Risky Business Podcast

October 30, 2019

Risky Business #560 -- Facebook sues NSO Group

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and gust co-host Alex Stamos discuss the week’s security news, including:

  • Facebook files suit against NSO Group
  • Corellium responds to Apple suit
  • Indian nuclear power plant administrative network likely attacked by DPRK
  • Mass defacement in Georgia. Old schooooool!
  • Fancy Bear targets 2020 Olympics
  • FCC proposes subsidies for telcos to rip and replace Huawei, ZTE equipment
  • City of Johannesburg data held to ransom, but it’s not ransomware
  • Much, much more

This week’s sponsor interview is with Jake King of CMD Security. The topic is applying the MITRE ATT&CK framework

Links to everything that we discussed are below and you can follow Patrick or Alex on Twitter if that’s your thing.

Risky Business #560 -- Facebook sues NSO Group
0:00 / 56:07

Show notes

Will Cathcart - Why WhatsApp is pushing back on NSO Group hacking - The Washington Post

Facebook sues NSO Group for alleged WhatsApp hack - CyberScoop

Exclusive: A ‘Magic’ iPhone Hacking Startup Bites Back At Apple Lawyers — And Demands $300,000

iPhone Emulation Company Sued by Apple Says It's Making iPhones Safer - VICE

(9) Sandhya Sharma on Twitter: "GOI denies reports of #CyberAttack on #kudankulam nuclear power plant and other Indian nuclear power plants control systems. Said they are stand alone not connected to outside cyber network and internet. “Any cyber attack on the Nuclear Power Plant Control System is not possible” https://t.co/o5bUmUKHqp" / Twitter

Indian nuke plant’s network reportedly hit by malware tied to N. Korea | Ars Technica

Indian Nuclear Power Facility Denies Unverified Reports of a Cyber Attack – The Diplomat

Largest cyber-attack in Georgia's history linked to hacked web hosting provider | ZDNet

Fancy Bear hackers targeted at least 16 athletic organizations ahead of Tokyo Olympics

Inside Olympic Destroyer, the Most Deceptive Hack in History | WIRED

FCC proposes rules requiring telcos remove Huawei, ZTE equipment | TechCrunch

City of Johannesburg held for ransom by hacker gang | ZDNet

Vietnamese student behind Android adware strain that infected millions | ZDNet

NSA: 'We know we need to do some work' on declassifying threat intel

Why did Cyber Command back off its recent plans to call out North Korean hacking?

Sens. Warren, Wyden want to know if Amazon shares some blame for the Capital One breach

White House kicks infosec team to curb in IT office shakeup | Ars Technica

DHS is mulling an order that would force agencies to set up vulnerability disclosure programs

Congress Still Doesn't Have an Answer for Ransomware | WIRED

Most system administrators prefer firewall GUIs over CLIs | ZDNet

Australian House Committee to look into age verification for porn | ZDNet

Monash University partners with Chinese state firm linked to industrial espionage

Storage Wars star's parents' garage was raided by Feds for top-secret spy equipment | Daily Mail Online

Cmd – Protect your Linux servers, proactively