Risky Business #514 -- New NSO Group report released and another State Department email breach. Drink!

PLUS US telcos in bid to become a consumer auth broker...
19 Sep 2018 » Risky Business

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

  • Citizen Lab drops NSO Group report
  • “Weaponised Stuxnet” claims are idiotic
  • Another State Department email breach! Drink!
  • Dutch foil planned attack against Swiss Novichok lab
  • Mirai botnet authors working for FBI
  • US telcos want to be consumer auth brokers
  • US fails to extradite “Mr Bitcoin”
  • Much, much more

This week’s show is brought to you by Remediant. They make a just-in-time access solution for privileged account management (PAM), and we’re doing something a little different in this week’s sponsor interview.

Paul Lanzi of Remediant will be along, but so will Harry Perper of MITRE corporation. Harry’s pay-cheques say MITRE, but he’s been working on a NIST project. The National Cybersecurity Center of Excellence (NCCoE) at NIST has been working on a project to provide guidance on the secure usage and management of privileged accounts. The so-called 1800-18 document is a practical guide and reference architecture for privileged account management and we’ll talk to both Harry and Paul about that after the news.

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Cyber Sleuths Find Traces of Infamous iPhone and Android Spyware ‘Pegasus’ in 45 Countries - Motherboard
HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries - The Citizen Lab
iOS Security Guide iOS 12 September 2018
US military given more authority to launch preventative cyberattacks - CNNPolitics
People Are Recklessly Speculating That the Massachusetts Gas Explosions Were a Stuxnet-Related Hack - Motherboard
State Department email breach exposed employees' personal information - POLITICO
Novichok poisoning: Russians expelled from Switzerland
The Mirai Botnet Architects Are Now Fighting Crime With the FBI | WIRED
U.S. Mobile Giants Want to be Your Online Identity — Krebs on Security
Senior Google Scientist Resigns Over “Forfeiture of Our Values” in China
Google Plans to Launch Censored Search Engine in China, Leaked Documents Reveal
Google's prototype Chinese search engine links searches to phone numbers | Technology | The Guardian
Vijay Boyapati on Twitter: "When I worked at Google, as an engineer on Google News, I was asked to write code to censor news articles in China (circa 2006). I refused and they took me off the project and put someone else on it. Doesn't surprise me Google is back at it. "Don't be Evil" is a Google myth.… https://t.co/1geUCURHay"
US loses extradition battle with Russia for Bitcoin kingpin | ZDNet
US lawmakers introduce bill to fight cybersecurity workforce shortage | ZDNet
Ransomware attack blacks out screens at Bristol Airport | ZDNet
Security flaw can leak Intel ME encryption keys | ZDNet
Nasty piece of CSS code crashes and restarts iPhones | ZDNet
New cold boot attack affects 'nearly all modern computers' | ZDNet
Uproar after Adobe winds down Magento rewards-based bug bounty program | ZDNet
Jason Woosley on Twitter: "The demise of #BugBounty at @Magento has been greatly exaggerated. Yesterday we announced the transition of this program to the @Adobe @HackerOne system. We failed to mention that we will continue to pay out for this incredibly valuable work. Hack on!"
Proofpoint: One month out from deadline, half of agency domains are DMARC compliant
Cloudflare’s new ‘one-click’ DNSSEC setup will make it far more difficult to spoof websites | TechCrunch
Facebook pilots new political campaign security tools — just 50 days before Election Day | TechCrunch
Facebook Broadens Its Bug Bounty to Include Third-Party Apps | WIRED
Google remotely changed the settings on a bunch of phones running Android 9 Pie - The Verge
Zero day in popular video surveillance technology goes public, unpatched
Privileged Account Management | NCCoE