Risky Business

On this week’s show Adam Boileau and Patrick Gray discuss the week’s news:

• Chelsea Manning back in jail
• Citrix owned, Resecurity claims it was Iran. Again. Because reasons, apparently.
• Huawei politics get messy
• EXCLUSIVE: Toyota Oz, other carmakers likely targeted by APT32 (Vietnam)
• Much, much more

This week’s sponsor is Senetas. They make layer 2 encryption gear but recently made a US$8m investment into Votiro, a Content Disarm and Reconstruction (CDR) play. Votiro CEO Aviv Grafi is this week’s sponsor guest. He stops by to explain CDR tech.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Chelsea Manning jailed after refusing to testify about WikiLeaks - CNNPolitics Citrix discloses security breach of internal network | ZDNet Citrix investigating unauthorized access to internal network | Citrix Blogs Iranian-backed hackers stole data from major U.S. government contractor Deacon Blues on Twitter: "Have about closed the loop on who is behind Resecurity, the mysterious company attributing the Citrix hack to Iran. It seems to be the work of one man, Andrey Andreevich Komarov, aka Andrew Komarov.… https://t.co/9fbWuEwqdL" US ambassador in Berlin urges Germany to cut ties with Huawei Pompeo warns allies Huawei presence complicates partnership with U.S. | Reuters Huawei’s 5G equipment is a manageable risk, British intelligence claims - The Verge UN report links North Korean hackers to theft of $571 million from cryptocurrency exchanges China database lists 'breedready' status of 1.8 million women | World news | The Guardian 800+ Million Emails Leaked Online by Email Verification Service - Security Discovery Releasing the NSA’s Previously Classified Tool ‘Ghidra’ For Free Is a ‘Game Changer’ - Motherboard Facebook Suit: Ukrainian Hackers Used Quizzes to Take Data from 60,000 Users A world of hurt after GoDaddy, Apple, and Google misissue >1 million certificates | Ars Technica The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code - Motherboard Google reveals Chrome zero-day under active attacks | ZDNet Pipes on Twitter: "Google TAG have run down and identified iOS, Chrome and Windows 0days in the last few weeks. @ShaneHuntley Are we going to get some insight on which group you folk are pulling apart later? Sounds like fun times ????" Russia blocks encrypted email provider ProtonMail | TechCrunch Tufts expelled a student for grade hacking. She claims innocence | TechCrunch Lamborghini-driving bitcoin trader charged with drug trafficking Cryptocurrency entrepreneur pleads guilty in 'Bitcointopia' fraud - Los Angeles Times Car alarms with security flaws put 3 million vehicles at risk of hijack | TechCrunch Silencing Cylance: A Case Study in Modern EDRs – MDSec Glitching Trezor using EMFI Through The Enclosure – Colin O’Flynn Extracting BitLocker keys from a TPM WDS bug lets hackers hijack Windows Servers via malformed TFTP packets | ZDNet Cisco tells Nexus switch owners to disable POAP feature for security reasons | ZDNet Auth0 Security Bulletin CVE-2019-7644 Votiro Disarmer Takes Cyber Security to the Next-Generation Senetas announces $8m investment in Votiro Disarmer