Risky Business Podcast

October 03, 2018

Risky Business #516 -- The Facebook breach, e2e VOIP court verdict, Uber's record fine and more

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

  • Facebook breach impacts 50m accounts
  • US courts deny authorities’ attempted FB messenger wiretap
  • Uber fined $148m for nondisclosure of 2016 breach
  • Fancy Bear-linked UEFI malware appears in wild
  • UK Conservative party conference app leaks like sieve
  • Twitter bans distribution of “hacked material”
  • VPNFilter botnet gets more capabilities
  • Duo arrested over $14m cryptocurrency SIM-swap heist
  • MOAR

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #516 -- The Facebook breach, e2e VOIP court verdict, Uber's record fine and more
0:00 / 55:15

Show notes

50 million Facebook accounts breached by access-token-harvesting attack | Ars Technica

Facebook says it detected security breach after traffic spike | ZDNet

Facebook sued hours after announcing security breach | ZDNet

Facebook finds ‘no evidence’ hackers accessed connected apps | TechCrunch

Exclusive: In test case, U.S. fails to force Facebook to wiretap Messenger calls - sources | Reuters

Uber to pay $148 million to states for 2016 data breach - CyberScoop

First UEFI malware discovered in wild is laptop security software hijacked by Russians | Ars Technica

Report: Zoho's domain regularly exploited to move keylogger data

UK Conservative Party conference app leaks MPs' personal details | ZDNet

Twitter bans distribution of hacked materials ahead of US midterm elections | ZDNet

Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: VPNFilter III: More Tools for the Swiss Army Knife of Malware

Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks | ZDNet

2 men arrested in Oklahoma, suspected in $14 million cryptocurrency theft, hacking of California company | KFOR.com

Hackers Are Holding High Profile Instagram Accounts Hostage - Motherboard

Feds Force Suspect To Unlock An Apple iPhone X With Their Face

U.S. looks to restart talks on global cyber norms

Canadian restaurant chain suffers country-wide outage after malware outbreak | ZDNet

Port of San Diego suffers cyber-attack, second port in a week after Barcelona | ZDNet

Some Apple laptops shipped with Intel chips in "manufacturing mode" | ZDNet

Google to no longer allow Chrome extensions that use obfuscated code | ZDNet

Phishing campaign targets developers of Chrome extensions | ZDNet

US sentences to prison its first ATM jackpotter | ZDNet

FBI solves mystery surrounding 15-year-old Fruitfly Mac malware | ZDNet

Hackers Can Stealthily Avoid Traps Set to Defend Amazon's Cloud | WIRED

Alphabet launches VirusTotal Enterprise | ZDNet

Researchers find vulnerability in Apple's MDM DEP process | ZDNet

HD Moore on Twitter: "Estimate how old a device is based on it's MAC address with mac-ages.csv: https://t.co/GaMSvWDdAP (a huge thanks to @jedimercer for https://t.co/UaVcqxc1m4)… https://t.co/Vnm85fnM5s"

Adobe Releases Security Updates for Acrobat that Fix 86 Vulnerabilities

Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities

(PDF) Weaponizing the haters: The Last Jedi and the strategic politicization of pop culture through social media manipulation.

Gigamon Insight | Gigamon