Risky Business #525 -- Back on deck for 2019!A catch up on the news of the last few weeks...
In this week’s show Adam Boileau and Patrick Gray discuss the security news of the last few weeks, including:
- German politicians pwnt, suspect arrested
- Possible ransomware attack affects US newspapers
- Mass 2FA bypasses impacting Gmail users in Middle East
- Emergency warning system in Australia popped
- Ethereum Classic double-spend attack a sign of things to come
- EU to fund open source bug bounties
- Attackers steal details of 1,000 North Korean defectors
- Doing the Bloomberg hack for real at 35C3
- El Chapo should have used Signal
- Much, much more…
This week’s show is brought to you by Cylance! BlackBerry announced that it’s acquiring Cylance for $1.4bn (I don’t know if that’s closed yet) which is great news for all the founders and early employees there – some of whom I know reasonably well. So congrats to team Cylance on that!
But we’re not talking about that this week. Instead, Cylance’s very own Scott Scheferman joins us to talk about the MITRE ATT&CK framework and how it’s informing their product dev. There’s some product talk in that interview but there’s also some real meat there so I let it run long. Scott says we’re close to the terrible situation where security companies are going to start using MITRE ATT&CK as a marketing tool, like “Full MITRE ATT&CK coverage!”