Bra podcast

Sveriges 100 mest populära podcasts

Risky Business

Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.


iTunes / Overcast / RSS



Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

On this week?s show Patrick and Adam discuss the week?s security news, including:

US Treasury targets DPRK APT crews Russia owned FBI counter surveillance team radio comms New details on 2016 attack against Ukraine power grid US Government to sue Edward Snowden for memoir profits Did RCMP intelligence director tip Phantom Secure on investigation? Much, much more!

This week?s sponsor interview is with Casey Ellis of Bugcrowd. It?s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector.

Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it?s 737-MAX, software security and resiliency is all of a sudden on the agenda in aerospace. Casey drops by to talk about all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes US Treasury sanctions three North Korean hacking groups | ZDNet Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups | U.S. Department of the Treasury North Korean hackers target U.S. entities amid stalled denuclearization talks Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil New Clues Show How Russia?s Grid Hackers Aimed for Physical Destruction | WIRED Exclusive: Australia concluded China was behind hack on parliament, political parties ? sources??? - Reuters US sues Edward Snowden over new book | ZDNet Investigation into senior RCMP official stemmed from disruption of encrypted phone service: sources - National | Israeli police arrest execs from vendor of mobile surveillance tech | ZDNet Infamous surveillance tech vendor makes pledge to follow UN human rights policy | ZDNet This Company Built a Private Surveillance Network. We Tracked Someone With It - VICE Simjacker attack exploited in the wild to track users for at least two years | ZDNet A Password-Exposing Bug Was Purged From LastPass | WIRED The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite | WIRED Database leaks data on most of Ecuador's citizens, including 6.7 million children | ZDNet Arrest made in Ecuador's massive data breach | ZDNet Data of 24.3 million Lumin PDF users shared on hacking forum | ZDNet Hacked government contractor shares breach details as investigation continues FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew Google discloses vulnerability in Chrome OS 'built-in security key' feature | ZDNet Sophos open-sources Sandboxie, a utility for sandboxing any application | ZDNet Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode | ZDNet Most Android flashlight apps request an absurd number of permissions | ZDNet Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions NY Payroll Company Vanishes With $35 Million ? Krebs on Security 2 charged say they were hired to break into Dallas County courthouse
Länk till avsnitt

Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

On this week?s show Patrick and Adam discuss the week?s security news, including:

Paige Thompson pleads not guilty to CapitalOne hack German government probes FinFisher Bluekeep Metasploit module dropped DPRK samples hit VT, courtesy of our friends in the USA Apple releases awful statement about mass exploitation of its devices Much more

This week?s show is brought to you by Blackberry Cylance. In this week?s sponsor interview we?ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We?ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes Cyber Command's biggest VirusTotal upload looks to expose North Korean-linked malware InstaCyber on Twitter: "Uploading of samples isn't burning capability or some sort of (working) counter-CNE operation. This is proven by the large number of actors that keep truckin' on with the same old junk despite disclosure; the number of groups that truly pack up shop, albeit temporarily, is small" / Twitter The NSA recognizes it needs to share more nation-state threat data, and faster Apple takes flak for disputing iOS security bombshell dropped by Google | Ars Technica We must see China - the opportunities and the threats - with clear eyes Samsung, Huawei, LG, and Sony phones vulnerable to rogue 'provisioning' messages | ZDNet Zero-day disclosed in Android OS | ZDNet A Chinese APT is now going after Pulse Secure and Fortinet VPN servers | ZDNet Metasploit team releases BlueKeep exploit | ZDNet How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory. German prosecutors investigate spyware maker FinFisher | News | DW | 05.09.2019 Twitter disables SMS-to-tweet feature after its CEO got hacked last week | ZDNet Accused Capital One hacker pleads not guilty to all charges Back to school: With latest attack, ransomware cancels classes in Flagstaff | Ars Technica No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas | ZDNet Chris Bing on Twitter: "NSA cybersecurity division Director Anne Neuberger says at #BillingtonSummit that Ransomware represents one of the threats facing the election. Explains its a notable vector of attack following attacks on cities across the US." / Twitter Thousands of servers infected with new Lilocked (Lilu) ransomware | ZDNet Scraping public website data does not violate CFAA, judge rules 51 tech CEOs send open letter to Congress asking for a federal data privacy law | ZDNet Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks Security researchers expose another instance of Chrome patch gapping | ZDNet Kaspersky launches anti-cheat solution for pro e-sports tournaments | ZDNet Mozilla launches Firefox VPN extension for US users | ZDNet Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month | ZDNet Intel server-grade CPUs impacted by new NetCAT attack | ZDNet U.S. arrests 281 people worldwide accused of involvement in BEC scams Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet Cyber-security incident at US power grid entity linked to unpatched firewalls | ZDNet Secret Service Investigates Breach at U.S. Govt IT Contractor ? Krebs on Security Millions of Exim servers vulnerable to root-granting exploit | ZDNet
Länk till avsnitt

Risky Biz Soap Box: MITRE ATT&CK framework is now officially everywhere

The Soap Box podcast series is a fully sponsored podcast series we do here at Risky.Biz, and that means that everyone you hear in it paid to be featured.

This edition of the Soap Box podcast is brought to you by AttackIQ and in in it we talk to its CISO and VP of customer success Chris Kennedy. And we?ll be discussing a topic of that frankly should be talked about a bit more: the MITRE ATT&CK framework.

We also talk about attack simulation and which security controls are most commonly and catastrophically misconfigured. If you?re a CISO you?ll like this one.

Show notes More Security Endpoint Tech Isn't Always Better | Decipher AttackIQ Platform, continuous validation of your security control.
Länk till avsnitt

Risky Business #554 -- Is there an iOS exploit glut?

Alex Stamos is our news co-host this week. Patrick and Alex discuss all the week?s security news, including:

Mass exploitation of iOS devices by Chinese govt Telegram moves to nix phone number enumeration ?feature? USA targeted Iranian maritime awareness system Existence of Stuxnet mole revealed by Kim Zetter @jack gets hacked Much, much more

This week?s sponsor interview is with Michelle Price of AustCyber. AustCyber is the organisation here in Australia that aims to build out the Australian cyber security industry and skills base, and Michelle pops in this week to tell us all about the upcoming Australian Cyber Week.

Links to everything are below in the show notes.

