Risky Business #477 -- US mulls charges against Russian officials involved in DNC hack

Bumper news week on Risky.Biz...
08 Nov 2017 » Risky Business

There’s no feature interview in this week’s edition, just a slightly longer news session with Adam Boileau, then it’s straight into this week’s sponsor interview.

Adam and I will be speaking about:

  • Charges against Russian officials involved in the DNC hack
  • Confirmation of Russian involvement in Ukraine artillery targeting app
  • Attribution claims in Bad Rabbit campaign
  • “Hack Back” bill is picking up steam
  • 1 million installations of counterfeit WhatsApp clone
  • A properly awful Tor browser bug
  • The cryptocurrency comedies/tragedies of the week
  • MOAR

Marco Slaviero is this week’s sponsor guest. He’ll be along with a radical marketing approach: He’ll be telling us what Canaries can’t do! But you know what? It’s a useful thought exercise. He’ll also update us on the latest stuff they’re doing in the cloud. They’ve got some new VMWare virtual canaries too.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

US could charge six Russian officials over DNC email hacking
Russia hackers had targets worldwide, beyond US election - The Washington Post
Tracing Fancy Bear’s paw prints – Raphael – Medium
The GRU-Ukraine Artillery Hack That May Never Have Happened
How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts - Motherboard
Ukraine blames infamous Russian hackers for 'BadRabbit' ransomware attack
Chinese hackers starting to return focus to U.S. corporations
'Hack back' bill gains 7 new co-sponsors
Ex-NSA Director Says Companies Should Never Hack Back Because They Could Start Wars - Motherboard
How Level 3's Tiny Error Shut Off the Internet for Parts of the US | WIRED
More Than 1 Million People Downloaded a Fake WhatsApp Android App - Motherboard
Beating the iPhone X Face ID Is Hard. We Know, Because We Tried | WIRED
Flaw crippling millions of crypto keys is worse than first disclosed | Ars Technica
Critical Tor flaw leaks users’ real IP address—update now | Ars Technica
Stuxnet-style code signing is more widespread than anyone thought | Ars Technica
SEC warns that celebrity cryptocurrency endorsements may be illegal | Ars Technica
Dan Guido on Twitter: "Parity likely did not think of their wallet as a classic contract. Their code is in a library, and they delegatecall to execute it directly."
One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week - Motherboard
More than two years after historic breach, OPM continues to struggle with cybersecurity
Texas Shooter's Phone Encrypted | Threatpost | The first stop for security news
Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own | Threatpost | The first stop for security news
Patrick Gray on Twitter: "Oh my fucking god. https://t.co/oyyXcDQ5ie"