Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
An interview with Andrew Boyd, director of the CIA's Centre for Cyber Intelligence
In this interview the director of the CIA’s Center for Cyber Intelligence (CCI) sits down with Risky Business podcast host Patrick Gray to talk about: What CCI actually does The CIA’s role in cyber intel and operations What lessons have been learned from Russia’s cyber campaigns targeting Ukraine Why a cyber conflict with China will be very, very different His views on the ransomware threat Much, much more
Risky Business #696 -- Why Twitter had to kill SMS 2FA
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Why Twitter had to kill SMS 2FA A look at Meta’s new verification service How a ransomware attack disrupted the semiconductor supply chain Why Anonymous Sudan is probably a Russian info op Microsoft mixes up public and private keys in Azure B2C (for real) Much, much more This week’s show is brought to you by Proofpoint. Its Executive Vice President of Cybersecurity Strategy Ryan Kalember joins the show in the sponsor slot. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes How to Protect Yourself From Twitter’s 2FA Crackdown | WIRED Elon Musk Says Twitter Lost $60mn a Year Because 390 Telcos Used Bot Accounts to Pump A2P SMS | Commsrisk Twitter’s Two-Factor Authentication Change ‘Doesn't Make Sense’ | WIRED Elon Musk on Twitter: "@MKBHD Twitter is getting scammed by phone companies for $60M/year of fake 2FA SMS messages" / Twitter rat king 🐀 on Twitter: "as twitter goes through diff versions of what it’s subscription service looks like, meta rolls out its own verified program… https://t.co/BPNILEFGZ0" / Twitter WA wedding photographer’s fury as Instagram account deactivated | news.com.au — Australia’s leading news site Semiconductor industry giant says ransomware attack on supplier will cost it $250 million - The Record from Recorded Future News State of emergency as City of Oakland grapples with ransomware attack - The Record from Recorded Future News Irish TV broadcaster says attempted hack will affect programming - The Record from Recorded Future News Revealed: the US adviser who tried to swing Nigeria’s 2015 election | Cambridge Analytica | The Guardian Political aides hacked by ‘Team Jorge’ in run-up to Kenyan election | World news | The Guardian Fox News stars and staffers privately blasted election fraud claims as bogus, court filing shows google_fog_of_war_research_report.pdf Hacks, leaks and wipers: Google analyzes a year of Russian cyberattacks on Ukraine | CyberScoop Scandinavian Airlines hit by cyberattack, 'Anonymous Sudan' claims responsibility - The Record from Recorded Future News Azure B2C Crypto Misuse and Account Compromise - Praetorian GoDaddy: Hackers stole source code, installed malware in multi-year breach WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks - SentinelOne Hyundai, Kia to provide anti-theft software updates following viral TikTok challenge - The Record from Recorded Future News Health info for 1 million patients stolen using critical GoAnywhere vulnerability | Ars Technica Latest attack on PyPI users shows crooks are only getting better | Ars Technica Belgium launches nationwide safe harbor for ethical hackers | The Daily Swig Tor Project Moves Away from Infrastructure Ran by Internet Monitoring Firm Bank accounts overdrawn, missing and suspended without warning, bank won't talk to me : LegalAdviceUK
Risky Business #696 -- Why Twitter had to kill SMS 2FA
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Why Twitter had to kill SMS 2FA A look at Meta’s new verification service How a ransomware attack disrupted the semiconductor supply chain Why Anonymous Sudan is probably a Russian info op Microsoft mixes up public and private keys in Azure B2C (for real) Much, much more This week’s show is brought to you by Proofpoint. Its Executive Vice President of Cybersecurity Strategy Ryan Kalember joins the show in the sponsor slot. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes How to Protect Yourself From Twitter’s 2FA Crackdown | WIRED Elon Musk Says Twitter Lost $60mn a Year Because 390 Telcos Used Bot Accounts to Pump A2P SMS | Commsrisk Twitter’s Two-Factor Authentication Change ‘Doesn't Make Sense’ | WIRED Elon Musk on Twitter: "@MKBHD Twitter is getting scammed by phone companies for $60M/year of fake 2FA SMS messages" / Twitter rat king 🐀 on Twitter: "as twitter goes through diff versions of what it’s subscription service looks like, meta rolls out its own verified program… https://t.co/BPNILEFGZ0" / Twitter WA wedding photographer’s fury as Instagram account deactivated | news.com.au — Australia’s leading news site Semiconductor industry giant says ransomware attack on supplier will cost it $250 million - The Record from Recorded Future News State of emergency as City of Oakland grapples with ransomware attack - The Record from Recorded Future News Irish TV broadcaster says attempted hack will affect programming - The Record from Recorded Future News Revealed: the US adviser who tried to swing Nigeria’s 2015 election | Cambridge Analytica | The Guardian Political aides hacked by ‘Team Jorge’ in run-up to Kenyan election | World news | The Guardian Fox News stars and staffers privately blasted election fraud claims as bogus, court filing shows google_fog_of_war_research_report.pdf Hacks, leaks and wipers: Google analyzes a year of Russian cyberattacks on Ukraine | CyberScoop Scandinavian Airlines hit by cyberattack, 'Anonymous Sudan' claims responsibility - The Record from Recorded Future News Azure B2C Crypto Misuse and Account Compromise - Praetorian GoDaddy: Hackers stole source code, installed malware in multi-year breach WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks - SentinelOne Hyundai, Kia to provide anti-theft software updates following viral TikTok challenge - The Record from Recorded Future News Health info for 1 million patients stolen using critical GoAnywhere vulnerability | Ars Technica Latest attack on PyPI users shows crooks are only getting better | Ars Technica Belgium launches nationwide safe harbor for ethical hackers | The Daily Swig Tor Project Moves Away from Infrastructure Ran by Internet Monitoring Firm Bank accounts overdrawn, missing and suspended without warning, bank won't talk to me : LegalAdviceUK