Show notes Project Zero: A very deep dive into iOS Exploit chains found in the wild Mysterious iOS Attack Changes Everything We Know About iPhone Hacking | WIRED iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources Apple iPhone Hack Exposed By Google Breaks WhatsApp Encryption This Has Been the Worst Year for iPhone Security Yet - VICE Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks | WIRED Exploit Sellers Say There are More iPhone Hacks on the Market Than They?ve Ever Seen - VICE Researchers uncover malicious sites targeting China's Uyghur population Confirmed: Google?s Android Suffers Sustained Attacks By Anti-Uighur Hackers Exclusive: Messaging app Telegram moves to protect identity of Hong Kong protesters - Reuters U.S. Cyberattack Hurt Iran?s Ability to Target Oil Tankers, Officials Say - The New York Times Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran North Korean state hackers target retired diplomats and military officials | ZDNet How Twitter CEO Jack Dorsey's Account Was Hacked | WIRED Google launches bounty program to spot misuses of Google API, Chrome, and Android user data | ZDNet Google adds all Android apps with +100m installs to its bug bounty program | ZDNet Cisco releases guides for incident responders handling hacked Cisco gear | ZDNet BEC overtakes ransomware and data breaches in cyber-insurance claims | ZDNet How MuleSoft patched a critical security flaw and avoided a disaster | ZDNet Rash of ransomware continues with 13 new victims?most of them schools | Ars Technica Russian police take down malware gang that infected 800,000+ Android smartphones | ZDNet Avast and French police take over malware botnet and disinfect 850,000 computers | ZDNet TrickBot, today's top trojan, adds feature to aid SIM swapping attacks | ZDNet German bank loses ?1.5 million in mysterious cashout of EMV cards | ZDNet Over 47,000 Supermicro servers are exposing BMC ports on the internet | ZDNet Spam In your Calendar? Here?s What to Do. ? Krebs on Security Marc Owen Jones on Twitter: "[Thread] As promised, today I want to tell you of how I became friends with a Twitter troll called Angus Gallagher. Angus recently had a sex/ethnicity reassignment operation. He is now called Jasmine, but we'll come to that a bit later. First though, say hi to Angus #StopTheCoup" / Twitter Security Engineer job in Austin, TX at Praetorian National Missing Persons Hackathon 2019 Tickets, Fri 11/10/2019 at 9:30 am | Eventbrite
Länk till avsnitt

Risky Business #553 -- Imperva's cloud WAF gets owned hard

On this week?s show Adam Boileau and Patrick Gray discuss the week?s security news, including:

Fortinet, Pulse Security VPNs are being exploited in wild Imperva?s cloud WAF gets colossally owned US authorities fear ransomware attacks against election systems Apple fixes re-introduced jailbreak bug Telegram design choice puts HK protestors at risk Researcher drops two 0days in Valve?s Steam client after bounty spat Much, much more

This week?s sponsor guest is Ryan Kalember, EVP of cybersecurity strategy with Proofpoint. Ryan is stopping by this week to touch on a couple of topics. He?ll tell us why Proofpoint didn?t attribute a recent malware campaign targeting US utilities to APT10 despite there being some pretty APT10-like tradecraft used in that particular campaign.

He?ll also talk a bit about how thread hijacking is a giant pain in the ass. That?s where attackers take over a mailbox, then just jump right in replying to existing mail threads. Detecting that is hard, of course, because it?s internal mail. It?s a great little mixed bag interview.


Show notes Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs | ZDNet Hackers are actively trying to steal passwords from two widely used VPNs | Ars Technica Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs The year-long rash of supply chain attacks against open source is getting worse | Ars Technica Cybersecurity Firm Imperva Discloses Breach ? Krebs on Security Exclusive: U.S. officials fear ransomware attack against 2020 election - Reuters While one Texas county shook off ransomware, small cities took full punch | Ars Technica Apple patches iPhone jailbreaking bug | ZDNet Alleged 'Snake Oil' Crypto Firm Sues Over Boos at Black Hat | WIRED Hong Kong protesters warn of Telegram feature that can disclose their identities | ZDNet Researcher publishes second Steam zero day after getting banned on Valve's bug bounty program | ZDNet Valve patches recent Steam zero-days, calls turning away researcher 'a mistake' | ZDNet Capital One hacker denied release, will remain in jail | ZDNet Ex-Google and Uber engineer Anthony Levandowski charged with trade secret theft - The Verge Hacker Claims He Can ?Turn Off 25,000 Cars? At The Push Of A Button Hackers Could Steal a Tesla Model S by Cloning Its Key Fob?Again | WIRED Microsoft will let some Windows 7 customers get free security updates for an extra year | TechCrunch UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks | ZDNet Inside the Black Market for Bots That Buy Designer Clothes Before They Sell Out - VICE Employees connect nuclear plant to the internet so they can mine cryptocurrency | ZDNet How an NSA researcher plans to allow everyone to guard against firmware attacks NSA-approved cybersecurity law and policy course now available online Protocol used by 630,000 devices can be abused for devastating DDoS attacks | ZDNet Blockbuster indictment against 80 fraud suspects details a complex global scam operation VMware announces plans to acquire Carbon Black for $2.1 billion Firefox and Chrome Fight Back Against Kazakhstan's Spying | WIRED Google Play app with 100 million downloads executed secret payloads | Ars Technica Moscow's blockchain voting system cracked a month before election | ZDNet Microsoft: Using multi-factor authentication blocks 99.9% of account hacks | ZDNet Why is DJI getting the Huawei treatment from the U.S.? - CyberScoop Intel, IBM, Google, Microsoft & others join new security-focused industry group | ZDNet Chinese spies have their sights on cancer research Nasa said to be investigating first allegation of a crime in space - BBC News LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards | Proofpoint AU We are bringing together the world's security expertise Careers at Remediant | Remediant
Länk till avsnitt

Risky Biz Soap Box: Casey Ellis on " for hackers"

We used to think of companies like Bugcrowd as offering a very simple service: managed bug bounties. But these days that?s a bit too simplistic. All the ?bounty? companies are offering more comprehensive and specific products these days. In this edition of the Soap Box podcast Bugcrowd CTO Casey Ellis joins the show to talk through what the future looks like in crowdsourced security. Matching individual hackers? skills to individual gigs and launching new services like Bugcrowd for Marketplaces will be a big part of that future.

Länk till avsnitt

Risky Business #552 -- Guest host Alex Stamos on all the week's security news

In this week?s show Patrick Gray and Alex Stamos discuss all the week?s news, including:

Confirmed: 30 companies affected by CapitalOne attacker China info-ops booted off Twitter, Facebook Real deal Bluetooth bugs Apple re-introduces kernel bug, jailbreaks aplenty Apple to sue Corellium for copyright infringement DPRK gets its malware VT?d by CYBERCOM Much, much more

Haroon Meer of Thinkst Canary is this week?s sponsor guest. We spoke to Haroon while he was in the USA, just before he was about to deliver a talk to USENIX all about ?embracing hackiness?. Haroon thinks ?hackiness? is a huge advantage for red teams, but that doesn?t mean blue teams can?t use the same hacky approaches to defence. It?s a typically great chat with Haroon. Links to everything discussed are below.

