Welcome to Miami – Hacker Halted USA

The 5th Hacker Halted USA is now taking place in Miami under the slogan – Unravel the Enigma of Insecurity after hurricane Sandy passed Florida last weekend.

Day 1 is the keynote day, so luckily no splitted presentation-streams. After a nice conference opening by Eric Lopez (Conference Director), Jay Bavisi gave a good introduction about the challenges of the post-PC era. He described the evolution of the hardware landscape from classic PCs to small, mobile and smart devices and how the requirements for it-security change. Further this brings problems to forensics, more privacy risks and new social engineering attacks as well as other threats.

The second presentation was given by Jack Daniel talking about responsibilities of hackers like helping and teaching other people. Later Winn Schwartau gave a very nice presentation about problems talented people face while hiring. In general he pointed out that discrimination is one big issue to solve in order to get more talented people hired and to stop the current “cyber security hiring crisis”.

A maybe interesting talk about open source intelligence was cancelled, as the presenter didn’t show up.

The day was closed with a panel discussion on end user security awareness. Following some key points of the discussion:

  • Use teachable moments, e.g. an incident
  • Use this to create an uncomfortable for similar future situations, so the user don’t run into the same problem again
  • Use positive incentives
  • Think about methods to ensure that the users follow the policies in general (not limited to the office/work)

Besides the talks some other cool things are going on here:

  • The global CISO forum
  • The Global Cyberlympics world finals. Winner is the team from the Netherlands – congratulations!
  • Capture the packet competition
  • Warl0ck gam3z competition

Welcome to Miami – Hacker Halted USA

Your email address will not be published. Required fields are marked *



Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Subscribe to our weekly e-mails

The hottest research right in your inbox