Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
Risky Business #679 -- A look at Uber's very bad week
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at how Uber got owned so hard Why cleartext cookie storage in Microsoft Teams’ Electron-based app is actually a big deal Russian official: Starlink is a legitimate military target Wagner mercs get doxxed Kiwi Farms having a bad time Much, much more In this week’s sponsor interview we’ll be chatting to Nucleus’s CEO Steve Carter about CISA’s KEV list. He has feelings about the KEV list – they’re mostly positive, but he also has a few reasonable gripes and he joins me to talk about them. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Uber attributes hack to Lapsus$, working with FBI and DOJ on investigation - The Record by Recorded Future Uber confirms it is investigating cybersecurity incident - The Record by Recorded Future Microsoft Teams stores cleartext auth tokens, won’t be quickly patched | Ars Technica SharpTongue Deploys Clever Mail-Stealing Browser Extension "SHARPEXT" | Volexity Hacking group focused on Central America dumps 10 terabytes of military emails, files Securing the Supply Chain of Nothing | Kelly Shortridge Russia Makes Veiled Threat to Destroy SpaceX's Starlink Pro-Ukraine Hacktivists Claim to Have Hacked Notorious Russian Mercenary Group Fears grow of Russian spies turning to industrial espionage - The Record by Recorded Future Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records Alternative payment apps such as AliPay a boon for cybercriminals, experts tell Congress CISA floats plan to partner with local universities for '311' cyberattack triage service - The Record by Recorded Future Breach of software maker used to backdoor ecommerce servers | Ars Technica Kiwi Farms has been breached; assume passwords and emails have been leaked | Ars Technica (8) Kevin Beaumont on Twitter: "The saga continues - there was (also?) a script injected for a month on Kiwi Farms called Troonshine, gathering information and credentials from user’s systems, posting it to “https://t.co/XnrUu4t3sd”. They look very, very owned. https://t.co/kxdR8kxtC1" / Twitter Pentagon reviews psychological operations amid Facebook, Twitter complaints - The Washington Post Bosnia and Herzegovina investigating alleged ransomware attack on parliament - The Record by Recorded Future Botched Crypto Mugging Lands Three U.K. Men in Jail – Krebs on Security Cryptocurrency company Wintermute says hackers stole $160 million - The Record by Recorded Future Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police
Risky Business #679 -- A look at Uber's very bad week
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A look at how Uber got owned so hard Why cleartext cookie storage in Microsoft Teams’ Electron-based app is actually a big deal Russian official: Starlink is a legitimate military target Wagner mercs get doxxed Kiwi Farms having a bad time Much, much more In this week’s sponsor interview we’ll be chatting to Nucleus’s CEO Steve Carter about CISA’s KEV list. He has feelings about the KEV list – they’re mostly positive, but he also has a few reasonable gripes and he joins me to talk about them. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Uber attributes hack to Lapsus$, working with FBI and DOJ on investigation - The Record by Recorded Future Uber confirms it is investigating cybersecurity incident - The Record by Recorded Future Microsoft Teams stores cleartext auth tokens, won’t be quickly patched | Ars Technica SharpTongue Deploys Clever Mail-Stealing Browser Extension "SHARPEXT" | Volexity Hacking group focused on Central America dumps 10 terabytes of military emails, files Securing the Supply Chain of Nothing | Kelly Shortridge Russia Makes Veiled Threat to Destroy SpaceX's Starlink Pro-Ukraine Hacktivists Claim to Have Hacked Notorious Russian Mercenary Group Fears grow of Russian spies turning to industrial espionage - The Record by Recorded Future Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records Alternative payment apps such as AliPay a boon for cybercriminals, experts tell Congress CISA floats plan to partner with local universities for '311' cyberattack triage service - The Record by Recorded Future Breach of software maker used to backdoor ecommerce servers | Ars Technica Kiwi Farms has been breached; assume passwords and emails have been leaked | Ars Technica (8) Kevin Beaumont on Twitter: "The saga continues - there was (also?) a script injected for a month on Kiwi Farms called Troonshine, gathering information and credentials from user’s systems, posting it to “https://t.co/XnrUu4t3sd”. They look very, very owned. https://t.co/kxdR8kxtC1" / Twitter Pentagon reviews psychological operations amid Facebook, Twitter complaints - The Washington Post Bosnia and Herzegovina investigating alleged ransomware attack on parliament - The Record by Recorded Future Botched Crypto Mugging Lands Three U.K. Men in Jail – Krebs on Security Cryptocurrency company Wintermute says hackers stole $160 million - The Record by Recorded Future Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police
