Risky Business #560 -- Facebook sues NSO Group

PLUS: It's likely DPRK hackers attacked an Indian nuclear power plant administrative network...
30 Oct 2019 » Risky Business

On this week’s show Patrick and gust co-host Alex Stamos discuss the week’s security news, including:

  • Facebook files suit against NSO Group
  • Corellium responds to Apple suit
  • Indian nuclear power plant administrative network likely attacked by DPRK
  • Mass defacement in Georgia. Old schooooool!
  • Fancy Bear targets 2020 Olympics
  • FCC proposes subsidies for telcos to rip and replace Huawei, ZTE equipment
  • City of Johannesburg data held to ransom, but it’s not ransomware
  • Much, much more

This week’s sponsor interview is with Jake King of CMD Security. The topic is applying the MITRE ATT&CK framework

Links to everything that we discussed are below and you can follow Patrick or Alex on Twitter if that’s your thing.

Show notes

Will Cathcart - Why WhatsApp is pushing back on NSO Group hacking - The Washington Post
Facebook sues NSO Group for alleged WhatsApp hack - CyberScoop
Exclusive: A ‘Magic’ iPhone Hacking Startup Bites Back At Apple Lawyers — And Demands $300,000
iPhone Emulation Company Sued by Apple Says It's Making iPhones Safer - VICE
(9) Sandhya Sharma on Twitter: "GOI denies reports of #CyberAttack on #kudankulam nuclear power plant and other Indian nuclear power plants control systems. Said they are stand alone not connected to outside cyber network and internet. “Any cyber attack on the Nuclear Power Plant Control System is not possible” https://t.co/o5bUmUKHqp" / Twitter
Indian nuke plant’s network reportedly hit by malware tied to N. Korea | Ars Technica
Indian Nuclear Power Facility Denies Unverified Reports of a Cyber Attack – The Diplomat
Largest cyber-attack in Georgia's history linked to hacked web hosting provider | ZDNet
Fancy Bear hackers targeted at least 16 athletic organizations ahead of Tokyo Olympics
Inside Olympic Destroyer, the Most Deceptive Hack in History | WIRED
FCC proposes rules requiring telcos remove Huawei, ZTE equipment | TechCrunch
City of Johannesburg held for ransom by hacker gang | ZDNet
Vietnamese student behind Android adware strain that infected millions | ZDNet
NSA: 'We know we need to do some work' on declassifying threat intel
Why did Cyber Command back off its recent plans to call out North Korean hacking?
Sens. Warren, Wyden want to know if Amazon shares some blame for the Capital One breach
White House kicks infosec team to curb in IT office shakeup | Ars Technica
DHS is mulling an order that would force agencies to set up vulnerability disclosure programs
Congress Still Doesn't Have an Answer for Ransomware | WIRED
Most system administrators prefer firewall GUIs over CLIs | ZDNet
Australian House Committee to look into age verification for porn | ZDNet
Monash University partners with Chinese state firm linked to industrial espionage
Storage Wars star's parents' garage was raided by Feds for top-secret spy equipment | Daily Mail Online
Cmd – Protect your Linux servers, proactively