Risky Business #375 -- Ashley Madison, Jeep hacks drive news agenda

PLUS Dave Jorm talks Red Star OS...
23 Jul 2015 » Risky Business

In this week's feature interview we're chatting with Dave Jorm, our resident North Korea watcher. Some of you might remember Dave, he was on the show a couple of years ago talking about his OSINT satellite data analysis of North Korea and more recently he popped by to talk about software defined networking security.

Well, some recent analysis of North Korea's official Red Star OS has found it has a nasty habit -- it watermarks media files that users open with a unique ID. This will of course help the North Korean regime to track down the smugglers of digital media, whether that's activist material or South Korean soaps, which are most definitely verboten in the hermit kingdom.

This week's show is brought to you by Intralinks -- these guys do secure document exchange and storage. Intralinks very own Todd Partridge drops by to talk about how their customers are actually customising these types of document services.

Adam Boileau, as usual, joins the show to discuss the week's news headlines.

Don't forget you can now support the Risky Business page via our Patreon campaign.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

Online Cheating Site AshleyMadison Hacked - Krebs on Security
http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-ha...

Hackers Remotely Kill a Jeep on the Highway-With Me in It | WIRED
http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

Patch Your Chrysler Now Against a Wireless Hacking Attack | WIRED
http://www.wired.com/2015/07/patch-chrysler-vehicle-now-wireless-hacking...

Senate Bill Seeks Standards For Cars' Defenses From Hackers | WIRED
http://www.wired.com/2015/07/senate-bill-seeks-standards-cars-defenses-h...

Google Calls Proposed U.S. Wassenaar Rules 'Not Feasible' | Threatpost | The first stop for security news
https://threatpost.com/google-calls-proposed-u-s-wassenaar-rules-not-fea...

Hacking Team RCSAndroid Spying Tool Listens to Calls; Roots Devices to Get In
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-...

SSD Advisory - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution | SecuriTeam Blogs
https://blogs.securiteam.com/index.php/archives/2502

Hacking Team apparently violated EU rules in sale of spyware to Russian agency | Ars Technica
http://arstechnica.com/tech-policy/2015/07/hacking-teams-surveillance-so...

Hacking Team Says It Always Sold 'Strictly Within the Law' | Threatpost | The first stop for security news
https://threatpost.com/hacking-team-claims-it-always-sold-strictly-withi...

Netragard Shutters Controversial Exploit Acquisition Program | Threatpost | The first stop for security news
https://threatpost.com/netragard-shutters-controversial-exploit-acquisit...

Researcher angry after finding his code in Hacking Team malware | Ars Technica
http://arstechnica.com/security/2015/07/researcher-takes-umbrage-after-f...

Obama administration decides not to blame China publicly for OPM hack | Ars Technica
http://arstechnica.com/tech-policy/2015/07/obama-administration-decides-...

Four men reportedly arrested in connection to JPMorgan Chase hack | Ars Technica
http://arstechnica.com/tech-policy/2015/07/4-men-reportedly-arrested-in-...

UK man accused of hacking spree on US government is arrested (again) | Ars Technica
http://arstechnica.com/security/2015/07/uk-man-accused-of-hacking-spree-...

Experian Hit With Class Action Over ID Theft Service - Krebs on Security
http://krebsonsecurity.com/2015/07/experian-hit-with-class-action-over-i...

Hacking Team's evil Android app had code to bypass Google Play screening | Ars Technica
http://arstechnica.com/security/2015/07/hackingteams-evil-android-app-ha...

Dozens of phone apps with 300M downloads vulnerable to password cracking | Ars Technica
http://arstechnica.com/security/2015/07/dozens-of-phone-apps-with-300m-d...

New Campaign Targeting Japanese with Hacking Team Zero Day | Threatpost | The first stop for security news
https://threatpost.com/new-campaign-targeting-japanese-with-hackingteam-...

Free Tool Looks for HackingTeam Malware | Threatpost | The first stop for security news
https://threatpost.com/free-tool-looks-for-hackingteam-malware/113850

OpenDNS BGP Stream Twitter Feed | Threatpost | The first stop for security news
https://threatpost.com/bgp-security-alerts-coming-to-twitter/113843

Bug in widely used OpenSSH opens servers to password cracking | Ars Technica
http://arstechnica.com/security/2015/07/bug-in-widely-used-openssh-opens...

Google Patches 43 Bugs in Chrome | Threatpost | The first stop for security news
https://threatpost.com/google-patches-43-bugs-in-chrome/113892

Bug in latest version of OS X gives attackers unfettered root privileges | Ars Technica
http://arstechnica.com/security/2015/07/bug-in-latest-version-of-os-x-gi...

Microsoft Issues Critical, Out-of-Band Patch for All Versions of Windows | Threatpost | The first stop for security news
https://threatpost.com/microsoft-issues-critical-out-of-band-patch-for-a...

RedStar OS Watermarking - Insinuator
http://www.insinuator.net/2015/07/redstar-os-watermarking/

Secure Collaboration + Content Management | Intralinks
https://www.intralinks.com/