Risky Business #577 -- Stir crazy lockdown edition (reposted)

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • KSA uses SS7 to track its citizens in USA
  • Governments begin virus tracking through personal devices
  • FBI warns of Iran-linked crew in yer supply chains
  • Voatz gets booted from HackerOne
  • All the cloud and Zoom drama

(PLEASE NOTE: This is a re-post. Looks like our CDN mangled the initial mp3 for some regions. Should work ok now. - Pat)

This week’s show is brought to you by Signal Sciences. Instead of interviewing one of their people, they suggested we interview Andrew Becherer in this week’s sponsor interview.

Andrew runs security for Iterable, but before that he ran the security program at DataDog. He’ll be along after this week’s news to talk about how much easier it is to stand up a security program in 2020 as opposed to the last time he did it five or so years ago

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #577 -- Stir crazy lockdown edition (reposted)
0:00 / 0:00

Show notes

Revealed: Saudis suspected of phone spying campaign in US | World news | The Guardian

SS7map: SS7 Networks Exposure

Government Tracking How People Move Around in Coronavirus Pandemic

FBI re-sends alert about supply chain attacks for the third time in three months | ZDNet

HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers

Houseparty app offers $1m reward to unmask entity behind hacking smear campaign | ZDNet

Marriott discloses new data breach impacting 5.2 million hotel guests | ZDNet

FCC tells US telcos to implement caller ID authentication by June 30, 2021 | ZDNet

Memento Labs, the Reborn Hacking Team, Is Struggling - VICE

RDP and VPN use skyrocketed since coronavirus onset | ZDNet

Update #2 on Microsoft cloud services continuity | Azure blog and updates | Microsoft Azure

Zoom hit with class-action lawsuit for sharing user data with Facebook

FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic — FBI

A Norwegian school quit using video calls after a naked man ‘guessed’ the meeting link | TechCrunch

FBI warns Zoom, teleconference meetings vulnerable to hijacking - CyberScoop

Zoom Removes Code That Sends Data to Facebook - VICE

FBI turns to insurers to grasp the full reach of ransomware - CyberScoop

Cyber insurer Chubb had data stolen in Maze ransomware attack | TechCrunch

Medical and military contractor Kimchuk hit by data-stealing ransomware | TechCrunch

Microsoft announces new 'Hardware-enforced Stack Protection' feature | ZDNet

Android lets advertisers get a list of all your apps -- and this API feature is broadly used | ZDNet

Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics | ZDNet

Risky Business Live, March 31, 2020 - YouTube

Risky Business Live #3 -- Booz Allen Hamilton's Russia report, Azure getting creaky and more - Risky Business

Network of fake QR code generators will steal your Bitcoin | ZDNet

A mysterious hacker group is eavesdropping on corporate email and FTP traffic | ZDNet

Malware from notorious FIN7 group is being delivered by snail mail

Rare BadUSB attack detected in the wild against US hospitality provider | ZDNet

Google to resume Chrome updates it paused last week due to COVID-19 | ZDNet

Google says no APP users have been phished to date | ZDNet

Russians Shut Down Huge Card Fraud Ring — Krebs on Security

U.S. cybersecurity experts see recent spike in Chinese digital espionage - Reuters

Dark web hosting provider hacked again -- 7,600 sites down | ZDNet

OpenWRT code-execution bug puts millions of devices at risk | Ars Technica

Seriously Risky Business