Hacker And The Fed

Equifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT Contractor

Sep 28, 2023

This podcast covers interesting topics like the Equifax breach, the potential vulnerability of Google Authenticator, an iPhone exploit chain, and the arrest of a Department of State IT contractor on espionage charges. They also discuss the excitement of breaching a system, hacker motivations, asset management in cybersecurity, segmentation and risk assessment in online services, and the importance of following rules and not engaging in illegal activities.

01:13:06

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The Equifax breach highlights the importance of effective asset management and regular patching to prevent long-term infiltrations.

The hack of 27 crypto companies raises concerns about relying solely on MFA for security and the need for business to ensure segmentation between personal and work-related accounts.

The arrest of a Department of State IT contractor highlights the significance of implementing robust security protocols for external contractors with access to sensitive information.

Deep dives

Equifax Breach and Web Shells

The Equifax breach in 2017 resulted in the exfiltration of personal identifiable information (PII) of 163 million customers. Attackers exploited a vulnerability in Apache Struts software, an open source framework for building Java web applications. The breach occurred due to a system update on a Saturday night, which alerted the security engineer to the presence of the hacker. Attackers used web shells, scripts uploaded to the file system, to maintain access and control of the web server. The attackers also found credentials in a network file share, enabling lateral movement within the network and access to a table containing the PII of millions of people.

Introduction

2min

Staying Informed and Expanding Interests

17min

Finding the 'Golden Ring'

11min

Exfiltration Method and Critique, plus an Ad for DeleteMe

4min

Hacker Motivations and Exploiting Valuable Data

4min

Asset Management and Cybersecurity

17min

Segmentation and Risk Assessment for Online Services

15min

Bird House Rules, Espionage, and Listener Questions

3min

This week on Hacker And The Fed we break down how Equifax was breached, is Google Authenticator MFA Cloud Sync feature responsible for a hack into 27 crypto companies? Google’s Threat Analysis Group announces an in-the-wild 0-day exploit chain for iPhones, the year of the insider threat continues with the arrest of a Department of State IT Contractor on espionage charges.

Links from the episode:

How Equifax Was Breached in 2017

https://blog.0x7d0.dev/history/how-equifax-was-breached-in-2017/

https://twitter.com/vxunderground/status/1700335482440204521

Retool Blames Breach on Google Authenticator MFA Cloud Sync feature

https://www.bleepingcomputer.com/news/security/retool-blames-breach-on-google-authenticator-mfa-cloud-sync-feature/

0-days Exploited by Commercial Surveillance Vendor in Egypt

https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/

Department of State IT Contractor Arrested on Espionage Charges

https://fedscoop.com/department-of-state-it-contractor-arrested-on-espionage-charges/

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off