Risky Business Podcast
April 19, 2017
Risky Business #451 -- Shadowbrokers nothingburger edition
Presented by
CEO and Publisher
Technology Editor
On this week’s show we talk about the latest Shadowbrokers shenanigans with Adam, as well as all the other major security news of the last couple of weeks.
After that we’ll be chatting with Adam’s colleague at Insomnia Security, Pipes, about the interesting aspects to the dump – what did it teach us about how NSA rolls? Well quite a lot, as it turns out. And yeah, the N0day bugs aren’t the interesting bit.
This week’s show is sponsored by Tenable Network Security. This week Tenable’s VP of federal, Darron Makrokanis, will be along to talk about how to speed up federal government adoption of new tech – what’s the best way for that to happen? That’s this week’s sponsor interview!
Links to items discussed in this week’s show have moved – they’re now included in this post, below.
Oh, and do add Patrick, or Adam on Twitter if that’s your thing.
Brought to you by Tenable Security
Comprehensive Cybersecurity and Exposure Management
Show notes
NSA-leaking Shadow Brokers just dumped its most damaging release yet | Ars Technica
In slap at Trump, Shadow Brokers release NSA EquationGroup files | Ars Technica
Alleged NSA Victim Denies Hackers Ever Broke In - Motherboard
Mysterious Microsoft patch killed 0-days released by NSA-leaking Shadow Brokers | Ars Technica
We Can Calm Down: Microsoft Already Patched Most of the Shadow Brokers Exploits - Motherboard
The New Shadow Brokers Leak Connects the NSA to the Stuxnet Cyber Weapon Used on Iran - Motherboard
Newly Leaked Hacking Tools Were Worth $2 Million on the Gray Market - Motherboard
WikiLeaks just dropped the CIA’s secret how-to for infecting Windows | Ars Technica
Found in the wild: Vault7 hacking tools WikiLeaks says come from CIA | Ars Technica
Researchers find China tried infiltrating companies lobbying Trump on trade | Ars Technica
Brexit: foreign states may have interfered in vote, report says | Politics | The Guardian
North Korea: Can the US take out its missiles before launch? - CNN.com
Feds deliver fatal blow to botnet that menaced world for 7 years | Ars Technica
Rash of in-the-wild attacks permanently destroys poorly secured IoT devices | Ars Technica
New processors are now blocked from receiving updates on old Windows | Ars Technica
Microsoft Word 0-day was actively exploited by strange bedfellows | Ars Technica
Why Did Microsoft Wait Six Months To Patch a Critical Word Zero-Day? - Motherboard
Microsoft Word 0-day used to push dangerous Dridex malware on millions | Ars Technica
Critical Word 0-day is only 1 of 3 Microsoft bugs under attack | Ars Technica
Breaking Signal: A Six-Month Journey | Threatpost | The first stop for security news
F8 2017: Facebook's Delegated Recovery Will Make It Easier to Get Back Into Locked Accounts | WIRED
Charlie Miller on Why Self-Driving Cars Are So Hard to Secure From Hackers | WIRED
Meet PINLogger, the drive-by exploit that steals smartphone PINs | Ars Technica
Fake News at Work in Spam Kingpin’s Arrest? — Krebs on Security
Self-Proclaimed ‘Nuclear Bot’ Author Weighs U.S. Job Offer — Krebs on Security
Purdue CERIAS Researchers Find Vulnerability in Google Protocol - CERIAS - Purdue University