Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• IDF takes out Hamas cyber HQ (Features commentary from Bobby Chesney and Klon Kitchen)
• NYTimes mangles Symantec’s “Buckeye” research
• Lots of dark web arrests
• SAP exploits not all they’re cracked up to be
• Magecart-style attacks spread to other platforms
• Tech-led crackdown on Chinese-muslims intensifies
• Japan to create “defensive malware”

This week’s sponsor interview is with Duo Security advisory CSO Richard Archdeacon and we’ll be talking about zero trust networks. Richard isn’t so worried about every vendor under the sun claiming to be a zero trust tech company. He doesn’t think that’s going to derail the move to zero trust architectures because the move towards them is too strong.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Israel Defense Forces on Twitter: "CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.… https://t.co/rL86R93V7P" Crossing a Cyber Rubicon? Overreactions to the IDF’s Strike on the Hamas Cyber Facility - Lawfare Daniel Moore on Twitter: "It's also possible that they claim this is a kinetic response to a cyber-attack, but in reality the IDF is just bombing more convenient, low-risk elements of Hamas out of its extensive target bank. So possibly more capitalising on an opportunity than direct retaliation.… https://t.co/uFSn4Ql8Nu" Inbar Raz on Twitter: "If there had been only one strike, and it had been directed at the Cyber unit, then that would have been a remarkable and unusual event. But it wasn’t. It’s just one more building with “Hamas” written all over it. 3/N… https://t.co/hPfy1ulmsE" Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak | Symantec Blogs How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks - The New York Times A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree | WIRED FBI has seized Deep Dot Web and arrested its administrators | TechCrunch Law enforcement seizes dark web market after moderator leaks backend credentials | ZDNet Public 10KBLAZE Exploits May Impact 90% of SAP Production Systems sap_ms/README.md at master · gelim/sap_ms · GitHub JavaScript card sniffing attacks spread to other e-commerce platforms | ZDNet A hacker is wiping Git repositories and asking for a ransom | ZDNet Mysterious hacker has been selling Windows 0-days to APT groups for three years | ZDNet China uses biometrics and digital scanning 'data doors' to track Muslim minority | ZDNet Uyghurs the People of Xinjiang - Rear Vision - ABC Radio National (Australian Broadcasting Corporation) CIA sets up shop on the anonymous, encrypted Tor network - CNET China making 'rapid progress' on potency of cyber-operations, Pentagon says Japanese government to create and maintain defensive malware | ZDNet Hacker takes over 29 IoT botnets | ZDNet Only six TSA staffers are overseeing US oil & gas pipeline security | ZDNet Dutch intelligence warns of escalating Russian, Chinese cyberattacks in the Netherlands NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year WordPress finally gets the security features a third of the Internet deserves | ZDNet Verizon, T-Mobile, Sprint, and AT&T Hit With Class Action Lawsuit Over Selling Customers’ Location Data - VICE Firefox add-ons disabled en masse after Mozilla certificate issue | ZDNet Labor asks questions of WeChat over doctored accounts, 'fake news' Evil Clippy Makes Malicious Office Docs that Dodge Detection Dell laptops and computers vulnerable to remote hijacks | ZDNet AWS IAM Exploitation – Security Risk Advisors Zero Trust Evaluation Guide: For the Workforce | Duo Security