Risky Business #540 -- In depth: Hamas cyber unit destroyed in air strike

Air strike against Hamas' cyber unit sets no precedent in time of war, experts say...
08 May 2019 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • IDF takes out Hamas cyber HQ (Features commentary from Bobby Chesney and Klon Kitchen)
  • NYTimes mangles Symantec’s “Buckeye” research
  • Lots of dark web arrests
  • SAP exploits not all they’re cracked up to be
  • Magecart-style attacks spread to other platforms
  • Tech-led crackdown on Chinese-muslims intensifies
  • Japan to create “defensive malware”

This week’s sponsor interview is with Duo Security advisory CSO Richard Archdeacon and we’ll be talking about zero trust networks. Richard isn’t so worried about every vendor under the sun claiming to be a zero trust tech company. He doesn’t think that’s going to derail the move to zero trust architectures because the move towards them is too strong.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Israel Defense Forces on Twitter: "CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.… https://t.co/rL86R93V7P"
Crossing a Cyber Rubicon? Overreactions to the IDF’s Strike on the Hamas Cyber Facility - Lawfare
Daniel Moore on Twitter: "It's also possible that they claim this is a kinetic response to a cyber-attack, but in reality the IDF is just bombing more convenient, low-risk elements of Hamas out of its extensive target bank. So possibly more capitalising on an opportunity than direct retaliation.… https://t.co/uFSn4Ql8Nu"
Inbar Raz on Twitter: "If there had been only one strike, and it had been directed at the Cyber unit, then that would have been a remarkable and unusual event. But it wasn’t. It’s just one more building with “Hamas” written all over it. 3/N… https://t.co/hPfy1ulmsE"
Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak | Symantec Blogs
How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks - The New York Times
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree | WIRED
FBI has seized Deep Dot Web and arrested its administrators | TechCrunch
Law enforcement seizes dark web market after moderator leaks backend credentials | ZDNet
Public 10KBLAZE Exploits May Impact 90% of SAP Production Systems
sap_ms/README.md at master · gelim/sap_ms · GitHub
JavaScript card sniffing attacks spread to other e-commerce platforms | ZDNet
A hacker is wiping Git repositories and asking for a ransom | ZDNet
Mysterious hacker has been selling Windows 0-days to APT groups for three years | ZDNet
China uses biometrics and digital scanning 'data doors' to track Muslim minority | ZDNet
Uyghurs the People of Xinjiang - Rear Vision - ABC Radio National (Australian Broadcasting Corporation)
CIA sets up shop on the anonymous, encrypted Tor network - CNET
China making 'rapid progress' on potency of cyber-operations, Pentagon says
Japanese government to create and maintain defensive malware | ZDNet
Hacker takes over 29 IoT botnets | ZDNet
Only six TSA staffers are overseeing US oil & gas pipeline security | ZDNet
Dutch intelligence warns of escalating Russian, Chinese cyberattacks in the Netherlands
NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year
WordPress finally gets the security features a third of the Internet deserves | ZDNet
Verizon, T-Mobile, Sprint, and AT&T Hit With Class Action Lawsuit Over Selling Customers’ Location Data - VICE
Firefox add-ons disabled en masse after Mozilla certificate issue | ZDNet
Labor asks questions of WeChat over doctored accounts, 'fake news'
Evil Clippy Makes Malicious Office Docs that Dodge Detection
Dell laptops and computers vulnerable to remote hijacks | ZDNet
AWS IAM Exploitation – Security Risk Advisors
Zero Trust Evaluation Guide: For the Workforce | Duo Security