Risky Business #537 -- Assange arrested, WordPress ecosystem on fire

Julian Assange likely to face extradition, five years in prison...
17 Apr 2019 » Risky Business

On this week’s show Adam Boileau and Patrick Gray discuss the week’s security news:

  • Julian Assange arrested, likely to be extradited to the USA
  • Krebs: Breach at outsourcing firm Wipro
  • WordPress 0day drama causing serious headaches
  • Silk Road 2’s “DPR2” sent to slammer
  • More from Kaspersky SAS

This week’s show is brought to you by Thinkst Canary! Thinkst founder Haroon Meer will be along in this week’s show to talk about the effect venture capital is having on the security ecosystem. He thinks VC money often makes weak ideas look strong, and in a market where it’s quite difficult to make informed purchasing decisions, that’s not a good thing.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Breaking Down the Julian Assange Hacking Case | WIRED
Experts: Breach at IT Outsourcing Giant Wipro — Krebs on Security
Silk Road 2 Founder Dread Pirate Roberts 2 Caught, Jailed for 5 Years - Motherboard
Chinese woman arrested at Mar-a-Lago 'up to something,' denied bail: judge - Reuters
A security researcher with a grudge is dropping Web 0days on innocent users | Ars Technica
Mailgun hacked part of massive attack on WordPress sites | ZDNet
PPD-20 successor has yielded ‘operational success,’ Federal CISO says
A Peek Into the Toolkit of the Dangerous 'Triton' Hackers | WIRED
DHS, FBI say election systems in all 50 states were targeted in 2016 | Ars Technica
Quasi-Russian upstart reportedly targeted Ukraine in cyber-espionage campaign
Patrick Gray 🥚 on Twitter: "Great scoop from @Commsday Looks like @ASDGovAu is going to rip up its contract with @Cloudflare because they host Nazi forums.… https://t.co/uhqC2EIVbY"
Dragonblood vulnerabilities disclosed in WiFi WPA3 standard | ZDNet
Confluence Security Advisory - 2019-03-20 - Atlassian Documentation
A New Breed of ATM Hackers Gets in Through a Bank’s Network | WIRED
Mysterious Hackers Hid Their Swiss Army Spyware for 5 Years | WIRED
Kaspersky: 70 percent of attacks now target Office vulnerabilities | ZDNet
EU: No evidence of Kaspersky spying despite 'confirmed malicious' classification | ZDNet
DHS alerts industry to insecure enterprise VPN apps
Shimo VPN service contains six unpatched vulnerabilities, Talos discovers
‘Land Lordz’ Service Powers Airbnb Scams — Krebs on Security
Hackers publish personal data on thousands of US police officers and federal agents | TechCrunch
Former Senate IT intern admits to doxing US senators on Twitter and Wikipedia | ZDNet
A hacker has dumped nearly one billion user records over the past two months | ZDNet
Google DLP Makes It Easier to Safeguard Sensitive Data Troves | WIRED
Microsoft Email Hack Shows the Lurking Danger of Customer Support | WIRED
Fortinet settles charges of selling intentionally mislabeled Chinese-made tech to U.S. military
Security Engineer, Detection - Google - Sydney NSW, Australia - Google Careers
Security Engineer, Information Security and Privacy Incident Response - Google - Sydney NSW, Australia - Google Careers
Thinkst Canary