Podcasts about comment crew

APT1 aka Comment Crew code resurfaces in new espionage campaign and a researcher demonstrates a long-range exfiltration attack via NFC on episode 145 of our daily podcast.

In 2013, cybersecurity firm Mandiant published a blockbuster report on a state-sponsored hacking team known as APT1, or Comment Crew. The Chinese group achieved instant infamy, tied to the successful hacks of more than 100 US companies and the exfiltration of hundreds of terabytes of data. They also vanished in the wake of being exposed. Now, years later, researchers from security firm McAfee say they've found code based on APT1–associated malware cropping up in a new set of attacks.

In today's podcast, we hear that a campaign reuses some of the old Comment Crew code, but McAfee researchers think it's not the same old Crew. Facebook thinks its big breach was the work of spammers, not spies. Twitter releases a trove of trolling and invites researchers to take a look. Researchers disclose flaws in D-Link and Linksys routers. Ghost Squad says that they downed YouTube the other day, but who knows? And if YouTube goes down, please don't call 911.  Dr. Charles Clancy from VA Tech’s Hume Center on cognitive electronic warfare. Guest is Mike Janke from DataTribe on Maryland’s aspirations to be the nation’s hub of cyber operations. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/October/CyberWire_2018_10_18.html Support our show

Eurotrash Episode 49: Browser Hackers Handbook Section 1: Intro/Announcements 1) BruCON is coming up! 2) BSides Vienna CFP → http://bsidesvienna.at/cfp Section 2: Interview This time around we talk to Michele Orrù (a.k.a antisnatchor) about the Browser Hackers Handbook and BeEF http://antisnatchor.com/ http://eu.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html Section 3: News 1) Microsoft say give up on complex passwords.. ok, they not saying don’t use complex passwords but there are more things to worry about to secure the passwords. http://www.theregister.co.uk/2014/09/04/scared_of_password_brute_force_microsoft_says_just_give_up/ 2) Virgin did block swear words in their password list.. why should they block swear words.. does this mean they aren’t hashing them and they could offend sysadmin guys. http://www.theregister.co.uk/2014/09/01/virgin_blocks_wankers_from_passwords/ The words seem to be gone now.. but you can see them here: https://web.archive.org/web/20140812173352/https://my.virginmedia.com/assets/legacy/js/password_strength_plugin.min.js 3) UK police say they can’t cope with online fraud. http://www.thedrum.com/news/2014/09/02/police-admit-they-are-powerless-protect-people-online-fraud 4) Microsoft defies court order. Will not give emails to US Government http://m.windowsitpro.com/paul-thurrotts-wininfo/microsoft-defies-court-order-will-not-give-emails-us-government 5) Popping Shell on Oculus Developer Portal https://bitquark.co.uk/blog/2014/08/31/popping_a_shell_on_the_oculus_developer_portal 6) VirusTotal mess means YOU TOO can track Comment Crew! http://www.theregister.co.uk/2014/09/04/virustotal_blue_means_you_too_can_track_comment_crew/ Section 4: TOOL of the week 1) BeEF → I likes me some meat! 2) CNN expert reports 4chan as a person.. and recommends using complex password.. like pa$$word!! http://www.independent.co.uk/life-style/gadgets-and-tech/4chan-icloud-expert-from-cnn-thinks-4chan-is-a-person-and-paword-is-a-good-password-9707845.html Section 5: Feedback Please leave feedback and support the show… Ways to show support: Email us feedback/questions/deaththreats feedback@eurotrashsecurity.eu Leave comments on the Soundcloud page for this episode Rate us on iTunes (5 stars is appreciated, but 4.9 stars will do) Tweet us @eurotrashsecurity or hashtag #eurotrashsec If you have suggestions for future episodes/guests or have topics you want covered please email us else the feedback section of the show is gonna be really boring ;)