Cover image of Risky Business
(219)

Rank #70 in Technology category

Technology
News
Tech News

Risky Business

Updated 1 day ago

Rank #70 in Technology category

Technology
News
Tech News
Read more

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Read more

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

iTunes Ratings

219 Ratings
Average Ratings
194
8
3
4
10

Most

By securityatty - Jan 11 2019
Read more
Not just the best security podcast, the most security podcast

Great podcast!

By smd-IN girl - Jun 05 2018
Read more
Great podcast! I look forward to listening to it every week.

iTunes Ratings

219 Ratings
Average Ratings
194
8
3
4
10

Most

By securityatty - Jan 11 2019
Read more
Not just the best security podcast, the most security podcast

Great podcast!

By smd-IN girl - Jun 05 2018
Read more
Great podcast! I look forward to listening to it every week.
Cover image of Risky Business

Risky Business

Updated 1 day ago

Read more

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

Rank #1: Risky Business #559 -- Maybe it was the Israelis hacking the Russians to masquerade as Iranians?

Podcast cover
Read more

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Fresh details on Turla’s hostile takeover of Oilrig
  • Russians doing very interesting things with “tagged” TLS
  • China wants an aerospace sector so a lot of people got a lot of owned
  • Imperva releases breach details
  • Zendesk cops to 2016 breach
  • German manufacturer, US transport tech company sunk by ransomware
  • NordVPN gets owned
  • AVAST owned. Lots. Again.
  • Welcome to Video takedown
  • Much, much more

This week’s show is brought to you by Trail of Bits! We’ll be hearing from Trail of Bits practice lead for assurance Stefan Edwards all about their work on a recent security audit of Kubernetes. As it turns out, Kubernetes isn’t actually a horror show, but Stefan thinks you might want to run a hosted instance unless you’re a real expert.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Hacking the hackers: Russian group hijacked Iranian spying operation, officials say - Reuters
Russian hacker group patches Chrome and Firefox to fingerprint TLS traffic | ZDNet
Building China's Comac C919 airplane involved a lot of hacking, report says | ZDNet
Imperva blames data breach on stolen AWS API key | ZDNet
Zendesk discloses 2016 data breach | ZDNet
Major German manufacturer still down a week after getting hit by ransomware | ZDNet
NordVPN admits 'isolated' data breach was discovered last year
Antivirus Giant Avast Hacked By Spies Who Stole Its Passwords
How a Bitcoin Trail Led to a Massive Dark Web Child-Porn Site Takedown | WIRED
Inside the shutdown of the ‘world’s largest’ child sex abuse website | TechCrunch
Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem | ZDNet
US claims cyber strike on Iran after attack on Saudi oil facility | Ars Technica
Accused Capital One hacker had as much as 30 terabytes of stolen data, feds say
Planting Tiny Spy Chips in Hardware Can Cost as Little as $200 | WIRED
Microsoft's Secured-Core PC Feature Protects Critical Code | WIRED
White-hat hacks Muhstik ransomware gang and releases decryption keys | ZDNet
EA to give users a free month of Origin Access if they enable 2FA | ZDNet
Google finds Android zero-day impacting Pixel, Samsung, Huawei, Xiaomi devices | ZDNet
FBI warns of major ransomware attacks as criminals go “big-game hunting” | Ars Technica
Why are cyber insurers incentivizing clients to invest in specific vendors?
Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities
Trump administration looks to throttle Chinese surveillance companies’ business with U.S.
Magecart strikes more than 2 million websites as more groups get involved
Shipping giant Pitney Bowes hit by ransomware | TechCrunch
Apple Mac Hack Warning: North Korea Uses Fake Cryptocurrency Companies To Break Into macOS
Researchers Say They Uncovered Uzbekistan Hacking Operations Due to Spectacularly Bad OPSEC - VICE
Intel proposes new SAPM memory type to protect against Spectre-like attacks | ZDNet
Unpatched Linux bug may open devices to serious attacks over Wi-Fi | Ars Technica
Samsung, Google acknowledge flaws in phone-unlocking biometric tools
Rethinking Encryption - Lawfare
A million people are jailed at China's gulags. I managed to escape. Here's what really goes on inside - World News - Haaretz.com
GitHub - lojikil/kubectlfish: Slides from my OWASP AppSec Global DC 2019 talk
audit-kubernetes/reports at master · trailofbits/audit-kubernetes · GitHub
Trail of Bits

