Risky Business #573 -- Gas plant ransomware attack, Huawei mega-indictment and more

On this week’s show Patrick and Adam discuss the week’s security news, including: Ransomware shutters US natural gas plants Huawei hit with huge indictment Voatz mobile voting app shredded by MIT, dust-up ensues The latest from the Vault7 trial Reality Winner seeking clemency Ring to force all users on to 2FA Israeli court rules Facebook must reinstate NSO staff profiles USG drops more North Korean samples OpenSSH gets Fido/U2F support This week’s sponsor interview is with Dave Cottingham from Airlock Digital. They make whitelisting software that’s actually useable. And until I did this interview I didn’t know that their agent actually does host hardening as well, which is pretty cool. Since we last spoke they’ve also popped up in CrowdStrike’s app store thingy, which means a bunch of you Crowdstrike customers will be able to dabble in some whitelisting if you want to. Dave joins the show to talk about a bunch of stuff, including their experience having Silvio Cesare do a code audit on their agent. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.