Show notes Apple?s Lawsuit Against a Startup Shows How It Wants to Control the iPhone Hacking Market - VICE You Can Jailbreak Your iPhone Again (But Maybe You Shouldn?t) | WIRED New Attack exploiting serious Bluetooth weakness can intercept sensitive data | Ars Technica Capital One hacker took data from more than 30 companies, new court docs reveal | ZDNet Amazon Web Services finds no 'significant issues' at other companies allegedly breached by Paige Thompson Twitter, Facebook scrub coordinated activity targeting Hong Kong demonstrations Twitter bans 936 accounts managed by the Chinese state, aimed at Hong Kong protests | ZDNet Chinese state media bought Twitter ads to spread disinformation about Hong Kong protests Amazon?s Creepy Twitter PR Army is Growing - VICE Huawei Technicians Helped African Governments Spy on Political Opponents - WSJ U.S. Cyber Command warns of North Korea-linked Lazarus Group malware Ransomware strike takes down 23 Texas local government agencies | Ars Technica Backdoor found in Webmin, a popular web-based utility for managing Unix servers | ZDNet Backdoor code found in 11 Ruby libraries | ZDNet Degrading Tor network performance only costs a few thousand dollars per month | ZDNet Meet Bluetana, the Scourge of Pump Skimmers ? Krebs on Security Financial hacking teams FIN7, Cobalt Group update tactics to haunt banks and retail Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet Facebook to pay researchers to hunt down Instagram apps that abuse user data | ZDNet How Facebook Catches Bugs in Its 100 Million Lines of Code | WIRED Facebook awards $100,000 prize for new code isolation technique | ZDNet Finally, a Lightning YubiKey to Kill Password Clutter on Your iPhone | WIRED
Länk till avsnitt

Feature Podcast: Inaction is escalatory

This podcast is brought to you by the William and Flora Hewlett Foundation, and it?s the second in a series of podcasts we?re doing that are all about cyber policy.

The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea behind this podcast series is pretty simple: we talk to Hewlett?s grant recipients, or experts in Hewlett?s network, about pressing policy issues and turn those conversations into podcasts. The whole idea is to get some policy perspectives out there among the Risky Business audience, which, funnily enough, includes a lot of policymakers.

In this podcast we?re speaking with Katherine Charlet. She currently serves as the director of the Technology and International Affairs Program at the Carnegie Endowment for International Peace. Prior to joining Carnegie, Kate served as the deputy assistant secretary of defence for cyber policy, where she managed the development of US Department of Defence cyber policy and strategy, its development of cyber capabilities, and the expansion of its international relationships.

This conversation essentially covers what the state of affairs is when it comes to militaries and their actions in the cyber domain. It was only a few weeks ago that reports claimed the United States government launched a cyber attack against Iranian weapons systems. We?ll hear from Kate about what she thinks that all means, and then we?re going to talk about all sorts of stuff really ? the blurring of the line between what warrants a law enforcement response versus a military response, what the path to this situation looked like, so on and so on. But I kicked things off by asking Kate to tell us what this concept of ?defending forward? actually means. In the last couple of years we?ve heard that term bandied about by all sorts of people, but everyone seems to have a different definition. Here, Kate shares her more definitive definition.

Länk till avsnitt

Risky Business #551 -- Post Vegas edition, more news than we can handle

Adam Boileau is along this week to discuss the week?s security news. We cover:

Follow ups on CapitalOne Amazon EBS snapshots exposed North Korea bags $2bn in cybercrime spree Attempted Coinbase breach postmortem Apple?s new research phones for bug hunters APT41 busted moonlighting Cloudflare finally ditches 8chan Leaked Boeing 787 code shredded, full of bugs Qualcomm bugs pave path through to Android kernel Microsoft gets Tavis?d More RDP/RDS bugs Much, much more

This week?s sponsor interview is with Jake King of CMD. CMD has developed a control layer for Linux systems that restricts account actions, not just by traditional permissions. Jake will be along this week to talk a little bit about EDR on Linux. He saw a nice talk from some IBM X-Forcers at Black Hat about Linux EDR bypasses and that led to a conversation about Linux EDR generally. It?s interesting stuff

