Risky Business Podcast
September 29, 2021
Risky Business #640 -- Huh. The CIA really was out to neck Assange
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- The amazing Yahoo! News story on the former CIA director’s awesome brainwaves
- Hostage diplomacy pays off for Huawei CFO
- NSA releases great guidance on VPN security
- Microsoft has actually hired a cybersecurity executive
- Much, much more
This week’s show is brought to you by Material Security. Material’s co-founder Ryan Noon will be along in this week’s sponsor interview to talk about smarter ways to do email retention and destruction. They have a product that interfaces with your mail provider’s API – whether you’re on Google Workspace or O365 – to do things like archive and redact email, and they’re finding their customers are using these features to actually implement retention email strategies.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by Material Security
Cloud Email Security for Microsoft 365 and Google Workspace
Show notes
The Yahoo Story about All the Things CIA Wasn't Allowed to Do Against WikiLeaks - emptywheel
Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront
EU formally blames Russia for GhostWriter influence operation - The Record by Recorded Future
US deports highly-prized hacker back to Russia - The Record by Recorded Future
He Escaped the Dark Web's Biggest Bust. Now He's Back | WIRED
NSA, CISA publish guide for securing VPN servers - The Record by Recorded Future
The NSA and CIA Use Ad Blockers Because Online Advertising Is So Dangerous
Biden administration officials push Congress to shape breach reporting mandates
Ransomware Isn't Back. It Never Left | WIRED
CISA, FBI, NSA warn of increased attacks involving Conti ransomware
Major European call center provider goes down in ransomware attack - The Record by Recorded Future
Exposed ransomware negotiations shed light on cybercrime, but complicate things for victims
Russian missile fuel maker targeted with recent Office zero-day - The Record by Recorded Future
Former AWS veteran Charlie Bell to head cybersecurity ops at Microsoft | Reuters
New Azure Active Directory password brute-forcing flaw has no fix | Ars Technica
Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities
Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program / Habr
Apple patches iOS and macOS zero-day exploited in the wild - The Record by Recorded Future
New iCloud Private Relay service leaks users’ true IP addresses, researcher claims | The Daily Swig
VMware vCenter deployments under attack as enterprises urged to update systems | The Daily Swig
Developers fix multitude of vulnerabilities in Apache HTTP Server | The Daily Swig
Device ‘breakage’ concerns persist days before Let’s Encrypt root cert expiry | The Daily Swig
Meet TruffleHog – a browser extension for finding secret keys in JavaScript code | The Daily Swig