This episode sponsored by Senetas.This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:
- CYBERCOM doxing Russian operators. No, really.
- Arrest over Russian midterm info-op
- Bloomberg dumpster fire is now a tyre fire
- Equifax insider sentenced for insider trading
- Twitter releases bot dataset
- Saudi insider responsible for 2015 Twitter breach
- Trisis/Triton now linked to Russia
- Kaspersky doxes NSA op
- Risky Business cited by Senate Estimates, AA Bill faces possible delay
- Much, much more!
This week’s show is sponsored by Cylance, and this week’s sponsor interview is with Josh Lemos.
That’s an interesting chat – Cylance has succeeded in applying machine learning to classifying binaries, but what next? Where does it make sense to apply machine learning next, from their point of view? As you’ll hear, a binary classifier is one thing, but applying ML to something like endpoint detection and response or network traffic is actually a lot more complicated.
Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections - The New York Times
- Russian woman charged with attempted meddling in upcoming U.S. midterms
- Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story
- Amazon exec joins Apple in calling for a retraction of Bloomberg’s explosive microchip spying report | Business Insider
- Coats: ODNI has seen 'no evidence' of supply chain hack detailed in Bloomberg story
- Super Micro trashes Bloomberg chip hack story in recent customer letter | ZDNet
- Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading | ZDNet
- Twitter publishes dump of accounts tied to Russian, Iranian influence campaigns | Ars Technica
- A Twitter employee groomed by the Saudi government prompted 2015 state-sponsored hacking warning | TechCrunch
- FireEye links Russian research lab to Triton ICS malware attacks | ZDNet
- Kaspersky says it detected infections with DarkPulsar, alleged NSA malware | ZDNet
- Patrick ☠️SMBv1☠️ Gray on Twitter: "Risky Biz gets a shout out in senate estimates... 2018 is weird. https://t.co/Y25bukriKU… "
- Magecart group leverages zero-days in 20 Magento extensions | ZDNet
- WordPress team working on "wiping older versions from existence on the internet" | ZDNet
- Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack | ZDNet
- Hackers steal data of 75,000 users after Healthcare.gov FFE breach | ZDNet
- Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
- Vendors confirm products affected by libssh bug as PoC code pops up on GitHub | ZDNet
- Advertisers can track users across the Internet via TLS Session Resumption | ZDNet
- Open source web hosting software compromised with DDoS malware | ZDNet
- Legal and Constitutional Affairs Legislation Committee_2018_10_22_6688.pdf;fileType=application/pdf
- I forgot to talk about this in the show... this week's sponsor guest recommends people interested in machine learning check out the papers and slide decks here:
- CylanceOPTICS | Products | Cylance
