Risky Business

Adam Boileau is back in the news seat this week. We talk about:

• Amazing Reuters report on UAE’s “Project Raven”
• Bezos’ dick pics, Saudi Arabia and a creepy brother
• US government security staffers play post-shutdown catch-up
• Krebs: National Credit Union Administration probably pwned
• Russia to test complete disconnection from wider Internet
• China suspected of involvement in Australian parliament hack
• Trump likely to ban all Chinese telco equipment makers from US builds
• Lasers
• Google: iOS privesc 0days were in wild
• $145m in cryptocurrency lost forever due to exchange CEO death
• VFEmail has a very bad day
• Facebook/Apple cert wars
• MORE

This week’s show is brought to you by AustCyber, a nonprofit funded by grants from the Australian government. Its goal is to promote Australia’s cybersecurity industry.

AustCyber CEO Michelle Price will be along in this week’s sponsor interview to tell us all about what they’ve got planned for RSA.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Special Report - Inside the UAE’s secret hacking team of U.S. mercenaries | Reuters Project Raven: What Happens When U.S. Personnel Serve a Foreign Intelligence Agency? - Lawfare No thank you, Mr. Pecker – Jeff Bezos – Medium Mistress’ Brother Leaked Bezos’ Racy Texts to Enquirer, Sources Say Bezos Could Put National Enquirer Brass in Jail Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess | WIRED Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions — Krebs on Security Russia to disconnect from the internet as part of a planned test | ZDNet China link possible in cyber attack on Australian Parliament computer system, ABC understands - ABC News (Australian Broadcasting Corporation) Trump likely to sign executive order banning Chinese telecom equipment next week - POLITICO Huawei Sting Offers Rare Glimpse of U.S. Targeting Chinese Giant - Bloomberg China's cybersecurity law update lets state agencies 'pen-test' local companies | ZDNet Google warns about two iOS zero-days 'exploited in the wild' | ZDNet $145 million funds frozen after death of cryptocurrency exchange admin | ZDNet Hackers wipe US servers of email provider VFEmail | ZDNet Zcash cryptocurrency fixes infinite counterfeiting vulnerability | ZDNet Biohackers Encoded Malware in a Strand of DNA | WIRED Google releases Chrome extension that alerts users of breached passwords | Ars Technica Big Telecom Sold Highly Sensitive Customer GPS Data Typically Used for 911 Calls - Motherboard Hundreds of Bounty Hunters Had Access to AT&T, T-Mobile, and Sprint Customer Location Data for Years - Motherboard How Hackers and Scammers Break into iCloud-Locked iPhones - Motherboard Apple restores Facebook’s ability to run internal iOS apps - The Verge New TLS encryption-busting attack also impacts the newer TLS 1.3 | ZDNet Atlassian leads encryption law revolt as Peter Dutton stands firm Australian government clamping down on security research, academic says - Computerworld Swiss government invites hackers to pen-test its e-voting system | ZDNet Indecent disclosure: Gay dating app left “private” images, data exposed to Web (Updated) | Ars Technica AustCyber supports the development of a vibrant and globally competitive cyber security sector | AustCyber