Hacker And The Fed

On this episode of Hacker And The Fed we interview Special Agent Aron Mann with Homeland Security Investigations (HSI) Cyber Crime Center about their cyber role and career opportunities. We break down the Colonial Pipeline hack, how the dark web is intensifying the insider threat, and dig into the mother of all breaches. And finally, the SEC's X account was hacked.

Links from the episode: 

https://www.ice.gov/about-ice/homeland-security-investigations

https://www.ice.gov/partnerships-centers/cyber-crimes-center

https://www.usajobs.gov/

https://www.usajobs.gov/Search/?k=homeland%20security%20investigator

 

Colonial Pipeline Hack - May 2021

https://www.justice.gov/opa/speech/dag-monaco-delivers-remarks-press-conference-darkside-attack-colonial-pipeline

https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside

https://www.justice.gov/media/1159701/dl

From Loyal Employees to Cybercriminals

https://thesun.my/opinion_news/from-loyal-employees-to-cybercriminals-AC12012406

Mother of All Breaches Reveals 26 Billion Records: What We Know So Far

https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/

SECGov X Account

https://www.sec.gov/secgov-x-account

Support our sponsors:

NAXO is a premier cybersecurity and investigations firm, including blockchain forensics, whose mission to fight cybercrime aligns perfectly with Hacker and the Fed’s content.

Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

This week on Hacker And The Fed we interview Greg Van Houten of Haynes Boone and policyholderplaybook.com, a seasoned civil litigator who focuses on insurance recovery. We talk to Greg about the SEC's new cybersecurity disclosure rules, which went into effect this month. We also discuss a massive hack that went unreported, a train hack due to a vendor’s geofencing feature, indictments in an 80-million-dollar pig butchering scheme, and a MongoDB security breach.

Links from the episode: 

Greg Van Houten of Haynes Boone

policyholderplaybook.com

 

SEC’s cyber disclosure rules: Key considerations for the board, C-suite and risk managers. Authored by Greg Van Houten (Haynes Boone), David Franzel (NAXO), and Chris Tarbell (NAXO)

https://www.cybersecuritydive.com/news/secs-cyber-disclosure-rules-tips/700550/

 

The Biggest Hack Over the Last Few Years Has Gone Unreported

https://twitter.com/mattjay/status/1735046508242780575

 

Train Hack Due to Vendor Geofencing Feature

https://social.hackerspace.pl/@q3k/111528165627522619

 

Polish Hackers Repaired Trains the Manufacturer Artificially Bricked. Now The Train Company Is Threatening Them

https://www.404media.co/polish-hackers-repaired-trains-the-manufacturer-artificially-bricked-now-the-train-company-is-threatening-them/

 

Four Men Indicted in $80 million ‘Pig Butchering’ Scheme

https://www.cnbc.com/2023/12/14/pig-butchering-scam-results-in-four-indictments-two-arrests-doj.html

 

MongoDB Suffers Security Breach, Exposing Customer Data

https://thehackernews.com/2023/12/mongodb-suffers-security-breach.html

Support our sponsors:

NAXO is a premier cybersecurity and investigations firm whose mission to fight cybercrime aligns perfectly with Hacker and the Fed’s content.

Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

This week on Hacker And The Fed we speak with Lance Taubin of Alston & Bird about being a cyber lawyer, the FBI shares the tactics of the ransomware gang Scattered Spider, a company pays a ransom and their data is exposed anyway, Alpha BlackCat uses government regulations to further pressure a victim to pay, and the FCC is trying to make SIM swapping more difficult.

Links from the episode: 

FBI Shares Tactics of Notorious Scattered Spider Hacker Collective

https://www.bleepingcomputer.com/news/security/fbi-shares-tactics-of-notorious-scattered-spider-hacker-collective/

 

Dolly.com Pays Ransom, Attackers Release Data Anyway

https://cybernews.com/security/dolly-data-breach-ransomware-attack/#google_vignette

 

Ransomware Gang Files SEC Complaint Over Victim’s Undisclosed Breach

https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/

 

FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks

https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html

 

Lance Taubin | Technology and Privacy Attorney | Alston & Bird

Support our sponsors:

NAXO is a premier cybersecurity and investigations firm whose mission to fight cybercrime aligns perfectly with Hacker and the Fed’s content.

Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

This week on Hacker And The Fed we break down the SolarWinds hack, there are 8 new vulnerabilities found in SolarWinds, thousands of remote IT workers have been working for North Korea, hackers are targeting a company that handles data requests for law enforcement, and we answer listener questions about VPN services, password managers and patch management.

Links from the episode: 

Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

https://www.darkreading.com/vulnerabilities-threats/critical-solarwinds-rce-bugs-enable-unauthorized-network-takeover

 

Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program, FBI Says

https://apnews.com/article/north-korea-weapons-program-it-workers-f3df7c120522b0581db5c0b9682ebc9b?taid=6531b8b29c11a80001ef2a28

 

Hackers Target Company That Vets Police Data Requests for Tech Giants

https://www.404media.co/hackers-target-kodex-accounts-edrs/

 

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

Go to Cloudsolvers.com and tell them "Hacker and the Fed sent you" for a free assessment of your current environment

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed we offer updates on the MOVEit and MGM Resorts hacks, the US State Department has no idea if its IT security actually works, the Senate's email system melts down in the face of a security test, Cisco can't stop using static passwords, and we answer listener questions about Single Sign-on, circumventing company IT rules, and LinkedIn profiles.

Links from the episode:

MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Tool

https://therecord.media/progress-new-file-transfer-vulnerability

 

MGM Resorts Hack Update

https://x.com/brettforrest89/status/1711885567695433765

 

US State Dept has No Idea if its IT Security Actually Works, Say Auditors

https://www.theregister.com/2023/10/02/us_state_security_gao/

https://endoflife.date/windows

 

The Senate’s Email System Melted Down in the Face of Security Test

https://www.politico.com/minutes/congress/09-8-2023/senate-reply-all-mess/

 

Cisco Can't Stop Using Static Passwords

https://www.schneier.com/blog/archives/2023/10/cisco-cant-stop-using-hard-coded-passwords.html

Support our sponsors:

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed Microsoft releases their 2023 digital defense report, are paying ransoms illegal in the United States? The NSA and CISA red and blue teams share top 10 cyber security misconfigurations, a 158 year old company shuts down because of a ransomware attack, and we answer listener questions about fido2 security keys and "hacktivist" rules.

Links from the episode:

Microsoft Releases Its Yearly Digital Defense Report

https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023

 

Are Paying Ransoms Illegal in the U.S.?

https://www.huntonprivacyblog.com/2022/07/26/florida-enacts-law-prohibiting-state-agencies-from-paying-cyber-ransoms/

 

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a

 

Zero-days for Hacking WhatsApp are Now Worth Millions of Dollars

https://techcrunch.com/2023/10/05/zero-days-for-hacking-whatsapp-are-now-worth-millions-of-dollars/

 

Lazarus Impersonated Meta Recruiter to Breach Spanish Aerospace Firm

https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/

 

Kettering logistics firm enters administration with 730 jobs lost

https://www.bbc.com/news/uk-england-northamptonshire-66927965

 

FDA Cyber Mandates for Medical Devices Goes into Effect

https://cyberscoop.com/fda-cybersecurity-medical-devices/

 

City of Dallas Suffers a Ransomware Attack

https://dallascityhall.com/DCH%20Documents/dallas-ransomware-incident-may-2023-incident-remediation-efforts-and-resolution.pdf

 

International Committee of the Red Cross Published Rules of Engagement for Civilian Hackers Involved in Conflicts

https://www.bbc.co.uk/news/technology-66998064

https://www.theregister.com/2023/10/04/red_cross_hacktivist_rules/

 

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

 

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed the end of privacy with AI being used to dox people in viral videos, billions of usernames and passwords are exposed, nationstate hackers are hiding in router firmware updates, we answer listener questions about working with the FBI, setting up a cyber security business, and safely using data sent to you be others. Finally, we announce Hacker And The Fed's first contest for cyber security awareness month.

