Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #657 -- Belarus targets refugee data
On this week’s show Patrick Gray, Brian Krebs and Adam Boileau discuss the week’s security news, including:
- The Contileaks latest
- Belarus targeted refugee data. Was it behind the ICRC hack?
- How APT41 hacked America’s livestock
- SATCOM hack in Ukraine may bode ill for Musk
- Much, much more
Material Security’s co-founder Ryan Noon is this week’s sponsor guest. He joins the show to talk about a few things, how the building blocks for a whole new generation of security tooling – like large-scale data crunching tech – is now just available off the shelf. He also talks us through an integration Material has done with a groovy new SOAR platform called Tines.
Links to everything we discussed – and a YouTube demo of Material’s technology – are below.
Show notes
- Conti Ransomware Group Diaries, Part I: Evasion – Krebs on Security
- Conti Ransomware Group Diaries, Part II: The Office – Krebs on Security
- Conti Ransomware Group Diaries, Part III: Weaponry – Krebs on Security
- Conti Ransomware Group Diaries, Part IV: Cryptocrime – Krebs on Security
- Christo Grozev on Twitter: "This is not the worst part. In the phone call in which the FSB officer assigned to the 41st Army reports the death to his boss in Tula, he says they've lost all secure communications. Thus the phone call using a local sim card. Thus the intercept. https://t.co/cgHHo7VaRi" / Twitter
- Cloudflare not fully backing out of Russia, company says, as tech firms are forced to weigh in - CyberScoop
- NATO countries' refugee management may have been targeted by Belarus-linked hackers - CyberScoop
- Twitter Launches Tor Onion Service Making Site Easier to Access in Russia
- Hive ransomware gang targets Romanian oil firm in its latest cyberattack - The Record by Recorded Future
- Chinese Spies Hacked a Livestock App to Breach US State Networks | WIRED
- Christophe on Twitter: "Casually compromising API keys from Azure customers: - Step 1: Create an Azure automation account - Step 2: curl localhost on ports 40000+ You now have an API token in the Azure tenant of another customer, with the same permissions as the automation🙈 https://t.co/XRI99mCJ1T" / Twitter
- Google WAF bypassed via oversized POST requests | The Daily Swig
- DDoSers are using a potent new method to deliver attacks of unthinkable size | Ars Technica
- SATCOM terminals under attack in Europe: a plausible analysis.
- The internet in Ukraine is still mostly online. Could Starlink be a backup if it goes out? - The Record by Recorded Future
- Linux has been bitten by its most high-severity vulnerability in years | Ars Technica
- Google to acquire Mandiant in $5.4 billion deal - The Record by Recorded Future
- Senate approves cyber incident reporting bill amid worries about Russian threats - The Record by Recorded Future
- Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns - The Record by Recorded Future
- Material Security: Keeping email safe at rest (improved audio) - YouTube
- Risky Biz Product Demos - YouTube