Risky Business Podcast

March 13, 2019

Risky Business #534 -- Manning back in clink, automotive industry under attack

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Adam Boileau and Patrick Gray discuss the week’s news:

  • Chelsea Manning back in jail
  • Citrix owned, Resecurity claims it was Iran. Again. Because reasons, apparently.
  • Huawei politics get messy
  • EXCLUSIVE: Toyota Oz, other carmakers likely targeted by APT32 (Vietnam)
  • Much, much more

This week’s sponsor is Senetas. They make layer 2 encryption gear but recently made a US$8m investment into Votiro, a Content Disarm and Reconstruction (CDR) play. Votiro CEO Aviv Grafi is this week’s sponsor guest. He stops by to explain CDR tech.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #534 -- Manning back in clink, automotive industry under attack
0:00 / 0:00

Show notes

Chelsea Manning jailed after refusing to testify about WikiLeaks - CNNPolitics

Citrix discloses security breach of internal network | ZDNet

Citrix investigating unauthorized access to internal network | Citrix Blogs

Iranian-backed hackers stole data from major U.S. government contractor

Deacon Blues on Twitter: "Have about closed the loop on who is behind Resecurity, the mysterious company attributing the Citrix hack to Iran. It seems to be the work of one man, Andrey Andreevich Komarov, aka Andrew Komarov.… https://t.co/9fbWuEwqdL"

US ambassador in Berlin urges Germany to cut ties with Huawei

Pompeo warns allies Huawei presence complicates partnership with U.S. | Reuters

Huawei’s 5G equipment is a manageable risk, British intelligence claims - The Verge

UN report links North Korean hackers to theft of $571 million from cryptocurrency exchanges

China database lists 'breedready' status of 1.8 million women | World news | The Guardian

800+ Million Emails Leaked Online by Email Verification Service - Security Discovery

Releasing the NSA’s Previously Classified Tool ‘Ghidra’ For Free Is a ‘Game Changer’ - Motherboard

Facebook Suit: Ukrainian Hackers Used Quizzes to Take Data from 60,000 Users

A world of hurt after GoDaddy, Apple, and Google misissue >1 million certificates | Ars Technica

The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code - Motherboard

Google reveals Chrome zero-day under active attacks | ZDNet

Pipes on Twitter: "Google TAG have run down and identified iOS, Chrome and Windows 0days in the last few weeks. @ShaneHuntley Are we going to get some insight on which group you folk are pulling apart later? Sounds like fun times 😉"

Russia blocks encrypted email provider ProtonMail | TechCrunch

Tufts expelled a student for grade hacking. She claims innocence | TechCrunch

Lamborghini-driving bitcoin trader charged with drug trafficking

Cryptocurrency entrepreneur pleads guilty in 'Bitcointopia' fraud - Los Angeles Times

Car alarms with security flaws put 3 million vehicles at risk of hijack | TechCrunch

Silencing Cylance: A Case Study in Modern EDRs – MDSec

Glitching Trezor using EMFI Through The Enclosure – Colin O’Flynn

Extracting BitLocker keys from a TPM

WDS bug lets hackers hijack Windows Servers via malformed TFTP packets | ZDNet

Cisco tells Nexus switch owners to disable POAP feature for security reasons | ZDNet

Auth0 Security Bulletin CVE-2019-7644

Votiro Disarmer Takes Cyber Security to the Next-Generation

Senetas announces $8m investment in Votiro Disarmer