Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• DPRK offers free 0day to researchers, with a pretty significant catch
• SonicWall gets owned because it runs SonicWall gear. Big mistake.
• Chinese trains didn’t stop running because Flash died :(
• Dominion to sue Rudy Giuliani for $1.3bn over insecurity claims
• The sudo bug. Lol.

This week’s show is brought to you by Cmd Security, the Linux security company. Its focus has traditionally been on restricting the type of bash commands users can enter. It’s like a control plane for Linux systems. But some of its customers manage their Linux endpoints through different, non-bash entry points. So they’ve added some features to their product to deal with that, which has also resulted in them having an IDR capability. It’s all pretty sensible stuff though, and Cmd co-founder and CEO Jake King will be along to talk us through all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes New campaign targeting security researchers Fake Twitter personas, bogus blog delivered North Korea-linked malware to researchers As Adobe Flash stops running, so do some railroads in China ｜ Apple Daily Flash Is Dead—but Not Gone | WIRED South African government releases its own browser just to re-enable Flash support | ZDNet SonicWall says it was hacked using zero-days in its own products | ZDNet Former LulzSec Hacker Releases VPN Exploit Used to Hack Hacking Team Ransomware hackers launder bitcoin through just a handful of locations, researchers find No decisions yet on any changes to TikTok or Huawei cases, White House says Dominion files $1.3 billion defamation suit against Giuliani over election security claims FBI tracking cell phones, Capitol riots | wusa9.com Technologists Use Facial Recognition on Parler Videos DIA uses purchased phone location data without warrants Biden Orders Sweeping Assessment of Russian Hacking, Even While Renewing Nuclear Treaty - The New York Times FSB warns of US cyberattacks after Biden administration comments | ZDNet Cyber ‘Deterrence’: A Brexit Analogy - Lawfare Hacker leaks data of 2.28 million dating site users | ZDNet Intel says financial graphic was 'hacked,' forcing early release of 2020 report Reuters accused of hack attack | ZDNet DDoSers are abusing Microsoft RDP to make attacks more powerful | Ars Technica Apple fixes another three iOS zero-days exploited in the wild | ZDNet Hackers actively scanning for vulnerable SAP systems after exploit gets dropped on GitHub | The Daily Swig MrbMiner crypto-mining operation linked to Iranian software firm | ZDNet Details of YouTube viewing history exposure bug made public | The Daily Swig TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks | Threatpost Bot Lets Hackers Easily Look Up Facebook Users' Phone Numbers Australian orgs exposed to Accellion vulnerability CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog A deeper dive into our May 2019 security incident - Stack Overflow Blog