Oct 23 2019

Play

Rank #2: Risky Business #558 -- Trump targets Crowdstrike, Apple jailbreakers rejoice

Podcast cover
Read more

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Apple jailbreakers partying in the streets
  • Donald Trump targets Crowdstrike over 4chan conspiracy nonsense
  • Ransomware absolutely everywhere this week
  • Horror-show VxWorks bugs are popping up in other stacks
  • OnApp fixes mother of all misconfigurations
  • More SIM card issues
  • Much, much more

In this week’s sponsor interview we chat with Mr Sandbox himself, VMRay’s Carsten Willems. He’s along to talk about VMRay’s involvement in a machine-learning bypass competition that happened at DEFCON earlier this year.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Unfixable iOS Device Exploit Is the Latest Apple Security Upheaval | WIRED No, it wasn’t a virus; it was Chrome that stopped Macs from booting | Ars Technica How Trump’s Ukraine Mess Entangled CrowdStrike | WIRED Trump Was Repeatedly Warned That Ukraine Conspiracy Theory Was ‘Completely Debunked’ - The New York Times Evan McMurry on Twitter: "NEW: Tom Bossert on Pres. Trump's Crowdstrike reference on Ukraine call: "It's not only a conspiracy theory, it is completely debunked... "I am deeply frustrated with what [Rudy Giuliani] and the legal team is doing in repeating that debunked theory to the president." https://t.co/o1lcVI31u8" / Twitter Trump Still Doesn't Believe Russia Hacked the 2016 Election | WIRED Trump told Russian officials in 2017 he wasn’t concerned about Moscow’s interference in U.S. election - The Washington Post Airbus hit by series of cyber attacks on suppliers U.S. Steps Up Scrutiny of Airplane Cybersecurity - WSJ Ransomware forces 3 hospitals to turn away all but the most critical patients | Ars Technica Surgeries delayed and patient security fears after cyber attack on Victorian hospitals Wood Ranch Medical Announces Permanent Closure Due to Ransomware Attack Malware infection disrupts production at defence contractor plants in three countries | ZDNet Over 500 US schools were hit by ransomware in 2019 | ZDNet Ransomware incident to cost Danish company a whopping $95 million | ZDNet Decades-Old Code Is Putting Millions of Critical Devices at Risk | WIRED Thousands of Cloud Computing Servers Could Be Owned With 'Very Simple' Attack, Researchers Say - VICE California's new labor law is going to impact bug bounty companies. By how much is unknown. Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold - VICE New SIM card attack disclosed, similar to Simjacker | ZDNet German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting — Krebs on Security Cloudflare, Google Chrome, and Firefox add HTTP/3 support | ZDNet Microsoft bans 38 file extensions in Outlook for the Web | ZDNet AT&T redirected pen-test payloads to the FBI's Tips portal | ZDNet Azure Sentinel, Microsoft's cloud-based SIEM, hits general availability | ZDNet Microsoft will now encrypt new SSDs with BitLocker | TechRadar High-severity vulnerability in vBulletin is being actively exploited | Ars Technica Cybersecurity giant Comodo can’t even keep its own website secure | TechCrunch Threesome Blowjob Scene on Giant Highway Billboard Could Have Caused an Accident, Police Say - VICE Porn on the big screen in central Auckland: Asics video monitor hacked - NZ Herald Yahoo Engineer Used Insider Access to Get Private Photos of Women - VICE Landmark White data beach: Sydney IT contractor arrested after high-profile cyber attack Home - MLSEC VMRay | Malware Analysis Tools | Malware Sandbox Solutions

Oct 02 2019

Play

Rank #3: Snake Oilers 10 part 2: Do too many users have VPN access to your prod environment? There's another way!

Podcast cover
Read more

In this edition of Snake Oilers Patrick speaks to:

  • Justin McCarthy of StrongDM

StrongDM makes a protocol proxy that you can use to provision production services (like Kubernetes and SQL access) to users without them requiring full VPN access to prod. This is very cool stuff, if you manage a large prod environment that’s suffering from VPN sprawl you’ll want to check this one out.

  • Nicholas Davis of Rapid7

Nicholas is the senior technical product manager for InsightIDR. InsightIDR is a SIEM/EDR play that integrates a bunch of stuff. These days Rapid7 is really emphasising the holistic nature of InsightIDR, rather than the endpoint part, and Nicholas joins the show to talk about that.

