Risky Business #437 -- The news, plus "this year in cyber" with Adam Boileau

The last episode for 2016. Back on January 12, 2017!
24 Nov 2016 » Risky Business

This is the last episode for the year – the last episode of the 10th season! On this week’s show Adam and I will discuss the week’s news and then we’re going to reflect on the major events in 2016; the stuff that stuck out for us. I don’t think it’ll come as a surprise that the cyber intrigue surrounding the 2016 US presidential election is what peaked our interest this year.

This week’s show is brought to you by Canary.Tools. Canaries are of course those awesome little honeypots you can deploy on your network for excellent signalling. They will tell you if you have an attacker on your network, they’re cost effective and really nicely designed.

Canary’s very own Marco Slaviero will be along a bit later to talk through a recent Tweetstorm that centred on honeypots, as well as to preview Canary’s next release. In a few weeks you will be able to buy a purpose-built ICS honeypot, as well as one that mimics a code repository, so if you work with ICS gear or for a dev shop, you’ll really want to tune in to that one.


Links to everything are in this week’s show notes.

Oh, and do add Patrick and Adam on Twitter if that’s your thing.

Show notes

Experts Urge Hillary Clinton to Challenge Election Results
Want to Know if the Election was Hacked? Look at the Ballots – Medium
Be very skeptical of stolen election claims - Vox
Hacked Or Not, Audit This Election (And All the Rest) | WIRED
The UK is about to wield unprecedented surveillance powers — here’s what it means - The Verge
Hackers Sell $7,500 IoT Cannon To Bring Down The Web Again
Tokyo cops nab yakuza executive in ATM heist | The Tokyo Reporter
Hackers Are Using MailChimp to Spread Malware | Motherboard
Office Depot caught claiming out-of-box PCs showed “symptoms of malware” | Ars Technica
Powerful backdoor/rootkit found preinstalled on 3 million Android phones | Ars Technica
Tor phone is antidote to Google “hostility” over Android, says developer | Ars Technica
Symantec buys anti-ID fraud firm LifeLock for $2.3 billion | Ars Technica
IRS Demands Identities of All US Coinbase Traders Over Three Year Period | Motherboard
Hackers Claim Theft of Data from Gorilla Glue | Motherboard
Ex Israeli Government Hacker Says Spying on Palestinians Was Too Easy | Motherboard
Great. Now Even Your Headphones Can Spy on You | WIRED
DoD Publishes Vulnerability Disclosure Policy | Threatpost | The first stop for security news
Uber Portal Leaked Names, Phone Numbers, Email Addresses, Unique Identifiers | Threatpost | The first stop for security news
Microsoft Cutting Off SHA-1 Support in February for Edge, IE 11 | Threatpost | The first stop for security news
Exploit Code Released for NTP Vulnerability | Threatpost | The first stop for security news
Elegant 0-day unicorn underscores “serious concerns” about Linux security | Ars Technica
Drupal Fixes 'Moderately Critical' Vulnerabilities in Core Engine | Threatpost | The first stop for security news
Hacking 27% of the Web via WordPress Auto-Update - Wordfence
Paul Krugman on Twitter: "A number of liberal writers, me included, seem to have gotten this notice yesterday. https://t.co/OROGP1qbDF"
After US election, Russia feared influencing French vote, corroding Western values
Ukraine election narrowly avoided 'wanton destruction' from hackers (+video) - CSMonitor.com
Canary — know when it matters