On this week’s show Patrick and Adam discuss the week’s security news, including:
- Phineas Phisher returns, claims credit for Cayman bank hack and offers bounties for activist hijinks
- Microsoft cautiously backs DoH
- Huawei granted another 90-day stay of execution in US market
- Iranian APT crew targeting ICS supply chain
- Alexei Burkov extradition complete, appears in US court
- Some very funny stuff is happening to GPS in the Shanghai area
- Louisiana government ransomwared, emerges relatively unscathed
- Official Monero binaries trojaned. Lol.
- Much, much more!
This week’s show is brought to you by Senetas. Rob Linton from Senetas joins the show this week to talk about its O365 integration for its SureDrop product, a new feature that will be of interest to many Risky Business listeners.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Phineas Fisher Offers $100,000 Bounty to Hack Banks and Oil Companies - VICE
- Offshore Bank Targeted By Phineas Fisher Confirms it Was Hacked - VICE
- Microsoft says yes to future encrypted DNS requests in Windows | Ars Technica
- Exclusive: U.S. manufacturing group hacked by China as trade talks intensified - sources - Reuters
- US grants Huawei new 90-day license extension
- Iran’s APT33 Hackers Are Targeting Industrial Control Systems | WIRED
- How Iran's Government Shut Off the Internet | WIRED
- Why Were the Russians So Set Against This Hacker Being Extradited? — Krebs on Security
- Russia Fails to Stop Alleged Hacker From Facing US Charges | WIRED
- Ghost ships, crop circles, and soft gold: A GPS mystery in Shanghai - MIT Technology Review
- Ransomware hits Louisiana state government systems | ZDNet
- Ransomware Bites 400 Veterinary Hospitals — Krebs on Security
- Antivirus vendors and non-profits join to form 'Coalition Against Stalkerware' | ZDNet
- Official Monero website compromised with malware that steals funds | ZDNet
- Anonymous hacker gets a whopping six years in prison for some lame DDoS attacks | ZDNet
- DDoS-for-Hire Boss Gets 13 Months Jail Time — Krebs on Security
- US student was allegedly building a custom Gentoo Linux distro for ISIS | ZDNet
- 20-year-old Chicago man charged with writing code to spread ISIS propaganda
- The Dark Overlord hacking suspect who's fighting extradition to the U.S. is running out of options
- Citing security concerns, senators call on White House to appoint coordinator for 5G issues
- Burglars Really Do Use Bluetooth Scanners to Find Laptops and Phones | WIRED
- LA warns of ‘juice-jacking’ malware, but admits it has no cases | TechCrunch
- Someone is using the 'Cozy Bear' moniker to scare DDoS victims into bitcoin payments
- 146 New Vulnerabilities All Come Preinstalled on Android Phones | WIRED
- As iOS vulnerabilities emerge, a new app promises to detect hacked iPhones
- GitHub launches 'Security Lab' to help secure open source ecosystem | ZDNet
- Google Chrome experiment crashes browser tabs, impacts companies worldwide | ZDNet
- Chrome, Edge, Safari hacked at elite Chinese hacking contest | ZDNet
- Company discovered it was hacked after a server ran out of free space | ZDNet
- TPM-FAIL vulnerabilities impact TPM chips in desktops, laptops, servers | ZDNet
- How a turf war and a botched contract landed 2 pentesters in Iowa jail | Ars Technica
- What Happens When You Remove a Police-Installed GPS Tracker | WIRED
- Password
- SUREDROP