Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure
May 31, 2023
0:52:40
50.56 MB
Downloads: 0
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- China’s lolbin-powered intrusions into critical infrastructure
- Trend Micro backs BlackBerry’s Cuba call
- Anonymous Sudan shakes down Scandanavian Airlines
- Iranian opposition party MEK publishes gargantuan leak
- Much, much more
This week’s show is brought to you by Kubernetes security company KSOC. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog
- (1) New Messages!
- U.S. warns China could hack infrastructure, including pipelines, rail systems | Reuters
- Factbox: What is Volt Typhoon, the alleged China-backed hacking group? | Reuters
- Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target? - The New York Times
- COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant
- Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
- Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines
- Iranian dissidents take over high-security servers of regime presidency |
- Iran-linked hackers Agrius deploying new ransomware against Israeli orgs
- Exclusive: Chinese hackers attacked Kenyan government as debt strains grew | Reuters
- Risky Biz News: PyPI to enforce 2FA, reduce stored IP addresses
- NSO spyware used in Armenia-Azerbaijan conflict, report finds
- Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
- SMS pumping fraud: take care how you configure MFA - TechHQ
- Full Disclosure: Printerlogic multiple vulnerabilities
- Barracuda Networks issue added to CISA vulnerability list
- Barracuda patches actively exploited zero-day vulnerability in email gateways | Cybersecurity Dive
- Developing: RaidForums users db leaked
- Phishing Domains Tanked After Meta Sued Freenom – Krebs on Security
- Broad coalition of advocacy groups urges Slack to protect users' messages from eavesdropping | CyberScoop