti Connect Secure PRODUCT. Yeah, those things have been arounda while. The report said that the attacker got past the multifactor authentication using session hijacking, which makes sense. And then they moved laterally to dig into the VMware ORG infrastructure using a compromised admin account. So it wasn't just all of Ante PRODUCT. It was like a collection of things.But these are nation states, right? They have whole teams. I mean, we know that. I mean, companies have teams. Nation states have teams. Hacking clubs in middle school have teams. And they work night and day to find these things.Once they got in, they deployed Trojans and web shells to maintain their persistence and harvest more credentials. Those two vulnerabilities were CVSS 8.2 and 9.1. And there was an episode of Paul's Security Weekly a couple of weeks that I was on, where they were talking about, you know, how dangerous it is to, you know, use CVSS scores as anything more than just guidance. And, you know, companies were saying, we don't patch below this level and whatever, but these were two that you could use together with other things and create, you know, basically real problems. were two that you could use together with other things and create, you know, basically real problems. Um, but basically those vulnerabilities allow attackers to bypass authentication and execute arbitrary commands, which is of course really problematic.Uh, the last time Miter had a announced breach was 15 years ago. And that led them to develop the confusingly named Miter PRODUCT, however you say it. I think you're supposed to say attack. I met with the Miter and Miter was saying attack, but, you know, it's ATT ampersand CK PERSON or the artist formerly known as Dr. Gonzo or something, you know, one of those unpronounceable words. Like, you know, I just find it confusing.But I'm going to change my name to pork soda and just be the professor who used to be known as Doug PERSON. But, you know, make them put that on my door. But anyway, the moral of the story is that even you may get breached, despite all your knowledge, dear listener. And will you be ready when the sirens wail and you hear the voices of angry men? If this is a bad TV, so then the music would swell. And Aaron and I would jump in and sing one day more as a duet.And everybody would be crying by the end of the show. And they're not crying out of sadness, mind you. But at least that's how it seems in my head. Leave me alone. I mean, you know, that's the way I was seeing it. It just didn't quite turn out that way.Well, back in my day, the neighborhood watch was Gladys Cravitz trying to tell everybody that the people next door were witches. Oh, and Paul Lind PERSON was there. And she was probably trying to warn people about Paul Lind PERSON, but, you know, classic. But sometimes later it became this thing that involved people signing up to, I guess, watch the neighborhood. I remember my dad came home with all this stuff, you know, and he's like going to, I don't know what sit up all night with binoculars, ensuring that, you know, there's not any stray dogs around or something. I have mixed feelings about it.I mean, it seems like kind of an interesting idea, but then there's all that, you know, there's stuff where there's people that aren't really good people doing that. Anyway, but anyway, in the UK, the neighborhood with a you, the neighbor who'd watch, the Nebuul who'd watch groups had an issue since they were using this product called VISA, which is a Nottingham GPE-based company, and everything's cooler when it comes from Nottingham. But it was a Nottingham-based company that makes a product called Neighborhood with a U alert. that makes a product called Neighborhood with a U Alert PRODUCT. It's a platform that allows secure, allegedly allows secure messaging between registered watch groups and authorized admin.So this is kind of like a fusion center or something, right? So I see something in my neighborhood. I put it, post it, and then other people can see the same thing. Now, you can access this thing with a website or a mobile app, and it was endorsed by the national and regional authorities in the UK and has about half a million users according to their website. But in late March, a user reported that a security issue would allow anyone to register as a neighborhood watch coordinator on the platform. And if they did that, they could create their own scheme.Now, I was like, that's not a good word to use in a security program to me. It's a scheme, but the scheme they're talking about is a defined area on the map. So once you create yourself as a fake admin, let's call that admin Abner, not Lenny Kravitz PERSON, but Abner Kravitz PERSON. And Abner PERSON logs in, defines themselves as a neighborhood watch coordinator, and then creates a scheme, drags over the map of some area.I don't know. It was any area you wanted within reason. And once you did that, it revealed all the neighborhood watch people in that area. Hmm. And when they revealed