Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Marcus Hutchins faces his milkshake duck moment
• Iranian APT crew gets Shadowbrokersed
• DNS interference campaign is actually two large-scale actors
• UK to use some Huawei components in 5G build
• French Government launches comms app for politicians, it doesn’t go well
• More detail on CCleaner/ASUS crew
• Carbanak source found on VT (lol)
• Wall Street Market exit scams
• BEC costing US firms $1.3bn PA
• Much MOAR!

This week’s show is brought to you by Signal Sciences, their CEO Andrew Peterson will be along in this week’s sponsor interview to have a bit of a chat about how a lot of traditional enterprises are running serious business web app shops these days.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware — Krebs on Security filsy on Twitter: "The whole internet loves MalwareShake Duck, a lovely duck that saved the internet. *12 months later* We regret to inform you that the duck was the author of malware that stole your grandmothers lifesavings." A Mystery Agent Is Doxing Iran's Hackers and Dumping Their Code | WIRED Patrick Gray on Twitter: "This development raises serious questions, like: 1. When will SIGINT agencies start publishing zines? 2. Which nation state actors will produce the best defacement art and smack talk?" Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: DNS Hijacking Abuses Trust In Core Internet Service Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: DNSpionage brings out the Karkoff Wipro Intruders Targeted Other Major IT Firms — Krebs on Security The Weather Channel goes off the air for 90 minutes after ransomware infection | ZDNet Manufacturing giant Aebi Schmidt hit by ransomware | TechCrunch Huawei will help build Britain’s 5G network, despite security concerns - The Verge U.S. and British Intelligence Agencies Downplay Disagreement Over Huawei 5G Huawei frustration boils over as CIA allegedly shows the goods | Telecoms.com French government releases in-house IM app to replace WhatsApp and Telegram use | ZDNet Congress sends letter to Google for details on Sensorvault location tracking database | ZDNet Supply Chain Hackers Snuck Malware Into Videogames | WIRED Source code of Carbanak trojan found on VirusTotal | ZDNet A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions | WIRED Another dark web marketplace bites the dust --Wall Street Market | ZDNet FBI: US companies lost $1.3 billion in 2018 due to BEC scams | ZDNet Security flaw lets attackers recover private keys from Qualcomm chips | ZDNet Security flaw in EA’s Origin client exposed gamers to hackers | TechCrunch RCE in EA's Origin Desktop Client – Underdog Security – Our blog... More Security Endpoint Tech Isn't Always Better | Decipher Chaos on Twitter: "last week i got to witness an engineering department lose a full day's work because if you put an emoji in a git commit message, Atlassian Bamboo chokes on it forever and you're forced to rebase master, like you should NEVER DO. this was of course referred to as The Emojiency" Australian Lime Scooters Hacked To Say Sexual Things To Riders | Gizmodo Australia Demand More from Your Web Application Security | Signal Sciences