  • Preston Hogue of F5 Networks

F5 Networks recently acquired NGINX as a part of a push to become cloud-relevant. Their strategy is to allow for F5 security smarts to be inserted basically anywhere and anyhow you want. Preston joins the show to talk about that!

Links to our Snake Oilers sponsors are below!

Show notes

strongDM Free Trial: The Infrastructure Access API InsightIDR Free Trial: The SIEM You've Always Wanted Build and deploy scalable, high-performing, and secure apps. | F5

Oct 09 2019

Play

Rank #4: Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

Podcast cover
Read more

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Paige Thompson pleads not guilty to CapitalOne hack
  • German government probes FinFisher
  • Bluekeep Metasploit module dropped
  • DPRK samples hit VT, courtesy of our friends in the USA
  • Apple releases awful statement about mass exploitation of its devices
  • Much more

This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Cyber Command's biggest VirusTotal upload looks to expose North Korean-linked malware InstaCyber on Twitter: "Uploading of samples isn't burning capability or some sort of (working) counter-CNE operation. This is proven by the large number of actors that keep truckin' on with the same old junk despite disclosure; the number of groups that truly pack up shop, albeit temporarily, is small https://t.co/COkDOLYlwr" / Twitter The NSA recognizes it needs to share more nation-state threat data, and faster Apple takes flak for disputing iOS security bombshell dropped by Google | Ars Technica We must see China - the opportunities and the threats - with clear eyes Samsung, Huawei, LG, and Sony phones vulnerable to rogue 'provisioning' messages | ZDNet Zero-day disclosed in Android OS | ZDNet A Chinese APT is now going after Pulse Secure and Fortinet VPN servers | ZDNet Metasploit team releases BlueKeep exploit | ZDNet How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory. German prosecutors investigate spyware maker FinFisher | News | DW | 05.09.2019 Twitter disables SMS-to-tweet feature after its CEO got hacked last week | ZDNet Accused Capital One hacker pleads not guilty to all charges Back to school: With latest attack, ransomware cancels classes in Flagstaff | Ars Technica No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas | ZDNet Chris Bing on Twitter: "NSA cybersecurity division Director Anne Neuberger says at #BillingtonSummit that Ransomware represents one of the threats facing the election. Explains its a notable vector of attack following attacks on cities across the US." / Twitter Thousands of servers infected with new Lilocked (Lilu) ransomware | ZDNet Scraping public website data does not violate CFAA, judge rules 51 tech CEOs send open letter to Congress asking for a federal data privacy law | ZDNet Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks Security researchers expose another instance of Chrome patch gapping | ZDNet Kaspersky launches anti-cheat solution for pro e-sports tournaments | ZDNet Mozilla launches Firefox VPN extension for US users | ZDNet Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month | ZDNet Intel server-grade CPUs impacted by new NetCAT attack | ZDNet U.S. arrests 281 people worldwide accused of involvement in BEC scams Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet Cyber-security incident at US power grid entity linked to unpatched firewalls | ZDNet Secret Service Investigates Breach at U.S. Govt IT Contractor — Krebs on Security Millions of Exim servers vulnerable to root-granting exploit | ZDNet

Sep 11 2019

Play

Rank #5: Risky Business #551 -- Post Vegas edition, more news than we can handle

Podcast cover
Read more

Adam Boileau is along this week to discuss the week’s security news. We cover:

  • Follow ups on CapitalOne
  • Amazon EBS snapshots exposed
  • North Korea bags $2bn in cybercrime spree
  • Attempted Coinbase breach postmortem
  • Apple’s new research phones for bug hunters
  • APT41 busted moonlighting
  • Cloudflare finally ditches 8chan
  • Leaked Boeing 787 code shredded, full of bugs
  • Qualcomm bugs pave path through to Android kernel
  • Microsoft gets Tavis’d
  • More RDP/RDS bugs
  • Much, much more

This week’s sponsor interview is with Jake King of CMD. CMD has developed a control layer for Linux systems that restricts account actions, not just by traditional permissions. Jake will be along this week to talk a little bit about EDR on Linux. He saw a nice talk from some IBM X-Forcers at Black Hat about Linux EDR bypasses and that led to a conversation about Linux EDR generally. It’s interesting stuff

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Show notes</h3>
</div>
<div class="panel-body">
<dl>

<dt><a href="https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/">What We Can Learn from the Capital One Hack — Krebs on Security</a></dt>
<dd></dd>