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes What We Can Learn from the Capital One Hack ? Krebs on Security E GitHub sued for aiding hacking in Capital One breach | ZDNet Hundreds of exposed Amazon cloud backups found leaking sensitive data | TechCrunch Monzo admits to storing payment card PINs in internal logs | ZDNet One Million Bank Phone Calls Found in Exposed Server - VICE SEC Investigating Data Leak at First American Financial Corp. ? Krebs on Security North Korea took $2 billion in cyberattacks to fund weapons program: U.N. report - Reuters An attempted heist at Coinbase was scary good, even though it failed - MIT Technology Review Responding to Firefox 0-days in the wild - The Coinbase Blog Three ads generate 5.5 times more revenue than a web-based cryptojacking script | ZDNet Apple Hands Hackers Secret iPhones In A Bid To Boost Security, Sources Say Apple expands bug bounty to macOS, raises bug rewards | ZDNet Meet APT41, the Chinese hackers moonlighting for personal gain Cloudflare Says It Won?t Ban 8chan, a Hotbed for Terrorist Manifestos - VICE Cloudflare Is Protecting a Site Linked to a Neo-Nazi Terror Group - VICE A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts | WIRED Feds plan to use SecureDrop as a vulnerability reporting portal US military purchased $32.8m worth of electronics with known security risks | ZDNet MICROCHIPS Act wants to secure US govt supply chain against Chinese sabotage | ZDNet Cisco to pay $8.6 million fine for selling government hackable video surveillance technology - The Washington Post Exclusive: Kaspersky Software Lingers On Sensitive Government Systems 2 Years After U.S. Ban New advanced malware, possibly nation sponsored, is targeting US utilities | Ars Technica Yet another hacking group is targeting oil and gas companies, Dragos says NSA's reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van Microsoft To Disable VBScript by Default on August 13th These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer - VICE This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station' | WIRED Clever attack uses SQLite databases to hack other apps, malware servers | ZDNet Researchers find security flaws in 40 kernel drivers from 20 vendors | ZDNet Hackers Can Break Into an iPhone Just by Sending a Text | WIRED Microsoft Invites Researchers to Hack Their Azure Security Lab Hackers Take on Darpa's $10 Million Voting Machine | WIRED 13-Year-Old Encryption Bugs Still Haunt Apps and IoT | WIRED Avaya VoIP Phones Harbored 10-year Old Vulnerability Microsoft: Russian state hackers are using IoT devices to breach enterprise networks | ZDNet Black Hat Talk About ?Time AI? Causes Uproar, Is Deleted By Conference - VICE Development stops on PowerShell Empire framework after project reaches its goal | ZDNet How AT&T Insiders Were Bribed to 'Unlock' Millions of Phones | WIRED QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices | ZDNet Security bugs in popular Cisco switch brand allow hackers to take over devices | ZDNet WordPress team working on daring plan to forcibly update old websites | ZDNet Vulnerability in Microsoft CTF protocol goes back to Windows XP | ZDNet How offense and defense came together to plug a hole in a popular Microsoft program Ancient technique tears a hole through modern web stacks at Black Hat 2019 | The Daily Swig He tried to prank the DMV. Then his vanity license plate backfired big time. *********READING LIST STARTS HERE: How a BlackBerry password cracked one of Australia?s biggest drug hauls Who Owns Your Wireless Service? Crooks Do. ? Krebs on Security DARPA Is Building a $10 Million, Open Source, Secure Voting System - VICE Now you can use Android phones, rather than passwords, to log in to Google* | Ars Technica Database from StockX Hack Sold Online, Check If You're Included Silent Windows update patched side channel that leaked data from Intel CPUs | Ars Technica Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security - CyberScoop A phishing campaign with nation-state hallmarks is targeting Chinese government agencies - CyberScoop Guardian Firewall iOS App Automatically Blocks the Trackers on Your Phone | WIRED A cyber-espionage group has been stealing files from the Venezuelan military | ZDNet Voter records for 80% of Chile's population left exposed online | ZDNet A Remote-Start App Exposed Thousands of Cars to Hackers | WIRED FTC: Too many people signed up for Equifax cash, so they'll be getting less than $125 | ZDNet Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials - VICE Windows malware strain records users on adult sites | ZDNet State Farm says hackers confirmed valid usernames and passwords in credentials stuffing attack | ZDNet iNSYNQ Ransom Attack Began With Phishing Email ? Krebs on Security Android Apps With Over 100M Installs Contain a Clicker Trojan New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks StockX was hacked, exposing millions of customers? data | TechCrunch CafePress Data Breach Exposes Personal Info of 23 Million Users
Länk till avsnitt

Risky Business #550 -- CapitalOne owned, Hutchins sentenced, VxWorks horror-show and more!

Adam Boileau is along this week to discuss the week?s security news. We cover:

Deep dive on the CapitalOne breach Marcus Hutchins sentenced to time served Telegram voicemail bug leads to political crisis in Brazil Ransomware leaves South Africans without electricity Much, much more

Wolfgang Goerlich is this week?s sponsor guest. He?s an advisory CISO with Duo Security and will be along after this week?s news segment to walk us through Duo?s Trusted Access Report. They?ve got some interesting telemetry to share with us.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes Capital One Data Theft Impacts 106M People ? Krebs on Security A Hacker Stole Data From 100 Million Capital One Customers | WIRED Paige Thompson allegedly bragged on Slack, Github about hacking Capital One DOJ Says Capital One Mega Breach Suspect Could Face More Charges?Did She Hack Multiple Companies? Demand for cyber insurance grows as volatility scares off some providers How to Get Your Equifax Settlement Money | WIRED Hackers used password spraying to breach Citrix, investigation confirms Marcus 'MalwareTech' Hutchins gets no prison time, one year supervised release | ZDNet Telegram voicemail hack used against Brazil's president, ministers | ZDNet Telegram rolls out fix for voicemail hack used against Brazilian politicians | ZDNet 'This isn't IAD 2.0': NSA's new Cybersecurity Directorate plots its mission APT-doxing group exposes APT17 as Jinan bureau of China's Security Ministry | ZDNet Advanced mobile surveillanceware, made in Russia, found in the wild | Ars Technica Christo Grozev on Twitter: "A major phishing campaign on @ProtonMail against researchers/journalists investigating Russia|n topics. Emails impersonate @ProtonMail and alert you that your "keys have been exported". Brazenly, they've registered a Swiss .ch clone domain (" / Twitter Ransomware incident leaves some Johannesburg residents without electricity | ZDNet Louisiana governor declares state emergency after local ransomware outbreak | ZDNet Cybersecurity officials warn state and local agencies (again) to fend off ransomware | Ars Technica US Govt, NGOs Ask Cyber Community to Boost Ransomware Defenses Ransomware infection takes some police car laptops offline in Georgia | ZDNet US files lawsuit against Bitcoin exchange that helped launder ransomware profits | ZDNet City of Baltimore FAQ | Mayor Bernard C. "Jack" Young Facebook's Ex-Security Chief Details His 'Observatory' for Internet Abuse | WIRED A VxWorks Operating System Bug Exposes 200 Million Critical Devices | WIRED Urgent11 security flaws impact routers, printers, SCADA, and many IoT devices | ZDNet Google researchers disclose vulnerabilities for 'interactionless' iOS attacks | ZDNet Keep Calm, Carry On. VLC Not Affected by Critical Vulnerability DHS warns about CAN bus vulnerabilities in small aircraft | ZDNet Cmd ? Events_ Malware Sandbox Online | Free Trial The Spy Who P3wn3d Me The 2019 Duo Trusted Access Report: Zero-Trust Security for the Workforce | Duo Security
Länk till avsnitt

Risky Business #549 -- FSB contractor breached, Equifax fined, NSO Group targets cloud

Adam Boileau is along this week to discuss the week?s security news. We cover:

FSB contractor gets itself a whole lotta owned NSO Group pitches cloud access Hal Martin gets 9 years NSA to launch defensive division Bulgarian breach data exposed DataSpii scandal a 2019 privacy case study Google boots DarkMatter certificates from Chrome and Android Equifax fined $700m Horror show bugs in enterprise VPN concentrators from Palo Alto, Fortinet Microsoft demos ElectionGuard SDK (looks pretty cool)

