20 min listen
Unavailable
ratings:
Length:
20 minutes
Released:
Jun 5, 2019
Format:
Podcast episode
Description
On this week’s show Patrick and Adam talk through all the week’s security news, including:
NYTimes story on EternalBlue and Baltimore is bunk
An RDP worm is feeling kind of inevitable
Iran is still getting Shadowbrokersed
Intercept has a great feature on SID Today dumps
Australian Federal Police crack down on national security journalism
Phantom Secure CEO gets nine years and loses $80m
Silk Road 2.0 admin must be an amazing snitch
Another Bitcoin tumbler bites the dust
Much, much more
This week’s sponsor interview is with Marco Slaviero of Thinkst Canary.
Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer.
Show notes
Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack
Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack
N.S.A. Denies Its Cyberweapon Was Used in Baltimore Attack, Congressman Says - The New York Times
Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware — Krebs on Security
Baltimore ransomware perp pinky-swears he didn’t use NSA exploit | Ars Technica
NSA points to two-year patching window in remarks about Baltimore incident
Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough | WIRED
Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet
New Iranian hacking tool leaked on Telegram | ZDNet
Meltdown Showed Extent of NSA Surveillance — and Other Tales From Hundreds of Intelligence Documents
Federal police raid home of News Corp journalist Annika Smethurst | Australia news | The Guardian
PressReader.com - Your favorite newspapers and magazines.
CEO Who Sold Encrypted Phones to the Sinaloa Cartel Sentenced to Nine Years - VICE
Silk Road 2.0 Admin May Only Be Prosecuted For Tax Crimes After Cooperating with Feds - VICE
Bitcoin Blender Exits Cryptocurrency Mixing On Its Own Terms
Rights groups probe investments in NSO Group’s private equity firm
Lorenzo Franceschi-Bicchierai on Twitter: "In his new book, @josephmenn argues that Phineas Fisher, the hacktivist that breached FinFisher and Hacking Team, is perhaps a Russian intelligence front.… https://t.co/PgLPt369Sd"
Much @Stake: The Band of Hackers That Defined an Era | WIRED
Google Cloud goes down, taking YouTube, Gmail, Snapchat, and others with it | ZDNet
China 'rigs' 5G test to favour Huawei - NZ Herald
Russian military moves closer to replacing Windows with Astra Linux | ZDNet
Maze Ransomware Says Computer Type Determines Ransom Amount
Phishing Emails Pretend to be Office 365 'File Deletion' Alerts
Unpatched Flaw Affects All Docker Versions, Exploits Ready
Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch
0patch Blog: Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
Flipboard says hackers stole user details | ZDNet
Google Is Finally Making Chrome Extensions More Secure | WIRED
Westpac cyber atttack: PayID platform hack exposes private details on 100,000 Australians
Terry Zhang on Twitter: "Received a 40,000$ bounty from @msftsecresponse through @Bugcrowd for a critical Auth Bypass i found on Microsoft Cloud.Also will join the team and talk about it on the BlackHat this year.Thanks for the great bounty and the opportunity sharing on a big stage.… https://t.co/mbzs41LfBf"
New research shows personalized ads are just barely more efficient than dumb ads | ZDNet
Stephen A. Ridley on Twitter: "It has been 10 years since we reverse engineered the MS08-67 patch and published the FIRST public vuln PoC (which was used by the Confiker Worm authors). BUT, it has only been about a year since we got an angry email blaming us for the Confiker worm. https://t.co/4Xalrh7okV… https://t.co/QPeMCZIHtc"
Malware Sandbox Onlin
NYTimes story on EternalBlue and Baltimore is bunk
An RDP worm is feeling kind of inevitable
Iran is still getting Shadowbrokersed
Intercept has a great feature on SID Today dumps
Australian Federal Police crack down on national security journalism
Phantom Secure CEO gets nine years and loses $80m
Silk Road 2.0 admin must be an amazing snitch
Another Bitcoin tumbler bites the dust
Much, much more
This week’s sponsor interview is with Marco Slaviero of Thinkst Canary.
Marco is joining us this week to talk about how he thinks web application-based deception techniques are kind of a waste of time right now. We talk about how deception approaches work best in privileged domains, then we talk about how security teams do better when they have a dedicated ops developer.
Show notes
Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack
Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack
N.S.A. Denies Its Cyberweapon Was Used in Baltimore Attack, Congressman Says - The New York Times
Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware — Krebs on Security
Baltimore ransomware perp pinky-swears he didn’t use NSA exploit | Ars Technica
NSA points to two-year patching window in remarks about Baltimore incident
Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough | WIRED
Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet
New Iranian hacking tool leaked on Telegram | ZDNet
Meltdown Showed Extent of NSA Surveillance — and Other Tales From Hundreds of Intelligence Documents
Federal police raid home of News Corp journalist Annika Smethurst | Australia news | The Guardian
PressReader.com - Your favorite newspapers and magazines.
CEO Who Sold Encrypted Phones to the Sinaloa Cartel Sentenced to Nine Years - VICE
Silk Road 2.0 Admin May Only Be Prosecuted For Tax Crimes After Cooperating with Feds - VICE
Bitcoin Blender Exits Cryptocurrency Mixing On Its Own Terms
Rights groups probe investments in NSO Group’s private equity firm
Lorenzo Franceschi-Bicchierai on Twitter: "In his new book, @josephmenn argues that Phineas Fisher, the hacktivist that breached FinFisher and Hacking Team, is perhaps a Russian intelligence front.… https://t.co/PgLPt369Sd"
Much @Stake: The Band of Hackers That Defined an Era | WIRED
Google Cloud goes down, taking YouTube, Gmail, Snapchat, and others with it | ZDNet
China 'rigs' 5G test to favour Huawei - NZ Herald
Russian military moves closer to replacing Windows with Astra Linux | ZDNet
Maze Ransomware Says Computer Type Determines Ransom Amount
Phishing Emails Pretend to be Office 365 'File Deletion' Alerts
Unpatched Flaw Affects All Docker Versions, Exploits Ready
Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch
0patch Blog: Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
Flipboard says hackers stole user details | ZDNet
Google Is Finally Making Chrome Extensions More Secure | WIRED
Westpac cyber atttack: PayID platform hack exposes private details on 100,000 Australians
Terry Zhang on Twitter: "Received a 40,000$ bounty from @msftsecresponse through @Bugcrowd for a critical Auth Bypass i found on Microsoft Cloud.Also will join the team and talk about it on the BlackHat this year.Thanks for the great bounty and the opportunity sharing on a big stage.… https://t.co/mbzs41LfBf"
New research shows personalized ads are just barely more efficient than dumb ads | ZDNet
Stephen A. Ridley on Twitter: "It has been 10 years since we reverse engineered the MS08-67 patch and published the FIRST public vuln PoC (which was used by the Confiker Worm authors). BUT, it has only been about a year since we got an angry email blaming us for the Confiker worm. https://t.co/4Xalrh7okV… https://t.co/QPeMCZIHtc"
Malware Sandbox Onlin
Released:
Jun 5, 2019
Format:
Podcast episode
Titles in the series (46)
Feature interview: Australia's Cyber Security Minister Clare O'Neil: Clare O'Neil and Ciaran Martin talk to Patrick Gray about cyber strategy and releasing the hounds… by Risky Business