<dt><a href="https://ejj.io/blog/capital-one">E</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/github-sued-for-aiding-hacking-in-capital-one-breach/">GitHub sued for aiding hacking in Capital One breach | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://techcrunch.com/2019/08/09/aws-ebs-cloud-backups-leak/">Hundreds of exposed Amazon cloud backups found leaking sensitive data | TechCrunch</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/monzo-admits-to-storing-payment-card-pins-in-internal-logs/">Monzo admits to storing payment card PINs in internal logs | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/43jkzp/one-million-bank-phone-calls-in-amazon-aws-bucket-bank-of-cardiff">One Million Bank Phone Calls Found in Exposed Server - VICE</a></dt>
<dd></dd>

<dt><a href="https://krebsonsecurity.com/2019/08/sec-investigating-data-leak-at-first-american-financial-corp/">SEC Investigating Data Leak at First American Financial Corp. — Krebs on Security</a></dt>
<dd></dd>

<dt><a href="https://www.reuters.com/article/us-northkorea-cyber-un/north-korea-took-2-billion-in-cyber-attacks-to-fund-weapons-program-u-n-report-idUSKCN1UV1ZX">North Korea took $2 billion in cyberattacks to fund weapons program: U.N. report - Reuters</a></dt>
<dd></dd>

<dt><a href="https://www.technologyreview.com/s/614094/an-attempted-heist-at-coinbase-was-scary-good-even-though-it-failed/">An attempted heist at Coinbase was scary good, even though it failed - MIT Technology Review</a></dt>
<dd></dd>

<dt><a href="https://blog.coinbase.com/responding-to-firefox-0-days-in-the-wild-d9c85a57f15b">Responding to Firefox 0-days in the wild - The Coinbase Blog</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/three-ads-generate-5-5-times-more-revenue-than-a-web-based-cryptojacking-script/">Three ads generate 5.5 times more revenue than a web-based cryptojacking script | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.forbes.com/sites/thomasbrewster/2019/08/05/apple-is-giving-out-hacker-friendly-iphones-plots-mac-bug-bounty-sources/#747996054f09">Apple Hands Hackers Secret iPhones In A Bid To Boost Security, Sources Say</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/apple-expands-bug-bounty-to-macos-raises-bug-rewards/">Apple expands bug bounty to macOS, raises bug rewards | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/apt41-fireeye-china/">Meet APT41, the Chinese hackers moonlighting for personal gain</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/ne8jdb/cloudflare-wont-ban-8chan-after-el-paso-terrorist-attack">Cloudflare Says It Won’t Ban 8chan, a Hotbed for Terrorist Manifestos - VICE</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/j5yxxg/cloudflare-is-protecting-a-site-linked-to-a-neo-nazi-terror-group">Cloudflare Is Protecting a Site Linked to a Neo-Nazi Terror Group - VICE</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/boeing-787-code-leak-security-flaws/">A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/securedrop-dhs-vulnerability-disclosure-def-con/">Feds plan to use SecureDrop as a vulnerability reporting portal</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/us-military-purchased-32-8m-worth-of-electronics-with-known-security-risks/">US military purchased $32.8m worth of electronics with known security risks | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/microchips-act-wants-to-secure-us-govt-supply-chain-against-chinese-sabotage/">MICROCHIPS Act wants to secure US govt supply chain against Chinese sabotage | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.washingtonpost.com/politics/2019/07/31/cisco-pay-million-fine-selling-government-hackable-surveillance-technology/?noredirect=on">Cisco to pay $8.6 million fine for selling government hackable video surveillance technology - The Washington Post</a></dt>
<dd></dd>

<dt><a href="https://www.forbes.com/sites/thomasbrewster/2019/08/08/exclusive-kaspersky-software-lingers-on-sensitive-government-systems-2-years-after-us-ban/#a9c11b381c45">Exclusive: Kaspersky Software Lingers On Sensitive Government Systems 2 Years After U.S. Ban</a></dt>
<dd></dd>

<dt><a href="https://arstechnica.com/information-technology/2019/08/new-advanced-malware-possibly-nation-sponsored-is-targeting-us-utilities/">New advanced malware, possibly nation sponsored, is targeting US utilities | Ars Technica</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/dragos-oil-gas-hexane-industrial-hacking/">Yet another hacking group is targeting oil and gas companies, Dragos says</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/ghidra-nsa-new-version-black-hat-2019/">NSA's reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy</a></dt>
<dd></dd>