An interview with Andrew Boyd, director of the CIA's Centre for Cyber Intelligence
In this interview the director of the CIA’s Center for Cyber Intelligence (CCI) sits down with Risky Business podcast host Patrick Gray to talk about: What CCI actually does The CIA’s role in cyber intel and operations What lessons have been learned from Russia’s cyber campaigns targeting Ukraine Why a cyber conflict with China will be very, very different His views on the ransomware threat Much, much more
Risky Biz Soap Box: Greynoise has built the world's biggest, and smartest, honeypot
In this interview we’re chatting with the founder of Greynoise Intelligence, Andrew Morris. Greynoise operates a global network of sensors that collect data on things like mass scanning, exploitation and reconnaissance. The idea is if your SOC gets an alert from a particular IP you can see if it’s associated with mass scanning or exploitation, or if it’s something that’s just targeting you. And as you’ll hear, there are other use cases also, but we’re talking about a few things with Andrew today. He talks about being able to selectively port forward attacks targeting his sensor network to a data centre running the services being targeted, about the ESXiArgs ransomware attack and more. Enjoy!
Risky Biz Soap Box: Greynoise has built the world's biggest, and smartest, honeypot
In this interview we’re chatting with the founder of Greynoise Intelligence, Andrew Morris. Greynoise operates a global network of sensors that collect data on things like mass scanning, exploitation and reconnaissance. The idea is if your SOC gets an alert from a particular IP you can see if it’s associated with mass scanning or exploitation, or if it’s something that’s just targeting you. And as you’ll hear, there are other use cases also, but we’re talking about a few things with Andrew today. He talks about being able to selectively port forward attacks targeting his sensor network to a data centre running the services being targeted, about the ESXiArgs ransomware attack and more. Enjoy!
Risky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legal
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It’s 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week’s show is brought to you by Thinkst Canary. Haroon Meer is this week’s sponsor guest and joins us to talk about Thinkst’s latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI’s Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea’s Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week’s Reddit breach shows company’s security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass’ crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop
Risky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legal
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It’s 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week’s show is brought to you by Thinkst Canary. Haroon Meer is this week’s sponsor guest and joins us to talk about Thinkst’s latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI’s Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea’s Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week’s Reddit breach shows company’s security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass’ crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop
Risky Business #694 -- Cleansing fire claims ESXi, GoAnywhere servers
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week’s show is brought to you by Red Canary. Red Canary’s Adam Mashinchi is this week’s sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident’ - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach’ - The Record from Recorded Future News Switzerland’s largest university confirms ‘serious cyberattack’ - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,’ Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher’ tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
Risky Business #694 -- Cleansing fire claims ESXi, GoAnywhere servers
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week’s show is brought to you by Red Canary. Red Canary’s Adam Mashinchi is this week’s sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident’ - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach’ - The Record from Recorded Future News Switzerland’s largest university confirms ‘serious cyberattack’ - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,’ Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher’ tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
Risky Business #693 -- Hive takedown is the beginning, not the end
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at the Hive takedown UK’s Royal Mail still struggling GitHub’s code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week’s show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker’s online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse
Risky Business #693 -- Hive takedown is the beginning, not the end
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at the Hive takedown UK’s Royal Mail still struggling GitHub’s code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week’s show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker’s online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse
Risky Business #692 -- Google search results spew malware, phishing sites
