CyberCrime - W/E - 11/2/18
Chinese Intelligence Officers, Hackers Conspired to Steal Commercial Aviation Data (11/01/2018)
Chinese intelligence officers and those working under their direction, which included hackers and co-opted company insiders, conducted or otherwise enabled repeated intrusions into private companies' computer systems in the United States and abroad for over five years. The conspirators' ultimate goal , according to the Justice Department (DOJ), was to steal intellectual property and confidential business information, including information related to a turbofan engine used in commercial airliners. The charged intelligence officers worked for the Jiangsu Province Ministry of State Security, which is a provincial foreign intelligence arm of the People's Republic of China's Ministry of State Security.
Chinese intelligence officers and those working under their direction, which included hackers and co-opted company insiders, conducted or otherwise enabled repeated intrusions into private companies' computer systems in the United States and abroad for over five years. The conspirators' ultimate goal , according to the Justice Department (DOJ), was to steal intellectual property and confidential business information, including information related to a turbofan engine used in commercial airliners. The charged intelligence officers worked for the Jiangsu Province Ministry of State Security, which is a provincial foreign intelligence arm of the People's Republic of China's Ministry of State Security.
Hadoop Servers Abused by DemonBot Botnet (10/29/2018)
A botnet called DemonBot is targeting Hadoop clusters to perform distributed denial-of-service attacks, Radware's research team has warned. A Hadoop YARN nauthenticated remote command execution bug is being exploited to infect Hadoop clusters with DemonBot. Radware has noted that more than 70 active exploit servers are spreading the bot at a rate of more than one million exploits per day.
A botnet called DemonBot is targeting Hadoop clusters to perform distributed denial-of-service attacks, Radware's research team has warned. A Hadoop YARN nauthenticated remote command execution bug is being exploited to infect Hadoop clusters with DemonBot. Radware has noted that more than 70 active exploit servers are spreading the bot at a rate of more than one million exploits per day.
Mirai Co-Author Slapped with Fine, House Arrest for Rutgers Cyber Attacks (10/29/2018)
One of the masterminds behind the Mirai botnet has been ordered to pay $8.6 million USD in restitution and serve six months of house arrest for launching cyber attacks on Rutgers University, his alma mater, the Justice Department (DOJ) announced. Between November 2014 and September 2016, Paras Jha executed a series of distributed denial-of-service attacks on the networks of Rutgers, which effectively shut down the institution's central authentication server. Jha pled guilty in this case and in a second case in which he, along with two other co-conspirators, created and operated the Mirai botnet.
One of the masterminds behind the Mirai botnet has been ordered to pay $8.6 million USD in restitution and serve six months of house arrest for launching cyber attacks on Rutgers University, his alma mater, the Justice Department (DOJ) announced. Between November 2014 and September 2016, Paras Jha executed a series of distributed denial-of-service attacks on the networks of Rutgers, which effectively shut down the institution's central authentication server. Jha pled guilty in this case and in a second case in which he, along with two other co-conspirators, created and operated the Mirai botnet.
Porn-Watching Employee Infected US Geological Survey Site with Malware (10/30/2018)
A redacted report from the inspector general of the Department of Interior revealed that a US Geological Survey USGS employee was responsible for visiting 9.000 pornographic Web pages, many of which originated in Russia, and were infected with malware. The malicious pages then infected the USGS networks. The former employee saved many of the porn images to an unauthorized USB device and an Android phone - the phone also contained the malware. The report also identified two bugs in the USGS IT system: Web site access and open USB ports.
A redacted report from the inspector general of the Department of Interior revealed that a US Geological Survey USGS employee was responsible for visiting 9.000 pornographic Web pages, many of which originated in Russia, and were infected with malware. The malicious pages then infected the USGS networks. The former employee saved many of the porn images to an unauthorized USB device and an Android phone - the phone also contained the malware. The report also identified two bugs in the USGS IT system: Web site access and open USB ports.