Risky Business #521 -- Bears everywhere

Renewed Russian activity and a bad month for Julian Assange, Facebook and Bitcoin...
21 Nov 2018 » Risky Business

This edition of the show features Adam Boileau and Patrick Gray discussing the week’s security news:

  • Cozy Bear is back, Fancy Bear has new tooling
  • Russian government wants DNC lawsuit thrown out
  • Cyber Command submitting samples to VirusTotal
  • Google BGP shenanigans
  • Australian/China Telecom BGP shenanigans
  • All the recent Facebook drama
  • More speculative execution bugs
  • Julian Assange likely to be charged
  • Vault7 leaker facing new charges
  • Phineas Fisher investigation abandoned
  • Bitcoin/Tether link probed by DoJ, btc in free-fall

This week’s show is brought to you by Proofpoint.

Sherrod DeGrippo, Proofpoint’s director of threat research and detection is this week’s sponsor guest. Surprisingly, she tells us that ransomware via email is a dead duck.

Links to everything that we discussed are below. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Russia’s Cozy Bear comes out of hiding with post-election spear-phishing blitz | Ars Technica
Russia's Fancy Bear and Cozy Bear Hackers May Have New Phishing Tricks | WIRED
Russia wants DNC hack lawsuit thrown out, citing international conventions | ZDNet
Russian Trolls Sue Facebook, Their Old Propaganda Machine
Ukraine detects new Pterodo backdoor malware, warns of Russian cyberattack | Ars Technica
US Cyber Command starts uploading foreign APT malware to VirusTotal | ZDNet
Google goes down after major BGP mishap routes traffic through China | Ars Technica
How China diverts, then spies on Australia's internet traffic
Rob Joyce on Twitter: "I hope this latest fiasco of traffic rerouting through China is the wakeup call for all of us to get serious about addressing the massive and unacceptable vulnerability inherent in today’s BGP routing architecture. https://t.co/dSTVIOltsF"
Everything you need to know about Facebook’s latest crisis - Recode
Facebook has been accused of peddling anti-Semitic conspiracy theories - Vox
Yes, Facebook made mistakes in 2016. But we weren’t the only ones. - The Washington Post
Researchers discover seven new Meltdown and Spectre attacks | ZDNet
The US Department of Justice is reportedly preparing to indict WikiLeaks founder Julian Assange | Business Insider
Julian Assange has been charged, prosecutors reveal inadvertently in court filing
Accused 'Vault 7' leaker to face new charges
Hacking Team Hacker Phineas Fisher Has Gotten Away With It - Motherboard
Bitcoin Price Manipulated by Tether? Justice Department Probing - Bloomberg
A Browser Extension Apparently Stole The Private Facebook Messages Of At Least 81,000 Accounts | Gizmodo Australia
The Hack Millions of People Are Installing Themselves - Motherboard
Facebook patches another bug that could have allowed mass-harvesting of user data | ZDNet
Trump signs bill that creates the Cybersecurity and Infrastructure Security Agency | ZDNet
AWS rolls out new security feature to prevent accidental S3 data leaks | ZDNet
Most ATMs can be hacked in under 20 minutes | ZDNet
Deserialization issues also affect Ruby, not just Java, PHP, and .NET | ZDNet
Adobe ColdFusion servers under attack from APT group | ZDNet
VirtualBox zero-day published by disgruntled researcher | ZDNet
Office 365, Azure users are locked out after a global multi-factor authentication outage | TechCrunch
Cisco says a flaw in its Adaptive Security Appliance allows remote attacks
He Helped People Cheat at Grand Theft Auto. Then His Home Was Raided. - The New York Times