Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #702 -- 3CX: It's like SolarWinds, but stupider
April 18, 2023
00:00
58.85 MB
Downloads: 0
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why 3CX was the dumbest supply chain attack we’ve seen
- Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved
- How attackers are burning down cloud infrastructure
- The latest from the world of spyware
- Much, much more
This week’s show is brought to you by Nucleus Security.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms | WIRED
- 3CX support tells customers to investigate malware warnings themselves | Ars Technica
- North Korean hackers linked to 3CX supply-chain attack, investigation finds
- BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog
- Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands | CyberScoop
- MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
- CISA, Cisco highlight Russian military targeting of router vulnerabilities
- Israeli spyware software surveilling journalists, politicians
- Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
- Israeli Spyware Maker QuaDream Closes, Fires All Employees - National Security & Cyber - Haaretz.com
- Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch
- Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
- US commits $25 million to Costa Rica for Conti ransomware recovery
- State Department, Congress working on formal program for US cyber aid
- CISA and partners issue secure-by-design principles for software manufacturers | FedScoop
- Time to Designate Space Systems as Critical Infrastructure
- Apple’s Macs Have Long Escaped Ransomware. That May Be Changing | WIRED
- Cyber company Darktrace gets caught up in LockBit gang's apparent blunder
- Payments giant says it is investigating ransomware incident that caused POS outage
- Cyberattack causing treatment delays at Canadian hospital
- German arms manufacturer Rheinmetall confirms cyberattack
- Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme
- Police arrest almost 120 people globally following Genesis Market takedown
- FBI accessed Genesis Market's backend servers as part of takedown
- LinkedIn Verification Now Lets You Verify Your Job and Account | WIRED
- Tech industry’s pain is NSA’s gain, cyber leader says about layoffs
- QueueJumper: Critical Unauthenticated RCE Vulnerability in MSMQ Service - Check Point Research
- Microsoft shifts to a new threat actor naming taxonomy - Microsoft Security Blog
- Leaked Pentagon Document Claims Russian Hacktivists Breached Canadian Gas Pipeline Company
- Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not. | CyberScoop
- From Discord to 4chan: The Improbable Journey of a US Intelligence Leak - bellingcat
- U.S. intel agencies may change how they monitor social media, chatrooms after missing leaked U.S. documents for weeks
- Taiwan highly vulnerable to Chinese air attack, leaked documents show - The Washington Post
- Pentagon document leak raises questions about internal security - The Washington Post
- Leaked secret documents detail additional Chinese spy balloons - The Washington Post