Risky Business artwork

Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack

Risky Business

English - September 18, 2019 00:00 - 51.3 MB - ★★★★★ - 339 ratings
Technology News Tech News Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more
Next Episode: Risky Business #557 -- 26 nations release cyber norms statement at UN

On this week’s show Patrick and Adam discuss the week’s security news, including:

US Treasury targets DPRK APT crews
Russia owned FBI counter surveillance team radio comms
New details on 2016 attack against Ukraine power grid
US Government to sue Edward Snowden for memoir profits
Did RCMP intelligence director tip Phantom Secure on investigation?
Much, much more!

This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector.

Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a sudden on the agenda in aerospace. Casey drops by to talk about all of that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.





Show notes




US Treasury sanctions three North Korean hacking groups | ZDNet


Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups | U.S. Department of the Treasury


North Korean hackers target U.S. entities amid stalled denuclearization talks


Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil


New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction | WIRED


Exclusive: Australia concluded China was behind hack on parliament, political parties – sources    - Reuters


US sues Edward Snowden over new book | ZDNet


Investigation into senior RCMP official stemmed from disruption of encrypted phone service: sources - National | Globalnews.ca


Israeli police arrest execs from vendor of mobile surveillance tech | ZDNet


Infamous surveillance tech vendor makes pledge to follow UN human rights policy | ZDNet


This Company Built a Private Surveillance Network. We Tracked Someone With It - VICE


Simjacker attack exploited in the wild to track users for at least two years | ZDNet


A Password-Exposing Bug Was Purged From LastPass | WIRED


The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite | WIRED


Database leaks data on most of Ecuador's citizens, including 6.7 million children | ZDNet


Arrest made in Ecuador's massive data breach | ZDNet


Data of 24.3 million Lumin PDF users shared on hacking forum | ZDNet


Hacked government contractor shares breach details as investigation continues


FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew


Google discloses vulnerability in Chrome OS 'built-in security key' feature | ZDNet


Sophos open-sources Sandboxie, a utility for sandboxing any application | ZDNet


Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode | ZDNet


Most Android flashlight apps request an absurd number of permissions | ZDNet


Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions


NY Payroll Company Vanishes With $35 Million — Krebs on Security


2 charged say they were hired to break into Dallas County courthouse

Twitter Mentions