Press "Enter" to skip to content

Friday, May 10th, 2019

U.S. charges Chinese national in hacks of Anthem, other businesses

Two crypto-mining groups are fighting a turf war over unsecured Linux servers

Bumper Crop of New Briefings Added for Black Hat USA


 [00:00:06] All right first things first from Reuters by Diana Childs how editing by Susan Thomas and Peter Cooney. So I don’t know why they needed two editors. It’s like four paragraphs. The U.S. charges Chinese national hacks of Anthem and other businesses. So a federal grand jury charged a Chinese national in a 2014 hacking campaign that affected large U.S. businesses including anthem. So we all remember the anthem was a pretty big breach. It was right on the tail of a lot of large breaches so it got a lot of attention to a lot of P.I. obviously not great. So this. They call it an extremely sophisticated hacking group stole nearly 80 million people’s worth of data from Anthem anthem. So obviously quite a bit. Included birthdays names Social Security number street address e-mail address employment information including income data. So a Chinese national has been charged. I don’t see anything in here about this person being extradited. We know how that goes. It’ll probably never happen. This is a shot across the bow but attribution is tough. More power to these people for being a motive to do this. It’s a good thing.

 [00:01:17] From ZDnet by Caitlyn Kimpower now to crypto mining groups are fighting a turf war over unsecured Linux servers. So there are two large crypto mining groups out there called Pacha and rocky. Probably pronouncing both of those wrong but currently, they both have developed their own malware which is not necessarily anything new. You know bad guys do that. That’s what they do. That’s why they’re bad guys but they’re using this malware in order to mine Martin Monaro on the end. So and obviously they’re going back and forth with each other so one guy you know they pop a box and they rip the other person’s malware off and it just keeps going back and forth back and forth to gain quote unquote market share which is interesting. I mean everything has a market share right. So one of the interesting things here is they’re mostly going after cloud-based services due to the amount of resources that those machines have. Makes perfect sense right. I mean imagine if you could get a pop box that had that scale to automatically based on load right. I mean it probably wouldn’t last long but there’d be an interesting one. So some interesting notes in here one of the newest ways they are getting into these boxes are with the Atlassian confluence server vulnerabilities that got released in March. So apparently they’re using three separate ones to really do this in this rocket group has an advantage because their power is more superior because it has the ability to uninstall cloud-based security products which is interesting so it can go on a box in the route removing HIV. And it’s also removing the competitor’s malware. So it sees what there was one other thing in here. Oh there. Exploit portfolio systems that they’re going after. Jenkins confluence Apache struts Jay Bos and others. So those are all we know all of those systems have a lot of vulnerabilities. So if you have them protect them to make sure they’re good to go. Hopefully, none of those systems are like at least your confluence. I don’t know why it would be Internet-facing. But anyways here we go next. And this one is pretty light but it is almost hacker summer camp time which means hopefully you’ve got all your papers submitted. Black hat has announced 50 plus new briefings today. This article comes from Dark Reading obviously black hat dark reading. Can’t believe they announced it on Dark Reading. It’s called bumper crop of new briefings added for Black Hat USA written by Black Hat staff. So they highlight a few of these big ones trust here. Here’s what they’ve got on here. Trust and transformation the post breeds journey so you’re gonna learn about the Home Depot and Equifax breaches which are you know those are big breaches so that’ll be an interesting one in the next inside the Apple T2 which is the inner workings of the apple T2 security chip so if you’re in a hardware hacking and that kind of stuff that’ll be a good one for you. And then next Bruce Schneier. That’s pretty big. He’s gonna have a talk called information security in the public interest. I would highly recommend if you’re going to be a black hack go see this. I don’t know how often he speaks this is the first time I’ve heard of him speaking in public at least is something like this. So go check him out a very smart guy. Don’t be surprised if half of what he says goes straight over your head it does for a lot of people even the smartest people in this industry have a hard time grasping all the concepts he can put out in one small piece of time very smart guy. So that’s it for today. Nice easy day it’s a wet day here in Houston I hope everybody has a wonderful weekend and we’ll talk on Monday.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *