Risky Business

On this week’s show Adam Boileau and Patrick Gray discuss the week’s security news:

• Julian Assange arrested, likely to be extradited to the USA
• Krebs: Breach at outsourcing firm Wipro
• WordPress 0day drama causing serious headaches
• Silk Road 2’s “DPR2” sent to slammer
• More from Kaspersky SAS

This week’s show is brought to you by Thinkst Canary! Thinkst founder Haroon Meer will be along in this week’s show to talk about the effect venture capital is having on the security ecosystem. He thinks VC money often makes weak ideas look strong, and in a market where it’s quite difficult to make informed purchasing decisions, that’s not a good thing.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Breaking Down the Julian Assange Hacking Case | WIRED Experts: Breach at IT Outsourcing Giant Wipro — Krebs on Security Silk Road 2 Founder Dread Pirate Roberts 2 Caught, Jailed for 5 Years - Motherboard Chinese woman arrested at Mar-a-Lago 'up to something,' denied bail: judge - Reuters A security researcher with a grudge is dropping Web 0days on innocent users | Ars Technica Mailgun hacked part of massive attack on WordPress sites | ZDNet PPD-20 successor has yielded ‘operational success,’ Federal CISO says A Peek Into the Toolkit of the Dangerous 'Triton' Hackers | WIRED DHS, FBI say election systems in all 50 states were targeted in 2016 | Ars Technica Quasi-Russian upstart reportedly targeted Ukraine in cyber-espionage campaign Patrick Gray ???? on Twitter: "Great scoop from @Commsday Looks like @ASDGovAu is going to rip up its contract with @Cloudflare because they host Nazi forums.… https://t.co/uhqC2EIVbY" Dragonblood vulnerabilities disclosed in WiFi WPA3 standard | ZDNet Confluence Security Advisory - 2019-03-20 - Atlassian Documentation A New Breed of ATM Hackers Gets in Through a Bank’s Network | WIRED Mysterious Hackers Hid Their Swiss Army Spyware for 5 Years | WIRED Kaspersky: 70 percent of attacks now target Office vulnerabilities | ZDNet EU: No evidence of Kaspersky spying despite 'confirmed malicious' classification | ZDNet DHS alerts industry to insecure enterprise VPN apps Shimo VPN service contains six unpatched vulnerabilities, Talos discovers ‘Land Lordz’ Service Powers Airbnb Scams — Krebs on Security Hackers publish personal data on thousands of US police officers and federal agents | TechCrunch Former Senate IT intern admits to doxing US senators on Twitter and Wikipedia | ZDNet A hacker has dumped nearly one billion user records over the past two months | ZDNet Google DLP Makes It Easier to Safeguard Sensitive Data Troves | WIRED Microsoft Email Hack Shows the Lurking Danger of Customer Support | WIRED Fortinet settles charges of selling intentionally mislabeled Chinese-made tech to U.S. military Security Engineer, Detection - Google - Sydney NSW, Australia - Google Careers Security Engineer, Information Security and Privacy Incident Response - Google - Sydney NSW, Australia - Google Careers Thinkst Canary