Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more

Your weekly news round up with Patrick Gray and Adam Boileau...
11 Sep 2019 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Paige Thompson pleads not guilty to CapitalOne hack
  • German government probes FinFisher
  • Bluekeep Metasploit module dropped
  • DPRK samples hit VT, courtesy of our friends in the USA
  • Apple releases awful statement about mass exploitation of its devices
  • Much more

This week’s show is brought to you by Blackberry Cylance. In this week’s sponsor interview we’ll be talking about US Cybercommand dropping some sweet, sweet APT28 samples on VirusTotal back in May. We’ll talk a little bit about that malware, and also have a more general discussion about CYBERCOM VT drops with Cylance research staffers Steve Barnes and Josh Lemos.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Cyber Command's biggest VirusTotal upload looks to expose North Korean-linked malware
InstaCyber on Twitter: "Uploading of samples isn't burning capability or some sort of (working) counter-CNE operation. This is proven by the large number of actors that keep truckin' on with the same old junk despite disclosure; the number of groups that truly pack up shop, albeit temporarily, is small https://t.co/COkDOLYlwr" / Twitter
The NSA recognizes it needs to share more nation-state threat data, and faster
Apple takes flak for disputing iOS security bombshell dropped by Google | Ars Technica
We must see China - the opportunities and the threats - with clear eyes
Samsung, Huawei, LG, and Sony phones vulnerable to rogue 'provisioning' messages | ZDNet
Zero-day disclosed in Android OS | ZDNet
A Chinese APT is now going after Pulse Secure and Fortinet VPN servers | ZDNet
Metasploit team releases BlueKeep exploit | ZDNet
How did a Chinese APT get a U.S. hacking tool before it was leaked? Check Point has a theory.
German prosecutors investigate spyware maker FinFisher | News | DW | 05.09.2019
Twitter disables SMS-to-tweet feature after its CEO got hacked last week | ZDNet
Accused Capital One hacker pleads not guilty to all charges
Back to school: With latest attack, ransomware cancels classes in Flagstaff | Ars Technica
No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas | ZDNet
Chris Bing on Twitter: "NSA cybersecurity division Director Anne Neuberger says at #BillingtonSummit that Ransomware represents one of the threats facing the election. Explains its a notable vector of attack following attacks on cities across the US." / Twitter
Thousands of servers infected with new Lilocked (Lilu) ransomware | ZDNet
Scraping public website data does not violate CFAA, judge rules
51 tech CEOs send open letter to Congress asking for a federal data privacy law | ZDNet
Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks
Security researchers expose another instance of Chrome patch gapping | ZDNet
Kaspersky launches anti-cheat solution for pro e-sports tournaments | ZDNet
Mozilla launches Firefox VPN extension for US users | ZDNet
Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month | ZDNet
Intel server-grade CPUs impacted by new NetCAT attack | ZDNet
U.S. arrests 281 people worldwide accused of involvement in BEC scams
Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet
Cyber-security incident at US power grid entity linked to unpatched firewalls | ZDNet
Secret Service Investigates Breach at U.S. Govt IT Contractor — Krebs on Security
Millions of Exim servers vulnerable to root-granting exploit | ZDNet