Container security, Cloud Security, Bug bounties, Configuration management, Attack simulation

SWN #11

February 11, 2020

 

 

The CIA spying? NASA could have used a USB charger?, Election technology not very secure?, ICS is a threat, and the return of the Equifax monster from beyond the grave. All this and more on the Security weekly news today.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

CIA Spying, Equifax Monster, Chinese Military, Election Security

Security Weekly News — Week of 11 — February — 2020

  1. CIA and BND secretly sell crypto equipment to 120 countries for a LONG time.
  2. Ben Nimmo hunts disinformation bots from Scotland.
  3. Five measures to harden election technology.
  4. Part one of the election technology article.
  5. Israel’s entire voter registry exposed by bad app.
  6. In the United States, a school district decides to implement facial recognition.
  7. ICS is a big threat.
  8. MITRE ATT&CKK for ICS.
  9. Ransomware is likely your biggest threat.
  10. The return of the Equifax Monster.
  11. How the Equifax hack happened.
  12. GAO report on Equifax.
  13. Could NASA have just used USB chargers for Apollo 11? Maybe.

Expert Commentary: Jason Wood

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Yesterday the United States announced indictments against four soldiers of China’s Peoples Liberation Army for the 2017 data breach of Experian. As you recall, this is when nearly every adult in the US and half of UK adults got free credit monitoring due to their data being compromised. The Department of Justice announced a 9 count indictment against Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei. All four are members of the PLA’s 54th Research Institute.

The breach itself was huge and involved large amounts of data being copied from Experian’s systems. According to the indictment, the operators routed their traffic through over 20 different countries and 34 different servers. They went to great lengths to obscure their activities and to blend in with traffic inside the Experian network. If the indictment is accurate, the US somehow were able to piece this back to these four individuals and get pictures of three of them in uniform. How the US gathered their evidence and traced back to the alleged operators is not documented in the indictment.

According to Attorney General Barr, the decision to indict these men in this breach is due to the wholesale collection of data about US citizens, who the US does not regard as legitimate espionage targets. “The United States, like other nations, has gathered intelligence throughout its history to ensure that national security and foreign policy decision-makers have access to timely, accurate and insightful information,” Barr said. “But we collect information only for legitimate national security purposes. We don’t indiscriminately violate the privacy of ordinary citizens.”

In other words, it’s one thing to go after military and economic data, but another to steal bulk data about people whose only reason for being targeted is that they are US citizens. This could raise objections from some as the US intelligence services have been accused of violating the privacy of ordinary citizens in domestic surveillance programs intended to combat terrorism. Regardless, this is the line the US government has decided to draw.

So what does this mean for the men who have been indicted? Probably not much in the sense of their day to day lives. China is not going to put these men on a plane to the US so that they can be arrested and stand trial. The operation, if China’s, would have been approved by others in leadership, nor would China admit responsibility for such an operation. However, it does provide some risk to the men of eventually being arrested.

If they travel internationally, then that increases their risk of arrest. In July of 2014, the US Secret Service arrested a Russian citizen named Roman Seleznev for his activities in credit card fraud operations. He was arrested while in the Maldives and extradited to the US. It’s entirely possible that the four men named in this indictment could travel to a country that is more sympathetic to the US than they expected and be arrested there.

Obviously, facilitating the arrest of Chinese soldiers is a bit different than that of a regular citizen. Other countries may be more wary of providing that level of cooperation. China would almost certainly express its outrage and look for ways to respond. When Huawei’s CFO was arrested in Canada for violating sanctions on Iran, China responded by arresting a Canadian couple in China. Similar responses would be likely if these four were ever arrested.

Events like this are a bit uncomfortable as we watch nations try to figure out how to respond to events in a highly connected world. Now we can have thefts occur from the other side of the globe without any real hope of holding those involved to any accountability. In this case, we have the US deciding to indict members of the Chinese military in response to a data breach. What will China’s response be? It’s anyone’s guess.

https://www.wired.com/story/equifax-hack-china/

Hosts

Doug White

Doug White – Professor

Jason Wood

Jason Wood – Founder; Primary Consultant

Guests



This week, Doug talks SolarWinds patches, Jack Dorsey’s Clockblock, Tesla banned, 11 zero-days in one year, Turing, & the recaps of this week’s content on the Security Weekly News Wrap-Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

SolarWinds Patch, Jack Dorsey BlockClock, Tesla Banned, 11 0-Days, Turing – Wrap-Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Audio



This week, Dr. Doug talks Microsoft, Apple Store, PhP, Video Game Cheating, Joe Biden’s executive order, & the return of Jason Wood for Expert Commentary! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Microsoft, PhP, Apple Store, & Video Game Cheats

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.

Audio



This week, Dr. Doug talks Joe Biden, Bad Octal, Bad, North Korea Zinc Group, PhP, NMP, the Mafia, and the show Wrap Ups for the week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Joe Biden, Bad Octal, Bad, North Korea, PhP, & QNAP

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Audio



Breaches, Microsoft, the Dead Return to Life, The IRS is coming for your Bitcoin, Have YOU been PWNed, and the Expert Commentary of none other than Jason Wood! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

IRS “Operation Hidden Treasure”, Microsoft Edge Grows, & ‘more_eggs’ Malware

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week, Elon visits an audio-only virtual bar, Ubiquity denies, Accellion, ToadSuck.gov, and more, plus show wrap-ups! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Accellion Breach, Discord/Slack Malware, & Virtual Audio Bars – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week, Dr. Doug talks naughty vaccines, Air frying is not frying, BGP is leaking, Codecov, Lazarus, Google Alerts, Nitro Ransomware, & we’re joined once more for expert commentary by Jason Wood! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Major BGP Leak, Codecov Attack, Lazarus APT, Discord Ransomware, & GEICO Breach

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



Just sit right back and you’ll hear a tale, Lots of Zero Days, CodeCov, FBI Hack backs, Cozy Bear, Mystery Science Theatre, the Professor and the rest, here on Security Weekly Wrap Up Island! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

SonicWall Vulns, Lots of Zero Days, The FBI, The Professor, & The Rest

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week in the Security Weekly News: Dirty emojis, Nvidia zero-days, Shlayer, Cozy Bear, Emotet, Babuk, iOS 14.5, and Jason Wood returns for Expert Commentary! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Nvidia 0-Days,Emotet Nukes Itself, Babuk D.C Attack, & iOS 14.5

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



In the Security Weekly News Wrap Up for this week: Government intervention in Ransomware, Joe Biden’s response to Russia, Passwordstate, AI, Mitre, Chrome, contaminated instruments, and Dr. Doug’s Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Gov’t Tackles Ransomware, Passwordstate Backdoor, & BinD Updates – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



In the Security Weekly News Wrap Up for this week: Government intervention in Ransomware, Joe Biden’s response to Russia, Passwordstate, AI, Mitre, Chrome, contaminated instruments, and Dr. Doug’s Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Gov’t Tackles Ransomware, Passwordstate Backdoor, & BinD Updates – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week Dr. Doug talks Dan Kaminsky, Spectre, Badalloc, Cardassian Overlords, Apple patches, and the notorious Jason Wood returns for Expert Commentary! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

‘BadAlloc’ Flaws, Dan Kaminsky, Apple 0-Days, & Spectre Defenses Shattered

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.

prestitial ad