Risky Business #599 -- You get domain admin! And YOU get domain admin!

EVERYONE gets domain admin!!!
16 Sep 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Russia, China, Iran having a red hot go at US political orgs
  • Crowdstrike drops report, telcos having a bad time
  • MSS owning US government with dumb bugs
  • DoJ indicts Iranian script kiddie because reasons
  • Proposed TikTok-Oracle deal barely makes sense
  • The mother of all Microsoft auth bugs, wow
  • Much, much more…

This week’s show is brought to you by Senetas. And we’ve got two sponsor guests for you this week: Senetas CTO Julian Fay will join us, as will Peter Farrely of AUCloud. Senetas uses AUCloud as a partner for its Suredrop file sharing and collaboration platform here in Oz, and Pete is joining us this week to talk through the new Cloud Assessment and Authorisation Framework published by the ACSC. If you work in Australian government IT and security, this one’s for you!

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Exclusive: Microsoft believes Russians that hacked Clinton targeted Biden campaign firm - sources | Reuters
GRU eyes US election - Risky Business
STRONTIUM: Detecting new patterns in credential harvesting - Microsoft Security
Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says
New CDRThief malware targets VoIP softswitches to steal call detail records | ZDNet
VOS3000 VOS5000 Softswitch by Linknat - A Word-leading VoIP Solutions Provider
Chinese intelligence-linked hackers are exploiting known flaws to target Washington, US says
(8) Eric Geller on Twitter: "DOJ to announce Chinese hacking charges (and arrests!) tomorrow. https://t.co/Wj7KSq9BNd" / Twitter
PAN-OS vulnerabilities add to a torrid year for enterprise software bugs
Public disclosure didn't stop suspected Chinese hackers from targeting the Vatican
Trump says Oracle ' very close' to TikTok deal
Huawei HarmonyOS: Operating system will be on smartphones in 2021
US charges two hackers for defacing US websites following Soleimani killing | ZDNet
FBI says credential stuffing attacks are behind some recent bank hacks | ZDNet
Magento online stores hacked in largest campaign to date | ZDNet
Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident
[Blog] Zerologon: instantly become domain admin by subverting Netlogon cryptography (CVE-2020-1472)
New BlindSide attack uses speculative execution to bypass ASLR | ZDNet
BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys | ZDNet
Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw | ZDNet
MITRE releases emulation plan for FIN6 hacking group, more to follow | ZDNet
Internal Facebook systems exposed via unpatched Apache library | The Daily Swig
Porn site users targeted with malicious ads redirecting to exploit kits, malware | ZDNet
Researcher kept a major Bitcoin bug secret for two years to prevent attacks | ZDNet
Vast majority of cyber-attacks on cloud servers aim to mine cryptocurrency | ZDNet
Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack | ZDNet
Chinese diplomat demands investigation after his Twitter account liked embarrassing posts
Whistleblower Says Facebook Ignored Global Political Manipulation
When you browse Instagram and find former Australian Prime Minister Tony Abbott's passport number
Anatomy of a Cloud Assessment and Authorisation | Cyber.gov.au