them, they could see on the map where they live, because that's what they put in.But it also revealed all kinds of information. And so they were testing this. And they found that you could see their registered emails. And a lot of them were official emails. And that these people included police officers and ministers of parliament. Yeah.So this would pretty much allow someone with ill intent or good intent to find out where somebody lives, like a police officer, which is not a good thing. The issue was disclosed to the registered users on the 15th, and they said that the anomaly had been fixed immediately. But it's really, really scary. Did anybody get those references? Bewitched? Really? Nobody?Bueller? Nobody? Classic television. All right. It was originally in black and white. It was so old.I mean, the first episodes of it are in black and white. And Samantha's husband changed actors after a bit because the first one, I can never keep their name straight, but the first one got some kind of horrible back injury could go on. So they just, you know, it's just like a different guy next season. But that's okay. It's television. Fancy bear. Yay. Fancy bear, which is APT 28, have been weaponizing a flaw in the Windows PRODUCT print spooler, that thing again. And theydelivered some custom malware called Goose Egg PRODUCT. Now, Microsoft ORG patched this flaw. Wait for it in October of 2022. And the NSA ORG was the original reporting agency that found this print spooler flaw. And I mean, we talked about this stuff long ago. But Fancy Bear used the flaw to target Ukrainian, Western European NORP, and North Americangovernment, non-government, education, transportation, and yet pretty much everybody. Basically, what this does is the flaw allows them to modify a JavaScript constraints file, and then they can execute the file with system level permissions, which is very painful. Gooseg PRODUCT is pretty much just a simple launcher, but of course it can spawn other applications at the system level, and that means you can run just about anything, and you can set that at the command line and run with elevated privilege, which allows the attacker to pretty much do whatever they want, right?So they were conducting remote code execution, they installed rats, they can move through the network and so forth. Fancy Bear has been active for at least 15 years and operates with backing from the Russian NORP government and is geared toward the collection of support of Russian NORP foreign policy initiatives. So basically they're a spy agency.So in my day, that was called the KGB ORG or something. But they're basically a digital spy group. The Gooseg attacks allowed them to gain access to these networks and steal credentials, which of course lets them have more access, which allows them to steal more credentials and install more rats. The next thing, you know, Augusta de Morgan and Jonathan Swift PERSON show up and stick their fingersin your mouth. Can you imagine what fingers in the 17th century must have smelled like and tasted like? You know, I just, you know, I can watch Art the Clown WORK_OF_ART cut someone in half with a chainsaw while I eat a big plate of pasta, but a sex seed set in the 18th century, I just, I literally have to look away. I'm like, oh, he just licked their neck. Oh, my God. When did you wash your neck last time? Spring. Yeah, that kind of thing. Anywho, the point again,is that there's a lot of stuff out there in your enterprise and some of it's old. I mean, I've never been in an enterprise audit yet where we didn't find old stuff. I mean, is that copier you've got sitting in there running Windows NT, Dr. Fong's 4Tran PRODUCT code that controls the death ray is running on DOS 5.2 or something? It's all out there. Schools, water departments, homes, probably even your enterprise is all got old code somewhere.Maybe yours doesn't, but a lot of people's do. You really need to find these things in your asset search. And if you want to keep them, you should protect them heavily or patch them if you can, although a lot of them are, you know, end of life and so forth. Because when fancy bear comes to Colin PERSON, what the hell rhymes with that? Who am I, ice tea? I don't have any rhymes. How do you rhyme something with Colin Fallen PERSON? I'm not even going to go there. But you do need to identify and patch or fancybear or cozy bear or talks to octopus or stinky cat or garbage ban or whoever it is with a cool name, we'll be looking for it with Showdown ORG probably. And they'll find it. So, you know, you don't want to find all your flaws the hard way by having to issue breach reports. Yeah.Well, you know how they make all those cool movies and shows that they couldn't make previously due to effects? I mean, I mean, you know, George Lucas had George Lucas had to make all of his battle scenes and space out of old World War I EVENT movies. I mean, literally, and just, you know, they took like the old film and they turned that into spaceships and stuff. Well, those