AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 2/11/2020

1 –  FBI is investigating more than 1,000 cases of Chinese theft of US technology

Members of the US government held a conference in Washington this week on the topic of Chinese theft of intellectual property from US technology firms and the US academic sector. Officials said the purpose of the conference — named the China Initiative Conference — was to bring the US private sector and the academic and research communities up to speed with the US government’s investigations. For the duration of four hours, some of the highest officials from the Federal Bureau of Investigations (FBI) and the Department of Justice (DOJ) spent their time raising a sign of alarm and putting the private and academic sector on alert about the threats they are currently facing in terms of intellectual property (IP) theft from Chinese entities.

 

2 – Dangerous Domain Corp.com Goes Up for Sale

As an early domain name investor, Mike O’Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O’Connor refused to auction perhaps the most sensitive domain in his stable — corp.com. It is sensitive because years of testing shows whoever wields it would have access to an unending stream of passwords, email and other proprietary data belonging to hundreds of thousands of systems at major companies around the globe. Now, facing 70 and seeking to simplify his estate, O’Connor is finally selling corp.com. The asking price — $1.7 million — is hardly outlandish for a 4-letter domain with such strong commercial appeal. O’Connor said he hopes Microsoft Corp. will buy it, but fears they won’t and instead it will get snatched up by someone working with organized cybercriminals or state-funded hacking groups bent on undermining the interests of Western corporations.

 

3 – 1.2 million CPR numbers for Danish citizen leaked through tax service

The Danish Agency for Development and Simplification has discovered the data leak that involved the TastSelv Borger service, which is managed by the US company DXC Technology. The TastSelv service allows everyone with a tax liability to Denmark to view and change his tax return, annual statement and pay residual tax. Data, including CPR numbers, have been exposed for almost five years before the data leak was discovered. “We take this kind of case very seriously. And of course we need to be able to make sure that our suppliers handle all data according to applicable law and within the framework agreed upon with them.” states the Government Agency.

 

4 – Docker Registries Expose Hundreds of Orgs to Malware, Data Theft

A slew of misconfigured Docker container registries has inadvertently exposed source code for 15,887 unique versions of applications owned by research institutes, retailers, news media organizations and technology companies. According to Palo Alto Networks’ Unit 42 division, the registries lacked proper network access control. “Although setting up a Docker registry server is straightforward, securing the communication and enforcing the access control requires extra configurations,” the company said in a posting on Friday, explaining that researchers found the exposed registries via Shodan and Censys searches. “System administrators may unintentionally expose a registry service to the internet without enforcing proper access control.”

 

5 – To counter Huawei, U.S. could take ‘controlling stake’ in Ericsson, Nokia

U.S. Attorney General William Barr said on Thursday the United States and its allies should consider the highly unusual step of taking a “controlling stake” in Finland’s Nokia and Sweden’s Ericsson to counter China-based Huawei’s dominance in next-generation 5G wireless technology. In a remarkable statement underscoring how far the United States may be willing to go to counter Huawei Technologies Co, Barr disclosed in a speech at a conference on Chinese economic espionage that there had been proposals to meet the concerns “by the United States aligning itself with Nokia and/or Ericsson.”

 

6 – Brazil judge rejects hacking accusation against Greenwald

A judge in Brazil’s capital on Thursday dismissed accusations that journalist Glenn Greenwald was involved in hacking phones of officials, following weeks of criticism that his prosecution would infringe on constitutional protections for the press. Prosecutors last month leveled accusations that Greenwald helped a group of six people hack into phones of hundreds of local authorities, saying his actions amounted to criminal association and illegal interception of communications. Since last year, Greenwald’s online media outlet The Intercept Brasil has published a series of excerpts from private conversations on a messaging app involving current Justice Minister Sérgio Moro.

 

7 – A dark web tycoon pleads guilty. But how was he caught?

Marques faces up to 30 years in jail for running Freedom Hosting, which temporarily existed beyond reach of the law and ended up being used to host drug markets, money-laundering operations, hacking groups, and millions of images of child abuse. But there is still one question that police have yet to answer: How exactly were they able to catch him? Investigators were somehow able to break the layers of anonymity that Marques had constructed, leading them to locate a crucial server in France. This discovery eventually led them to Marques himself, who was arrested in Ireland in 2013. Marques was the first in a line of famous cybercriminals to be caught despite believing that using the privacy-shielding anonymity network Tor would make them safe behind their keyboards. The case demonstrates that government agencies can trace suspects through networks that were designed to be impenetrable.

 

8 – Defense researchers developing software agents that can read people’s thoughts

When researchers funded by DARPA, the pentagon’s grant-funding arm for cutting edge tech, start talking about machine social intelligence, I, for one, get nervous. Needless to say, it’s been a restless week. Led by Carnegie Mellon University, which is a robotics and AI powerhouse, a team of researchers is working to build artificially intelligent agents with a masterful social skill: the ability to interpret a person’s thoughts from their actions. Okay, so this may not be as sinister as it sounds, at least at this incipient stage. Humans, after all, are phenomenally delicate instruments when it comes to interpreting moods and thoughts from subtle cues, such as body language, speech patterns and word choice, and eye movement. The emotionally intelligent among us are pretty good at knowing when we should shut up because the person we’re speaking with has lost interest, for example.

 

9 – ‘Largest cyber attack in Iran’s history’ occurs on eve of failed satellite launch

Iranian telecommunications infrastructure experienced the largest cyber attack in the country’s history on the eve of its failed Zafar satellite launch, a government minister has said. Data shows Iran’s telecommunications network experienced a significant disruption on the morning of February 8, affecting much of the country’s telecommunications network, leaving many people without internet or mobile phone services. Hamid Fatahi, the Deputy Minister of Information and Communication Technology, said the attack was a distributed denial of service attack, or DDoS, which involves flooding servers with traffic in order to overwhelm them to the point of shutdown. “Millions of points of origin, millions of destinations have been targeted,” he said on Twitter.

 

10 – Chinese Military Personnel Charged with Computer Fraud, Economic Espionage and Wire Fraud for Hacking into Credit Reporting Agency Equifax

The nine-count indictment alleges that Wu Zhiyong (吴志勇), Wang Qian (王乾), Xu Ke

(许可) and Liu Lei (刘磊) were members of the PLA’s 54th Research Institute, a component of the Chinese military.  They allegedly conspired with each other to hack into Equifax’s computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of approximately 145 million American victims. “This was a deliberate and sweeping intrusion into the private information of the American people,” said Attorney General William P. Barr, who made the announcement. “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”

Related Posts