Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• German intelligence warns of widespread Russian infrastructure hacks
• NGOs urge COVID-19 hack de-escalation
• UK mulls total Huawei ban… we think it’s a done deal
• DHS warning on 5G “moronavirus”
• Wen jailbreak? NOW JAILBREAK!!
• iOS 14 leaks
• Much, much more…

This week’s sponsor interview is with Casey Ellis, the CTO of Bugcrowd. As you’ll hear, Bugcrowd did a survey of managers in security to see if their attitudes around work from home had changed since the COVID-19 crisis, and yes, they have. Casey also tells us about Bugcrowd’s latest LevelUp virtual conference. That conversation led to him sharing some interesting insights about trends amongst the crowd of registered testers on Bugcrowd’s platform.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Red Cross urges halt to cyberattacks on healthcare sector amid COVID-19 - Reuters CyberPeace Institute - Call for Government FBI offers US companies more details from investigations of health care hacking UK cyber agency launches review of Huawei presence in 5G networks NSO Group Impersonated Facebook to Help Clients Hack Targets - VICE German intelligence agencies warn of Russian hacking threats to critical infrastructure The DHS Prepares for Attacks Fueled by 5G Conspiracy Theories | WIRED US may ‘disconnect’ with Australia over Victoria’s deal with China (2) Tom McIlroy on Twitter: "Statement from US Ambassador to Canberra Arthur Culvahouse - in response to reports about Mike Pompeo's comments on Victoria's Belt and Road agreement https://t.co/n8KzIAyGgJ" / Twitter Australia China trade war: Beijing seizes on Mike Pompeo’s ‘disconnection’ comment Coronavirus 'dossier' was a basic timeline of facts handed out by US State Department with no new evidence - ABC News There's a Jailbreak Out for the Current Version of iOS | WIRED How iPhone Hackers Got Their Hands on the New iOS Months Before Its Release - VICE Coronavirus Australia: COVIDSafe app may need privacy changes to use Apple, Google tracing tool Signal to move away from using phone numbers as user IDs | ZDNet Facebook Messenger Adds Safety Alerts—Even in Encrypted Chats | WIRED Hackers infect multiple game developers with advanced malware | Ars Technica Japan investigates Mitsubishi Electric breach amid national security concerns Thousands of enterprise systems infected by new Blue Mockingbird malware gang | ZDNet Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks | Cyber.gov.au Federal officials have arrested another accused FIN7 hacker Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office — Krebs on Security Ransomware deploys virtual machines to hide itself from antivirus software | ZDNet Turla hacker group steals antivirus logs to see if its malware was detected | ZDNet RangeAmp attacks can take down websites and CDN servers | ZDNet Google Cloud security find earns South American researcher $31k bug bounty payout | The Daily Swig How to perform an HTTP header smuggling attack through a reverse proxy | The Daily Swig New Spectra attack breaks the separation between Wi-Fi and Bluetooth | ZDNet Thousands of Israeli sites defaced with code seeking permission to access users' webcams | ZDNet Twitter adds a warning label fact-checking Trump’s false voting claims | TechCrunch #LevelUp 0x06 — Presented by Bugcrowd Bugcrowd - YouTube