Press "Enter" to skip to content

Month: April 2019

Tuesday, April 30th, 2019

People Are Clamoring to Buy Old Insulin Pumps

Malware Infests Popular Pirate Streaming Hardware

Chinese dev jailed and fined for posting DJI’s private keys on Github


[00:00:01] Good morning friends It is Tuesday, April 30th and here is today’s security news. [00:00:05][4.5]

[00:00:06] First off from the Atlantic not your traditional security article that we’ll discuss here but the title is “People are clamoring to buy old insulin pumps.” Written by Sarah Zhang on the Atlantic. So this is an interesting article, and there’s a lot of you know sort of medical terminology, and you know a lot about insulin and type 1 diabetes. But it’s interesting because it has to do with hacking of a Medtronic insulin pump. So essentially what they’ve done is they’ve used this pump to create a process that they call looping so that this software that runs on an artificial pancreas can then talk to this insulin pump and regulate the amount of insulin that is put into the person’s body. This is interesting because they stopped making these Medtronic pumps I think in 2014. So you have all these people running around on eBay and Craigslist and Facebook trying to grab these things so that they can build these systems and use them instead of having to count everything all day and do all kinds of different insulin shots and it makes their life a little bit easier so much. This is used across the industry quite a bit so much so that the CEO of JD RF the Jew Juvenile Diabetes Research Foundation actually does this himself. So a very interesting article. Not your usual security but hey it’s hacking. So we’re going to talk about it. [00:01:41][94.3]

[00:01:42] All right. Next from the threat post dot com Malware infests popular pirate streaming hardware. This should come as no surprise to anybody. So some researchers have gone and grabbed a Cody streaming box and essentially determined that every one of the add ons that is on there was to take it back. Not everyone. A large majority of the pieces of software an add on that are in this Cody box contain malware. Some of the things that it’s doing it is taking all of the wireless information your SS I.D. password and such from that box and sending it to a server in another country. Somebody had one point five terabytes of data was uploaded from a device that shared the same network of the Kodi box. So they were able to move laterally on the network and extract one point five terabytes of data. I know what you guys but that would flag my ISP pretty quick as going over my limit. So that just a lot of interesting things here. I mean this should not be a surprise at all. I mean why would if you were developing free quote unquote apps that allowed you to stream illegally wouldn’t you try and take advantage of that to all these people trying to do that. So apparently it’s quite a bit of talk about it on the dark web. I mean they’re the developers of these things literally discuss this with each other on how to do this effectively. So an interesting thing. Stay away from it. I mean at the end of the day I mean at least make sure you’re protected somehow if you’re going to use this stuff. [00:03:22][100.5]

[00:03:23] All right. Next one A. This one I when I first started reading it. I got a bit of a chuckle then it got pretty serious pretty quick. So this one from the registered Kota U.K. Chinese Dev jailed and fined for posting DGA. Excuse me. D.J. I’s private keys on GitHub so DGI makes drones for those that don’t know. So he ended up posting two extremely important keys on get hub one of them was the ASG for the firmware. So that’s why I saw it first got a little bit of a chuckle. You know people were allowed to go. You know they can now modify the firmware to their needs but the second one this was a big deal. He dropped a wildcard SSL key for star dot DJI dot com and oh I can’t say that. And that’s a big deal. I mean in the world of keys. That’s a big one especially an SSL keys. So you know any subdomain of D.J. icon. Now hopefully they’ve gone and revoked that key. And you know they’ve gone through that process but who knows at this point that’s a that’s pretty dangerous. So he ended up getting fined just under 23000 pounds two hundred thousand. You on what I end up being so he, of course, is very sorry. “I was born in a very poor village I studied hard all the time I finally gotten to university was very happy thing to me and my parents. But now all the things are done I am done. I will go to jail. I have to take this stain in my life. My girlfriend began to break up with me. Wow. Woo. My family are broken. F bomb. What are terrible things. Maybe the only thing I can do now is to die. It is so hard I need to be free.” I feel for this guy. That’s a pretty big deal. Sound. People who say those kinds of things about how we want to die and girlfriend breaking up don’t sound like it was intentional to me so. [00:05:26][122.9]
Chris Adkins: [00:05:29] All right. Normally we do for, but we’re already over our time for the day. So thank you for joining us. It is what day is it’s Tuesday Tuesday, April 30th 2019. Everybody have a wonderful day. [00:05:29][0.0]

