The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

http://conference.hitb.org/hitbsecconf2014kul/#tile_schedule

Triple-Track Conference - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/conference-speakers/

 

Capture the Flag - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/capture-the-flag/

HackWEEKDAY - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/hackweekday/

CommSec Village - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/commsec-village/

REGISTER ONLINE NOW

Watch a Chinese military hacker launch a successful attack

http://youtu.be/6p7FqSav6Ho

Thanks to cybersecurity firm Mandiant, we now have a video of a hacker believed to be linked to the Chinese military infiltrating and stealing files from unidentified English language targets.

The video comes as part of Mandiant's 60-page report, first reported by the New York Times, that claims China's military is responsible for cyberattacks on more than 140 foreign businesses, many of which are in the United States.

In the video, a hacker is seen registering a Gmail account with a U.S. IP number, then verifying it with a phone number located in Shanghai. From the email account, the narrator says it is clear the attacker has used it for spearphishing, particularly "focused on military exercises in the Philippines." The attacker then installs command-and-control servers, tests them, and, after an hour of failed attempts to issue commands to a victim backdoor (which the video omits), uses stolen credentials to log into an email account. Once there, the attacker uses several tools to launch spearphishing campaigns and steal files.