<dt><a href="https://www.forbes.com/sites/thomasbrewster/2019/08/05/a-multimillionaire-surveillance-dealer-steps-out-of-the-shadows-and-his-9-million-whatsapp-hacking-van/#4f09ccf431b7">A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/microsoft-to-disable-vbscript-by-default-on-august-13th/">Microsoft To Disable VBScript by Default on August 13th</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/evj4qw/these-iphone-lightning-cables-will-hack-your-computer">These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer - VICE</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/tesla-surveillance-detection-scout/">This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station' | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/clever-attack-uses-sqlite-databases-to-hack-other-apps-malware-servers/">Clever attack uses SQLite databases to hack other apps, malware servers | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/researchers-find-security-flaws-in-40-kernel-drivers-from-20-vendors/">Researchers find security flaws in 40 kernel drivers from 20 vendors | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/imessage-interactionless-hacks-google-project-zero/">Hackers Can Break Into an iPhone Just by Sending a Text | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/microsoft-invites-researchers-to-hack-their-azure-security-lab/">Microsoft Invites Researchers to Hack Their Azure Security Lab</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/darpa-voting-machine-defcon-voting-village-hackers/">Hackers Take on Darpa's $10 Million Voting Machine | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/rsa-encryption-signature-validation-flaws/">13-Year-Old Encryption Bugs Still Haunt Apps and IoT | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/avaya-voip-phones-harbored-10-year-old-vulnerability/">Avaya VoIP Phones Harbored 10-year Old Vulnerability</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/microsoft-russian-state-hackers-are-using-iot-devices-to-breach-enterprise-networks/">Microsoft: Russian state hackers are using IoT devices to breach enterprise networks | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/8xw9kp/black-hat-talk-about-time-ai-causes-uproar-is-deleted-by-conference">Black Hat Talk About ‘Time AI’ Causes Uproar, Is Deleted By Conference - VICE</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/development-stops-on-powershell-empire-framework-after-project-reaches-its-goal/">Development stops on PowerShell Empire framework after project reaches its goal | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/att-insiders-bribed-unlock-phones/">How AT&T Insiders Were Bribed to 'Unlock' Millions of Phones | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/qualpwn-vulnerabilities-in-qualcomm-chips-let-hackers-compromise-android-devices/">QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/security-bugs-in-popular-cisco-switch-brand-allow-hackers-to-take-over-devices/">Security bugs in popular Cisco switch brand allow hackers to take over devices | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/wordpress-team-working-on-daring-plan-to-forcibly-update-old-websites/">WordPress team working on daring plan to forcibly update old websites | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/vulnerability-in-microsoft-ctf-protocol-goes-back-to-windows-xp/">Vulnerability in Microsoft CTF protocol goes back to Windows XP | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/microsoft-black-hat-check-point-windows/">How offense and defense came together to plug a hole in a popular Microsoft program</a></dt>
<dd></dd>

<dt><a href="https://portswigger.net/daily-swig/ancient-technique-tears-a-hole-through-modern-web-stacks-at-black-hat-2019">Ancient technique tears a hole through modern web stacks at Black Hat 2019 | The Daily Swig</a></dt>
<dd></dd>

<dt><a href="https://mashable.com/article/dmv-vanity-license-plate-def-con-backfire/">He tried to prank the DMV. Then his vanity license plate backfired big time.</a></dt>
<dd></dd>

<dt><a href="https://www.smh.com.au/national/nsw/how-a-blackberry-password-cracked-one-of-australia-s-biggest-drug-hauls-20190809-p52fpe.html">*********READING LIST STARTS HERE: How a BlackBerry password cracked one of Australia’s biggest drug hauls</a></dt>
<dd></dd>

<dt><a href="https://krebsonsecurity.com/2019/08/who-owns-your-wireless-service-crooks-do/">Who Owns Your Wireless Service? Crooks Do. — Krebs on Security</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/amp/en_us/article/yw84q7/darpa-is-building-a-dollar10-million-open-source-secure-voting-system?__twitter_impression=true">DARPA Is Building a $10 Million, Open Source, Secure Voting System - VICE</a></dt>
<dd></dd>

<dt><a href="https://arstechnica.com/information-technology/2019/08/google-lets-android-users-skip-the-password-when-logging-in/">Now you can use Android phones, rather than passwords, to log in to Google* | Ars Technica</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/database-from-stockx-hack-sold-online-check-if-youre-included/">Database from StockX Hack Sold Online, Check If You're Included</a></dt>
<dd></dd>

