TWINN #90 – Teens taught me how to win Capture the Flag
Article Contents
I’m several hours late this morning as I just came off a father-son rite of passage trip, 21 of us altogether. One of the activities was a game of capture-the-flag in the dark in a national park. Fathers vs sons. One of the matches the sons won was done with a very neat strategy of just overwhelming the dads in sheer numbers in one concentrated area. It worked. The dads’ inability to respond to all the sudden threats concentrated in one area, led to almost a state of paralysis and then just accepting defeat.
In a way, that’s exactly what an 18-year-old did when he MFA-spammed an administrator’s account at Uber and that was how the breach began.
Uber was breached to its core, purportedly by an 18-year-old.
Here’s what’s known. It’s a fascinating, fast-paced story that security lapses come in any and all forms.
Uber employees on Thursday discovered that huge swaths of their internal network had been accessed by someone who announced the feat on the company Slack channel. The intruder, who sent screenshots documenting the breach to The New York Times and security researchers, claimed to be 18 years old and was unusually forthcoming about how it occurred and just how far it reached, according to the news outlet, which broke the story.
Read More: Uber was breached to its core, purportedly by an 18-year-old. Here’s what’s known
Customs officials have copied Americans’ phone data at massive scale.
Contacts, call logs, messages and photos from up to 10,000 travelers’ phones are saved to a government database every year. Here’s a tip: they cannot copy what you don’t have. Takes a bit of work pre and post border-crossing, but for some of us it’s worth it.
U.S. government officials are adding data from as many as 10,000 electronic devices each year to a massive database they’ve compiled from cellphones, iPads and computers seized from travelers at the country’s airports, seaports and border crossings, leaders of Customs and Border Protection told congressional staff in a briefing this summer.
Read More: Customs officials have copied Americans’ phone data at massive scale
IHG hack: ‘Vindictive’ couple deleted hotel chain data for fun.
This highlights the vindictive side of hackers. We thought that hacking for fun at someone’s expense was behind us and we usually think of financial motivation dominating the scene, but that’s not always the case.
Describing themselves as a couple from Vietnam, they say they first tried a ransomware attack, then deleted large amounts of data when they were foiled.
Read More: IHG hack: ‘Vindictive’ couple deleted hotel chain data for fun
5-month U-Haul breach leaked driver’s licenses, IDs of customers.
Hackers were inside the network for 5 months! Solarigate lasted longer than that. This is just a reminder that responding to threats isn’t enough. Being truly proactive is an absolutely necessity to get ahead of threats.
Popular moving truck service U-Haul began sending out breach notification letters to customers last Friday after discovering hackers had been inside their system for more than five months.
Read More: 5-month U-Haul breach leaked driver’s licenses, IDs of customers
Trojanized versions of PuTTY utility being used to spread backdoor.
This is a warning for nerds everywhere. Most importantly, if you’re using PuTTY for ssh, you don’t need to. It’s been part of Windows powershell for a long time. Secondly, be careful where you download anything from.
Researchers believe hackers with connections to the North Korean government have been pushing a Trojanized version of the PuTTY networking utility in an attempt to backdoor the network of organizations they want to spy on.
Read More: Trojanized versions of PuTTY utility being used to spread backdoor
Did you know?
Our industry is slowly becoming less intimidating thanks to people like Katie: How Katie Nickels helped transform how we talk about cyber defense.