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Google’s search results have become a malware-riddled sh*tshow Ransomware payment values dropped by 40% YoY in 2022 Kraken takes over Solaris the old school way Grand Theft Auto RCE is wreaking havoc ManageEngine customers are all getting owned So you know, pretty much business as usual This week’s show is brought to you by Kroll. Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Google Search and Ads have a major malware problem Justice Department Sues Google for Monopolizing Digital Advertising Technologies | OPA | Department of Justice Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner A Sneaky Ad Scam Tore Through 11 Million Phones | WIRED Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too International Counter Ransomware Task Force kicks off - The Record from Recorded Future News Risky Biz News: Dark web mega-hack as Kraken takes over Solaris Congressman ‘coming for answers’ after ‘no-fly list’ hack - The Record from Recorded Future News Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code CVE - CVE-2023-24059 GoTo says hackers stole encrypted backups during November cyberattack - The Record from Recorded Future News Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack - The Record from Recorded Future News Pakistani authorities investigating if cyberattack caused nationwide blackout - The Record from Recorded Future News Royal Mail trials ‘operational workarounds’ following suspected ransomware attack - The Record from Recorded Future News Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut - The Record from Recorded Future News Canada's largest alcohol retailer infected with card skimming malware twice since December - The Record from Recorded Future News Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack - The Record from Recorded Future News Samsung investigating claims of hack on South Korea systems, internal employee platform - The Record from Recorded Future News Electronic health record giant NextGen dealing with cyberattack - The Record from Recorded Future News Cyberattack on Nunavut energy supplier limits company operations - The Record from Recorded Future News More than 100 Mailchimp accounts accessed via social engineering cyberattack - The Record from Recorded Future News New T-Mobile Breach Affects 37 Million Accounts – Krebs on Security Suspected Chinese hackers exploit vulnerability in Fortinet devices - The Record from Recorded Future News More than 4,400 Sophos firewall servers remain vulnerable to critical exploits | Ars Technica CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability | Rapid7 Blog AWS patches bypass bug in CloudTrail API monitoring tool | The Daily Swig 2022 Microsoft Teams RCE Git security audit reveals critical overflow bugs | The Daily Swig U.S. arrests Bitzlato cofounder, alleges $700 mln of illicit funds processed | Reuters FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft — FBI
Risky Biz Soap Box: Tools alone won't solve your vuln management problems
In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.
Risky Business #692 -- Google search results spew malware, phishing sites
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Google’s search results have become a malware-riddled sh*tshow Ransomware payment values dropped by 40% YoY in 2022 Kraken takes over Solaris the old school way Grand Theft Auto RCE is wreaking havoc ManageEngine customers are all getting owned So you know, pretty much business as usual This week’s show is brought to you by Kroll. Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Google Search and Ads have a major malware problem Justice Department Sues Google for Monopolizing Digital Advertising Technologies | OPA | Department of Justice Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner A Sneaky Ad Scam Tore Through 11 Million Phones | WIRED Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too International Counter Ransomware Task Force kicks off - The Record from Recorded Future News Risky Biz News: Dark web mega-hack as Kraken takes over Solaris Congressman ‘coming for answers’ after ‘no-fly list’ hack - The Record from Recorded Future News Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code CVE - CVE-2023-24059 GoTo says hackers stole encrypted backups during November cyberattack - The Record from Recorded Future News Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack - The Record from Recorded Future News Pakistani authorities investigating if cyberattack caused nationwide blackout - The Record from Recorded Future News Royal Mail trials ‘operational workarounds’ following suspected ransomware attack - The Record from Recorded Future News Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut - The Record from Recorded Future News Canada's largest alcohol retailer infected with card skimming malware twice since December - The Record from Recorded Future News Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack - The Record from Recorded Future News Samsung investigating claims of hack on South Korea systems, internal employee platform - The Record from Recorded Future News Electronic health record giant NextGen dealing with cyberattack - The Record from Recorded Future News Cyberattack on Nunavut energy supplier limits company operations - The Record from Recorded Future News More than 100 Mailchimp accounts accessed via social engineering cyberattack - The Record from Recorded Future News New T-Mobile Breach Affects 37 Million Accounts – Krebs on Security Suspected Chinese hackers exploit vulnerability in Fortinet devices - The Record from Recorded Future News More than 4,400 Sophos firewall servers remain vulnerable to critical exploits | Ars Technica CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability | Rapid7 Blog AWS patches bypass bug in CloudTrail API monitoring tool | The Daily Swig 2022 Microsoft Teams RCE Git security audit reveals critical overflow bugs | The Daily Swig U.S. arrests Bitzlato cofounder, alleges $700 mln of illicit funds processed | Reuters FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft — FBI