Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

https://risky.biz/

subscribe
share






Risky Business #577 -- Stir crazy lockdown edition


On this week’s show Patrick and Adam discuss the week’s security news, including:

  • KSA uses SS7 to track its citizens in USA
  • Governments begin virus tracking through personal devices
  • FBI warns of Iran-linked crew in yer supply chains
  • Voatz gets booted from HackerOne
  • All the cloud and Zoom drama

This week’s show is brought to you by Signal Sciences. Instead of interviewing one of their people, they suggested we interview Andrew Becherer in this week’s sponsor interview.

Andrew runs security for Iterable, but before that he ran the security program at DataDog. He’ll be along after this week’s news to talk about how much easier it is to stand up a security program in 2020 as opposed to the last time he did it five or so years ago

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Revealed: Saudis suspected of phone spying campaign in US | World news | The Guardian SS7map: SS7 Networks Exposure Government Tracking How People Move Around in Coronavirus Pandemic FBI re-sends alert about supply chain attacks for the third time in three months | ZDNet HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers Houseparty app offers $1m reward to unmask entity behind hacking smear campaign | ZDNet Marriott discloses new data breach impacting 5.2 million hotel guests | ZDNet FCC tells US telcos to implement caller ID authentication by June 30, 2021 | ZDNet Memento Labs, the Reborn Hacking Team, Is Struggling - VICE RDP and VPN use skyrocketed since coronavirus onset | ZDNet Update #2 on Microsoft cloud services continuity | Azure blog and updates | Microsoft Azure Zoom hit with class-action lawsuit for sharing user data with Facebook FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic — FBI A Norwegian school quit using video calls after a naked man ‘guessed’ the meeting link | TechCrunch FBI warns Zoom, teleconference meetings vulnerable to hijacking - CyberScoop Zoom Removes Code That Sends Data to Facebook - VICE FBI turns to insurers to grasp the full reach of ransomware - CyberScoop Cyber insurer Chubb had data stolen in Maze ransomware attack | TechCrunch Medical and military contractor Kimchuk hit by data-stealing ransomware | TechCrunch Microsoft announces new 'Hardware-enforced Stack Protection' feature | ZDNet Android lets advertisers get a list of all your apps -- and this API feature is broadly used | ZDNet Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics | ZDNet Risky Business Live, March 31, 2020 - YouTube Risky Business Live #3 -- Booz Allen Hamilton's Russia report, Azure getting creaky and more - Risky Business Network of fake QR code generators will steal your Bitcoin | ZDNet A mysterious hacker group is eavesdropping on corporate email and FTP traffic | ZDNet Malware from notorious FIN7 group is being delivered by snail mail Rare BadUSB attack detected in the wild against US hospitality provider | ZDNet Google to resume Chrome updates it paused last week due to COVID-19 | ZDNet Google says no APP users have been phished to date | ZDNet Russians Shut Down Huge Card Fraud Ring — Krebs on Security U.S. cybersecurity experts see recent spike in Chinese digital espionage - Reuters Dark web hosting provider hacked again -- 7,600 sites down | ZDNet OpenWRT code-execution bug puts millions of devices at risk | Ars Technica Seriously Risky Business


fyyd: Podcast Search Engine
share








 April 1, 2020  n/a