Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Russia, China, Iran having a red hot go at US political orgs
• Crowdstrike drops report, telcos having a bad time
• MSS owning US government with dumb bugs
• DoJ indicts Iranian script kiddie because reasons
• Proposed TikTok-Oracle deal barely makes sense
• The mother of all Microsoft auth bugs, wow
• Much, much more…

This week’s show is brought to you by Senetas. And we’ve got two sponsor guests for you this week: Senetas CTO Julian Fay will join us, as will Peter Farrely of AUCloud. Senetas uses AUCloud as a partner for its Suredrop file sharing and collaboration platform here in Oz, and Pete is joining us this week to talk through the new Cloud Assessment and Authorisation Framework published by the ACSC. If you work in Australian government IT and security, this one’s for you!

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Exclusive: Microsoft believes Russians that hacked Clinton targeted Biden campaign firm - sources | Reuters GRU eyes US election - Risky Business STRONTIUM: Detecting new patterns in credential harvesting - Microsoft Security Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says Report2020OverWatchNowheretoHide.pdf New CDRThief malware targets VoIP softswitches to steal call detail records | ZDNet VOS3000 VOS5000 Softswitch by Linknat - A Word-leading VoIP Solutions Provider Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says (8) Eric Geller on Twitter: "DOJ to announce Chinese hacking charges (and arrests!) tomorrow. https://t.co/Wj7KSq9BNd" / Twitter PAN-OS vulnerabilities add to a torrid year for enterprise software bugs Public disclosure didn't stop suspected Chinese hackers from targeting the Vatican Trump says Oracle ' very close' to TikTok deal Huawei HarmonyOS: Operating system will be on smartphones in 2021 US charges two hackers for defacing US websites following Soleimani killing | ZDNet FBI says credential stuffing attacks are behind some recent bank hacks | ZDNet Magento online stores hacked in largest campaign to date | ZDNet Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident [Blog] Zerologon: instantly become domain admin by subverting Netlogon cryptography (CVE-2020-1472) New BlindSide attack uses speculative execution to bypass ASLR | ZDNet BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys | ZDNet Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw | ZDNet MITRE releases emulation plan for FIN6 hacking group, more to follow | ZDNet Internal Facebook systems exposed via unpatched Apache library | The Daily Swig Porn site users targeted with malicious ads redirecting to exploit kits, malware | ZDNet Researcher kept a major Bitcoin bug secret for two years to prevent attacks | ZDNet Vast majority of cyber-attacks on cloud servers aim to mine cryptocurrency | ZDNet Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack | ZDNet Chinese diplomat demands investigation after his Twitter account liked embarrassing posts Whistleblower Says Facebook Ignored Global Political Manipulation When you browse Instagram and find former Australian Prime Minister Tony Abbott's passport number Anatomy of a Cloud Assessment and Authorisation | Cyber.gov.au