Risky Business #525 -- Back on deck for 2019!

A catch up on the news of the last few weeks...
09 Jan 2019 » Risky Business

In this week’s show Adam Boileau and Patrick Gray discuss the security news of the last few weeks, including:

  • German politicians pwnt, suspect arrested
  • Possible ransomware attack affects US newspapers
  • Mass 2FA bypasses impacting Gmail users in Middle East
  • Emergency warning system in Australia popped
  • Ethereum Classic double-spend attack a sign of things to come
  • EU to fund open source bug bounties
  • Attackers steal details of 1,000 North Korean defectors
  • Doing the Bloomberg hack for real at 35C3
  • El Chapo should have used Signal
  • Much, much more…

This week’s show is brought to you by Cylance! BlackBerry announced that it’s acquiring Cylance for $1.4bn (I don’t know if that’s closed yet) which is great news for all the founders and early employees there – some of whom I know reasonably well. So congrats to team Cylance on that!

But we’re not talking about that this week. Instead, Cylance’s very own Scott Scheferman joins us to talk about the MITRE ATT&CK framework and how it’s informing their product dev. There’s some product talk in that interview but there’s also some real meat there so I let it run long. Scott says we’re close to the terrible situation where security companies are going to start using MITRE ATT&CK as a marketing tool, like “Full MITRE ATT&CK coverage!”

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Arrested German hacker confesses to leaking politicians' information, report says
Before Germany’s Massive Hack, We Learned What Not to Do With Sensitive Stolen Information - Motherboard
What we still don’t know about the cyberattack on Tribune newspapers - The Washington Post
Ransomware suspected in cyberattack that crippled major US newspapers | ZDNet
How Hackers Bypass Gmail 2FA at Scale - Motherboard
Hackers target 'hundreds' of Middle East activists with fake login pages, 2FA bypass schemes
Hackers send fake emergency emails, texts, messages using warning system
Coinbase suspends Ethereum Classic (ETC) trading after double-spend attacks | ZDNet
I Gave a Bounty Hunter $300. Then He Located Our Phone - Motherboard
EU to fund bug bounty programs for 14 open source projects starting January 2019 | ZDNet
Hackers hijack thousands of Chromecasts to warn of latest security bug | TechCrunch
Hackers steal personal info of 1,000 North Korean defectors | ZDNet
Modchips - Trammell Hudson's Projects
Hacking Group Decrypts Cache of Insurance Files Related to 9/11 Attacks - Motherboard
Hackers Make a Fake Hand to Beat Vein Authentication - Motherboard
You Can Now Get $1 Million for Hacking WhatsApp and iMessage - Motherboard
Alan Feuer on Twitter: "In February 2010, an undercover FBI agent met with the target of a sensitive investigation: Christian Rodriguez, an IT specialist who had recently developed a remarkable product: an encrypted communication network for the Mexican drug lord El Chapo and his Colombian partners."
Encrypted Messaging App Signal Says It Won’t Comply With Australia’s New Backdoor Bill - Motherboard
Louis Theroux among those hit by Twitter hack exposing security flaw | Technology | The Guardian
NSA to release a free reverse engineering tool | ZDNet
Open-source tool aims to curb BGP hijacking amid Chinese espionage concerns
ARTEMIS — neutralizing BGP hijacking within a minute | APNIC Blog
New hardware-agnostic side-channel attack works against Windows and Linux | ZDNet
1901.01161.pdf
Презентация PowerPoint
CVE-2019-0547 | Windows DHCP Client Remote Code Execution Vulnerability