Risky Business

Adam Boileau co-hosts this week’s Risky Business episode. We talk about:

• The Huawei indictments
• The epic Facetime logic bug
• The even more epic Exchange privesc bug
• CISA’s “fix yo DNS” directive
• Black Cube busted doing shady stuff to Citizen Lab
• Yahoo shareholder lawsuit settlement makes directors twitchy
• Internet filtering kicks off in Venezuela
• Much, much MORE!

This week’s show is brought to you by Thinkst Canary – they make hardware honeypots and the tools you need to deploy canarytokens at scale. They also make virtual honeypots! This week Thinkst’s founder Haroon Meer will be along to wave his finger at basically all of us over what he sees as the security discipline’s tendency to not really learn anything from security conferences. It’s “contertainment,” he says, followed by “GET OFF MY LAWN”.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes US hammers Huawei with 23 indictments for stolen trade secrets, fraud - CNET Major iPhone FaceTime bug lets you hear the audio of the person you are calling ... before they pick up - 9to5Mac Abusing Exchange: One API call away from Domain Admin - dirkjanm.io DHS: Multiple US gov domains hit in serious DNS hijacking wave | Ars Technica cyber.dhs.gov - Emergency Directive 19-01 Rep. Langevin: We need a DHS briefing to understand extent of DNS hijacking threat ALERT: DNS hijacking activity - NCSC Site APNewsBreak: Undercover agents target cybersecurity watchdog Japanese government plans to hack into citizens' IoT devices | ZDNet Internet experiment goes wrong, takes down a bunch of Linux routers | ZDNet Lessons for Corporate Boardrooms From Yahoo’s Cybersecurity Settlement - The New York Times Mystery still surrounds hack of PHP PEAR website | ZDNet WordPress sites under attack via zero-day in abandoned plugin | ZDNet Evidence of regional internet blackouts across Venezuela - NetBlocks Tonga sent back to 'dark ages' after underwater Internet cable severed | Fox News Opinion | Mueller’s Real Target in the Roger Stone Indictment - The New York Times Exclusive: Ukraine says it sees surge in cyber attacks targeting election | Reuters This Time It’s Russia’s Emails Getting Leaked Russia Targeting British Institute In Disinformation Campaign Unsecured MongoDB databases expose Kremlin's backdoor into Russian businesses | ZDNet Facebook to encrypt Instagram messages ahead of integration with WhatsApp, Facebook Messenger | TechCrunch Cryptopia funds still being drained by hackers while police investigated | RNZ News Europol arrests UK man for stealing €10 million worth of IOTA cryptocurrency | ZDNet Police license plate readers are still exposed on the internet | TechCrunch Malvertising campaign targets Apple users with malicious code hidden in images | ZDNet Hackers are going after Cisco RV320/RV325 routers using a new exploit | ZDNet Spencer Dailey on Twitter: "hard to understate how bad this flaw is--shocked more pubs haven't picked up on this. The affected chip is ubiquitous, the potential exploits allow anyone within wifi-range to run arbitrary code on the machine. Wifi routers themselves use affected chip ???? https://t.co/XQx4SobJtj" GitHub - hannob/apache-uaf: Apache use after free bug infos / ASAN stack traces Lesley Carhart on Twitter: "At the very least I’ll be able to publish these questions so that other people can grill their properties should they forcibly migrate to IoT equipment." APT39: An Iranian Cyber Espionage Group Focused on Personal Information « APT39: An Iranian Cyber Espionage Group Focused on Personal Information | FireEye Inc 44CON 2013 - A talk about (info-sec) talks - Haroon Meer - YouTube