<dt><a href="https://arstechnica.com/information-technology/2019/08/silent-windows-update-patched-side-channel-that-leaked-data-from-intel-cpus/">Silent Windows update patched side channel that leaked data from Intel CPUs | Ars Technica</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/saudi-arabia-email-extortion-chris-kubecka/">Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security - CyberScoop</a></dt>
<dd></dd>

<dt><a href="https://www.cyberscoop.com/china-phishing-anomali-nation-state-apt/">A phishing campaign with nation-state hallmarks is targeting Chinese government agencies - CyberScoop</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/guardian-firewall-ios-app/">Guardian Firewall iOS App Automatically Blocks the Trackers on Your Phone | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/a-cyber-espionage-group-has-been-stealing-files-from-the-venezuelan-military/">A cyber-espionage group has been stealing files from the Venezuelan military | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/voter-records-for-80-of-chiles-population-left-exposed-online/">Voter records for 80% of Chile's population left exposed online | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.wired.com/story/mycar-remote-start-vulnerabilities/">A Remote-Start App Exposed Thousands of Cars to Hackers | WIRED</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/ftc-too-many-people-signed-up-for-equifax-cash-so-theyll-be-getting-less-than-125/">FTC: Too many people signed up for Equifax cash, so they'll be getting less than $125 | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.vice.com/en_us/article/3kxzk9/exclusive-critical-us-election-systems-have-been-left-exposed-online-despite-official-denials">Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials - VICE</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/windows-malware-strain-records-users-on-adult-sites/">Windows malware strain records users on adult sites | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://www.zdnet.com/article/state-farm-says-hackers-confirmed-valid-usernames-and-passwords-in-credentials-stuffing-attack/">State Farm says hackers confirmed valid usernames and passwords in credentials stuffing attack | ZDNet</a></dt>
<dd></dd>

<dt><a href="https://krebsonsecurity.com/2019/08/insynq-ransom-attack-began-with-phishing-email/">iNSYNQ Ransom Attack Began With Phishing Email — Krebs on Security</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/android-apps-with-over-100m-installs-contain-a-clicker-trojan/">Android Apps With Over 100M Installs Contain a Clicker Trojan</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/new-http-2-flaws-expose-unpatched-web-servers-to-dos-attacks/">New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks</a></dt>
<dd></dd>

<dt><a href="https://techcrunch.com/2019/08/03/stockx-hacked-millions-records/">StockX was hacked, exposing millions of customers’ data | TechCrunch</a></dt>
<dd></dd>

<dt><a href="https://www.bleepingcomputer.com/news/security/cafepress-data-breach-exposes-personal-info-of-23-million-users/">CafePress Data Breach Exposes Personal Info of 23 Million Users</a></dt>
<dd></dd>

</dl>
</div>
</div>

Aug 14 2019

Play

Rank #6: Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

Podcast cover
Read more

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • US Treasury targets DPRK APT crews
  • Russia owned FBI counter surveillance team radio comms
  • New details on 2016 attack against Ukraine power grid
  • US Government to sue Edward Snowden for memoir profits
  • Did RCMP intelligence director tip Phantom Secure on investigation?
  • Much, much more!

This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector.

Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a sudden on the agenda in aerospace. Casey drops by to talk about all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

US Treasury sanctions three North Korean hacking groups | ZDNet
Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups | U.S. Department of the Treasury
North Korean hackers target U.S. entities amid stalled denuclearization talks
Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil
New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction | WIRED
Exclusive: Australia concluded China was behind hack on parliament, political parties – sources    - Reuters
US sues Edward Snowden over new book | ZDNet
Investigation into senior RCMP official stemmed from disruption of encrypted phone service: sources - National | Globalnews.ca
Israeli police arrest execs from vendor of mobile surveillance tech | ZDNet
Infamous surveillance tech vendor makes pledge to follow UN human rights policy | ZDNet
This Company Built a Private Surveillance Network. We Tracked Someone With It - VICE
Simjacker attack exploited in the wild to track users for at least two years | ZDNet
A Password-Exposing Bug Was Purged From LastPass | WIRED
The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite | WIRED
Database leaks data on most of Ecuador's citizens, including 6.7 million children | ZDNet
Arrest made in Ecuador's massive data breach | ZDNet
Data of 24.3 million Lumin PDF users shared on hacking forum | ZDNet
Hacked government contractor shares breach details as investigation continues
FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew
Google discloses vulnerability in Chrome OS 'built-in security key' feature | ZDNet
Sophos open-sources Sandboxie, a utility for sandboxing any application | ZDNet
Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode | ZDNet
Most Android flashlight apps request an absurd number of permissions | ZDNet
Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions
NY Payroll Company Vanishes With $35 Million — Krebs on Security
2 charged say they were hired to break into Dallas County courthouse