Risky Biz Soap Box: Haroon Meer on "sensitive command tokens"
In this edition of the Soap Box podcast Patrick Gray talks to Haroon Meer about Thinkst Canary’s new sensitive command token. It’s a great way to detect intruders on your Windows systems. Haroon also talks about how to use canaries strategically. Show notes Canaries as Network Motion Sensors Sensitive Command Token - So much offense in my defense
Risky Biz Soap Box: Haroon Meer on "sensitive command tokens"
In this edition of the Soap Box podcast Patrick Gray talks to Haroon Meer about Thinkst Canary’s new sensitive command token. It’s a great way to detect intruders on your Windows systems. Haroon also talks about how to use canaries strategically. Show notes Canaries as Network Motion Sensors Sensitive Command Token - So much offense in my defense
Risky Business #678 -- Iranians Gone Wild
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Albania suffers under another crippling Iranian attack Iran’s APT42 using clever, multi-persona phishing State Department cyber snitching program paying off Former NSA director Gen. Keith Alexander sued over alleged IronNet pump and dump Mudge fronts US Senate Judiciary Committee Much, much more… This week’s show is brought to you by Stairwell. Mike Wiacek, Stairwell’s founder and CEO is this week’s sponsor guest and he talks about why they’ve pushed their Inception platform beyond YARA hunting. You can see a demo of Inception on our YouTube product demo page. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Risky Biz News: Albania-Iran cyber drama far from over US sanctions Iran intelligence agency over Albania cyberattack - The Record by Recorded Future Tom Uren on Cyber Embuggerance Iranian military using spoofed personas to target nuclear security researchers - The Record by Recorded Future Iranian hackers spy on journalists and government officials, researchers warn - The Record by Recorded Future FBI, DOJ defend ‘offensive’ actions against Chinese, Russian operations - The Record by Recorded Future State Department bounty program for cybercriminal tips has 'born fruit,' top FBI official says More than $30 million seized from North Korean hackers involved in Axie crypto-theft - The Record by Recorded Future $30 Million Seized: How the Cryptocurrency Community Is Making It Difficult for North Korean Hackers To Profit - Chainalysis Twitter whistleblower testifies to Congress, calls for tech regulation reforms - The Record by Recorded Future Twitter whistleblower testifies before Senate Former NSA Head Keith Alexander Accused of Pump-and-Dump Scheme Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonation - The Record by Recorded Future Pro-Ukraine hackers claim attack on Russian TV broadcasts - The Record by Recorded Future Initial access broker or ransomware gang has 'exclusive' access to Mitel zero-day exploit: report - The Record by Recorded Future Cyberattacks against U.S. hospitals mean higher mortality rates, study finds Buenos Aires legislature announces ransomware attack - The Record by Recorded Future Ransomware attack knocked a Kentucky city-operated ISP offline before holiday - The Record by Recorded Future Ransomware attacks on retail increase, average retail payment grows to more than $200K - The Record by Recorded Future Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan - The Record by Recorded Future Patreon security team layoffs cause backlash in creator community This Clever Anti-Censorship Tool Lets Russians Read Blocked News | WIRED Apple Kills Passwords in iOS 16 and macOS Ventura | WIRED Catalin Cimpanu on Twitter: "They're still recruiting, btw" / Twitter Cyberfella on Twitter: "@campuscodi Please convince Patrick to have a segment about NAFO named "Shitposting Dogs on the Bird App are making Vatniks Seethe and Cope" on the next riskybizz ep 🙏🙏🙏" / Twitter ironnet chart - Google Search Stairwell's Inception Platform - YouTube Все Буде Україна (Everything Will Be Ukraine) - YouTube Pink Floyd - Hey Hey Rise Up (feat. Andriy Khlyvnyuk of Boombox) - YouTube PROBASS ∆ HARDI - GOOD EVENING (WHERE ARE YOU FROM?) - YouTube
