Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• NSA warns of Sandworm Exim exploitation
• Huawei CFO extradition process to continue
• Google TAG implicates Indian hacker-for-hire outfits in espionage
• Black lives matter
• F–k police brutality

This week’s sponsor interview is with Marco Slaviero of Thinkst Canary. He’ll be talking through a few of the partnerships Thinkst has entered into over the years. He’ll also talk a bit about some new Canary integrations, such as a new one with HD Moore’s Rumble.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes NSA: Russia's Sandworm Hackers Have Hijacked Mail Servers | WIRED Canadian judge OKs extradition proceedings for Huawei CFO Google highlights Indian 'hack-for-hire' companies in new TAG report | ZDNet Updates about government-backed hacking and disinformation REvil Ransomware Gang Starts Auctioning Victim Data — Krebs on Security Michigan State University hit by ransomware gang | ZDNet Microsoft warns about attacks with the PonyFinal ransomware | ZDNet Lawsuit seeking billions in damages filed against EasyJet Anonymous, aiming for relevance, spins old data as new hacks Exclusive: Zoom plans to roll out strong encryption for paying customers - Reuters (5) Patrick Gray on Twitter: "Pretty funny that Zoom announced its plans to introduce e2e for paid accounts on May 7 and nobody blinked, but when they actually followed through a few weeks later people lost their minds over it. https://t.co/qsI9Pppey3" / Twitter An advanced and unconventional hack is targeting industrial firms | Ars Technica Rod Rosenstein is working with NSO Group, the Israeli firm accused of spying on dissidents GitHub warns Java developers of new malware poisoning NetBeans projects | ZDNet Hacker leaks database of dark web hosting provider | ZDNet Career Choice Tip: Cybercrime is Mostly Boring — Krebs on Security UK Ad Campaign Seeks to Deter Cybercrime — Krebs on Security Researcher claims $100,000 for ‘Sign in with Apple’ hack Zero-day in Sign in with Apple Facebook security: Researcher scoops $31k bug bounty for flagging SSRF vulnerabilities | The Daily Swig Google launches CTF-style bug bounty challenge for Kubernetes | The Daily Swig Shadowserver, an Internet Guardian, Finds a Lifeline | WIRED DOD's third attempt to implement IPv6 isn't going well | ZDNet OpenSSH to deprecate SHA-1 logins due to security risk | ZDNet G Suite Marketplace primed for a privacy scandal, researchers warn | ZDNet (6) Christopher Glyer on Twitter: "Ewww - one of my favorite subjects. Just like we reported in 2016/2017 with Google - an attacker can create an Oauth app (an Azure app). Once user consents - the app can bypass MFA. Unless you have E5 license only choice is to either enable/disable ALL apps #FireEyeSummit https://t.co/8BsTnkiGPL" / Twitter Judge rules Capital One must hand over Mandiant's forensic data breach report Surprise Capital One court decision spells trouble for incident response - Risky Business