Risky Business

On this week’s show Patrick and Adam talk through all the week’s security news, including:

• NYTimes story on EternalBlue and Baltimore is bunk
• An RDP worm is feeling kind of inevitable
• Iran is still getting Shadowbrokersed
• Intercept has a great feature on SID Today dumps
• Australian Federal Police crack down on national security journalism
• Phantom Secure CEO gets nine years and loses $80m
• Silk Road 2.0 admin must be an amazing snitch
• Another Bitcoin tumbler bites the dust
• Much, much more

This week’s sponsor interview is with Marco Slaviero of Thinkst Canary.

Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer.

Show notes Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack N.S.A. Denies Its Cyberweapon Was Used in Baltimore Attack, Congressman Says - The New York Times Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware — Krebs on Security Baltimore ransomware perp pinky-swears he didn’t use NSA exploit | Ars Technica NSA points to two-year patching window in remarks about Baltimore incident Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough | WIRED Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet New Iranian hacking tool leaked on Telegram | ZDNet Meltdown Showed Extent of NSA Surveillance — and Other Tales From Hundreds of Intelligence Documents Federal police raid home of News Corp journalist Annika Smethurst | Australia news | The Guardian PressReader.com - Your favorite newspapers and magazines. CEO Who Sold Encrypted Phones to the Sinaloa Cartel Sentenced to Nine Years - VICE Silk Road 2.0 Admin May Only Be Prosecuted For Tax Crimes After Cooperating with Feds - VICE Bitcoin Blender Exits Cryptocurrency Mixing On Its Own Terms Rights groups probe investments in NSO Group’s private equity firm Lorenzo Franceschi-Bicchierai on Twitter: "In his new book, @josephmenn argues that Phineas Fisher, the hacktivist that breached FinFisher and Hacking Team, is perhaps a Russian intelligence front.… https://t.co/PgLPt369Sd" Much @Stake: The Band of Hackers That Defined an Era | WIRED Google Cloud goes down, taking YouTube, Gmail, Snapchat, and others with it | ZDNet China 'rigs' 5G test to favour Huawei - NZ Herald Russian military moves closer to replacing Windows with Astra Linux | ZDNet Maze Ransomware Says Computer Type Determines Ransom Amount Phishing Emails Pretend to be Office 365 'File Deletion' Alerts Unpatched Flaw Affects All Docker Versions, Exploits Ready Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch 0patch Blog: Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga) Flipboard says hackers stole user details | ZDNet Google Is Finally Making Chrome Extensions More Secure | WIRED Westpac cyber atttack: PayID platform hack exposes private details on 100,000 Australians Terry Zhang on Twitter: "Received a 40,000$ bounty from @msftsecresponse through @Bugcrowd for a critical Auth Bypass i found on Microsoft Cloud.Also will join the team and talk about it on the BlackHat this year.Thanks for the great bounty and the opportunity sharing on a big stage.… https://t.co/mbzs41LfBf" New research shows personalized ads are just barely more efficient than dumb ads | ZDNet Stephen A. Ridley on Twitter: "It has been 10 years since we reverse engineered the MS08-67 patch and published the FIRST public vuln PoC (which was used by the Confiker Worm authors). BUT, it has only been about a year since we got an angry email blaming us for the Confiker worm. https://t.co/4Xalrh7okV… https://t.co/QPeMCZIHtc" Malware Sandbox Online | Free Trial Thinkst Canary