Sep 18 2019

Play

Rank #7: Risky Business #552 -- Guest host Alex Stamos on all the week's security news

Podcast cover
Read more

In this week’s show Patrick Gray and Alex Stamos discuss all the week’s news, including:

  • Confirmed: 30 companies affected by CapitalOne attacker
  • China info-ops booted off Twitter, Facebook
  • Real deal Bluetooth bugs
  • Apple re-introduces kernel bug, jailbreaks aplenty
  • Apple to sue Corellium for copyright infringement
  • DPRK gets its malware VT’d by CYBERCOM
  • Much, much more

Haroon Meer of Thinkst Canary is this week’s sponsor guest. We spoke to Haroon while he was in the USA, just before he was about to deliver a talk to USENIX all about “embracing hackiness”. Haroon thinks “hackiness” is a huge advantage for red teams, but that doesn’t mean blue teams can’t use the same hacky approaches to defence. It’s a typically great chat with Haroon. Links to everything discussed are below.

Show notes

Apple’s Lawsuit Against a Startup Shows How It Wants to Control the iPhone Hacking Market - VICE
You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t) | WIRED
New Attack exploiting serious Bluetooth weakness can intercept sensitive data | Ars Technica
Capital One hacker took data from more than 30 companies, new court docs reveal | ZDNet
Amazon Web Services finds no 'significant issues' at other companies allegedly breached by Paige Thompson
Twitter, Facebook scrub coordinated activity targeting Hong Kong demonstrations
Twitter bans 936 accounts managed by the Chinese state, aimed at Hong Kong protests | ZDNet
Chinese state media bought Twitter ads to spread disinformation about Hong Kong protests
Amazon’s Creepy Twitter PR Army is Growing - VICE
Huawei Technicians Helped African Governments Spy on Political Opponents - WSJ
U.S. Cyber Command warns of North Korea-linked Lazarus Group malware
Ransomware strike takes down 23 Texas local government agencies | Ars Technica
Backdoor found in Webmin, a popular web-based utility for managing Unix servers | ZDNet
Backdoor code found in 11 Ruby libraries | ZDNet
Degrading Tor network performance only costs a few thousand dollars per month | ZDNet
Meet Bluetana, the Scourge of Pump Skimmers — Krebs on Security
Financial hacking teams FIN7, Cobalt Group update tactics to haunt banks and retail
Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet
Facebook to pay researchers to hunt down Instagram apps that abuse user data | ZDNet
How Facebook Catches Bugs in Its 100 Million Lines of Code | WIRED
Facebook awards $100,000 prize for new code isolation technique | ZDNet
Finally, a Lightning YubiKey to Kill Password Clutter on Your iPhone | WIRED

Aug 21 2019

Play

Rank #8: Risky Business #553 -- Imperva's cloud WAF gets owned hard

Podcast cover
Read more

On this week’s show Adam Boileau and Patrick Gray discuss the week’s security news, including:

  • Fortinet, Pulse Security VPNs are being exploited in wild
  • Imperva’s cloud WAF gets colossally owned
  • US authorities fear ransomware attacks against election systems
  • Apple fixes re-introduced jailbreak bug
  • Telegram design choice puts HK protestors at risk
  • Researcher drops two 0days in Valve’s Steam client after bounty spat
  • Much, much more

This week’s sponsor guest is Ryan Kalember, EVP of cybersecurity strategy with Proofpoint. Ryan is stopping by this week to touch on a couple of topics. He’ll tell us why Proofpoint didn’t attribute a recent malware campaign targeting US utilities to APT10 despite there being some pretty APT10-like tradecraft used in that particular campaign.

He’ll also talk a bit about how thread hijacking is a giant pain in the ass. That’s where attackers take over a mailbox, then just jump right in replying to existing mail threads. Detecting that is hard, of course, because it’s internal mail. It’s a great little mixed bag interview.

Enjoy!

