Risky Business #572 -- Equifax indictments land, some big Huawei news

PLUS: All about your favourite encryption hardware vendor, the CIA!
12 Feb 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Chinese operators indicted over Equifax breach, more indictments coming
  • Alleged backdoor in Huawei lawful intercept features
  • Data on 6.4m Israelis exposed by political party app
  • Iowa caucus app was a pile of crap, 4chan clogged up caucus night phones
  • Corp.com is up for sale. That’s a lotta hashes.
  • Much, much more.

This week’s show is brought to you by Corelight.

Corelight’s Richard Bejtlich joins the show this week in the sponsor slot to talk about what the company is doing to try to build the open source community behind Zeek, the tool its products are based on.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

How 4 Chinese Hackers Allegedly Took Down Equifax | WIRED
download
Dustin Volz on Twitter: "Overlooked moment in the DoJ press conference today: Barr linked the Marriott breach to the Chinese. I believe that is the first time the U.S. government has publicly acknowledged a connection to Beijing. https://t.co/dB1bSAsE9h https://t.co/3MN2SfRU93" / Twitter
FBI is investigating more than 1,000 cases of Chinese theft of US technology | ZDNet
Feds are lining up more indictments related to Chinese cyber-activity, officials say
Malaysia warns of Chinese hacking campaign targeting government projects | ZDNet
Netanyahu's party exposes data on over 6.4 million Israelis | ZDNet
Software error exposes the ID numbers for 1.26 million Danish citizens | ZDNet
The Iowa Caucuses App Had Another Problem: It Could Have Been Hacked — ProPublica
'Clog the lines': Internet trolls deliberately disrupted the Iowa caucuses hotline for reporting results
An ‘Off-the-Shelf, Skeleton Project’: Experts Analyze the App That Broke Iowa - VICE
Shadow's Cancelled Nevada Caucus App Had Errors, Too - VICE
A US House candidate says she was hacked — now she’s warning others | TechCrunch
Google's Giving Out Security Keys to Help Protect Campaigns | WIRED
GAO: CISA's 'nationwide strategy' on election security should be enacted as soon as possible
How the CIA used Crypto AG encryption devices to spy on countries for decades - Washington Post
U.S. Officials Say Huawei Can Covertly Access Telecom Networks - WSJ
US Attorney General says US and allies should invest in Huawei competitors | ZDNet
FBI warns about ongoing attacks against software supply chain companies | ZDNet
Dangerous Domain Corp.com Goes Up for Sale — Krebs on Security
Brazil Judge Declines Charges Against Glenn Greenwald — “For Now”
Facebook's Bug Bounty Caught a Data-Stealing Spree | WIRED
Federal Agencies Use Cellphone Location Data for Immigration Enforcement - WSJ
Can the Government Buy Its Way Around the Fourth Amendment? | WIRED
Why you can’t bank on backups to fight ransomware anymore | Ars Technica
Toll transport hack leaves customers demanding answers on parcel delivery delays - ABC News (Australian Broadcasting Corporation)
Mailto Ransomware Hits Toll Group, Deliveries Across Australia Affected
Ransomware suspected after CUNA, a credit union lobbyist, knocked offline | TechCrunch
Emotet trojan evolves to spread via WiFi connections | ZDNet
Windows trust in abandoned code lets ransomware burrow deep into targeted machines | Ars Technica
Ransomware attack: Maastricht University pays out $220,000 to cybercrooks | The Daily Swig
Maze ransomware spree continues amid advisories from French, FBI officials - CyberScoop
Apple deprecating macOS kernel extensions (KEXTs) is a great win for security | ZDNet
When Your Used Car is a Little Too ‘Mobile’ — Krebs on Security
Cisco Flaws Put Millions of Workplace Devices at Risk | WIRED
Flaws in WhatsApp’s desktop app allowed remote access to files | Ars Technica
F-Secure issues fix for Internet Gatekeeper heap overflow vulnerability | The Daily Swig
Forging SWIFT MT Payment Messages for fun and pr... research!
Introducing security defaults - Microsoft Tech Community - 1061414
Meet the Guy Selling Wireless Tech to Steal Luxury Cars in Seconds - VICE
Google fixes no-user-interaction bug in Android's Bluetooth component | ZDNet
SymTCP – a new tool for circumventing deep packet inspections | The Daily Swig
20200206 REDACTED