Risky Business #433 -- Mirai ain't going anywhere

Long refresh cycles on IoT mean we have a real problem...
27 Oct 2016 » Risky Business

On this week’s show we’re taking a look at the Great DDoSSening of 2016! Yep, we’ll be having a look at the attacks against Dyn, but perhaps more importantly we’ll be asking the question: With a zillion perma-owned things out there able to launch some pretty serious DDoS attacks: What now?

IoT device security specialist Stephen Ridley will join us in this week’s feature slot to discuss that.

This week’s sponsor interview is a cracker. We’ll be chatting with Cyalnce chief research officer Jon Miller about how the hell you’re supposed to benchmark AV these days. It’s actually trickier than you’d think, for reasons we’ll get into later. We also talk about managing false positives and hit on a few other topics in that one. Jon’s ex ISS X-Force, he’s been around the traps for a long time and really knows what he’s talking about. That’s a good interview… big thanks to Cylance for sponsoring this week’s show.

Adam Boileau is this week’s news guest. Links to everything are in this week’s show notes.

Oh, and do add Patrick and Adam on Twitter if that’s your thing.

Show notes

DDoS on Dyn Impacts Twitter, Spotify, Reddit — Krebs on Security
Dyn DDoS Work of Script Kiddies, Not Politically Motivated Hackers | Threatpost | The first stop for security news
Lawmakers Asking What ISPs Can Do About DDoS Attacks | Threatpost | The first stop for security news
Senator Prods Federal Agencies on IoT Mess — Krebs on Security
Should the FBI Hack Botnet Victims to Save the Internet? | Motherboard
How Vigilante Hackers Could Stop the Internet of Things Botnet | Motherboard
IoT Device Maker Vows Product Recall, Legal Action Against Western Accusers — Krebs on Security
How one rent-a-botnet army of cameras, DVRs caused Internet chaos | Ars Technica
Nuclear plants leak critical alerts in unencrypted pager messages | Ars Technica
Flaw in Intel chips could make malware attacks more potent | Ars Technica
Using Rowhammer bitflips to root Android phones is now a thing | Ars Technica
Android phones rooted by “most serious” Linux escalation bug ever | Ars Technica
This is not a drill: Hackers pop stock Nexus 6P in five minutes • The Register
Apple Patches iOS Flaw Exploitable by Malicious JPEG | Threatpost | The first stop for security news
837 - task_t considered harmful - many XNU EoPs - project-zero - Monorail
The Phone Hackers at Cellebrite Have Had Their Firmware Leaked Online | Motherboard
Every LTE call, text, can be intercepted, blacked out, hacker finds • The Register
iTWire - Census 2016: IBM blames Nextgen, Vocus for stuff-up
iTWire - Census 2016: Vocus lays blame on IBM employees
iTWire - Census 2016: Nextgen hits back at IBM claims
Census outage could have been prevented by turning router on and off again: IBM - ABC News (Australian Broadcasting Corporation)
Russia-linked phishing campaign behind the DNC breach also hit Podesta, Powell | Ars Technica
SurkovLeaks: Is Vladimir Putin aide's email hack payback for DNCLeak-Clinton exposure?
St. Jude Faces New Claim Heart Devices are Hackable | Threatpost | The first stop for security news
Yahoo Asks DNI to De-Classify Email Scanning Order | Threatpost | The first stop for security news
US Indicts Russian Hacker Allegedly Behind Dropbox, LinkedIn Breaches | Motherboard
Adobe Patches Flash Zero Day Under Attack | Threatpost | The first stop for security news
Senrio
Cylance | Advanced Threat Prevention Built on Artificial Intelligence