Risky Business

Risky Business #759 – Why Iran's hack and leak will amount to naught

Listen Later

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news and recap the best research presented at Black Hat and DEF CON in Las Vegas last week. They cover:

  • Iran tries an election hack’n’leak like its still 2016
  • Crowdstrike takes home the Pwnie for Epic Fail at DEF CON
  • UK healthcare SaaS faces six million pound fine for lack of MFA
  • US circuit courts disagree on geofence warrants
  • Our roundup of juicy Blackhat/DEF CON research
  • And much, much more.

    • This week’s episode is sponsored by Trail of Bits. CEO Dan Guido is fresh back from the DARPA AI Cyber Challenge at DEF CON, where the Trail of Bits team moved through into the finals. Dan talks through the challenge of finding, reporting and fixing bugs with AI systems.

    You can also watch this week’s show on Youtube.

    Show notes
    • Trump campaign points finger at Iranian hackers for documents leak
    • FBI says it's investigating efforts to hack Trump and Biden-Harris campaigns
    • Iranian hackers ramping up US election interference, Microsoft warns
    • State Dept puts $10 million bounty on IRGC-CEC hackers
    • CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says | Cybersecurity Dive
    • Dominic White 👾 on X: "CrowdStrike accepting the @PwnieAwards for “most epic fail” at @defcon. Class act. https://t.co/e7IgYosHAE" / X
    • Russia's Kursk region suffers 'massive' DDoS attack amid Ukraine offensive
    • Elon Musk on X: "@markpinc Yeah" / X
    • Progress Software says SEC declines to pursue action related to MOVEit exploitation spree | Cybersecurity Dive
    • NHS software supplier Advanced faces £6m fine over ransomware attack failings
    • Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms | TechCrunch
    • 5th Circuit rules geofence warrants illegal in win for phone users’ privacy | Ars Technica
    • Customs and Border Protection agents need a warrant to search your phone - The Verge
    • Hackers could spy on cell phone users by abusing 5G baseband flaws, researchers say | TechCrunch
    • ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections | WIRED
    • Downgrade Attacks Using Windows Updates | SafeBreach
    • Listen to the whispers: web timing attacks that actually work | PortSwigger Research
    • Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
    • Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! | DEVCORE
    • Trail of Bits Advances to AIxCC Finals | Trail of Bits Blog
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Risky BusinessBy Risky Business Media
      • 4.6
      • 4.6
      • 4.6
      • 4.6
      • 4.6

      4.6

      364 ratings

      More shows like Risky Business

      View all
      Hacked by Hacked

      Hacked

      187 Listeners

      Security Now (Audio) by TWiT

      Security Now (Audio)

      2,011 Listeners

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      372 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      651 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,028 Listeners

      Smashing Security by Graham Cluley

      Smashing Security

      317 Listeners

      Click Here by Recorded Future News

      Click Here

      418 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,077 Listeners

      Cybersecurity Today by Jim Love

      Cybersecurity Today

      175 Listeners

      Hacking Humans by N2K Networks

      Hacking Humans

      315 Listeners

      CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

      CISO Series Podcast

      195 Listeners

      Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

      Defense in Depth

      73 Listeners

      Cybersecurity Headlines by CISO Series

      Cybersecurity Headlines

      139 Listeners

      Risky Bulletin by Risky Business Media

      Risky Bulletin

      45 Listeners

      Hacker And The Fed by Chris Tarbell & Hector Monsegur

      Hacker And The Fed

      168 Listeners