Risky Business #573 -- Gas plant ransomware attack, Huawei mega-indictment and more

PLUS: Dave Cottingham of Airlock Digital talks whitelisting, Windows host hardening...
19 Feb 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Ransomware shutters US natural gas plants
  • Huawei hit with huge indictment
  • Voatz mobile voting app shredded by MIT, dust-up ensues
  • The latest from the Vault7 trial
  • Reality Winner seeking clemency
  • Ring to force all users on to 2FA
  • Israeli court rules Facebook must reinstate NSO staff profiles
  • USG drops more North Korean samples
  • OpenSSH gets Fido/U2F support

This week’s sponsor interview is with Dave Cottingham from Airlock Digital.

They make whitelisting software that’s actually useable. And until I did this interview I didn’t know that their agent actually does host hardening as well, which is pretty cool. Since we last spoke they’ve also popped up in CrowdStrike’s app store thingy, which means a bunch of you Crowdstrike customers will be able to dabble in some whitelisting if you want to.

Dave joins the show to talk about a bunch of stuff, including their experience having Silvio Cesare do a code audit on their agent.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

DHS says ransomware hit US gas pipeline operator | ZDNet
Ransomware Impacting Pipeline Operations | CISA
U.S. charges Huawei with conspiracy to steal trade secrets, racketeering
Voting App Flaws Could Have Let Hackers Manipulate Results | WIRED
'Sloppy' Mobile Voting App Used in Four States Has 'Elementary' Security Flaws - VICE
Voatz Response to Researchers’ Flawed Report - Blog @ Voatz
Microsoft to deploy ElectionGuard voting software in first real-world test | ZDNet
Joshua Schulte's attorneys are trying to call Mike Pompeo in the Vault 7 trial
Joshua Schulte's defense asks for a mistrial in the Vault 7 case
Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts
Ring to enable 2FA for all user accounts after recent hacks | ZDNet
Facebook must unblock NSO Group employee’s account, Israeli court rules
US government goes all in to expose new malware used by North Korean hackers | Ars Technica
Israeli soldiers tricked into installing malware by Hamas agents posing as women | ZDNet
Hamas-linked hackers exploit current events to spy on rival Palestinian officials, researchers say
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world | ZDNet
Leaked report describes Federal Parliament's cyber security as having 'low level of maturity' - ABC News (Australian Broadcasting Corporation)
Data Protection Authority Investigates Avast for Selling Users’ Browsing History - VICE
Pay Up, Or We’ll Make Google Ban Your Ads — Krebs on Security
Ohio man arrested over darknet bitcoin laundering operation | The Daily Swig
IOTA cryptocurrency shuts down entire network after wallet hack | ZDNet
A Light at the End of Liberty Reserve’s Demise? — Krebs on Security
Signal Is Finally Bringing Its Secure Messaging to the Masses | WIRED
Hundreds of Millions of PC Components Still Have Hackable Firmware | WIRED
OpenSSH adds support for FIDO/U2F security keys | ZDNet
Second Windows 10 update is now causing problems by hiding user profiles | ZDNet
Nasty Android malware reinfects its targets, and no one knows how | Ars Technica
Google removes 500+ malicious Chrome extensions from the Web Store | ZDNet
FBI: BEC scams accounted for half of the cyber-crime losses in 2019 | ZDNet
foone on Twitter: "So I learned of an amusing bug today: Docker for Windows won't run if you have the Razer Synapse driver management tool running. But the reason is the funny part... https://t.co/s42SeQ949z" / Twitter