Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #527 -- Featuring Alex Stamos, The Grugq, Susan Hennessey, Brian Krebs, Kelly Shortridge and Bobby Chesney
Alex Stamos co-hosts this week’s episode. Topics discussed include:
- DNC says Russia tried to own its servers in November 2018
- South Korean Defence Ministry owned
- Lazarus Group busy in Chile
- West African banks suffer multiple intrusions
- Michael Cohen admits rigging online poll for Trump
- Nine charged over SEC hack
- More USG SSL certificates due to expire
- apt-get remote root RCE
- Don’t use your Garmin to scope your murder escape route
- Big plot twist in viral video outrage
This week’s show is brought to you by Duo Security, which I guess is now Cisco Duo Security. Wendy Nather - Duo’s head of advisory CISOs - will be along in this week’s sponsor interview to talk about a topic near and dear to my heart: victim shaming. That’s a good one so please do stick around for that.
Links to everything that we discussed are below and you can follow Patrick or Alex on Twitter if that’s your thing.
Show notes DNC says Russia tried to hack its servers again in November 2018 | ZDNet Hackers breach and steal data from South Korea's Defense Ministry | ZDNet North Korean hackers infiltrate Chile's ATM network after Skype job interview | ZDNet West African banks hit by multiple hacking waves last year | ZDNet Michael Cohen says Trump directed him to pay for poll rigging - CNNPolitics Nine defendants charged in SEC hacking scheme that netted $4.1 million | Ars Technica 773M Password ‘Megabreach’ is Years Old — Krebs on Security Advertising network compromised to deliver credit card stealing code | ZDNet Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide | Safety Detective These are all the federal HTTPS websites that’ll expire soon because of the US government shutdown | TechCrunch The Hacker News on Twitter: "We all love your media player, but that’s really rude #VLC ???? VLC developers refused to consider #software "update-over-HTTP" as a threat. Responded→ “no threat model. no proof. no #security bug" It wouldn't hurt if you simply consider the suggestion. https://t.co/GWhE1US5Ko… https://t.co/7ja6wM4Ube" Remote Code Execution in apt/apt-get Hitman Runner Mark Fellows Convicted of Mob Murder on GPS Watch Data HN Front Page on Twitter: "FBI arrests PureVPN user with log data that was said to not exist L: https://t.co/bnY0CPyidf C: https://t.co/M1uhBVTRVC" Lin Affidavit Huawei founder says company would not share user secrets | The Sacramento Bee Opinion | If 5G Is So Important, Why Isn’t It Secure? - The New York Times Facebook’s Sputnik Takedown — In Depth – DFRLab – Medium Covington students, Nathan Phillips viral video: Twitter suspends account that helped ignite controversy - CNN Russia tries to force Facebook and Twitter to relocate servers to Russia | Ars Technica Forget Bitcoin: Why Criminals are Using Fortnite to Launder Illicit Funds Fortnite security issue would have granted hackers access to accounts | ZDNet VC funding of cybersecurity companies hits record $5.3B in 2018 | TechCrunch