Risky Business Podcast
January 22, 2020
Risky Business #569 -- Bezos' Saudi hack claims, Glenn Greenwald facing cybercrime charges
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick and Adam discuss the week’s security news, including:
- MBS fingered in Bezos dick pic breach
- Glenn Greenwald facing cybercrime charges over Vaza Jato Telegram leaks
- Citrix finally patches 90s-style ADC bugs
- IE 0day doing the rounds, no patch available
- PoCs for 0601 drop
- Much, much more…
This week’s show is sponsored by VMRay, a sandbox-based malware analyser. You throw a sample into it and it spits out all sorts of useful information. Rather than having one of its own staff in this week’s sponsor slot, VMRay has put forward one of its customers instead. Expel is a managed security provider, and it is making heavy use of VMRay to do malware analysis. Tyler Fornes is a Senior Detection and Response Analyst at Expel and he joined me to talk about how they’re using VMRay to actually make life easier.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by VMRay
Advanced Malware Sandbox & Phishing Analysis
Show notes
Saudi crown prince implicated in hacking of Jeff Bezos’s phone | Financial Times
Amazon boss Jeff Bezos's phone 'hacked by Saudi crown prince' | Jeff Bezos | The Guardian
Outrage As Brazil Accuses Glenn Greenwald Of Hacking Crimes
US Cyber Command was not prepared to handle the amount of data it hacked from ISIS | ZDNet
U.S. says accused Vault 7 leaker tried orchestrating PR campaign from jail cell
Accused scammer Burkov to plead guilty to 'some' charges after extradition dispute
Hackers are racing to exploit a Citrix bug that the company hasn't patched yet
As attacks begin, Citrix ships patch for VPN vulnerability | Ars Technica
A hacker is patching Citrix servers to maintain exclusive access | ZDNet
Microsoft warns about Internet Explorer zero-day, but no patch yet | ZDNet
Proof-of-concept exploits published for the Microsoft-NSA crypto bug | ZDNet
Critical Windows 10 vulnerability used to Rickroll the NSA and Github | Ars Technica
LastPass is in the midst of a major outage | ZDNet
FBI seizes WeLeakInfo, a website that sold access to breached data | ZDNet
Mitsubishi Electric discloses security breach, China is main suspect | ZDNet
FBI: Nation-state actors have breached two US municipalities | ZDNet
A Georgia election server was vulnerable to Shellshock and may have been hacked | Ars Technica
Visa's plan against Magecart attacks: Devalue and disrupt | ZDNet
Researchers find serious flaws in WordPress plugins used on 400k sites | Ars Technica
The FBI Got Data From A Locked iPhone 11 Pro Max—So Why Is It Demanding Apple Unlock Older Phones?
Chinese man arrested after making $1.6 million from selling VPN services | ZDNet
Senators to Trump administration: Protect small businesses from Iranian hacking threat