Risky Business

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

• Citizen Lab drops NSO Group report
• “Weaponised Stuxnet” claims are idiotic
• Another State Department email breach! Drink!
• Dutch foil planned attack against Swiss Novichok lab
• Mirai botnet authors working for FBI
• US telcos want to be consumer auth brokers
• US fails to extradite “Mr Bitcoin”
• Much, much more

This week’s show is brought to you by Remediant. They make a just-in-time access solution for privileged account management (PAM), and we’re doing something a little different in this week’s sponsor interview.

Paul Lanzi of Remediant will be along, but so will Harry Perper of MITRE corporation. Harry’s pay-cheques say MITRE, but he’s been working on a NIST project. The National Cybersecurity Center of Excellence (NCCoE) at NIST has been working on a project to provide guidance on the secure usage and management of privileged accounts. The so-called 1800-18 document is a practical guide and reference architecture for privileged account management and we’ll talk to both Harry and Paul about that after the news.

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Cyber Sleuths Find Traces of Infamous iPhone and Android Spyware ‘Pegasus’ in 45 Countries - Motherboard HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries - The Citizen Lab iOS Security Guide iOS 12 September 2018 US military given more authority to launch preventative cyberattacks - CNNPolitics People Are Recklessly Speculating That the Massachusetts Gas Explosions Were a Stuxnet-Related Hack - Motherboard State Department email breach exposed employees' personal information - POLITICO Novichok poisoning: Russians expelled from Switzerland The Mirai Botnet Architects Are Now Fighting Crime With the FBI | WIRED U.S. Mobile Giants Want to be Your Online Identity — Krebs on Security Senior Google Scientist Resigns Over “Forfeiture of Our Values” in China Google Plans to Launch Censored Search Engine in China, Leaked Documents Reveal Google's prototype Chinese search engine links searches to phone numbers | Technology | The Guardian Vijay Boyapati on Twitter: "When I worked at Google, as an engineer on Google News, I was asked to write code to censor news articles in China (circa 2006). I refused and they took me off the project and put someone else on it. Doesn't surprise me Google is back at it. "Don't be Evil" is a Google myth.… https://t.co/1geUCURHay" US loses extradition battle with Russia for Bitcoin kingpin | ZDNet US lawmakers introduce bill to fight cybersecurity workforce shortage | ZDNet Ransomware attack blacks out screens at Bristol Airport | ZDNet Security flaw can leak Intel ME encryption keys | ZDNet Nasty piece of CSS code crashes and restarts iPhones | ZDNet New cold boot attack affects 'nearly all modern computers' | ZDNet Uproar after Adobe winds down Magento rewards-based bug bounty program | ZDNet Jason Woosley on Twitter: "The demise of #BugBounty at @Magento has been greatly exaggerated. Yesterday we announced the transition of this program to the @Adobe @HackerOne system. We failed to mention that we will continue to pay out for this incredibly valuable work. Hack on!" Proofpoint: One month out from deadline, half of agency domains are DMARC compliant Cloudflare’s new ‘one-click’ DNSSEC setup will make it far more difficult to spoof websites | TechCrunch Facebook pilots new political campaign security tools — just 50 days before Election Day | TechCrunch Facebook Broadens Its Bug Bounty to Include Third-Party Apps | WIRED Google remotely changed the settings on a bunch of phones running Android 9 Pie - The Verge Zero day in popular video surveillance technology goes public, unpatched Privileged Account Management | NCCoE fs-pam-project-description-draft.pdf