Risky Business Podcast

October 31, 2018

Risky Business #520 -- Tanya Janca talks security in the curriculum

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

We’ve got a great podcast for you this week. Tanya Janca will be talking about some volunteer work she’s been doing with a Canadian government panel on getting security content into children’s school curriculums.

In this week’s sponsor interview we’ll be talking with Ferruh Mavituna of Netsparker.

They launched Netsparker Cloud a while ago so now they have some decent telemetry I wanted to ask Ferruh what he’s found surprising now he’s sitting on a mountain of scan results. The types of bugs being turned up aren’t really a surprise, but the extent to which old software is a problem was actually pretty surprising to him. He knew it was bad, he says, but he didn’t know it’s this bad.

Adam Boileau, as usual, joins the show this week to talk about all the week’s security news:

  • More Chinese MSS officers indicted by the US DoJ
  • ASD chief speaks publicly on 5G Huawei ban
  • China playing funny buggers with BGP
  • Russia is still messing with the US during the midterms
  • Facebook boots more Iranian influence pages
  • New privacy features in Signal
  • Plus much, much more!

Links to everything that we discussed are below, including the discussions that were edited out. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #520 -- Tanya Janca talks security in the curriculum
0:00 / 0:00

Show notes

Chinese Intelligence Officers and Their Recruited Hackers and Insiders Conspired to Steal Sensitive Commercial Aviation and Technological Data for Years | OPA | Department of Justice

U.S. charges Chinese intelligence officers for jet engine data hack

Huawei's ban to 5G network 'supported by technical advice', spy agency chief says - ABC News (Australian Broadcasting Corporation)

Canadian security boss ain't afraid of no Huawei, sees no reason for ban • The Register

US bans exports to Chinese DRAM maker citing national security risk | ZDNet

China has been 'hijacking the vital internet backbone of western countries' | ZDNet

Russia Is Meddling In The Midterms. The White House Just Isn't Talking About It.

The Crisis of Election Security - The New York Times

DHS: Election officials inundated, confused by free cyber-security offerings | ZDNet

Facebook removes more Iran-linked accounts, this time targeting the US & UK | ZDNet

We posed as 100 senators to run ads on Facebook. Facebook approved all of them. – VICE News

NYT: Chinese and Russian spies routinely eavesdrop on Trump’s iPhone calls | Ars Technica

North Korea blamed for two cryptocurrency scams, five trading platform hacks | ZDNet

New Signal privacy feature removes sender ID from metadata | Ars Technica

Windows Defender becomes first antivirus to run inside a sandbox | ZDNet

Pakistani bank denies losing $6 million in country's 'biggest cyber attack' | ZDNet

Many CMS plugins are disabling TLS certificate validation... and that's very bad | ZDNet

Twelve malicious Python libraries found and removed from PyPI | ZDNet

How ‘Mr. Hashtag’ Helped Saudi Arabia Spy on Dissidents - Motherboard

Government Spyware Vendor Left Customer, Victim Data Online for Everyone to See - Motherboard

Apple's T2 Security Chip Makes It Harder to Tap MacBook Mics | WIRED

Microsoft Windows zero-day disclosed on Twitter, again | ZDNet

https://support.f5.com/csp/article/K52868493

Digital DASH – ICTC - Focus on Information Technology (FIT)