Risky Business #523 -- So many breaches

Plus all the other news...
05 Dec 2018 » Risky Business

This week’s show features Patrick Gray and Adam Boileau discussing the week’s security news, including:

  • The Marriott, Quora, Dell and Sky Brazil data breaches
  • Kashoggi associate to sue NSO Group
  • Australia’s AA Bill set to pass
  • NZ give Huawei the boot
  • AutoCAD malware targets key verticals
  • Republicans’ 2018 campaign hacked
  • Czech government blames Russia for intrusions into key systems
  • Horror-show bug in Kubernetes

This week’s show is brought to you by Duo Security, big thanks to Duo for that! In this week’s sponsor interview we’ll be chatting with Duo Security’s very own Dave Lewis about some Beyond Corp stuff. Beyond Corp is the enterprise computing model of the future and Dave will be along after this week’s news to talk about some of its finer points.

Links to everything that we discussed are below. (That’s why there are extras.) You can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Marriott: Data on 500 Million Guests Stolen in 4-Year Breach — Krebs on Security
Marriott sued hours after announcing data breach | ZDNet
Quora Announces Data Breach of 100 Million Users - Motherboard
Dell announces security breach | ZDNet
Sky Brasil exposes data of 32 million subscribers | ZDNet
Israeli Software Helped Saudis Spy on Khashoggi, Lawsuit Says - The New York Times
Police, spies gain powers to access encrypted messages after political deal struck
GCHQ’s not-so-smart idea to spy on encrypted messaging apps is branded ‘absolute madness’ | TechCrunch
Principles for a More Informed Exceptional Access Debate - Lawfare
Defence department exposed by Chinese hackers
'Watering hole' attacks: How China's hackers went after think tanks and universities
Huawei banned from New Zealand's 5G mobile network over security concerns - ABC News (Australian Broadcasting Corporation)
UK and Germany grow wary of Huawei as US turns up pressure | Financial Times
New industrial espionage campaign leverages AutoCAD-based malware | ZDNet
House Republican campaign arm hacked during 2018 election
Czech Republic blames Russia for multiple government network hacks | ZDNet
Magecart Group Ups Ante: Now Goes After Admin Credentials | Threatpost | The first stop for security news
FBI dismantles gigantic ad fraud scheme operating across over one million IPs | ZDNet
After Microsoft complaints, Indian police arrest tech support scammers at 26 call centers | ZDNet
"WeChat Payment" ransomware makers are locked in transmission, harm and epidemic ultimate decryption
​Kubernetes' first major security hole discovered | ZDNet
Researchers discover SplitSpectre, a new Spectre-like CPU attack | ZDNet
Hackers are opening SMB ports on routers so they can infect PCs with NSA malware | ZDNet
Microsoft warns about two apps that installed root certificates then leaked the private keys | ZDNet
Project Zero: Adventures in Video Conferencing Part 1: The Wild World of WebRTC
Cyber attack victims face disputes with insurers | Financial Times
unprivileged users with UID > INT_MAX can successfully execute any systemctl command (#74) · Issues · polkit / polkit · GitLab