Risky Business Podcast

September 11, 2019

Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Paige Thompson pleads not guilty to CapitalOne hack
  • German government probes FinFisher
  • Bluekeep Metasploit module dropped
  • DPRK samples hit VT, courtesy of our friends in the USA
  • Apple releases awful statement about mass exploitation of its devices
  • Much more

This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more
0:00 / 0:00

Show notes

Cyber Command's biggest VirusTotal upload looks to expose North Korean-linked malware

InstaCyber on Twitter: "Uploading of samples isn't burning capability or some sort of (working) counter-CNE operation. This is proven by the large number of actors that keep truckin' on with the same old junk despite disclosure; the number of groups that truly pack up shop, albeit temporarily, is small https://t.co/COkDOLYlwr" / Twitter

The NSA recognizes it needs to share more nation-state threat data, and faster

Apple takes flak for disputing iOS security bombshell dropped by Google | Ars Technica

We must see China - the opportunities and the threats - with clear eyes

Samsung, Huawei, LG, and Sony phones vulnerable to rogue 'provisioning' messages | ZDNet

Zero-day disclosed in Android OS | ZDNet

A Chinese APT is now going after Pulse Secure and Fortinet VPN servers | ZDNet

Metasploit team releases BlueKeep exploit | ZDNet

How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory.

German prosecutors investigate spyware maker FinFisher | News | DW | 05.09.2019

Twitter disables SMS-to-tweet feature after its CEO got hacked last week | ZDNet

Accused Capital One hacker pleads not guilty to all charges

Back to school: With latest attack, ransomware cancels classes in Flagstaff | Ars Technica

No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas | ZDNet

Chris Bing on Twitter: "NSA cybersecurity division Director Anne Neuberger says at #BillingtonSummit that Ransomware represents one of the threats facing the election. Explains its a notable vector of attack following attacks on cities across the US." / Twitter

Thousands of servers infected with new Lilocked (Lilu) ransomware | ZDNet

Scraping public website data does not violate CFAA, judge rules

51 tech CEOs send open letter to Congress asking for a federal data privacy law | ZDNet

Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks

Security researchers expose another instance of Chrome patch gapping | ZDNet

Kaspersky launches anti-cheat solution for pro e-sports tournaments | ZDNet

Mozilla launches Firefox VPN extension for US users | ZDNet

Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month | ZDNet

Intel server-grade CPUs impacted by new NetCAT attack | ZDNet

U.S. arrests 281 people worldwide accused of involvement in BEC scams

Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet

Cyber-security incident at US power grid entity linked to unpatched firewalls | ZDNet

Secret Service Investigates Breach at U.S. Govt IT Contractor — Krebs on Security

Millions of Exim servers vulnerable to root-granting exploit | ZDNet