The FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBI
Sep 7, 2023
auto_awesome
Chris, former FBI agent, discusses the FBI's Operation 'Duck Hunt' takedown, hackers' secret weapon for doxing, NYC subway's online tracking, leaving the FBI, cybersecurity job opportunities, and red teaming vs pen testing.
Paramount Pictures and Nickelodeon experienced data breaches, exposing sensitive information of individuals.
A flaw in an MTA feature allowed anyone to track NYC subway riders, raising privacy concerns.
Operation Duck Hunt successfully dismantled the Quackbot ransomware botnet, highlighting the importance of international collaboration.
Hackers can easily gather personal information for doxxing using a secret weapon, raising serious privacy and security concerns.
Deep dives
Paramount Pictures suffers data breach, exposing employee information
Paramount Pictures, a subsidiary of Paramount Global, experienced a data breach between May and June of 2023. Attackers gained access to their systems and obtained sensitive information of around 100 individuals, including Social Security numbers, birthdays, and government-issued identification numbers. The president of Nickelodeon, also owned by Paramount Global, mentioned in the announcement that Nickelodeon had its own breach in July, resulting in the loss of 500 gigabytes of documents. The full extent of the data exposed and the impact on affected individuals is still unknown.
New York City subway riders' movements tracked by MTA feature
A researcher discovered a flaw in an MTA feature that allowed anyone to track the movements of New York City subway riders. By entering a credit card number, individuals could access information about the swipes made by riders within the past seven days. This raised concerns about privacy and personal safety, as it could allow stalkers or criminals to determine a person's travel patterns and potentially target their home. After the issue was disclosed, the MTA disabled the feature to prevent further unauthorized access.
FBI operation takes down ransomware botnet
The FBI, along with international partners, launched Operation Duck Hunt and successfully dismantled the Quackbot ransomware botnet. The operation involved seizing infrastructure in the US and Europe and confiscating $8.6 million in cryptocurrency gained from ransom payments. Quackbot had infected around 700,000 devices, causing damages of up to $58 million. While the specific individuals behind the botnet were not mentioned, the takedown serves as a significant blow to cybercriminal organizations and highlights the importance of international collaboration in combating cyber threats.
The secret weapon hackers use for doxxing revealed
Hackers have been discovered using a secret weapon to easily gather personal information for doxxing. For a mere $15, attackers can access a credit header that contains detailed personal information about an individual, including past addresses, birth years of relatives, and more. This information can be used for various malicious purposes, such as swatting, SIM swapping, and physical violence. The ease with which personal information can now be obtained raises serious privacy and security concerns.
The importance of multi-factor authentication for Cisco VPNs
One of the main insights discussed in the podcast is the importance of implementing multi-factor authentication for Cisco VPNs. The podcast highlights that many organizations are still using outdated Cisco appliances, some of which do not enforce multi-factor authentication. This leaves these organizations vulnerable to attacks, as threat actors can leverage leaked or breached credentials to gain unauthorized access to corporate networks. The podcast emphasizes the need for organizations to ensure that their VPNs have proper multi-factor authentication measures in place to protect against such attacks.
Taking action against data broker sites
The podcast discusses an ongoing effort to opt out of data broker sites and protect personal information. It mentions a helpful repository on GitHub that provides instructions on how to remove oneself from various search engines and people search sites. The podcast encourages listeners to take control of their privacy by following the suggested steps to limit their online presence and prevent their personal information from being easily accessible to data brokers. It also suggests additional measures such as freezing credit reports to further safeguard personal information.
Becoming CMMC level 2 compliant in the aerospace industry
The podcast addresses the challenge of achieving CMMC (Cybersecurity Maturity Model Certification) level 2 compliance in the aerospace industry. A listener shares their experience of being tasked with leading the cybersecurity program for their company to attain CMMC compliance. The hosts highlight the importance of receiving proper training and support from the company to successfully navigate the process. They advise the listener to request necessary training and resources to ensure a smooth compliance journey and emphasize the significance of obtaining the required level of CMMC certification for continued collaboration with the Department of Defense.
This week on Hacker And The Fed the FBI's Operation "Duck Hunt" takes down a ransomware botnet, we disclose the secret weapon hackers use for doxing, the New York City subway system allows its users to be tracked online, and we answer listener questions about leaving the FBI, getting jobs in cyber security, and Hector's detailed description of a red teamer.
