Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #673 -- When throwing computers into a woodchipper is standard IR
July 26, 2022
00:00
55.93 MB
Downloads: 0
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Why Entrust being ransomwared is good news
- UEFI bootkits turn hardware into landfill
- Microsoft resumes macro blocking rollout
- Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea
- Much, much more
This week’s sponsor guest is Paul “The Voice” Lanzi of Remediant. He’s popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Italy investigating ransomware attack on tax agency - The Record by Recorded Future
- IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future
- Microsoft resuming default block of Office VBA macros - The Record by Recorded Future
- Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica
- China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs
- Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future
- Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health
- Congress goes after spyware purveyors. Will it make a difference?
- Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future
- TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future
- Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED
- Federal privacy legislation progresses, but concerns about data brokers loom
- China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future
- T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future
- Former Coinbase Manager Arrested by Feds for Alleged Insider Trading
- Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig
- Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig
- Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica