Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Iowa app falls over, social and mainstream media chaos ensues
• Twitter acknowledges state-backed API abuse
• CDA 230 under review. Uh oh.
• Toll Group ransomware
• ICS-compatible ransomware spotted in wild
• UN got owned pretty hard
• Is Joshua Schulte The Shadow Brokers? A theory
• Much, much more.

This week’s show is brought to you by Okta.

Okta’s Simon Thorpe will be along this week to talk about a new trend they’re seeing and obviously encouraging – enterprises ditching Microsoft’s Active Directory. It’s a cloud, cloud, cloud, cloud, world these days. and in the year 2020, you might want to actually ask yourself – do you still need to be using AD?

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes The Iowa Caucus Tech Meltdown Is a Warning | WIRED Democrats’ Iowa Caucus Voting App Stirs Security Concerns - WSJ Twitter says an attacker used its API to match usernames to phone numbers | ZDNet Google Guilty Of ‘Big Screw Up’ That May Have Leaked Your Videos To A Random Stranger Department of Justice to Hold Workshop on Section 230 of the Communications Decency Act | OPA | Department of Justice The EARN IT Act: How to Ban End-to-End Encryption Without Actually Banning It | Center for Internet and Society Encryption laws not used to fight terrorism - InnovationAus Toll Group confirms "targeted" ransomware attack - Security - iTnews Toll IT Systems Update | Toll Group (24) Bad Packets Report on Twitter: "@riskybusiness @rycrozier Their Citrix server, https://t.co/66XQWpiFyF, was vulnerable to CVE-2019-19781 on 2020-01-11T06:30:06Z." / Twitter (24) MalwareTech on Twitter: "A day prior to the Travelex hack, its parent company was worth $2.1 Billion. A month later it is now worth $764 Million. The CEO owns 63% of the shares, which puts his personal loss around $850 Million." / Twitter Dozens of companies have data dumped online by ransomware ring seeking leverage | Ars Technica Mysterious New Ransomware Targets Industrial Control Systems | WIRED The New Humanitarian | EXCLUSIVE: The hack the UN tried to keep under wraps UN didn't patch SharePoint, got mega-hacked, covered it up, kept most staff in the dark, finally forced to admit it • The Register Iranian hackers target US government workers in new campaign | ZDNet As Vault 7 trial begins, Joshua Schulte's attorneys will argue he's a whistleblower Trial of Accused 'Vault 7' Leaker Opens in New York Senior Adviser To The Operator Of The “Silk Road” Website Pleads Guilty In Manhattan Federal Court | USAO-SDNY | Department of Justice Three suspects arrested in Maltese bank cyber-heist | ZDNet Raytheon engineer arrested for taking US missile defense data to China | ZDNet DOD contractor suffers ransomware infection | ZDNet Hackers are hijacking smart building access systems to launch DDoS attacks | ZDNet Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security — Krebs on Security FCC Confirms 'One or More' Carriers Broke the Law Selling Location Data - VICE Anti-virus firm Avast shuts down its data-selling subsidiary Department of Interior grounding drone fleet over cybersecurity concerns Google open-sources the firmware needed to build hardware security keys | ZDNet Apple wants to standardize the format of SMS OTPs (one-time passcodes) | ZDNet Why direct-memory attacks on laptops just won't go away Facebook settles facial recognition lawsuit for $550 million Remember FindFace? The Russian Facial Recognition Company Just Turned On A Massive, Multimillion-Dollar Moscow Surveillance System London to deploy live facial recognition to find wanted faces in a crowd | Ars Technica (15) DC3 VDP on Twitter: "Happy Friday hackers! Nitesh @ideaengine007 found a critical RCE vulnerability in Jenkins that led us to discover a Bitcoin mining service running on a DoD website ????. Head over to the disclosed report to see all the details! Thanks for being ???? Nitesh https://t.co/YywrVZu2Uc" / Twitter (15) HD Moore on Twitter: "Flamingo is a new open source tool from @Atredis for capturing credentials sprayed by IT and security products: https://t.co/NDmCfA0qvA (h/t to @4lex for HTTP NTLM support!) https://t.co/V2jKi3Enpg" / Twitter Spotlight shone on Microsoft Azure vulnerability | The Daily Swig Magento fixes trio of critical security flaws | The Daily Swig Serious flaw that lurked in sudo for 9 years hands over root privileges | Ars Technica An Artist Used 99 Phones to Fake a Google Maps Traffic Jam | WIRED Google cuts Chrome 'patch gap' in half, from 33 to 15 days | ZDNet Researcher: Backdoor mechanism still active in devices using HiSilicon chips | ZDNet