Risky Business #472 -- Iran DDoSed banks in 2012, US DoSed DPRK

Geopolitics looks like an IRC war from 1998...
04 Oct 2017 » Risky Business

There is no feature interview in this week’s show – it was a long weekend here in Australia plus a few things came up. But we’ve got a great show for you anyway. We’ll be discussing the week’s news headlines with Adam Boileau who’s back on deck after a short break, and then we’ll get straight into this week’s sponsor interview with Lee Weiner of Rapid7.

He’s the Chief Product Officer there and he’s joining us this week to explain why so many vendors are suddenly so obsessed with automation and orchestration. It’s a trend that actually makes a bunch of sense for a bunch of reasons, but the key is 100% going to be in the execution.

Links to everything are below.

Oh, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Clapper: U.S. shelved 'hack backs' due to counterattack fears
Trump signed presidential directive ordering actions to pressure North Korea - The Washington Post
As US launches DDoS attacks, N. Korea gets more bandwidth—from Russia | Ars Technica
6 Fresh Horrors From Equifax CEO Richard Smith's Congressional Hearing | WIRED
Joseph Cox on Twitter: "Former Equifax CEO says company scans failed to identify system that was vuln to Struts bug https://t.co/SMWTVgiOsz https://t.co/SnYLamAqlG"
The Equifax Hack Has the Hallmarks of State-Sponsored Pros - Bloomberg
Certification Revocation List – GeoTrust
Facebook says 10 million U.S. users saw Russia-linked ads
Russian Facebook ads featured anti-immigrant messages, puppies, women with rifles | Ars Technica
Google admits citing 4chan to spread fake Vegas shooter news | Ars Technica
After the Las Vegas Mass Shooting, Watch Out For Hoaxes and Bad Info | WIRED
SEC.gov | SEC Announces Enforcement Initiatives to Combat Cyber-Based Threats and Protect Retail Investors
White House wants to end Social Security numbers as a national ID | Ars Technica
Every Yahoo account that existed—all 3 billion—was compromised in 2013 hack | Ars Technica
Whole Foods Market Payment Card Investigation Notification - Whole Foods Market Newsroom
ICANN Postpones Scheduled DNS Crypto Key Rollover | Threatpost | The first stop for security news
Breaking DKIM - on Purpose and by Chance
Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have - Motherboard
Understanding the prevalence of web traffic interception
Code-execution flaws threaten users of routers, Linux, and other OSes | Ars Technica
Three WordPress Plugin Zero-Days Exploited in the Wild
Net Neutrality Activists Targeted by Clever Pornhub-Themed Phishing Campaign
Security Failure: EpiPen’s Database Of Everyone W... | ClickHole