This episode sponsored by Fastly.You might have noticed North Korea’s been in the news over the last couple of days. Well, we’re sticking with the theme – we’ve got a great feature interview for you this week with Andrea Berger. She’s a senior research associate at the US-based James Martin Centre for Nonproliferation Studies and the co-host of the Arms Control Wonk podcast. This week she speaks with Risky Business contributor Hilary Louise about a report the centre did into North Korea’s IT industry.
Yep, they have one, and you’ll be surprised by its scope and reach. That’s this week’s feature interview.
This week’s sponsor interview is with Signal Sciences co-founder and CEO Andrew Peterson. Andrew was at a Gartner event in DC last week, and I grabbed some time with him to talk about what’s new in DevSecOps, how people are applying various DevSecOps tools, and what the general awareness of good DevSecOps practices is out there. Andrew’s prior career was in development, not security. He and Zane Lackey worked together at Etsy and Signal Sciences was very much inspired by the work they both did there. Andrew says analysts are starting to understand that web application security isn’t something you drop on to a network in an appliance and things are actually changing.
Mark “Pipes” Piper is this week’s news guest. All the show links are below and you can follow Patrick, Pipes or Hilary, if that floats your boat.
Show notes
- Founder of Cybersecurity Company Says His Firm Was Sanctioned Because He was Born in Russia - Motherboard
- Treasury Sanctions Russian Federal Security Service Enablers | U.S. Department of the Treasury
- Republican senators move to block Trump’s deal to revive ZTE | Ars Technica
- WannaCry Hero Marcus Hutchins' New Legal Woes Spell Trouble for White Hat Hackers | WIRED
- Cisco's Talos Intelligence Group Blog: VPNFilter Update - VPNFilter exploits endpoints, targets new devices
- Top U.S. counterintelligence official: Kaspersky's move to Switzerland doesn't matter
- Chinese hackers stole sensitive U.S. Navy submarine plans from contractor
- China ramps up hacking of U.S. high-tech companies | McClatchy Washington Bureau
- Flash zero-day shows up in Qatar amid geopolitical struggles
- NDAA pushes U.S. Cyber Command to be more aggressive
- Senator hopes to draw red line discouraging election cyberattacks
- Congress wants to prevent states from weakening encryption
- FBI announces arrest of 74 email fraudsters on three continents
- For almost 11 years, hackers could easily bypass 3rd-party macOS signature checks | Ars Technica
- I can be Apple, and so can you | Okta
- This app in Google Play wants to use phone mics to enforce copyrights | Ars Technica
- In a blow to e-voting critics, Brazil suspends use of all paper ballots | Ars Technica
- Some Signal Disappearing Messages Are Not Disappearing - Motherboard
- US Government Probes Airplane Vulnerabilities, Says Airline Hack Is ‘Only a Matter of Time’ - Motherboard
- Hackers Crashed a Bank’s Computers While Attempting a SWIFT Hack
- Apple just banned cryptocurrency mining on iOS devices | Ars Technica
- Ethereum "Giveaway" Scammers Have Tricked People Out of $4.3 Million
- Around 5% of All Monero Currently in Circulation Has Been Mined Using Malware
- Trik Spam Botnet Leaks 43 Million Email Addresses
- DPRK's Shadow Sector report
