Risky Business Podcast

September 18, 2019

Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • US Treasury targets DPRK APT crews
  • Russia owned FBI counter surveillance team radio comms
  • New details on 2016 attack against Ukraine power grid
  • US Government to sue Edward Snowden for memoir profits
  • Did RCMP intelligence director tip Phantom Secure on investigation?
  • Much, much more!

This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector.

Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a sudden on the agenda in aerospace. Casey drops by to talk about all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack
0:00 / 0:00

Show notes

US Treasury sanctions three North Korean hacking groups | ZDNet

Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups | U.S. Department of the Treasury

North Korean hackers target U.S. entities amid stalled denuclearization talks

Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction | WIRED

Exclusive: Australia concluded China was behind hack on parliament, political parties – sources    - Reuters

US sues Edward Snowden over new book | ZDNet

Investigation into senior RCMP official stemmed from disruption of encrypted phone service: sources - National | Globalnews.ca

Israeli police arrest execs from vendor of mobile surveillance tech | ZDNet

Infamous surveillance tech vendor makes pledge to follow UN human rights policy | ZDNet

This Company Built a Private Surveillance Network. We Tracked Someone With It - VICE

Simjacker attack exploited in the wild to track users for at least two years | ZDNet

A Password-Exposing Bug Was Purged From LastPass | WIRED

The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite | WIRED

Database leaks data on most of Ecuador's citizens, including 6.7 million children | ZDNet

Arrest made in Ecuador's massive data breach | ZDNet

Data of 24.3 million Lumin PDF users shared on hacking forum | ZDNet

Hacked government contractor shares breach details as investigation continues

FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew

Google discloses vulnerability in Chrome OS 'built-in security key' feature | ZDNet

Sophos open-sources Sandboxie, a utility for sandboxing any application | ZDNet

Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode | ZDNet

Most Android flashlight apps request an absurd number of permissions | ZDNet

Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions

NY Payroll Company Vanishes With $35 Million — Krebs on Security

2 charged say they were hired to break into Dallas County courthouse