Dark mode: ON

Infosec Decoded Season 4 #98: Bitcoin Reserve

With @sambowne@infosec.exchange

Recorded Tue, Dec 10, 2024

Sam Bowne

US sanctions Chinese firm for hacking firewalls in ransomware attacks
Sichuan Silence is a cybersecurity government contractor that provides products and services toChina's intelligence services. The company's services include computer network exploitation, brute-force password cracking, email monitoring, and public sentiment suppression. They exploited a zero-day SQL injection vulnerability (CVE-2020-12271) in Sophos XG firewalls.

"Between April 22 and 25, 2020, Guan Tianfeng used this zero-day exploit to deploy malware to approximately 81,000 firewalls owned by thousands of businesses worldwide," a press release published today revealed.

"The purpose of the exploit was to use the compromised firewalls to steal data, including usernames and passwords. However, Guan also attempted to infect the victims' systems with the Ragnarok ransomware variant." Out of all the targeted devices, over 23,000 compromised firewalls were in the United States, and 36 were protecting the networks of U.S. critical infrastructure companies.

As a result of today's sanctions, U.S. organizations and citizens are prohibited from engaging in transactions with Guan and Sichuan Silence. Also, any U.S.-based assets tied to them will be frozen, and U.S. financial institutions or foreign entities transacting with them will also expose themselves to penalties.

FTC distributes $72 million in Fortnite refunds from Epic Games
For the company's use of dark patterns to trick players into making unwanted purchases.

US military grounds entire Osprey tiltrotor fleet over safety concerns
The complex design of the Boeing-Bell aircraft, and the stresses and strains of flight, are causing parts to wear out more quickly than expected.

Amazon starts selling Hyundai cars, more brands next year
Here is a huge difference to the traditional dealership experience: There's no negotiation, no browbeating or asking you how much of a monthly payment you want to make, and no upselling paint protection or the like.

Startup will brick $800 emotional support robot for kids without refunds
We had secured a lead investor who was prepared to close the round. However, at the last minute, they withdrew, leaving us with no viable options to continue operations. Despite our best efforts to secure alternative funding, we were unable to find a replacement in time to sustain operations.

Microsoft now allowing Windows 11 on older, incompatible PCs

Google gets an error-corrected quantum bit to be stable for an hour
By dedicating the entire 105-qubit processor to hosting a single error-corrected qubit, the system was stable for an average of an hour.

US alleges China hacked calls of 'very senior' political figures, official says
President-elect Donald Trump's family and Biden administration officials were among those targeted by China-linked hackers who broke into telecommunications companies.

The case for a strategic Bitcoin reserve
As a store of value, Bitcoin possesses many of the same properties of gold. Not only could a strategic Bitcoin reserve significantly reduce our national debt; it could also strengthen the dollar and increase our economic leverage over China and Russia.