Risky Business Podcast

November 13, 2019

Risky Business #562 -- Two former Twitter staff charged over Saudi spying

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Two ex Twitter employees charged with spying for KSA
  • US border device searches now require suspicion after ACLU win
  • Unredacted Corellium lawsuit response drops
  • Ransomware attacks on hospitals increase mortality
  • Much, much more!

This week’s sponsor interview is with Stephan Chenette, the co-founder and CTO of AttackIQ. We talk to him about some CSOs playing Pokemon Go with MITRE ATT&CK (“Gotta catch ‘em all!”) and about recent ATT&CK developments.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #562 -- Two former Twitter staff charged over Saudi spying
0:00 / 60:13

Show notes

Twitter Insiders Allegedly Spied for Saudi Arabia | WIRED

Former Trend Micro employee enabled scam calls by stealing customers' personal data

Federal Court Rules Suspicionless Searches of Travelers’ Phones and Laptops Unconstitutional | American Civil Liberties Union

Corellium claims Apple sued it after acquisition talks fell through

U.K.’s Labour Party ‘Hit By Large Cyberattack’ A Month Before Election

Cyber Command flags North Korean-linked hackers behind ongoing financial heists

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks — Krebs on Security

As 5G Rolls Out, Troubling New Security Flaws Emerge | WIRED

DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition | ZDNet

Phones and PCs sold in Russia will have to come pre-installed with Russian apps | ZDNet

Capital One replaces security chief after data breach | TechCrunch

One of the world’s most advanced hacking groups debuts new Titanium backdoor | Ars Technica

Facebook Portal survives Pwn2Own hacking contest, Amazon Echo got hacked | ZDNet

Between 200,000 and 240,000 Magento online stores will reach EOL next year | ZDNet

Major ASP.NET hosting provider infected by ransomware | ZDNet

Mysterious hacker dumps database of infamous IronMarch neo-nazi forum | ZDNet

Breaking the law: How 8chan (or “8kun”) got (briefly) back online | Ars Technica

Microsoft's Rust experiments are going well, but some features are missing | ZDNet

Further enhancing security from Microsoft, not just for Microsoft

Microsoft to apply California's privacy law for all US users | ZDNet

'Chronicle Is Dead and Google Killed It' - VICE

Google Enlists Outside Help to Clean Up Android's Malware Mess | WIRED

Manual code review finds 35 vulnerabilities in 8 enclave SDKs | ZDNet

Amid NSA warning, attacks on Confluence have risen in recent weeks

Solved: Why in-the-wild Bluekeep exploits are causing patched machines to crash | Ars Technica

Intel Fixes a Security Flaw It Said Was Repaired 6 Months Ago - The New York Times

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings | WIRED

Influencers Pay Thousands to Get Back Into Their Hacked Instagram Accounts - VICE