Risky Business #519 -- '90s IRC war between US and Russia intensifies

This is serious. If Russia doesn't stop it, someone's mother will get a phone call!
24 Oct 2018 » Risky Business

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

  • CYBERCOM doxing Russian operators. No, really.
  • Arrest over Russian midterm info-op
  • Bloomberg dumpster fire is now a tyre fire
  • Equifax insider sentenced for insider trading
  • Twitter releases bot dataset
  • Saudi insider responsible for 2015 Twitter breach
  • Trisis/Triton now linked to Russia
  • Kaspersky doxes NSA op
  • Risky Business cited by Senate Estimates, AA Bill faces possible delay
  • Much, much more!

This week’s show is sponsored by Cylance, and this week’s sponsor interview is with Josh Lemos.

That’s an interesting chat – Cylance has succeeded in applying machine learning to classifying binaries, but what next? Where does it make sense to apply machine learning next, from their point of view? As you’ll hear, a binary classifier is one thing, but applying ML to something like endpoint detection and response or network traffic is actually a lot more complicated.

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections - The New York Times
Russian woman charged with attempted meddling in upcoming U.S. midterms
Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story
Amazon exec joins Apple in calling for a retraction of Bloomberg’s explosive microchip spying report | Business Insider
Coats: ODNI has seen 'no evidence' of supply chain hack detailed in Bloomberg story
Super Micro trashes Bloomberg chip hack story in recent customer letter | ZDNet
Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading | ZDNet
Twitter publishes dump of accounts tied to Russian, Iranian influence campaigns | Ars Technica
A Twitter employee groomed by the Saudi government prompted 2015 state-sponsored hacking warning | TechCrunch
FireEye links Russian research lab to Triton ICS malware attacks | ZDNet
Kaspersky says it detected infections with DarkPulsar, alleged NSA malware | ZDNet
Patrick ☠️SMBv1☠️ Gray on Twitter: "Risky Biz gets a shout out in senate estimates... 2018 is weird. https://t.co/Y25bukriKU… "
Magecart group leverages zero-days in 20 Magento extensions | ZDNet
WordPress team working on "wiping older versions from existence on the internet" | ZDNet
Trade.io loses $7.5Mil worth of cryptocurrency in mysterious cold wallet hack | ZDNet
Hackers steal data of 75,000 users after Healthcare.gov FFE breach | ZDNet
Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'
Vendors confirm products affected by libssh bug as PoC code pops up on GitHub | ZDNet
Advertisers can track users across the Internet via TLS Session Resumption | ZDNet
Open source web hosting software compromised with DDoS malware | ZDNet
Legal and Constitutional Affairs Legislation Committee_2018_10_22_6688.pdf;fileType=application/pdf
I forgot to talk about this in the show... this week's sponsor guest recommends people interested in machine learning check out the papers and slide decks here:
CylanceOPTICS | Products | Cylance