Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
CppCast
Every two weeks, or so, we sit down with guests from the C++ community to discuss the latest news and what they have been up to. Find us at cppcast.com
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Risky Business #693 -- Hive takedown is the beginning, not the end
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at the Hive takedown UK’s Royal Mail still struggling GitHub’s code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week’s show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker’s online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse
Risky Business #693 -- Hive takedown is the beginning, not the end
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at the Hive takedown UK’s Royal Mail still struggling GitHub’s code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week’s show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker’s online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse
Risky Biz Soap Box: Tools alone won't solve your vuln management problems
In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.
Risky Business #692 -- Google search results spew malware, phishing sites
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Google’s search results have become a malware-riddled sh*tshow Ransomware payment values dropped by 40% YoY in 2022 Kraken takes over Solaris the old school way Grand Theft Auto RCE is wreaking havoc ManageEngine customers are all getting owned So you know, pretty much business as usual This week’s show is brought to you by Kroll. Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Google Search and Ads have a major malware problem Justice Department Sues Google for Monopolizing Digital Advertising Technologies | OPA | Department of Justice Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner A Sneaky Ad Scam Tore Through 11 Million Phones | WIRED Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too International Counter Ransomware Task Force kicks off - The Record from Recorded Future News Risky Biz News: Dark web mega-hack as Kraken takes over Solaris Congressman ‘coming for answers’ after ‘no-fly list’ hack - The Record from Recorded Future News Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code CVE - CVE-2023-24059 GoTo says hackers stole encrypted backups during November cyberattack - The Record from Recorded Future News Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack - The Record from Recorded Future News Pakistani authorities investigating if cyberattack caused nationwide blackout - The Record from Recorded Future News Royal Mail trials ‘operational workarounds’ following suspected ransomware attack - The Record from Recorded Future News Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut - The Record from Recorded Future News Canada's largest alcohol retailer infected with card skimming malware twice since December - The Record from Recorded Future News Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack - The Record from Recorded Future News Samsung investigating claims of hack on South Korea systems, internal employee platform - The Record from Recorded Future News Electronic health record giant NextGen dealing with cyberattack - The Record from Recorded Future News Cyberattack on Nunavut energy supplier limits company operations - The Record from Recorded Future News More than 100 Mailchimp accounts accessed via social engineering cyberattack - The Record from Recorded Future News New T-Mobile Breach Affects 37 Million Accounts – Krebs on Security Suspected Chinese hackers exploit vulnerability in Fortinet devices - The Record from Recorded Future News More than 4,400 Sophos firewall servers remain vulnerable to critical exploits | Ars Technica CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability | Rapid7 Blog AWS patches bypass bug in CloudTrail API monitoring tool | The Daily Swig 2022 Microsoft Teams RCE Git security audit reveals critical overflow bugs | The Daily Swig U.S. arrests Bitzlato cofounder, alleges $700 mln of illicit funds processed | Reuters FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft — FBI
Risky Business #692 -- Google search results spew malware, phishing sites
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Google’s search results have become a malware-riddled sh*tshow Ransomware payment values dropped by 40% YoY in 2022 Kraken takes over Solaris the old school way Grand Theft Auto RCE is wreaking havoc ManageEngine customers are all getting owned So you know, pretty much business as usual This week’s show is brought to you by Kroll. Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Google Search and Ads have a major malware problem Justice Department Sues Google for Monopolizing Digital Advertising Technologies | OPA | Department of Justice Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner A Sneaky Ad Scam Tore Through 11 Million Phones | WIRED Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too International Counter Ransomware Task Force kicks off - The Record from Recorded Future News Risky Biz News: Dark web mega-hack as Kraken takes over Solaris Congressman ‘coming for answers’ after ‘no-fly list’ hack - The Record from Recorded Future News Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code CVE - CVE-2023-24059 GoTo says hackers stole encrypted backups during November cyberattack - The Record from Recorded Future News Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack - The Record from Recorded Future News Pakistani authorities investigating if cyberattack caused nationwide blackout - The Record from Recorded Future News Royal Mail trials ‘operational workarounds’ following suspected ransomware attack - The Record from Recorded Future News Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut - The Record from Recorded Future News Canada's largest alcohol retailer infected with card skimming malware twice since December - The Record from Recorded Future News Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack - The Record from Recorded Future News Samsung investigating claims of hack on South Korea systems, internal employee platform - The Record from Recorded Future News Electronic health record giant NextGen dealing with cyberattack - The Record from Recorded Future News Cyberattack on Nunavut energy supplier limits company operations - The Record from Recorded Future News More than 100 Mailchimp accounts accessed via social engineering cyberattack - The Record from Recorded Future News New T-Mobile Breach Affects 37 Million Accounts – Krebs on Security Suspected Chinese hackers exploit vulnerability in Fortinet devices - The Record from Recorded Future News More than 4,400 Sophos firewall servers remain vulnerable to critical exploits | Ars Technica CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability | Rapid7 Blog AWS patches bypass bug in CloudTrail API monitoring tool | The Daily Swig 2022 Microsoft Teams RCE Git security audit reveals critical overflow bugs | The Daily Swig U.S. arrests Bitzlato cofounder, alleges $700 mln of illicit funds processed | Reuters FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft — FBI
Risky Biz Soap Box: Tools alone won't solve your vuln management problems
In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.