days are gone, right? We're all familiar with that.I mean, AI is starting to permeate everything, like the smell of that slowly percolating dead rat in your apartment wall or whatever, or Augustus de Morgan's PERSON fingers. Well, it's going to have some major impacts, and they're coming soon to a theater near you. So this guy named De Vyndra Singh Jadun PERSON is a famous Bollywood effects guy, who is called the India GPEn Deepfaker. And I guess everybody's trying to hire him for the upcoming elections in India. And he said he was being interviewed in this article. He said that more than half the calls he gets are asking for unethical things likecompetitors making gaffs or having candidates' faces injected into porn scenes and all kinds of stuff like that. He did say he, of course, doesn't take those jobs. But he went on and said some campaigns were also even having low quality deep fakes made of their own candidates so that if deep fakes of their candidate or real not fakes get to their candidates doing an appropriate thing, they can then dump these low quality deep fakes.They go, oh, yeah, it's all fake. It's all fake. None of it's real. Fake news. Fake news. I mean, it's really difficult now to tell a deep fake from a real pick or a video. And, and, you know, just like Hollywood and Bollywood make films and shows with talking raccoons or Karen Gillen PERSON as nebula.I mean, I didn't even know that was Karen Gillen PERSON for a long time. And then I was like, wow, really? Because she doesn't actually look like that. But, you know, we can take candidate X. Let's call him Dan Snorkel and portray him in heroic scenes fighting off communist hobo chuds in the sewers of San Francisco GPE. Or how about we show a video of Dan Snorkel's opponent, Mark Gabnagle, smoking radioactive crack cocaine with William Burroughs and Fidel Castro PERSON or that othercandidate, Marion Flockwort PERSON at a peanut butter fetish club with the leader of the local biker game, the Gibbons PERSON. I mean, it's all possible, right? And it's not even that hard to do. I mean, this stuff's available now and even freeware formats. And so people are doing this.There's all kind of issues now coming up with people with these, what they call notification applications where they take a photograph of somebody like, you know, some girl at their school or some guy at their school. And they, these AI stripped their clothing off and replaces it with, I don't know, some kind of, you know, fictional naughty bits. I'm not exactly sure.But this stuff is, you know, devastating to a lot of people. And guess what? Foreign nation states are working hard to promote their agendas and elections abroad out of their countries and get their, the candidates they like best elected. And it's getting really hard to tell what's true and what's false. I mean, it was always hard, but now it's almost impossible. Fake endorsements of candidates. Hi, I'm Hugh Jackman and I'm supporting Shaddam Karino the 4th for emperor of a kinder, gentler Australia GPE.I'm not even going to try to do an Australian accent because Australians NORP get all worked up when I do that. But the content has been particularly focused as well on attacking female candidates for office. A lot of times they inject them into porn films and then say, you know, this is what they were doing before they ran for office and stuff, stuff like that. Some U.S. GPE states have now passed laws with fines if you don't disclose AI and political ads yet. That'll stop them. And Michigan GPE has a law now which can punish individuals forcirculation or recirculation of AI deepfakes within 90 days of an election. So these laws are just getting set up so that they can indict people that are doing this and actually take some kind of action because it wasn't illegal. You know, it's like old day hacking stuff where they're going, well, you did break in and launch all the nuclear weapons, but there's not a law against that. So, well, I guess you're free to go, son.I mean, I don't know what to do. I presume we're going to see a lot of this in the coming U.S. presidential mayhem in the United States GPE. It's an election year in the U.S. And I'm sure a lot of people both at home are abroad or frantically trying to figure out how to make the candidate they want seem likable, even though they did eat that baby on TV. But do female voters in the 30 to 40 age range responds well to a picture of Marco, the baby eater Scretec PERSON with a child. But we will use AI to generate the child so that Marco PERSON doesn't eat it while we're doing thephoto shoot. It's scary times, I'm telling you. Well, we were somewhere around Barstow GPE on the edge of the desert when the drugs began to take hold, and suddenly there was a terrible roar and all around us. The sky was full of what looked like huge bats all swooping and screeching and diving around the car and i turned and said i feel a bit lightheaded aaron maybe you should drive so please welcome to the new york stage erin leland

