Risky Business #446 -- CIA tools doxed, plus osquery with Mike Arpaia

And all the other news!
08 Mar 2017 » Risky Business

On this week’s news we put Wikileaks’ latest dumps under the microscope and offer a few theories on what’s really going on.

We also have a chat with Mike Arpaia, the creator of osquery. osquery is host-based instrumentation software put together by Mike and his team when they worked at Facebook. It’s open source these days and now Mike is trying to get it adopted.

This week’s show is brought to you by Cyberark! And we’ll be chatting with Cyberark’s Chief Architect Gerrit Lansing. Cyberark makes software that manages privileged accounts, and we’ll be talking to Gerrit about privileged account management automation in this week’s sponsor interview.

Adam Boileau is along to discuss the week’s news.

Links to items discussed in this week’s show have moved – they’re now included in this post, below.

Oh, and do add Patrick, or Adam on Twitter if that’s your thing.

Show notes

Trump's Claims That Feds Wiretapped Trump Tower Could Backfire Bigly | WIRED
Wikileaks Just Dumped a Cache of Information on Alleged CIA Hacking Tools - Motherboard
WikiLeaks publishes docs from what it says is trove of CIA hacking tools | Ars Technica
The WikiLeaks CIA Dump Shows Hacking Secrets of Spies | WIRED
WikiLeaks: CIA Uses 'Stolen' Malware to 'Attribute' Cyberattacks to Nations Like Russia - Breitbart
The CIA Allegedly 'Borrows' Code From Public Malware Samples - Motherboard
Trump Inherits a Secret Cyberwar Against North Korean Missiles - The New York Times
DOJ Dismisses Playpen Case to Keep Tor Hack Private | Threatpost | The first stop for security news
The Fed-Proof Online Market OpenBazaar Is Going Anonymous | WIRED
Dark Web Market AlphaBay Staff to Alleged Extortionist: Don't Dox Us, Here's Some Money - Motherboard
Users Say They'll Pay for Vanished Dark Web Email Service 'Sigaint' to Return - Motherboard
Spammer’s Leaky Backup Exposes Massive Empire | Threatpost | The first stop for security news
1.37 Billion Records Exposed by Spammers - Update
Mike Pence used an AOL e-mail account for state business and it got hacked | Ars Technica
Yahoo cookie hacks affected 32 million accounts, CEO foregoes bonus | Ars Technica
Active Defense Bill Raises Concerns Of Potential Consequences | Threatpost | The first stop for security news
Google's E2Email Gmail Encryption Looks a Lot Like Vaporware | WIRED
Google's Perspective API Opens Up Its Troll-Fighting AI | WIRED
Payments Giant Verifone Investigating Breach — Krebs on Security
This hard drive will self destruct. Data-wiping malware targets Europe | Ars Technica
Vendors respond to Cylance's new testing methods with AV-TEST | CSO Online
Cisco Warns of High Severity Bug in NetFlow Appliance | Threatpost | The first stop for security news
Researchers uncover PowerShell Trojan that uses DNS queries to get its orders | Ars Technica
132 Google Play apps tried to infect Android users with… Windows malware | Ars Technica
Howard Schmidt's Legacy of Service Remembered | Threatpost | The first stop for security news
Kolide - Black Box Security. Unboxed.
CyberArk | Security for the Heart of the Enterprise