Risky Business Podcast
May 29, 2019
Risky Business #543 -- NYTimes blames NSA for Baltimore hacks, Assange faces espionage charges
Presented by
CEO and Publisher
Technology Editor
Adam Boileau couldn’t make it this week, but that’s ok because we’ve got former Facebook CSO and current Stanford adjunct professor Alex Stamos filling in for him in today’s show. He’ll be talking through all the week’s security news, including:
- NYTimes report blames Baltimore ransomware attack on leaked NSA exploit
- Assange to face espionage charges, extradition fight looming
- SanboxEscaper just keeps dropping those 0days
- Fury over Facebook’s response to doctored Pelosi video
- Much, much more
This week’s sponsor interview with David Warburton of F5 Networks. You know F5 as a blinky-light box manufacturer. Load balancers, SSL termination, that sort of stuff. Not exactly a growth industry at the moment, so they’re pivoting.
They’ve dropped $670m on NGINX – f5 now owns the NGINX company – and they’re making all sorts of moves in the appsec space. That interview is mostly about F5’s business, but I found it interesting because what do you do when you’re an $8bn company that makes data-centre equipment and that industry starts going into decline?
Links to everything discussed are below, and you can follow Patrick or Alex on Twitter if that’s your thing.
Brought to you by F5 Networks
Multi-Cloud Security and Application Delivery
Show notes
In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc - The New York Times
Eternally Blue: Baltimore City leaders blame NSA for ransomware attack | Ars Technica
Google bots shut down Baltimore officials’ ransomware-workaround Gmail accounts | Ars Technica
CyberSecPolitics: Baltimore is not EternalBlue
Errata Security: A lesson in journalism vs. cybersecurity
Intense scanning activity detected for BlueKeep RDP flaw | ZDNet
Researcher publishes Windows zero-days for the third day in a row | ZDNet
Cyber Command's latest VirusTotal upload has been linked to an active attack
The Latest Julian Assange Indictment Is an Assault on Press Freedom | WIRED
Here's How a Facebook Exec Defended Leaving Up That Fake Nancy Pelosi Video
Facebook scrubbed 2.2 billion fake accounts in the first quarter of 2019, a new high
U.S. Navy Creating a 350 Billion Record Social Media Archive
Amazon shareholders reject facial recognition sale ban to governments | TechCrunch
Facial Recognition Has Already Reached Its Breaking Point | WIRED
Android and iOS devices impacted by new sensor calibration attack | ZDNet
Privacy Preserving Ad Click Attribution For the Web | WebKit
German Minister Wants Secure Messengers To Decrypt Chats
European police seize BestMixer, saying it helped launder $200 million worth of cryptocurrency
Chinese military to replace Windows OS amid fears of US hacking | ZDNet
Australian tech unicorn Canva suffers security breach | ZDNet
Equifax is spending a ton of money on cybersecurity. Wall Street analysts don't like it.
Democratic Party’s network security still lags behind GOP, researchers find | Ars Technica
NSS ISSUES STATEMENT — NSS Labs, Inc.
CrowdStrike, NSS Labs resolve court battle over product testing | ZDNet
Security Engineer, Detection - Google - Sydney NSW, Australia - Google Careers