This week?s sponsor interview is with Casey Ellis of Bugcrowd. We?ll talk about how organisations are increasingly doing bug bounties on technology they use, not just technology they develop. And then we?ll be talking about a new thing Bugcrowd is doing ? Bugcrowd for marketplaces.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes Hackers breach FSB contractor, expose Tor deanonymization project and more | ZDNet Report: NSO Group's Pegasus Spyware Can Break Into Cloud Services, Transmit User Data To Server | Gizmodo Australia Contractor who stole 50TB of NSA data gets nine years in prison | ZDNet Think FaceApp Is Scary? Wait Till You Hear About Facebook | WIRED Europe?s Galileo Satellite Outage Serves as a Warning | WIRED NSA to establish a defense-minded division named the Cybersecurity Directorate | ZDNet US Govt Rolls Out New DNS Security Measures for .gov Domains U.S. Cyber Command simulated a seaport cyberattack to test digital readiness ?We have to hit the problem the way it hits us?: How the FBI tracks a range of hacking threats Barr Says Police Need Encryption Backdoors, Doesn?t Mention Hacking Tools They Use All the Time - VICE Bulgaria's hacked database is now available on hacking forums | ZDNet Bulgaria hacking suspect worked on government cybersecurity before tax agency breach My browser, the spy: How extensions slurped up browsing histories from 4M users | Ars Technica More on DataSpii: How extensions hide their data grabs?and how they?re discovered | Ars Technica Google bans DarkMatter certificates from Chrome and Android | ZDNet Chances of destructive BlueKeep exploit rise with new explainer posted online | Ars Technica Teenage hackers are offered a second chance under European experiment Vigilante Hacker ?Phineas Fisher? Denies Working for the Russian Government - VICE $700 Million Equifax Fine Is Still Too Little, Too Late | WIRED Flaws in widely used corporate VPNs put company secrets at risk | TechCrunch Siemens contractor pleads guilty to planting logic bomb in company spreadsheets | ZDNet Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe' 10,000 Microsoft customers targeted by nation-state attacks in the last year Mozilla Firefox Tor Mode Likely to Start as a Browser Addon Firefox to Warn When Saved Logins are Found in Data Breaches Microsoft demos ElectionGuard technology for securing electronic voting machines | ZDNet Kazakhstan government is now intercepting all HTTPS traffic | ZDNet Data Broker LocationSmart Will Fight Class Action Lawsuit Over Selling AT&T Data - VICE Slack resets passwords for 1% of its users because of 2015 hack | ZDNet BEC Scams Average $301 Million Per Month In Illegal Transfers Malicious Python libraries targeting Linux servers removed from PyPI | ZDNet Gigabyte and Lenovo servers impacted by common BMC firmware flaws | ZDNet Cracked Tesla 3 Windshield Leads to $10,000 Bug Bounty Inside Apple Factory Thefts: Secret Tunnels, Hidden Crawl Spaces ? The Information
Länk till avsnitt

Risky Biz Soap Box: Ryan Kalember of Proofpoint on "Very Attacked People"

Soap Box isn?t the regular, weekly show we do at Risky.Biz, if you?re looking for that, just scroll one podcast back in your feed or on the Risky Business website.

Soap Box is a fully sponsored podcast series we do where vendors pay to come on and talk about research they?ve done, products they?ve launched, whatever.

This edition of Soap Box is a particularly good one. Ryan Kalember is EVP of cybersecurity strategy at Proofpoint and he?s our guest in this edition. Ryan was on the show a little while back talking about the concept of VAPs ? very attacked people. In this interview he?s going to expand on that.

It?s one thing to know that some of your key people are being attacked, but let?s take it one step further. Of those people, who among them is most likely to actually do something like click an untrusted link? What do we know about those users that can tell us how at-risk they are, based on how frequently they?re attacked, and also how likely they are to engage with phishing attempts or dodgy attachments? And if they ARE a risky user, what can you do about that? Measuring risk is only useful if you can do something about it.

Länk till avsnitt

Risky Business #548 -- Zoom RCE details and all the week's news

Adam Boileau is along this week to discuss the week?s security news. We cover:

US mayors agree: no more paying off ransomware crews BitPoint exchange loses $32m in cryptocurrency FinSpy is back, big time Chinese AV companies won?t flag government malware US security companies free to help political campaigns with discounted services, products Facebook to pay $5bn privacy fine with money from its spare pants Much, much more

Assetnote?s Shubham Shah also joins the news segment to dish on the Zoom RCE bug he and his team found back in March.

This week?s sponsor is Kasada, an Australian company that runs a bot filtering service. Kasada is a relatively new company but they?re kicking some pretty serious goals here in Australia and are now pushing into other markets like the USA. But instead of supplying us with one of their people, they suggested we interview one of their customers - REA Group CSO and head of platform Craig Templeton.

REA Group runs, Australia?s biggest real estate listings website. They had all sorts of trouble with content scrapers, bots causing service interruptions, cred stuffing, you name it. In the end they went with Kasada to solve their bot problems and Craig pops by this week to talk about the issues they were having and to sing Kasada?s praises. Getting a reference customer to speak publicly is a Herculean task, so full credit to Kasada for making this one happen. If you operate a website that pushes a lot of traffic you?ll want to hear that interview.

Show notes US mayors group adopts resolution not to pay any more ransoms to hackers | ZDNet Monroe College Hit With Ransomware, $2 Million Demanded Bitpoint cryptocurrency exchange hacked for $32 million | ZDNet The developers of the notorious FinSpy spyware are innovating ? and thriving Chinese Antivirus Companies Don?t Flag Chinese Border Malware - VICE Why Cyber Command?s latest warning is a win for the government's information sharing efforts Congressional pressure builds for White House to share classified cyber authorizations FEC: Campaigns Can Use Discounted Cybersecurity Services ? Krebs on Security Senators grill FTC over reported $5 billion Facebook settlement Update on the availability of some Galileo Initial Services | European Global Navigation Satellite Systems Agency P1 Labs » Presenting QCSuper: a tool for capturing your 2G/3G/4G air traffic on Qualcomm-based phones Revealed: This Is Palantir?s Top-Secret User Manual for Cops - VICE How Julian Assange turned an embassy into a command post for election meddling - CNNPolitics US defense contractor falls for $3 million email scam ? Quartz Italian police raid of neo-fascist militants finds air-to-air missile [Updated] | Ars Technica Brazil is at the forefront of a new type of router attack | ZDNet NCSC Issues Alert About Active DNS Hijacking Attacks Magecart Hacker Group Hits 17,000 Domains?and Counting | WIRED Hacker steals data of millions of Bulgarians, emails it to local media | ZDNet Hackers breached Greece's top-level domain registrar | ZDNet EFF Hits AT&T With Class Action Lawsuit for Selling Customers? Location to Bounty Hunters - VICE Sprint says hackers breached customer accounts via Samsung website | ZDNet New Android malware replaces legitimate apps with ad-infested doppelgangers | ZDNet Academics steal data from air-gapped systems via a keyboard's LEDs | ZDNet Bad McAfee Exploit Prevention Update Blocked Windows Logins Google to remove Chrome's built-in XSS protection (XSS Auditor) | ZDNet Microsoft Azure AD FIDO2 Passwordless Sign-In in Public Preview Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping | TechCrunch Meet the World?s Biggest ?Bulletproof? Hoster ? Krebs on Security Zoom Will Fix the Flaw That Let Hackers Hijack Webcams | WIRED Apple has pushed a silent Mac update to remove hidden Zoom web server | TechCrunch (9) Karan Lyons on Twitter: "MRT update 1.46 now removes vulnerable web servers for Zoom, RingCentral, Telus Meetings, BT Cloud Phone Meetings, Office Suite HD Meeting, AT&T Video Meetings, BizConf, Huihui, UMeeting, Zhumu, and Zoom CN." / Twitter (9) Jonathan Leitschuh on Twitter: "A Remote Code Execution Vulnerability was present in all of these @zoom_us white label desktop apps. This is the full list of applications that @Apple's MRT update will now silently remove from your machines for you. If you want to be proactive, update your MRT to 1.46" / Twitter Jira Server and Data Center Update Patches Critical Vulnerability (10) pyn3rd on Twitter: "#CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE" / Twitter Assetnote Kasada | Security Redefined
Länk till avsnitt

