Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #656 – We expected a cyberwar but got an infowar
On this week’s show Patrick Gray, Dmitri Alperovitch and Adam Boileau discuss the week’s security news, including:
- We expected a cyberwar but got an information war
- People with SDR kits are doing SIGINT in Ukraine
- Conti has imploded and it’s hilarious
- Much, much more
This week’s show is brought to you by Proofpoint. Sherrod DeGrippo, Proofpoint’s Vice President of Threat Research and Detection is this week’s sponsor guest. She joins us to talk about how there isn’t really any magic advice she can dispense to protect customers from Russian attacks.
There are some show notes below, but they’re not exhaustive.
Show notes
- The propaganda war has eclipsed cyberwar in Ukraine | MIT Technology Review
- Ukrainian Researcher Leaks Conti Ransomware Gang Data
- Signal on Twitter: "We've had an uptick in usage in Eastern Europe & rumors are circulating that Signal is hacked & compromised. This is false. Signal is not hacked. We believe these rumors are part of a coordinated misinformation campaign meant to encourage people to use less secure alternatives." / Twitter
- Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns - The Record by Recorded Future
- Phishing campaign targets European officials assisting in refugee operations - The Record by Recorded Future
- https://twitter.com/sbreakintl/status/1498619303717142529?s=21
- Apple halts sales of products to Russia, restricts access to Russian news apps
- Belarusian hackers launch another attack, adding to chaotic hacktivist activity around Ukraine - CyberScoop
- Russian State Media Hacked to Show Casualty Numbers for Russian Soldiers in Ukraine War
- Would Banning Russia From Getting Software Updates Make It Easier to Hack?
- Ukraine’s Volunteer ‘IT Army’ Is Hacking in Uncharted Territory | WIRED
- vx-underground on Twitter: "Conti ransomware group previously put out a message siding with the Russian government. Today a Conti member has begun leaking data with the message "Fuck the Russian government, Glory to Ukraine!" You can download the leaked Conti data here: https://t.co/BDzHQU5mgw https://t.co/AL7BXnihza" / Twitter
- Active Measures, LLC on Twitter: "That keyboard sound you hear is lawyers at US CYBERCOMMAND updating some opinions." / Twitter
- Conti ransomware gang chats leaked by pro-Ukraine member - The Record by Recorded Future
- Russia appears to deploy digital defenses after DDoS attacks - The Record by Recorded Future
- Russia’s Sandworm Hackers Have Built a Botnet of Firewalls | WIRED
- Auth0 co-founder and CEO Eugenio Pace walks us through the Auth0 platform - YouTube
- Dmitri Alperovitch on Twitter: "In the last few weeks, I have become increasingly convinced that Kremlin has unfortunately made a decision to invade Ukraine later this winter. While it is still possible for Putin to deescalate, I believe the likelihood is now quite low. Allow me to explain why 🧵" / Twitter