Show notes

Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs | ZDNet Hackers are actively trying to steal passwords from two widely used VPNs | Ars Technica Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs The year-long rash of supply chain attacks against open source is getting worse | Ars Technica Cybersecurity Firm Imperva Discloses Breach — Krebs on Security Exclusive: U.S. officials fear ransomware attack against 2020 election - Reuters While one Texas county shook off ransomware, small cities took full punch | Ars Technica Apple patches iPhone jailbreaking bug | ZDNet Alleged 'Snake Oil' Crypto Firm Sues Over Boos at Black Hat | WIRED Hong Kong protesters warn of Telegram feature that can disclose their identities | ZDNet Researcher publishes second Steam zero day after getting banned on Valve's bug bounty program | ZDNet Valve patches recent Steam zero-days, calls turning away researcher 'a mistake' | ZDNet Capital One hacker denied release, will remain in jail | ZDNet Ex-Google and Uber engineer Anthony Levandowski charged with trade secret theft - The Verge Hacker Claims He Can ‘Turn Off 25,000 Cars’ At The Push Of A Button Hackers Could Steal a Tesla Model S by Cloning Its Key Fob—Again | WIRED Microsoft will let some Windows 7 customers get free security updates for an extra year | TechCrunch UK cybersecurity agency warns devs to drop Python 2 due to looming EOL & security risks | ZDNet Inside the Black Market for Bots That Buy Designer Clothes Before They Sell Out - VICE Employees connect nuclear plant to the internet so they can mine cryptocurrency | ZDNet How an NSA researcher plans to allow everyone to guard against firmware attacks NSA-approved cybersecurity law and policy course now available online Protocol used by 630,000 devices can be abused for devastating DDoS attacks | ZDNet Blockbuster indictment against 80 fraud suspects details a complex global scam operation VMware announces plans to acquire Carbon Black for $2.1 billion Firefox and Chrome Fight Back Against Kazakhstan's Spying | WIRED Google Play app with 100 million downloads executed secret payloads | Ars Technica Moscow's blockchain voting system cracked a month before election | ZDNet Microsoft: Using multi-factor authentication blocks 99.9% of account hacks | ZDNet Why is DJI getting the Huawei treatment from the U.S.? - CyberScoop Intel, IBM, Google, Microsoft & others join new security-focused industry group | ZDNet Chinese spies have their sights on cancer research Nasa said to be investigating first allegation of a crime in space - BBC News LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards | Proofpoint AU We are bringing together the world's security expertise Careers at Remediant | Remediant

Aug 28 2019

Play

Rank #9: Risky Biz Soap Box: Yubico's Jerrod Chong talks series 5 Yubikeys and what's next

Podcast cover
Read more

These Soap Box podcasts are a wholly sponsored series of podcasts we do here at Risky.Biz, so everyone you hear on the Soap Box podcast paid to be here.

But that’s ok, because we’ve got some great sponsors. This podcast is brought to you by Yubico, makes of the Yubikey devices. These podcasts with Yubico have basically turned into an annual thing. Jerrod Chong is the Chief Solutions Officer at Yubico and he joined me for this conversation about what’s new in Yubico-land. They’ve launched some new stuff, including Yubikeys with lightning adapters for iOS devices, and Jerrod also talks about hardware 2FA moving increasingly to the mainstream.

If you’re reading this within 48 hours of this podcast going live, you can get yourself a $20 discount on any two of the new series 5 Yubikeys by visiting this link and using the code ‘Risky19’.

Show notes

Buy YubiKeys at Yubico.com | Shop hardware authentication security keys
Yubico | YubiKey Strong Two Factor Authentication

Oct 03 2019

Play

Rank #10: Risky Biz Soap Box: MITRE ATT&CK framework is now officially everywhere

Podcast cover
Read more

The Soap Box podcast series is a fully sponsored podcast series we do here at Risky.Biz, and that means that everyone you hear in it paid to be featured.

This edition of the Soap Box podcast is brought to you by AttackIQ and in in it we talk to its CISO and VP of customer success Chris Kennedy. And we’ll be discussing a topic of that frankly should be talked about a bit more: the MITRE ATT&CK framework.

We also talk about attack simulation and which security controls are most commonly and catastrophically misconfigured. If you’re a CISO you’ll like this one.

Show notes

More Security Endpoint Tech Isn't Always Better | Decipher AttackIQ Platform, continuous validation of your security control.

Sep 05 2019

Play