Risky Business #547 -- Zoom-gate, massive GDPR fines, ship hack warnings and more

Adam Boileau is along this week to discuss the week?s security news. We cover:

Zoom?s week from hell BA, Marriott face massive GDPR fines Seth Rich conspiracy originated from Russia?s SVR Coast Guard warns of ship hax Cybercommand issues warning on DDE exploitation PGP ecosystem having a rough time Much, much more!

This week?s show is brought to you by our lovely friends at Signal Sciences. I guess you?d call them a next generation WAF. Signal Sciences co-founder and CTO Zane Lackey will be along in this week?s sponsor interview to plug their new cloud-based WAF product, and also to have a chat about a trend he?s seeing at non-security conferences ? more high quality security content.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes A Zoom Flaw Gives Hackers Easy Access to Your Webcam | WIRED British Airways fined $229 million under GDPR for data breach tied to Magecart Automated Magecart Campaign Hits Over 960 Breached Stores Marriott faces $123 million GDPR fine in the UK for last year's data breach | ZDNet Huawei staff and Chinese military have deep links, study claims Conspiracyland: The Russian connection to Seth Rich conspiracies US Coast Guard warns about malware designed to disrupt ships' computer systems | ZDNet US Cyber Command issues alert about hackers exploiting Outlook vulnerability | ZDNet Someone Is Spamming and Breaking a Core Component of PGP?s Ecosystem - VICE Apple reveals App Store takedown demands by governments | TechCrunch ICE mined driver?s license photos for facial recognition | TechCrunch London Police Facial Recognition ?Fails 80% Of The Time And Must Stop Now? CBP suspends Perceptics from doing government business following data breach Over 90 Million Records Leaked by Chinese Public Security Department UK's largest police forensics lab paid ransom demand to recover locked data | ZDNet Mozilla blocks UAE bid to become an internet security guardian after hacking reports - Reuters UK ISP group names Mozilla 'Internet Villain' for supporting 'DNS-over-HTTPS' | ZDNet First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol | ZDNet Canonical GitHub account hacked, Ubuntu source code safe | ZDNet Backdoor found in Ruby library for checking for strong passwords | ZDNet Tor Project to fix bug used for DDoS attacks on Onion sites for years | ZDNet OpenID Foundation says 'Sign In with Apple' is not secure enough | ZDNet Industry Breach Alert Published by US National Trade Association ALTA Beware of Fake Microsoft OneNote Audio Note Phishing Emails Fake Samsung firmware update app tricks more than 10 million Android users | ZDNet 7-Eleven Japanese customers lose $500,000 due to mobile app flaw | ZDNet 'Silence' hackers hit banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan | ZDNet Who?s Behind the GandCrab Ransomware? ? Krebs on Security Seriously, stop using RSA | Trail of Bits Blog
Länk till avsnitt

Risky Biz Soap Box: Cylance talks Persona

As regular listeners know, this isn?t the weekly Risky Biz news and current affairs show, if you want that, scroll back in the podcast feed to the previous podcast. This is a Soap Box edition, a solely sponsored podcast series we do here at Risky Biz where vendors pay us to come on to the show to talk about, well, whatever they want, really.

We?ve heard Duo Security talking about WebAuthn, we?ve got one with Proofpoint coming up that?s about insights they?ve gleaned from filtering such ridiculous amounts of email.

But in this edition, Garret Grajek from BlackBerry Cylance will be along to talk about its new product, Cylance Persona. This latest product is kinda out of the box, it?s a machine learning classifier that you install on the endpoint that learns what the typical user behaviour looks like. Once the observed user behaviour starts diverging from what?s expected, it can perform actions ? like kicking up for 2fa, locking the user out, whatever you want, really.

It?s a novel approach to dealing with compromised endpoints. Two factor authentication is great, but if your endpoints are hosed that doesn?t really count for much. And that?s really what this new gear is about.

Länk till avsnitt

Risky Business #546 -- The fifth domain sees some action

Adam Boileau is along this week to discuss the week?s security news. We cover:

NYTimes reports USA is getting all up in Russia?s grids Kremlin not happy CYBERCOM targets Iranian rocket control and APT crews TRITON attackers target US grid Turla completes hostile takeover of Oilrig Reuters publishes huge feature on Cloudhopper/APT10 China pwns global telcos, targets key subscribers FVEY owns Yandex Tourists entering Xinjiang now have mobile malware installed at border Florida city governments having a bad time Much, much more!

