Posts in Hacking and Security

Probe finds that contractors working on military code outsourced some tasks to Russian coders

// November 6th, 2015 // No Comments » // Hacking and Security

After conclusion of a four-year probe, contractors who worked on U.S. military code are being fined a combined $12.75 million. As it turns out, some contractors outsourced coding tasks to Russian. No words can convey the level of stupidity here (hey, let’s get Al-Qaeda to build US airplanes!).

Interesting geographic attack vector from a Russian launched cyber counter-attack

// July 14th, 2015 // No Comments » // Hacking and Security

I love the Russians. I know, strange to hear that from an American in modern day with a new “cold war” (seemingly) beginning to gain steam. Let’s say, I respect them. Their hackers in particular. Their response to a cyberattack is to launch a full-on offensive attack against the attacker, quite a different response from […]

Ouch – US-CERT advisory for this week deals a sharp slap in the face to Adobe

// July 13th, 2015 // No Comments » // Hacking and Security

On the heels of the Hacking Team dump, this week’s US-CERT advisory, a cyber-security bulletin which provides a summary of new security vulnerabilities, was about twice its usual size with all the Adobe Level 10 alerts included in the report. Remind me – why are these products still around?

Are Wild Neutron’s latest attacks related to the zero-day exploit(s) in Hacking Team’s drop?

// July 10th, 2015 // No Comments » // Hacking and Security

Both Kaspersky and Symantec released reports this week pointing out the increase in attacks by Wild Neutron (aka Jripbot, Morpho, or Butterfly). WN had gone mostly dormant (or undetected?) since 2013 after hitting Apple, Facebook, Twitter, and Microsoft using zero-day Java exploits (seeded in the hacked forums of various websites) and the OSX/Pintsized Mac OS […]

14 days running a secret Dark Web pedophile honeypot (and why I now think Tor is the devil)

// July 7th, 2015 // 15 Comments » // Hacking and Security

Before discoursing the lengthy analysis of the Dark Web honeypot (the pedophile honeypot in particular), let’s answer the question that is surely on everyone’s mind – did the honeypot allow me to reveal the true identity of the person visiting the site?

Imagine if we couldn’t report the news. Better yet, imagine you are Barrett Brown.

// January 23rd, 2015 // No Comments » // Hacking and Security

Imagine a cybercrime has occurred. 200 gigabytes of data have been stolen and posted on a remote site. The remote site is public, easily accessible to all. An experienced journalist (Barrett Brown) reports the location of the stolen data.

North Korea’s official full statement regarding the December 2014 Sony attack

// January 3rd, 2015 // No Comments » // Hacking and Security

Below is North Korea’s National Defense Commission’s official statement regarding the December 2014 Sony cyberattack – grammar and spelling errors left intact. The statement was published on December 22, 2014 by the country’s official news agency, KCNA. I’ve highlighted all the interesting (and humorous) parts.

US-CERT releases details on SMB worm tool used in Sony attack- complete breakdown

// December 19th, 2014 // No Comments » // Hacking and Security

US-CERT released alert TA14-353A today detailing a “SMB Worm Tool” recently used by cyber threat actors against a “major entertainment company”. Given the timing of the US formal accusations against North Korea, this certainly hints that the malware toolset being referenced is the one used by the Guardians of Peace (GOP) in the recent Sony […]

Anonymous fights fire with fire – threatens attacks against Sony (and others?) if The Interview is not released

// December 19th, 2014 // No Comments » // Hacking and Security

Anonymous Logo

In an odd but not totally unexpected twist to the story, a hacking group claiming to represent Anonymous has threatened Sony with the same type of bitch slap they got from [cough] North Korea’s GOP if the movie The Interview is not released as planned. This was followed by other messages from a poster claiming […]

FBI releases official update on Sony Investigation – officially confirms North Korea involvement in attack against Sony

// December 19th, 2014 // No Comments » // Hacking and Security

The following just went across the wire, released by the FBI, in which they “concluded that the North Korean government is responsible” for the attack and leak of Sony Pictures Entertainment data. The FBI based their conclusion on similarities in attack code and “infrastructure” previously tied to North Korea and threw down the gauntlet stating, […]

Guardians of Peace (GOP) release Sony CEO Outlook data file with threat to movie goers

// December 16th, 2014 // No Comments » // Hacking and Security

A Pastebin dump attributed to Guardians of Peace (GOP) was released a few hours ago followed by the purported screenplay for the upcoming movie The Interview. In the dump, the GOP continued to harp on their Christmas Day threat while including an invite to the public for special “requests”. The dump included another little surprise […]

Interesting list of Chinese filtered words, banned domains, and potential username/passwords

// December 12th, 2014 // No Comments » // Hacking and Security

That China filters their Internet traffic is no secret – their societal system (many believe) requires that information be filtered. What is more interesting, are the *words* that are filtered. Several research groups have studied China’s walled-off Internet infrastructure (via search engine results, reverse engineered software and hardware products, leaked router or firewall settings, etc.) […]

After loss of pre-release movies and confidential data – Sony goes on the offensive with DoS attacks

// December 11th, 2014 // No Comments » // Hacking and Security

fter the data breach and loss of pre-release films and confidential data in late November, Sony takes an offensive stance – and I like what I’m seeing. According to reports, Sony is using a deluge of Amazon cloud servers in Tokyo and Singapore to conduct DoS attacks against torrent seeds and websites hosting their stolen […]

Silk Road 2.0 bites the dust – does the U.S. government have a foothold in Tor?

// November 6th, 2014 // No Comments » // Hacking and Security

A year after the infamous Deep Web site, Silk Road, was shuttered by federal law enforcement, Silk Road 2.0 (a nearly identical dark web site which opened a month after Silk Road shut down) has suffered the same fate. Officials announced yesterday that they have arrested Blake Benthall (aka Defcon) in connection with the ownership […]

Rough start for Apple Pay alternative – CurrentC mobile payment data systems hacked today

// October 29th, 2014 // No Comments » // Hacking and Security

MCX’s CurrentC payment system, the alternative to Apple Pay backed by Walmart, Best Buy, CVS, Rite Aid, Gap, and others, was hacked today. Reports indicate the data breach involves the theft of email addresses of early beta participants and others who expressed interest in testing the new mobile payment system. No word yet on how […]

JPMorgan Chase security breach not what you think – military attack against key financial institutions turns over keys to the kingdom

// October 4th, 2014 // No Comments » // Hacking and Security

Although I’m disappointed that JPMorgan Chase delayed the disclosure of the breach that touched more than 83 million U.S. households (they knew about it at least four months ago), I’m even more upset at what they disclosed – that key customer financial data was not stolen. JPMorgan may tout the expertise of their security team […]