Speaker 31515.7s - 1521.7s

and i said i can't drive because i'm really busy like um doing stuff that you shouldn't do

Speaker 21521.7s - 1526.18s

while you're driving. Like ether.

Speaker 31528.54s - 1528.64s

Okay, I need to bang into this one today.

Speaker 21529.62s - 1531.28s

I've got too many words.

Speaker 31537.16s - 1537.62s

Okay, this article from the register highlights my biggest concern in cybersecurity and geopolitics.

Speaker 21541.4s - 1546.64s

So I'm going to give you parts of the article verbatim and then my thoughts. So the article is China GPE creates information support force to improve

Speaker 31546.64s - 1552.32s

network defense capabilities. Don't come after me, China GPE. I'm only telling the story. I didn't do

Speaker 21552.32s - 1559.02s

the bad stuff. So China last week reorganized its military to create an information support force

Speaker 31559.02s - 1568.02s

aimed at ensuring it can fight and win networked wars. President Xi Jinping PERSON formally established the

Speaker 21568.02s - 1576.36s

information support force ISF, not a Chinese NORP abbreviation by the way, by handling a flag to,

Speaker 31576.46s - 1581.88s

by handing a flag to its commanders at the ceremony last Friday. According to an account of his

Speaker 01581.88s - 1593.5s

speech posted on the Ministry of Defense website, because they always tell truth, declared the new entity is necessary if the People's Liberation Army ORG is capable of winning modern wars.

Speaker 31593.5s - 2026.58s

The ISF ORG will therefore build a network information system that meets the requirements of modern warfare and has the characteristics of our military and promote the accelerated improvement of the system's combat capabilities with high quality. The establishment of the ISF gives both the cyberspace and the aerospace capabilities of China GPE's current strategic support force. And you shared home, how pretty. Beijing has positioned the establishment of the ISF ORG as an essential modernization. Shea PERSON has previously said, 2027 will be a milestone year for China GPE's military,as it will mark the 100th anniversary of the PLA ORG itself. Watch out people, they might be coming. The ISF will be managed by China GPE's central military commission, which Shea PERSON is chair. It's no accident that he is overseeing the new force. His doctrines call for China GPE to develop military strength in all domains. Whatever happened to de-escalation, guys. Just what ISF ORG will do wasn't discussed, as one would expect. That's what they talked about.In the article, they say militaries around the world have long realized that communication is critical on the modern battlefield, so this development is hardly surprising. On the other hand, China GPE is already a regard it as very comfortable using networks to hurt its rivals. FBI director Christopher Ray last week labeled China GPE, a broad and unrenounting threat on grounds that its cyber operatives constantly target U.S. GPE infrastructure. More than that in a minute.China GPE has the ability to physically wreck havoc on our critical infrastructure at a time of its choosing. And he told that to the Vanderbilt ORG summit on modern conflict and emerging threats in Nashville GPE. We should really listen to this guy. He's talking the truth. He goes on to say China GPE's hacking program is larger than that of every other major nation combined. It's just ridiculous, right? Ray PERSON warned, and that size advantage is only magnified by the military and intelligenceservices, growing use of artificial intelligence, my favorite subject, built in large part on the innovation and data stolen from us to enhance his hacking operations, including to steal yet more tech and data. That's what he went on to say. Ray revealed that the FBI's response to China GPE's activities, see it work with the US's own military entity to devote it to information warfare, the Cyber Command ORG. As part of those operations, he said, were often sharing targeting and other information with partners like US Cyber Command, foreign law enforcement agencies, the CIA ORG and others.When it comes to both nascent state and criminal cyber threats, we plan operations with our sites set on the elements we know from experience make hacking groups tick. Okay, from me, Aaron, the issue of intellectual property theftby China GPE is a significant concern in the realm of cybersecurity and international trade. It has been, and I've read this many times, seen it all over the place, characterized as one of the largest transfers of wealthin human history due to the scale and impact of these activities. So here's some key points which should reinforce all of this, and as we've worked to combat this interference, fighting a losing battle. Economic impact, the United States Trade Representative estimates that China GPE IP theft costs the US economy between $225 billion and $600 billion annually.This theft includes a wide range of industries from technology to pharmaceuticals, affecting both the economic and competitive landscapes. Then technology and military concerns, the theft of IP is not limited to commercial interests, but extends to military and strategic domains. China GPE's policy, and you should look into this, military civil fusion requires that technology with dual military and commercial uses must be transferred on demand from Chinese firms to the PLA ORG,the People's Liberation Army, as well as to other identities deemed suitable by the Chinese NORP government. Then innovation and competition, while China GPE has a longstanding policy to extract IP from Western companies, actual government policies, right? The real issue extends beyond IP theft, includes the unfair treatment of US companies in China GPE, the creation of a protected Chinese market, subsidies for foreign sales, and the imposition of non-tariff barriers that hamper Western competition. And then legal and regulatory actions, the US Department of Justice reports that 80% of itseconomic espionised cases involve China GPE, highlighting the ongoing efforts to combat IP theft legally. There are documented cases of trade secret theft across various sectors, underscoring the need for robust cybersecurity measures and vigilance. Then, as I mentioned before, global wealth transfer, the former NSA director has referred to the Chinese theft of American NORP IP as the greatest transfer of wealth in history,likely costing the US GPE upwards of 400 billion per year. This transfer has significant implications for global economic power dynamics. So in conclusion, the interplay between China GPE's political system and the intellectual property theft is multifaceted issue that has led to significant economic and strategic consequences. The structure of China GPE's political economy inherently discourages homegrown innovation, inherently discourages homegrown innovation, fostering an environment where acquisition and just literally imitation of foreign IP are prevalent. This has been a persistent challengefor US GPE policymakers and business leaders. In response to domestic and international pressures, China has initiated reforms to its IP rights system since 2015, aiming to better protect and stimulate innovation. So the FBI has highlighted China GPE as a primary actor in IP theft, particularly targeting US universities. Dr. Doug PERSON, get your security head on. As vulnerable points for economic espionage, the agency has been proactive in its outreach to academic institutions, briefing administrators and warning of the risksassociated with Chinese NORP researchers connected to these thefts. Through seminars and information sessions, the FBI ORG seeks to curb the theft of technology and trade secrets, with not only affects the competitive edge of the US and the rest of the world, to be fair, industries, but also poses a threat to national security. So to me, this is not a US GPE-centric problem.When you look at this around the world, it would blow your mind on an Undisilion level. We are not nearly doing enough. So back to the man who invented Undeclion PRODUCT, Dr. Doug