Risky Business #691 -- LockBit and "Pablo Escobar syndrome"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Royal Mail attack was LockBit and GCHQ will probably “bust some heads” CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age Cloudflare backs Mastodon Paul Nakasone: NSA did some great stuff! It was really good! Cisco won’t patch SMB routers sold in 2020 Much, much more This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Royal Mail cyberattack linked to LockBit ransomware operation Ransomware Diaries: Volume 1 | Analyst1 Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News CircleCI incident report for January 4, 2023 security incident Researchers: Large language models will revolutionize digital propaganda campaigns Nick Cave - The Red Hand Files - Issue #218 GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server Meta sues Voyager Labs over scraping user data Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News A Police App Exposed Secret Details About Raids and Suspects | WIRED ODIN Intelligence website is defaced as hackers claim breach | TechCrunch Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations The FBI Won't Say Whether It Hacked Dark Web ISIS Site Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica
Risky Business #691 -- LockBit and "Pablo Escobar syndrome"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Royal Mail attack was LockBit and GCHQ will probably “bust some heads” CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age Cloudflare backs Mastodon Paul Nakasone: NSA did some great stuff! It was really good! Cisco won’t patch SMB routers sold in 2020 Much, much more This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Royal Mail cyberattack linked to LockBit ransomware operation Ransomware Diaries: Volume 1 | Analyst1 Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News CircleCI incident report for January 4, 2023 security incident Researchers: Large language models will revolutionize digital propaganda campaigns Nick Cave - The Red Hand Files - Issue #218 GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server Meta sues Voyager Labs over scraping user data Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News A Police App Exposed Secret Details About Raids and Suspects | WIRED ODIN Intelligence website is defaced as hackers claim breach | TechCrunch Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations The FBI Won't Say Whether It Hacked Dark Web ISIS Site Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica
Risky Business #690 -- 2023 will be a rough year for critical online services
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals’ latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren’t so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch
Risky Business #690 -- 2023 will be a rough year for critical online services
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals’ latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren’t so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch
Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple to introduce user-encrypted backups, FBI is sad Twitter ices e2ee plans for DMs RackSpace is getting sued over its hosted Exchange ransomware incident Dodgy driving: Microsoft signs some shady stuff Japan to change laws, release the Shibas A look at the US NDAA Much, much more This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Apple Expands End-to-End Encryption to iCloud Backups | WIRED FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED Risky Biz News: Disgruntled member doxes and extorts URSNIF gang U.S. agency warns that hackers are going after Citrix networking gear | Reuters Police raid offices of Predator spyware seller Intellexa | eKathimerini.com $858 billion defense bill focuses heavily on cyber. These are some highlights. Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future ‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future LockBit ransomware crew claims attack on California Department of Finance PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED Internet Explorer 0-day exploited by North Korean actor APT37 Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED
Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple to introduce user-encrypted backups, FBI is sad Twitter ices e2ee plans for DMs RackSpace is getting sued over its hosted Exchange ransomware incident Dodgy driving: Microsoft signs some shady stuff Japan to change laws, release the Shibas A look at the US NDAA Much, much more This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Apple Expands End-to-End Encryption to iCloud Backups | WIRED FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED Risky Biz News: Disgruntled member doxes and extorts URSNIF gang U.S. agency warns that hackers are going after Citrix networking gear | Reuters Police raid offices of Predator spyware seller Intellexa | eKathimerini.com $858 billion defense bill focuses heavily on cyber. These are some highlights. Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future ‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future LockBit ransomware crew claims attack on California Department of Finance PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED Internet Explorer 0-day exploited by North Korean actor APT37 Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED
Risky Biz Soap Box: Attack Path Management is the New Hotness
In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint’s acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive
Risky Biz Soap Box: Attack Path Management is the New Hotness
In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint’s acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive
Risky Business #688 -- APT41 pickpockets Uncle Sam
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Samsung, LG Android signing keys pinched LastPass gets owned again APT41 steal covid relief money Amnesty International hacked in Canada Much, much more This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog 100 - Platform certificates used to sign malware - apvi Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future New details on commercial spyware vendor Variston ‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica ChatGPT shows promise of using AI to write malware - CyberScoop DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future Kris Nóva: "We are currently investigating…" - Hachyderm.io Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica Spam is drowning out Twitter posts about Covid protests in China French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica Go SAML library vulnerable to authentication bypass | The Daily Swig Okta and Phishing Resistant Authentication - YouTube