Risky Business Podcast

January 29, 2019

Risky Business #528 -- Huawei dinged, epic FaceTime and Exchange bugs

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

Adam Boileau co-hosts this week’s Risky Business episode. We talk about:

  • The Huawei indictments
  • The epic Facetime logic bug
  • The even more epic Exchange privesc bug
  • CISA’s “fix yo DNS” directive
  • Black Cube busted doing shady stuff to Citizen Lab
  • Yahoo shareholder lawsuit settlement makes directors twitchy
  • Internet filtering kicks off in Venezuela
  • Much, much MORE!

This week’s show is brought to you by Thinkst Canary – they make hardware honeypots and the tools you need to deploy canarytokens at scale. They also make virtual honeypots! This week Thinkst’s founder Haroon Meer will be along to wave his finger at basically all of us over what he sees as the security discipline’s tendency to not really learn anything from security conferences. It’s “contertainment,” he says, followed by “GET OFF MY LAWN”.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #528 -- Huawei dinged, epic FaceTime and Exchange bugs
0:00 / 58:06

Show notes

US hammers Huawei with 23 indictments for stolen trade secrets, fraud - CNET

Major iPhone FaceTime bug lets you hear the audio of the person you are calling ... before they pick up - 9to5Mac

Abusing Exchange: One API call away from Domain Admin - dirkjanm.io

DHS: Multiple US gov domains hit in serious DNS hijacking wave | Ars Technica

cyber.dhs.gov - Emergency Directive 19-01

Rep. Langevin: We need a DHS briefing to understand extent of DNS hijacking threat

ALERT: DNS hijacking activity - NCSC Site

APNewsBreak: Undercover agents target cybersecurity watchdog

Japanese government plans to hack into citizens' IoT devices | ZDNet

Internet experiment goes wrong, takes down a bunch of Linux routers | ZDNet

Lessons for Corporate Boardrooms From Yahoo’s Cybersecurity Settlement - The New York Times

Mystery still surrounds hack of PHP PEAR website | ZDNet

WordPress sites under attack via zero-day in abandoned plugin | ZDNet

OONI report into Internet filtering in Venezuela

Tonga sent back to 'dark ages' after underwater Internet cable severed | Fox News

Opinion | Mueller’s Real Target in the Roger Stone Indictment - The New York Times

Exclusive: Ukraine says it sees surge in cyber attacks targeting election | Reuters

This Time It’s Russia’s Emails Getting Leaked

Russia Targeting British Institute In Disinformation Campaign

Unsecured MongoDB databases expose Kremlin's backdoor into Russian businesses | ZDNet

Facebook to encrypt Instagram messages ahead of integration with WhatsApp, Facebook Messenger | TechCrunch

Cryptopia funds still being drained by hackers while police investigated | RNZ News

Europol arrests UK man for stealing €10 million worth of IOTA cryptocurrency | ZDNet

Police license plate readers are still exposed on the internet | TechCrunch

Malvertising campaign targets Apple users with malicious code hidden in images | ZDNet

Hackers are going after Cisco RV320/RV325 routers using a new exploit | ZDNet

Spencer Dailey on Twitter: "hard to understate how bad this flaw is--shocked more pubs haven't picked up on this. The affected chip is ubiquitous, the potential exploits allow anyone within wifi-range to run arbitrary code on the machine. Wifi routers themselves use affected chip 🤯 https://t.co/XQx4SobJtj"

GitHub - hannob/apache-uaf: Apache use after free bug infos / ASAN stack traces

Lesley Carhart on Twitter: "At the very least I’ll be able to publish these questions so that other people can grill their properties should they forcibly migrate to IoT equipment."

APT39: An Iranian Cyber Espionage Group Focused on Personal Information « APT39: An Iranian Cyber Espionage Group Focused on Personal Information | FireEye Inc

44CON 2013 - A talk about (info-sec) talks - Haroon Meer - YouTube