This week?s edition of Risky Business is brought to you by Senetas. They make layer 2 encryption tech, but they?ve also got a content disarm and reconstruction play now, Votiro, as well as their safe file sharing platform SureDrop. But we?re sticking with encryption in this week?s sponsor interview. Senetas CTO Julian Fay will be along a bit later to talk about his trip to the International Crypto Module Conference. He?ll fill us in on what the agenda was there ? lots of talk about quantum resistant crypto and also some talk about streamlining various certification regimes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes U.S. Escalates Online Attacks on Russia?s Power Grid - The New York Times Kremlin Warns of Cyberwar After Report of U.S. Hacking Into Russian Power Grid - The New York Times The Highly Dangerous 'Triton' Hackers Have Probed the US Grid | WIRED US wants to isolate power grids with 'retro' technology to limit cyber-attacks | ZDNet Wait, What The Hell Is Going On With Huawei Now? | Gizmodo Australia The Legal Context for CYBERCOM?s Reported Operations Against Iran - Lawfare Iran executes ?defence ministry contractor? over spying for CIA Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount | WIRED Nation-sponsored hackers likely carried out hostile takeover of rival group?s servers | Ars Technica Stealing Clouds Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers ? Krebs on Security Chinese spies have been sucking up call records at multinational telecoms, researchers say Exclusive: Western intelligence hacked 'Russia's Google' Yandex to spy on accounts - sources - Reuters China Is Forcing Tourists to Install Text-Stealing Malware at its Border - VICE Will Hurd?s Black Hat keynote nixed amid criticism of voting record A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers ? and it's a massive alarm bell for the rest of the US | Business Insider Florida city fires IT employee after paying ransom demand last week | ZDNet Ryuk, Ryuk, Ryuk: Georgia?s courts hit by ransomware | Ars Technica Georgia courts (mostly) shrug off ransomware attack | Ars Technica Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy ? Krebs on Security Firefox zero-day was used in attack against Coinbase employees, not its users | ZDNet FTC settles with device maker D-Link, requires 'comprehensive' security effort Cellebrite Now Says It Can Unlock Any iPhone for Cops | WIRED Gift-card scheme went well beyond Wipro hack, RiskIQ reports Tracing the Supply Chain Attack on Android ? Krebs on Security Fraudsters Spoof to Steal $27M in Cryptocurrency Android Malware Bypasses 2FA by Stealing One-Time Passwords LTE flaws let hackers ?easily? spoof presidential alerts | TechCrunch NASA hacked because of unauthorized Raspberry Pi connected to its network | ZDNet Microsoft warns Azure customers of Exim worm | ZDNet
Länk till avsnitt

Feature podcast: An interview with Jim Baker, former general counsel, FBI

This is the first edition of a new series of podcasts we?re doing here at Risky.Biz that will focus on cyber policy issues. The Hewlett Foundation approached us a while back to see if we?d be interested in doing this series we jumped at the opportunity.

The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea is pretty simple: we can talk to some of Hewlett?s grant recipients or experts in its network about pressing policy issues and turn those conversations into podcasts. The whole idea is to get some policy perspectives out there among the Risky Business audience, which, funnily enough, includes a lot of policy people.

Our first cab off the rank is this interview with Jim Baker. He joined the Department of Justice in 1990 and rose through the ranks to become the FBI general counsel in January 2014, a position he held until December 2017. So of course he was running all things legal for the FBI during the Apple-FBI dispute over a locked iPhone 5C recovered from the gunman responsible for the San Bernardino shooting.

Baker was the US Government?s point man on all things encryption, taking stances that outraged technologists and reinvigorated a policy debate that had ? at least to a degree ? stagnated for years. These days, Jim Baker serves as Director of the R Street think tank?s National Security and Cybersecurity Program.

This interview focusses on the so-called encryption wars. The FBI and other law enforcement/intelligence agencies want better access to encrypted material, while technologists say that?s impossible to accomplish without introducing unacceptable risks into the technology ecosystem. Baker shares his view on the topic.

The Australian government law enforcement and intelligence agencies guide to the Assistance and Access Act, which is mentioned in the introduction to the podcast, can be found here. (Ironically enough, served over http!)

PLEASE NOTE: Jim Baker joined our meeting via a phone call, so the audio quality here isn?t up to our usual standards. Sorry about that!

Länk till avsnitt

Risky Business #545 -- US Government loses control of customs mugshot database

On this week?s show Adam Boileau and Patrick Gray discuss the week?s news, including:

CBP loses photo and license plate database Some Android phones shipped with backdoor Info on Google?s cloud outage USG ramps up ?defend forward? Trump and Mnuchin can?t get their stories straight on Huawei The latest from Baltimore, more on that RDP bug TalkTalk hacker sentenced Much, much more

This week?s show is brought to you by Remediant! Remediant CEO Tim Keeler will be along this week to have a chinwag. We?ll talk about how simple security tech is really en vogue these days and how that?s a good thing.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that?s your thing.

Show notes CBP says hackers stole license plate and travelers' photos | ZDNet Hackers Breach Company That Makes License Plate Readers for U.S. Government - VICE Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online ? The Register Google confirms that advanced backdoor came preinstalled on Android devices | Ars Technica Two-thirds of iOS apps disable ATS, an iOS security feature | ZDNet How a Google Cloud Catch-22 Broke the Internet | WIRED Google Cloud Status Dashboard U.S. ramping up offensive cyber measures to stop economic attacks, Bolton says Trump and Mnuchin on Huawei, trade, national security Huawei executive labeled a 'moral vacuum' in heated UK hearing - CNN Russia and Iran Plan to Fundamentally Isolate the Internet | WIRED For two hours, a large chunk of European mobile traffic was rerouted through China | ZDNet Baltimore?s bill for ransomware: Over $18 million, so far | Ars Technica A botnet is brute-forcing over 1.5 million RDP servers all over the world | ZDNet Microsoft warns about email spam campaign abusing Office vulnerability | ZDNet SymCrypt Bug Would Let Attacker "Take Down Entire Windows Fleet" Senator asks Department of Justice if it can keep a lid on its software exploits 'You don't stand a chance': how the press freedom argument will go for Assange TalkTalk hacker Daniel Kelley sentenced to four years - BBC News A Push to Protect Campaigns from Hackers Hits an FEC Roadblock | WIRED Top voting machine maker reverses position on election security, promises paper ballots | TechCrunch Windows 10 zero-day details published on GitHub | ZDNet Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks New RCE vulnerability impacts nearly half of the internet's email servers | ZDNet Major HSM vulnerabilities impact banks, cloud providers, governments | ZDNet 'RAMBleed' Rowhammer attack can now steal data, not just alter it | ZDNet A backdoor in Optergy tech could remotely shut down a smart building ?with one click? | TechCrunch That push notification on your phone might be a phishing attempt New Spam Campaign Controlled by Attackers via DNS TXT Records Fortune 500 giant Tech Data exposed customer and billing data | TechCrunch FBI Issues Warning on ?Secure? Websites Used For Phishing Diebold Nixdorf warns customers of RCE bug in older ATMs | ZDNet Microsoft Blocks Some Bluetooth Devices Due to Security Risks Apple's 'Find My' Feature Uses Some Very Clever Cryptography | WIRED VLC 3.0.7 is Biggest Security Release Due to EU Bounty Program How to create an EVIL LTE Twin ? Adam Toscher ? Medium
Länk till avsnitt

Risky Business #544 -- NYTimes Baltimore report falls over

On this week?s show Patrick and Adam talk through all the week?s security news, including:

NYTimes story on EternalBlue and Baltimore is bunk An RDP worm is feeling kind of inevitable Iran is still getting Shadowbrokersed Intercept has a great feature on SID Today dumps Australian Federal Police crack down on national security journalism Phantom Secure CEO gets nine years and loses $80m Silk Road 2.0 admin must be an amazing snitch Another Bitcoin tumbler bites the dust Much, much more

This week?s sponsor interview is with Marco Slaviero of Thinkst Canary.

Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer.

Show notes Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack N.S.A. Denies Its Cyberweapon Was Used in Baltimore Attack, Congressman Says - The New York Times Report: No ?Eternal Blue? Exploit Found in Baltimore City Ransomware ? Krebs on Security Baltimore ransomware perp pinky-swears he didn?t use NSA exploit | Ars Technica NSA points to two-year patching window in remarks about Baltimore incident Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough | WIRED Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet New Iranian hacking tool leaked on Telegram | ZDNet Meltdown Showed Extent of NSA Surveillance ? and Other Tales From Hundreds of Intelligence Documents Federal police raid home of News Corp journalist Annika Smethurst | Australia news | The Guardian - Your favorite newspapers and magazines. CEO Who Sold Encrypted Phones to the Sinaloa Cartel Sentenced to Nine Years - VICE Silk Road 2.0 Admin May Only Be Prosecuted For Tax Crimes After Cooperating with Feds - VICE Bitcoin Blender Exits Cryptocurrency Mixing On Its Own Terms Rights groups probe investments in NSO Group?s private equity firm Lorenzo Franceschi-Bicchierai on Twitter: "In his new book, @josephmenn argues that Phineas Fisher, the hacktivist that breached FinFisher and Hacking Team, is perhaps a Russian intelligence front.?" Much @Stake: The Band of Hackers That Defined an Era | WIRED Google Cloud goes down, taking YouTube, Gmail, Snapchat, and others with it | ZDNet China 'rigs' 5G test to favour Huawei - NZ Herald Russian military moves closer to replacing Windows with Astra Linux | ZDNet Maze Ransomware Says Computer Type Determines Ransom Amount Phishing Emails Pretend to be Office 365 'File Deletion' Alerts Unpatched Flaw Affects All Docker Versions, Exploits Ready Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch 0patch Blog: Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga) Flipboard says hackers stole user details | ZDNet Google Is Finally Making Chrome Extensions More Secure | WIRED Westpac cyber atttack: PayID platform hack exposes private details on 100,000 Australians Terry Zhang on Twitter: "Received a 40,000$ bounty from @msftsecresponse through @Bugcrowd for a critical Auth Bypass i found on Microsoft Cloud.Also will join the team and talk about it on the BlackHat this year.Thanks for the great bounty and the opportunity sharing on a big stage.?" New research shows personalized ads are just barely more efficient than dumb ads | ZDNet Stephen A. Ridley on Twitter: "It has been 10 years since we reverse engineered the MS08-67 patch and published the FIRST public vuln PoC (which was used by the Confiker Worm authors). BUT, it has only been about a year since we got an angry email blaming us for the Confiker worm." Malware Sandbox Online | Free Trial Thinkst Canary
Länk till avsnitt

Risky Business #543 -- NYTimes blames NSA for Baltimore hacks, Assange faces espionage charges

Adam Boileau couldn?t make it this week, but that?s ok because we?ve got former Facebook CSO and current Stanford adjunct professor Alex Stamos filling in for him in today?s show. He?ll be talking through all the week?s security news, including:

NYTimes report blames Baltimore ransomware attack on leaked NSA exploit Assange to face espionage charges, extradition fight looming SanboxEscaper just keeps dropping those 0days Fury over Facebook?s response to doctored Pelosi video Much, much more

This week?s sponsor interview with David Warburton of F5 Networks. You know F5 as a blinky-light box manufacturer. Load balancers, SSL termination, that sort of stuff. Not exactly a growth industry at the moment, so they?re pivoting.

They?ve dropped $670m on NGINX ? f5 now owns the NGINX company ? and they?re making all sorts of moves in the appsec space. That interview is mostly about F5?s business, but I found it interesting because what do you do when you?re an $8bn company that makes data-centre equipment and that industry starts going into decline?

Links to everything discussed are below, and you can follow Patrick or Alex on Twitter if that?s your thing.

Show notes In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc - The New York Times Thomas Rid on Twitter: "Meanwhile I feel rather uncomfortable about being quoted in said NYT story. Although the bigger point stands: whoever was behind Shadowbrokers must be held accountable, and USG should not get away with publicly ignoring this historic leak." Eternally Blue: Baltimore City leaders blame NSA for ransomware attack | Ars Technica Google bots shut down Baltimore officials? ransomware-workaround Gmail accounts | Ars Technica CyberSecPolitics: Baltimore is not EternalBlue Errata Security: A lesson in journalism vs. cybersecurity Intense scanning activity detected for BlueKeep RDP flaw | ZDNet Researcher publishes Windows zero-days for the third day in a row | ZDNet Cyber Command's latest VirusTotal upload has been linked to an active attack The Latest Julian Assange Indictment Is an Assault on Press Freedom | WIRED Here's How a Facebook Exec Defended Leaving Up That Fake Nancy Pelosi Video Facebook scrubbed 2.2 billion fake accounts in the first quarter of 2019, a new high U.S. Navy Creating a 350 Billion Record Social Media Archive A--Global Social Media Archive, 350 billion digital data records (text) - Federal Business Opportunities: Opportunities Amazon shareholders reject facial recognition sale ban to governments | TechCrunch Facial Recognition Has Already Reached Its Breaking Point | WIRED Android and iOS devices impacted by new sensor calibration attack | ZDNet Privacy Preserving Ad Click Attribution For the Web | WebKit German Minister Wants Secure Messengers To Decrypt Chats European police seize BestMixer, saying it helped launder $200 million worth of cryptocurrency Chinese military to replace Windows OS amid fears of US hacking | ZDNet First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records ? Krebs on Security Australian tech unicorn Canva suffers security breach | ZDNet Equifax is spending a ton of money on cybersecurity. Wall Street analysts don't like it. Democratic Party?s network security still lags behind GOP, researchers find | Ars Technica NSS ISSUES STATEMENT ? NSS Labs, Inc. CrowdStrike, NSS Labs resolve court battle over product testing | ZDNet Security Engineer, Detection - Google - Sydney NSW, Australia - Google Careers Security Engineer, Information Security and Privacy Incident Response - Google - Sydney NSW, Australia - Google Careers Malware Sandbox Online | Free Trial F5 Networks | Secure application delivery
Länk till avsnitt
En liten tjänst av I'm With Friends. Finns även på engelska.
Uppdateras med hjälp från iTunes.