Risky Business #495 -- Russian Internet users are having a bad time

Mark "Pipes" Piper joins Risky Business to talk news...
18 Apr 2018 » Risky Business

We’re still running in a trimmed down format this week, sorry about that. Regular listeners would know we’ve been dealing with some unexpected stuff over here in the house of Business, but the good news is things have settled down and we’re actually back home after more than three weeks away. Things are looking good for a return to a full format show either next week or the week after.

But don’t worry, there’s plenty of good stuff in this week’s news segment with Mark Piper, including:

  • Russia blocking 15m cloud service IPs to shut down Telegram
  • RU router hax: Are they a big deal?
  • FBI’s “going dark” narrative questioned
  • Rob Joyce departs White House
  • ZTE in all sorts of trouble

This week’s show is brought to you by Cylance. Jim Walter of Cylance will be along in this week’s sponsor interview to talk about a couple of things – we’ll be looking at “fileless” malware – for what it’s worth it’s a term that we both hate – and we’ll also be talking about how complete amateurs are now able to run reasonably sophisticated malware campaigns these days thanks to the badware for hire business getting even more slick.

The show notes/links are below, and you can follow Pipes or Patrick on Twitter if that’s your thing.

Show notes

In effort to shut down Telegram, Russia blocks Amazon, Google network addresses | Ars Technica
Anatoly Rosencrantz on Twitter: "over night russian authorities are blocking about 2 000 000 IPs of Amazon and Google. Everyone thought it’s a mistake, until RKN head Zharov confirmed it is not. Tactics: to force Google and Amazon push Telegram out of their clouds by blocking basically whole cloud for Russia… https://t.co/8bZOtMENbp"
US, UK Accuse Russia of Hacking Home Routers and ISPs to Conduct MitM Attacks
Lawmakers Call FBI's 'Going Dark' Narrative 'Highly Questionable' After Motherboard Shows Cops Can Easily Hack iPhones - Motherboard
Congress wants answers on FBI's 'going dark' problem in wake of DOJ IG report
Cybersecurity adviser Rob Joyce to leave White House, return to NSA
Bolton will lead charge to replace cybersecurity coordinator, DHS secretary says
Rob Joyce on Twitter: "EU's GDPR is going to undercut a key tool for identifying malicious domains on the internet. WHOIS database will be noncompliant, or have to purge the data that makes it useful to find bad actors. @briankrebs is spot on. Cyber criminals are celebrating GDPR.… https://t.co/FfYHhERdTY"
Update: Zuckerberg Said He ‘Misspoke’ About Alerting Campaigns to Russian Hacking Attempts - Motherboard
Deleted Facebook Cybercrime Groups Had 300,000 Members — Krebs on Security
Intel to Allow Antivirus Engines to Use Integrated GPUs for Malware Scanning
Chinese Mobile Device Maker ZTE Banned From Buying U.S. Goods
Hamas-linked spyware targeting Palestinians removed from Google Play store
FTC: "Warranty Void If Removed" Stickers Are Illegal
Barclays Bank plc - ASA | CAP
NIST releases updated cybersecurity framework
Researchers Rickrolled Emergency Alert Sirens in Proof-of-Concept Hack - Motherboard
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code
Yubico Delivers Passwordless Login for Enterprise Authentication on Windows 10 Devices | Yubico
The Teens Who Hacked Microsoft's Xbox Empire—And Went Too Far | WIRED
Senior Manager of Research and Development: Careers | Duo Security
Welcome to Mars
Cylance | Artificial Intelligence Based Advanced Threat Prevention