Risky Business Podcast

June 27, 2018

Risky Business #505 -- Sanger vs FireEye, Reality Winner cops a plea

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

No feature interview in this week’s show, we go long on news instead. Adam Boileau joins the podcast to talk through the week’s infosec news, including:

  • Confusion reigns in David Sanger vs FireEye spat
  • Reality Winner pleads guilty
  • PEXA property settlement platform users fleeced
  • US Supreme Court decides location info requires a warrant
  • The Apple unlock bug that wasn’t

This week’s show is brought to you by Thinkst Canary. Thinkst’s very own Marco Slaviero joins us in this week’s sponsor segment to talk about how some vendors are derping out when it comes to creating needlessly complicated “deception platforms”.

Links to everything are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Risky Business #505 -- Sanger vs FireEye, Reality Winner cops a plea
0:00 / 0:00

Show notes

FireEye denies 'hack back' claims detailed in new book

Kim Zetter on Twitter: "I wonder if Congress will hold a hearing to discuss the issue of a private US company taking on the role of the NSA to hack foreign military computers. This raises a lot of issues about potential national security blowback when a private company inserts itself in state matters. https://t.co/fBbyxMwjLZ"

Kim Zetter on Twitter: "Sanger's description of what he says Mandiant did vs. what Mandiant says it did. Sanger implies he saw videos of Chinese hackers wearing leather jackets and undershirts - that's not in video Mandiant published. Are there other videos? Did Sanger misinterpret? So many questions. https://t.co/q60mrH7IPg"

Former NSA contractor Reality Winner accepts guilty plea for leaking classified report

Supreme Court: Police Need Warrant for Mobile Location Data — Krebs on Security

Bail Bond Company Let Bounty Hunters Track Verizon, T-Mobile, Sprint, and AT&T Phones for $7.50 - Motherboard

PEXA account compromise sees family lose home sale funds - Security - iTnews

MasterChef: Dani Venn homeless after hackers steal $250K

Microsoft Forcing Multi-Factor Authentication on Azure AD Admin Accounts

Police officer guilty of assault, perverting the course of justice

Apple corrects the record on reported iPhone vulnerability

Cops May Unlock iPhones Without a Warrant to Beat Apple's New Security Feature - Motherboard

Firefox is adding 'Have I Been Pwned' alerts

VirusTotal launches Monitor tool to fight false positives - CyberScoop

New WPA3 Wi-Fi Standard Released

Lawmakers urge Google to end partnership with China's Huawei

‘Tick’ espionage group is likely trying to hop air gaps, researchers say

Bithumb, South Korea's largest cryptocurrency exchange, loses $30 million to hackers

Unpatched Flaw Disclosed in WordPress CMS Core

I discovered a browser bug - JakeArchibald.com

Project Zero: Detecting Kernel Memory Disclosure – Whitepaper

The $5 Million Surveillance Car That Hacks iPhones From 500 Meters

https://dcso.de

Canary — know when it matters