Risky Business #486 -- Locking down AWS permissions with RepoKid

Plus all the week's security news...
07 Feb 2018 » Risky Business

On this week’s show we’re chatting with Travis McPeak at Netflix about a tool they’ve developed called RepoKid. It automatically strips unused AWS permissions, which I’m guessing a lot of you will find quite useful.

We’ll also chat with Dan Kuykendall in this week’s sponsor interview. Dan works for Rapid7, and they’ve been doing some interesting stuff with their agents, basically tweaking them to give better visibility of application security issues and exploitation attempts. T

hat conversation is really about how security firms these days are using the agent footprint they have to just do whatever they can.

Adam Boileau, as always, pops in to discuss the week’s news. We cover the:

  • AutoSploit arm waving
  • Lauri Love beating extradition
  • Nik Cubrilovic’s arrest
  • MOAR

The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

Threat or menace? “Autosploit” tool sparks fears of empowered “script kiddies” | Ars Technica
Rob Joyce on Twitter: "Releasing AutoSploit, making mass exploitation even easier, was irresponsible. My friends at the FBI remind us all that while exploitation is easier, it is not any less illegal. #scriptkiddiesbeware"
Lauri Love case: Hacking suspect wins extradition appeal - BBC News
Young criminal hackers get assigned jobs at Dutch ICT firms | NL Times
Julian Assange loses challenge to UK arrest warrant, court to rule on new bid next week - ABC News (Australian Broadcasting Corporation)
Alleged Spam Kingpin ‘Severa’ Extradited to US — Krebs on Security
Georgia SB 315 (The Computer Intrusion Bill)
TechCrunch alumni arrested over alleged hacking of car sharing company - SiliconANGLE
Trump administration wants larger role in shaping international data laws
CLOUD Act Would Erode Trust in Privacy of Cloud Storage | Center for Democracy & Technology
Experts push back on Trump administration's call to respond to cyberattacks with nukes
Data Security and Bug Bounty Programs: Lessons Learned from the Uber Breach and Security Researchers - Hearings - U.S. Senate Committee On Commerce, Science, & Transportation
Nicole Perlroth on Twitter: "Wow this Commerce Committee hearing on Uber payment is going off the rails. Blumenthal accusing Uber of aiding and abetting extortion, and a cover up. Flynn, "I agree... This is not the way we are going to do these things moving forward." Calls it "multilevel data intrusion.""
Berkshire Hathaway’s Business Wire Suffers Cyberattack - WSJ
Credit card ban, regulator scrutiny latest challenges for bitcoin
Seoul claims North Korea stole millions worth of cryptocurrency from domestic exchanges
DHS won't reverse ban on Kaspersky products, court docs show
Apple, Cisco team up with cyber insurers for policy discounts
Oh, banks have cameras? Two men arrested for ATM jackpotting scheme must've forgot
Telegram iOS app removed from App Store last week due to child pornography | Ars Technica
Hacking Team Is Still Alive Thanks to a Mysterious Investor From Saudi Arabia - Motherboard
T-Mobile Is Sending a Mass Text Warning of ‘Industry-Wide’ Phone Hijacking Scam - Motherboard
NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000
Covert Data Channel in TLS Dodges Network Perimeter Protection | Threatpost | The first stop for security news
An Adobe Flash 0day is being actively exploited in the wild | Ars Technica
In just 24 hours, 5,000 Android devices are conscripted into mining botnet | Ars Technica
Bug in Grammarly browser extension exposes virtually everything a user ever writes
Cisco investigation reveals ASA vulnerability is worse than originally thought
Matthew Olney on Twitter: "Hey guys, I know you're excited about CVE-2018-0101 (Cisco ASA SSL VPN RCE), but even if you don't have a service contract you can obtain the update from TAC. DO NOT download and install images from anyone but Cisco. (We appreciate the help, we really do...but...just....don't)"
Cyber Operations Tracker | Council on Foreign Relations Interactives
Atlassian Security Engineering Team Lead | SmartRecruiters
Atlassian Sr. Manager of Global Security Engineering | SmartRecruiters