Risky Business Podcast

October 24, 2018

Risky Business #519 -- '90s IRC war between US and Russia intensifies

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

  • CYBERCOM doxing Russian operators. No, really.
  • Arrest over Russian midterm info-op
  • Bloomberg dumpster fire is now a tyre fire
  • Equifax insider sentenced for insider trading
  • Twitter releases bot dataset
  • Saudi insider responsible for 2015 Twitter breach
  • Trisis/Triton now linked to Russia
  • Kaspersky doxes NSA op
  • Risky Business cited by Senate Estimates, AA Bill faces possible delay
  • Much, much more!

This week’s show is sponsored by Cylance, and this week’s sponsor interview is with Josh Lemos.

That’s an interesting chat – Cylance has succeeded in applying machine learning to classifying binaries, but what next? Where does it make sense to apply machine learning next, from their point of view? As you’ll hear, a binary classifier is one thing, but applying ML to something like endpoint detection and response or network traffic is actually a lot more complicated.

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #519 -- '90s IRC war between US and Russia intensifies
0:00 / 0:00

Show notes

U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections - The New York Times

Russian woman charged with attempted meddling in upcoming U.S. midterms

Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story

Amazon exec joins Apple in calling for a retraction of Bloomberg’s explosive microchip spying report | Business Insider

Coats: ODNI has seen 'no evidence' of supply chain hack detailed in Bloomberg story

Super Micro trashes Bloomberg chip hack story in recent customer letter | ZDNet

Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading | ZDNet

Twitter publishes dump of accounts tied to Russian, Iranian influence campaigns | Ars Technica

A Twitter employee groomed by the Saudi government prompted 2015 state-sponsored hacking warning | TechCrunch

FireEye links Russian research lab to Triton ICS malware attacks | ZDNet

Kaspersky says it detected infections with DarkPulsar, alleged NSA malware | ZDNet

Patrick ☠️SMBv1☠️ Gray on Twitter: "Risky Biz gets a shout out in senate estimates... 2018 is weird. https://t.co/Y25bukriKU… "

Magecart group leverages zero-days in 20 Magento extensions | ZDNet

WordPress team working on "wiping older versions from existence on the internet" | ZDNet

Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack | ZDNet

Hackers steal data of 75,000 users after Healthcare.gov FFE breach | ZDNet

Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'

Vendors confirm products affected by libssh bug as PoC code pops up on GitHub | ZDNet

Advertisers can track users across the Internet via TLS Session Resumption | ZDNet

Open source web hosting software compromised with DDoS malware | ZDNet

Legal and Constitutional Affairs Legislation Committee_2018_10_22_6688.pdf;fileType=application/pdf

I forgot to talk about this in the show... this week's sponsor guest recommends people interested in machine learning check out the papers and slide decks here:

CylanceOPTICS | Products | Cylance