Risky Business #612 -- DPRK slides into researcher DMs

You had me at "umm, do you research vulnerability?"
27 Jan 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • DPRK offers free 0day to researchers, with a pretty significant catch
  • SonicWall gets owned because it runs SonicWall gear. Big mistake.
  • Chinese trains didn’t stop running because Flash died :(
  • Dominion to sue Rudy Giuliani for $1.3bn over insecurity claims
  • The sudo bug. Lol.

This week’s show is brought to you by Cmd Security, the Linux security company. Its focus has traditionally been on restricting the type of bash commands users can enter. It’s like a control plane for Linux systems. But some of its customers manage their Linux endpoints through different, non-bash entry points. So they’ve added some features to their product to deal with that, which has also resulted in them having an IDR capability. It’s all pretty sensible stuff though, and Cmd co-founder and CEO Jake King will be along to talk us through all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

New campaign targeting security researchers
Fake Twitter personas, bogus blog delivered North Korea-linked malware to researchers
As Adobe Flash stops running, so do some railroads in China | Apple Daily
Flash Is Dead—but Not Gone | WIRED
South African government releases its own browser just to re-enable Flash support | ZDNet
SonicWall says it was hacked using zero-days in its own products | ZDNet
Former LulzSec Hacker Releases VPN Exploit Used to Hack Hacking Team
Ransomware hackers launder bitcoin through just a handful of locations, researchers find
No decisions yet on any changes to TikTok or Huawei cases, White House says
Dominion files $1.3 billion defamation suit against Giuliani over election security claims
FBI tracking cell phones, Capitol riots | wusa9.com
Technologists Use Facial Recognition on Parler Videos
DIA uses purchased phone location data without warrants
Biden Orders Sweeping Assessment of Russian Hacking, Even While Renewing Nuclear Treaty - The New York Times
FSB warns of US cyberattacks after Biden administration comments | ZDNet
Cyber ‘Deterrence’: A Brexit Analogy - Lawfare
Hacker leaks data of 2.28 million dating site users | ZDNet
Intel says financial graphic was 'hacked,' forcing early release of 2020 report
Reuters accused of hack attack | ZDNet
DDoSers are abusing Microsoft RDP to make attacks more powerful | Ars Technica
Apple fixes another three iOS zero-days exploited in the wild | ZDNet
Hackers actively scanning for vulnerable SAP systems after exploit gets dropped on GitHub | The Daily Swig
MrbMiner crypto-mining operation linked to Iranian software firm | ZDNet
Details of YouTube viewing history exposure bug made public | The Daily Swig
TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks | Threatpost
Bot Lets Hackers Easily Look Up Facebook Users' Phone Numbers
Australian orgs exposed to Accellion vulnerability
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog
A deeper dive into our May 2019 security incident - Stack Overflow Blog