Links from the episode:

The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech

https://www.404media.co/the-end-of-privacy-is-a-taylor-swift-fan-tiktok-account-armed-with-facial-recognition-tech/

 

Darkbeam Leaks Billions of Email and Password Combinations

https://securityaffairs.com/151566/security/darkbeam-data-leak.html

 

FBI Hacker Dropped Stolen Airbus Data on 9/11

https://krebsonsecurity.com/2023/09/fbi-hacker-dropped-stolen-airbus-data-on-9-11/

 

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

https://media.defense.gov/2023/Sep/27/2003309107/-1/-1/0/CSA_BLACKTECH_HIDE_IN_ROUTERS_TLP-CLEAR.PDF

 

Russian Exploit Marketplace offering $20M for a Full Chain Mobile Exploit

https://twitter.com/opzero_en/status/1706762507631677760

 

McDonalds Point of Sale System Hacked

https://twitter.com/vxunderground/status/1706508703745151211

 

Support our sponsors:

Go to HelloFresh.com/50hatf and use the code 50hatf for 50% off plus free shipping

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed we break down how Equifax was breached, is Google Authenticator MFA Cloud Sync feature responsible for a hack into 27 crypto companies? Google’s Threat Analysis Group announces an in-the-wild 0-day exploit chain for iPhones, the year of the insider threat continues with the arrest of a Department of State IT Contractor on espionage charges.

Links from the episode:

How Equifax Was Breached in 2017

https://blog.0x7d0.dev/history/how-equifax-was-breached-in-2017/

https://twitter.com/vxunderground/status/1700335482440204521

 

Retool Blames Breach on Google Authenticator MFA Cloud Sync feature

https://www.bleepingcomputer.com/news/security/retool-blames-breach-on-google-authenticator-mfa-cloud-sync-feature/

 

0-days Exploited by Commercial Surveillance Vendor in Egypt

https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/

 

Department of State IT Contractor Arrested on Espionage Charges

https://fedscoop.com/department-of-state-it-contractor-arrested-on-espionage-charges/

 

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed we answer listener questions about finding out our relative is a hacker, applying for a cyber security job as a chemical engineer, preparing you for a technical interview, the FBI being a great place to work, is MFA once every 24 hours too much, and much more.

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]

This week on Hacker And The Fed your car may know all the details about your sex life, the Swiss fined an insurer 3 million dollars for horrible cyber security practices, the US Departments of State and Commerce were compromised because of a two-year-old Windows crash report, Iran and New Korea hacking crews have active campaigns against security researchers, and two victories over Russian hackers for the US government.

Links from the episode:

Insurer Fined $3M for Exposing Data of 650k Clients for Two Years

https://www.bleepingcomputer.com/news/security/insurer-fined-3m-for-exposing-data-of-650k-clients-for-two-years/

 

If You’ve Got a New Car, It’s a Data Privacy Nightmare

https://gizmodo.com/mozilla-new-cars-data-privacy-report-1850805416

https://arstechnica.com/cars/2023/09/connected-cars-are-a-privacy-nightmare-mozilla-foundation-says/

 

Microsoft Finally Explains Cause of Azure Breach: An Engineer’s Account Was Hacked

https://arstechnica.com/security/2023/09/hack-of-a-microsoft-corporate-account-led-to-azure-breach-by-chinese-hackers/

https://twitter.com/0xdabbad00/status/1699596048392736812

 

Hacker Group Disguised as Marketing Company to Attack Enterprise Targets

https://gbhackers.com/hacker-group-disguised-as-marketing/

 

Active North Korean Campaign Targeting Security Researchers

https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/

 

Russian Infosec Boss Gets Nine Years for $100M Insider-Trading Caper Using Stolen Data

https://www.theregister.com/AMP/2023/09/08/russian_insider_training_prison/

 

United States and United Kingdom Sanction Additional Members of the Russia-Based Trickbot Cybercrime Gang

https://home.treasury.gov/news/press-releases/jy1714

 

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at [email protected]