Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Paige Thompson pleads not guilty to CapitalOne hack
• German government probes FinFisher
• Bluekeep Metasploit module dropped
• DPRK samples hit VT, courtesy of our friends in the USA
• Apple releases awful statement about mass exploitation of its devices
• Much more

This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Cyber Command's biggest VirusTotal upload looks to expose North Korean-linked malware InstaCyber on Twitter: "Uploading of samples isn't burning capability or some sort of (working) counter-CNE operation. This is proven by the large number of actors that keep truckin' on with the same old junk despite disclosure; the number of groups that truly pack up shop, albeit temporarily, is small https://t.co/COkDOLYlwr" / Twitter The NSA recognizes it needs to share more nation-state threat data, and faster Apple takes flak for disputing iOS security bombshell dropped by Google | Ars Technica We must see China - the opportunities and the threats - with clear eyes Samsung, Huawei, LG, and Sony phones vulnerable to rogue 'provisioning' messages | ZDNet Zero-day disclosed in Android OS | ZDNet A Chinese APT is now going after Pulse Secure and Fortinet VPN servers | ZDNet Metasploit team releases BlueKeep exploit | ZDNet How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory. German prosecutors investigate spyware maker FinFisher | News | DW | 05.09.2019 Twitter disables SMS-to-tweet feature after its CEO got hacked last week | ZDNet Accused Capital One hacker pleads not guilty to all charges Back to school: With latest attack, ransomware cancels classes in Flagstaff | Ars Technica No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas | ZDNet Chris Bing on Twitter: "NSA cybersecurity division Director Anne Neuberger says at #BillingtonSummit that Ransomware represents one of the threats facing the election. Explains its a notable vector of attack following attacks on cities across the US." / Twitter Thousands of servers infected with new Lilocked (Lilu) ransomware | ZDNet Scraping public website data does not violate CFAA, judge rules 51 tech CEOs send open letter to Congress asking for a federal data privacy law | ZDNet Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks Security researchers expose another instance of Chrome patch gapping | ZDNet Kaspersky launches anti-cheat solution for pro e-sports tournaments | ZDNet Mozilla launches Firefox VPN extension for US users | ZDNet Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month | ZDNet Intel server-grade CPUs impacted by new NetCAT attack | ZDNet U.S. arrests 281 people worldwide accused of involvement in BEC scams Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet Cyber-security incident at US power grid entity linked to unpatched firewalls | ZDNet Secret Service Investigates Breach at U.S. Govt IT Contractor — Krebs on Security Millions of Exim servers vulnerable to root-granting exploit | ZDNet