Risky Business #585 -- UK mulls Huawei ban, NGOs urge COVID-19 hack de-escalation

PLUS: German authorities warn of Russian infrastructure attacks...
27 May 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • German intelligence warns of widespread Russian infrastructure hacks
  • NGOs urge COVID-19 hack de-escalation
  • UK mulls total Huawei ban… we think it’s a done deal
  • DHS warning on 5G “moronavirus”
  • Wen jailbreak? NOW JAILBREAK!!
  • iOS 14 leaks
  • Much, much more…

This week’s sponsor interview is with Casey Ellis, the CTO of Bugcrowd. As you’ll hear, Bugcrowd did a survey of managers in security to see if their attitudes around work from home had changed since the COVID-19 crisis, and yes, they have. Casey also tells us about Bugcrowd’s latest LevelUp virtual conference. That conversation led to him sharing some interesting insights about trends amongst the crowd of registered testers on Bugcrowd’s platform.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Red Cross urges halt to cyberattacks on healthcare sector amid COVID-19 - Reuters
CyberPeace Institute - Call for Government
FBI offers US companies more details from investigations of health care hacking
UK cyber agency launches review of Huawei presence in 5G networks
NSO Group Impersonated Facebook to Help Clients Hack Targets - VICE
German intelligence agencies warn of Russian hacking threats to critical infrastructure
The DHS Prepares for Attacks Fueled by 5G Conspiracy Theories | WIRED
US may ‘disconnect’ with Australia over Victoria’s deal with China
(2) Tom McIlroy on Twitter: "Statement from US Ambassador to Canberra Arthur Culvahouse - in response to reports about Mike Pompeo's comments on Victoria's Belt and Road agreement https://t.co/n8KzIAyGgJ" / Twitter
Australia China trade war: Beijing seizes on Mike Pompeo’s ‘disconnection’ comment
Coronavirus 'dossier' was a basic timeline of facts handed out by US State Department with no new evidence - ABC News
There's a Jailbreak Out for the Current Version of iOS | WIRED
How iPhone Hackers Got Their Hands on the New iOS Months Before Its Release - VICE
Coronavirus Australia: COVIDSafe app may need privacy changes to use Apple, Google tracing tool
Signal to move away from using phone numbers as user IDs | ZDNet
Facebook Messenger Adds Safety Alerts—Even in Encrypted Chats | WIRED
Hackers infect multiple game developers with advanced malware | Ars Technica
Japan investigates Mitsubishi Electric breach amid national security concerns
Thousands of enterprise systems infected by new Blue Mockingbird malware gang | ZDNet
Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks | Cyber.gov.au
Federal officials have arrested another accused FIN7 hacker
Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office — Krebs on Security
Ransomware deploys virtual machines to hide itself from antivirus software | ZDNet
Turla hacker group steals antivirus logs to see if its malware was detected | ZDNet
RangeAmp attacks can take down websites and CDN servers | ZDNet
Google Cloud security find earns South American researcher $31k bug bounty payout | The Daily Swig
How to perform an HTTP header smuggling attack through a reverse proxy | The Daily Swig
New Spectra attack breaks the separation between Wi-Fi and Bluetooth | ZDNet
Thousands of Israeli sites defaced with code seeking permission to access users' webcams | ZDNet
Twitter adds a warning label fact-checking Trump’s false voting claims | TechCrunch
#LevelUp 0x06 — Presented by Bugcrowd
Bugcrowd - YouTube