Monday, April 29th, 2019

A Crash Course In Card Shops

Lime Scooter Hacked in Australia

Google boots major Android app developer from store for conducting massive ad fraud

Credential stuffing: Bigger and badder than ever


 [00:00:01] Good morning friends It is Monday, April 29th and this is security on the bayou.

 [00:00:05] Let’s get things kicked off today with an article from SC Magazine U.S. by Doug Olynyk credentials stuffing bigger and better than ever. Obviously credential stuffing has been around for a long time but Recorded Future issued a report this week talking about the resurgence of it for a few reasons. One of them is automation which makes perfect sense we’re automating everything these days and not just the automation here but they have developed not they procure Recorded Future has not but the bad guys have vellum some tools that can do multiple sites at once. So not only are you just hitting one you’re hitting a bunch and you’re doing it very fast and you’re automating it. So you’ve seen a resurgence in it so much so that a single account that used to sell for ten dollars is now down to a mere one or two dollars. It’s very interesting that this has come back and this has been seen in the wild if you will so go check out this article recorded feature also called out a few different tools that have been used some interesting names of these tools obviously you can tell where they came from by the names but also some prices. There is one on here, private keeper that sells for forty-nine rubles Russian rubles which is a approximately 64 cents. So not exactly a high barrier to entry on this.

 [00:01:26] OK next from ZDnet we have an article entitled Google boots major Android app developer from the store from conducting massive ad fraud. This one is by Charlie Osborn. So they kicked out over 40 apps by a Chinese developer over the weekend. And here let me get I want to make sure I get this right. The name of the company or the developer is Deo global which is in part owned by Baidu so a very big connection there for this developer. So they ripped a bunch of their applications off the Google Play store for using adware and you know essentially click fraud within the adware within the application so it was quite a few it ended up being at the end of the day over 100 applications that were they removed with 600 million installs. That’s quite a few. I’m sure they made a few bucks on that deal. Global released a statement, of course, they’re quote-unquote sorry and you know they’re going to look into their practices. But we know how that goes.

 [00:02:27]  So next a crash course in card shops by Josh. I apologize Jeff. Josh I to get this wrong Lefkowitz this is an interesting article this isn’t necessarily going to make you a expert on carding and how the underground card shops work but it’s a great primer. You’re all human so you understand good customer service that that part won’t come as a surprise here they do refunds you know there are all kinds of different things but I think what I really enjoyed about this article is some of the terminology and abbreviations and tallies that are used for instance B I N bank identification number and then also like the difference between a dump versus a card. So and then obviously CSP which I previously knew. Card not present fraud which is very common. And so it’s in some good detail here I recommend you read this as all sort of prime you on you know some things that are going on especially in the financial services or you know you work for one of these companies. Take a look at this it should be hopefully something you already know but added to your toolbox of tools.

 [00:03:38] And then the last one for the day on a bit of a lighter note this one actually came up last week chose to skip over it but I think it came back up on my feed so I had to bring it back up. This one’s by Matt Novak on Gizmodo dot com. Lime scooters hacked to say sexual things to riders in Australia. Obviously lime is not very happy about this but frankly, I find it pretty funny. Like here’s one of the sayings. “Don’t take me around because I don’t like to be ridden” which is you know a little silly. Let’s see here. When customers ended a ride with the hacked scooters the voice box said “no where you go” according to yet another video posted before lime learned about the hack and then this is what they said. It’s not smart it’s not funny and it’s akin to changing a ringtone. I also find changing people’s ringtones very funny so nice try and then they tried to play to the maturity of people which we all know will not work. So very interesting article once again on Gizmodo to calm your laugh of the day in the hacking world. Thank you for joining us.

 [00:04:45] This is his man security on the bayou April twenty ninth. Monday.