Risky Business Podcast
December 05, 2018
Risky Business #523 -- So many breaches
Presented by
CEO and Publisher
Technology Editor
This week’s show features Patrick Gray and Adam Boileau discussing the week’s security news, including:
- The Marriott, Quora, Dell and Sky Brazil data breaches
- Kashoggi associate to sue NSO Group
- Australia’s AA Bill set to pass
- NZ give Huawei the boot
- AutoCAD malware targets key verticals
- Republicans’ 2018 campaign hacked
- Czech government blames Russia for intrusions into key systems
- Horror-show bug in Kubernetes
This week’s show is brought to you by Duo Security, big thanks to Duo for that! In this week’s sponsor interview we’ll be chatting with Duo Security’s very own Dave Lewis about some Beyond Corp stuff. Beyond Corp is the enterprise computing model of the future and Dave will be along after this week’s news to talk about some of its finer points.
Links to everything that we discussed are below. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by Duo Security
Identity Security, MFA & SSO
Show notes
Marriott: Data on 500 Million Guests Stolen in 4-Year Breach — Krebs on Security
Marriott sued hours after announcing data breach | ZDNet
Quora Announces Data Breach of 100 Million Users - Motherboard
Dell announces security breach | ZDNet
Sky Brasil exposes data of 32 million subscribers | ZDNet
Israeli Software Helped Saudis Spy on Khashoggi, Lawsuit Says - The New York Times
Police, spies gain powers to access encrypted messages after political deal struck
Principles for a More Informed Exceptional Access Debate - Lawfare
Defence department exposed by Chinese hackers
'Watering hole' attacks: How China's hackers went after think tanks and universities
20180717_HCSEC_Oversight_Board_Report_2018_-_FINAL.pdf
UK and Germany grow wary of Huawei as US turns up pressure | Financial Times
New industrial espionage campaign leverages AutoCAD-based malware | ZDNet
House Republican campaign arm hacked during 2018 election
Czech Republic blames Russia for multiple government network hacks | ZDNet
FBI dismantles gigantic ad fraud scheme operating across over one million IPs | ZDNet
After Microsoft complaints, Indian police arrest tech support scammers at 26 call centers | ZDNet
"WeChat Payment" ransomware makers are locked in transmission, harm and epidemic ultimate decryption
Kubernetes' first major security hole discovered | ZDNet
Researchers discover SplitSpectre, a new Spectre-like CPU attack | ZDNet
Hackers are opening SMB ports on routers so they can infect PCs with NSA malware | ZDNet
Microsoft warns about two apps that installed root certificates then leaked the private keys | ZDNet
Project Zero: Adventures in Video Conferencing Part 1: The Wild World of WebRTC
Cyber attack victims face disputes with insurers | Financial Times