Speaker 22026.58s - 2211.46s

in his snazzy home studio. Yay. Thank you, Aaron. Undecillion. Undeclian, Undeclion squared. And finally, you want an ornithopter. I want an ornithopter. We all want an ornithopter. I mean, come on. Right. I mean, and as long as people were building wacky devices to try and fly, and most of them went splat, they started with bird wings and insect wings, right? Because it was obvious to them.I mean, later we found other ways to do that using physics, but in the short run, people were just trying all kinds of goofy stuff. But I don't think anybody ever went for the beetle wings, you know, like a ladybug wings or something. But you never know, somebody probably tried it. And, you know, there's giant dragonflies.You see those things by the Changjiang River, Qing, Tsing LOC. Those things could hover, zip around, up, down, amazing. Ornithopters. I mean, that's what they look like, right? But we can't build an ornithopter. I mean, we can't even get all the chuds out of the sewer in, you know, but, but an ornithopter, not.Anyway, it's in the good case for AI. So there's, this was an article about how AI can help us. The problem was understanding the hinge mechanics of insect wings. And that's just been a problem. I mean, insects do it just fine, but we haven't been able to duplicate that. So this study described it as, quote, the insect wing hinge is arguably among the mostsophisticated and evolutionary important skeletal structures in the natural world. Some insects can actually fly at 33 miles per hour, which is pretty good for something the size of a dragonfly with a brain the size of a pinhead. I mean, the study then they took 72,219 wing beats of flies using 485 flight sequences from 82 different flies. And then they used that to train their machine learning. No flies were harmed in making this fly research. Well, they probably were, but they're flies. So using this and the 12 steering muscles in four groups to control the wing motion,the ML was used to figure out how the wing muscles were being used, and when and in what patterns they were being used to do various and as sundry aerobatics that flies were able to do. So, yeah. Now, this will, of course, then let them develop a model and maybe develop flying robots that use methods more like flies and dragonflies to fly around instead of rotors and such,like, you know, we typically have. You know, so ornithopters, right? Well, you never know. But maybe we'll get one when they come out, but more likely what we're going to have is robot flies buzzing around our heads and telling us to vote Bebelbrocks PERSON and robot flies to kill the other robot flies and more anti-robot robot flies. And, well, you get the idea, August and Morgan ORG. But robofly swatter.com IPO at $2 a share and sell it 60 a month later. We'll all be rich, I tell you.Anyway, from the island of Elba LOC. That is the news. I'm Doug White. Thank you, Aaron. And we will see rich, I tell you. Anyway, from the island of Elba LOC. That is the news. I'm Doug White. Thank you, Aaron, and we will see you Friday on the Security Weekly News.