This episode sponsored by Thinkst.On this week’s show Patrick and Adam talk through all the week’s security news, including:
- NYTimes story on EternalBlue and Baltimore is bunk
- An RDP worm is feeling kind of inevitable
- Iran is still getting Shadowbrokersed
- Intercept has a great feature on SID Today dumps
- Australian Federal Police crack down on national security journalism
- Phantom Secure CEO gets nine years and loses $80m
- Silk Road 2.0 admin must be an amazing snitch
- Another Bitcoin tumbler bites the dust
- Much, much more
This week’s sponsor interview is with Marco Slaviero of Thinkst Canary.
Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer.
Show notes
- Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack
- Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack
- N.S.A. Denies Its Cyberweapon Was Used in Baltimore Attack, Congressman Says - The New York Times
- Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware — Krebs on Security
- Baltimore ransomware perp pinky-swears he didn’t use NSA exploit | Ars Technica
- NSA points to two-year patching window in remarks about Baltimore incident
- Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough | WIRED
- Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet
- New Iranian hacking tool leaked on Telegram | ZDNet
- Meltdown Showed Extent of NSA Surveillance — and Other Tales From Hundreds of Intelligence Documents
- Federal police raid home of News Corp journalist Annika Smethurst | Australia news | The Guardian
- PressReader.com - Your favorite newspapers and magazines.
- CEO Who Sold Encrypted Phones to the Sinaloa Cartel Sentenced to Nine Years - VICE
- Silk Road 2.0 Admin May Only Be Prosecuted For Tax Crimes After Cooperating with Feds - VICE
- Bitcoin Blender Exits Cryptocurrency Mixing On Its Own Terms
- Rights groups probe investments in NSO Group’s private equity firm
- Lorenzo Franceschi-Bicchierai on Twitter: "In his new book, @josephmenn argues that Phineas Fisher, the hacktivist that breached FinFisher and Hacking Team, is perhaps a Russian intelligence front.… https://t.co/PgLPt369Sd"
- Much @Stake: The Band of Hackers That Defined an Era | WIRED
- Google Cloud goes down, taking YouTube, Gmail, Snapchat, and others with it | ZDNet
- China 'rigs' 5G test to favour Huawei - NZ Herald
- Russian military moves closer to replacing Windows with Astra Linux | ZDNet
- Maze Ransomware Says Computer Type Determines Ransom Amount
- Phishing Emails Pretend to be Office 365 'File Deletion' Alerts
- Unpatched Flaw Affects All Docker Versions, Exploits Ready
- Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch
- 0patch Blog: Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
- Flipboard says hackers stole user details | ZDNet
- Google Is Finally Making Chrome Extensions More Secure | WIRED
- Westpac cyber atttack: PayID platform hack exposes private details on 100,000 Australians
- Terry Zhang on Twitter: "Received a 40,000$ bounty from @msftsecresponse through @Bugcrowd for a critical Auth Bypass i found on Microsoft Cloud.Also will join the team and talk about it on the BlackHat this year.Thanks for the great bounty and the opportunity sharing on a big stage.… https://t.co/mbzs41LfBf"
- New research shows personalized ads are just barely more efficient than dumb ads | ZDNet
- Stephen A. Ridley on Twitter: "It has been 10 years since we reverse engineered the MS08-67 patch and published the FIRST public vuln PoC (which was used by the Confiker Worm authors). BUT, it has only been about a year since we got an angry email blaming us for the Confiker worm. https://t.co/4Xalrh7okV… https://t.co/QPeMCZIHtc"
- Malware Sandbox Online | Free Trial
- Thinkst Canary