Risky Business #678 -- Iranians Gone Wild
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Albania suffers under another crippling Iranian attack Iran’s APT42 using clever, multi-persona phishing State Department cyber snitching program paying off Former NSA director Gen. Keith Alexander sued over alleged IronNet pump and dump Mudge fronts US Senate Judiciary Committee Much, much more… This week’s show is brought to you by Stairwell. Mike Wiacek, Stairwell’s founder and CEO is this week’s sponsor guest and he talks about why they’ve pushed their Inception platform beyond YARA hunting. You can see a demo of Inception on our YouTube product demo page. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Risky Biz News: Albania-Iran cyber drama far from over US sanctions Iran intelligence agency over Albania cyberattack - The Record by Recorded Future Tom Uren on Cyber Embuggerance Iranian military using spoofed personas to target nuclear security researchers - The Record by Recorded Future Iranian hackers spy on journalists and government officials, researchers warn - The Record by Recorded Future FBI, DOJ defend ‘offensive’ actions against Chinese, Russian operations - The Record by Recorded Future State Department bounty program for cybercriminal tips has 'born fruit,' top FBI official says More than $30 million seized from North Korean hackers involved in Axie crypto-theft - The Record by Recorded Future $30 Million Seized: How the Cryptocurrency Community Is Making It Difficult for North Korean Hackers To Profit - Chainalysis Twitter whistleblower testifies to Congress, calls for tech regulation reforms - The Record by Recorded Future Twitter whistleblower testifies before Senate Former NSA Head Keith Alexander Accused of Pump-and-Dump Scheme Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonation - The Record by Recorded Future Pro-Ukraine hackers claim attack on Russian TV broadcasts - The Record by Recorded Future Initial access broker or ransomware gang has 'exclusive' access to Mitel zero-day exploit: report - The Record by Recorded Future Cyberattacks against U.S. hospitals mean higher mortality rates, study finds Buenos Aires legislature announces ransomware attack - The Record by Recorded Future Ransomware attack knocked a Kentucky city-operated ISP offline before holiday - The Record by Recorded Future Ransomware attacks on retail increase, average retail payment grows to more than $200K - The Record by Recorded Future Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan - The Record by Recorded Future Patreon security team layoffs cause backlash in creator community This Clever Anti-Censorship Tool Lets Russians Read Blocked News | WIRED Apple Kills Passwords in iOS 16 and macOS Ventura | WIRED Catalin Cimpanu on Twitter: "They're still recruiting, btw" / Twitter Cyberfella on Twitter: "@campuscodi Please convince Patrick to have a segment about NAFO named "Shitposting Dogs on the Bird App are making Vatniks Seethe and Cope" on the next riskybizz ep 🙏🙏🙏" / Twitter ironnet chart - Google Search Stairwell's Inception Platform - YouTube Все Буде Україна (Everything Will Be Ukraine) - YouTube Pink Floyd - Hey Hey Rise Up (feat. Andriy Khlyvnyuk of Boombox) - YouTube PROBASS ∆ HARDI - GOOD EVENING (WHERE ARE YOU FROM?) - YouTube
Risky Business #677 -- A day late and a dollar short: China doxxes NSA op
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: China’s super spies figure out Rob Joyce ran TAO ops FBI, French authorities fly to Montenegro to investigate ransomware attack NEWSFLASH: Cloudflare are still a bunch of Nazi cuddlers SIM swap drama spills into real world shootings, firebombings Yandex Taxi hack clogs Moscow streets The TikTok breach that wasn’t Project Raven veterans get wings clipped Why recent BGP hijacks are getting a bit concerning Much, much more This week’s show is brought to you by Corelight, the company that maintains Zeek. Corleight’s Federal CTO Jean Schaffer joins us in this week’s sponsor interview to talk about whether or not the White House’s executive order on Zero Trust is actually changing anything. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Exclusive: Evidence shows US’ NSA behind attack on email system of leading Chinese aviation university - Global Times Lukasz Olejnik on Twitter: "Chinese accusation of US/NSA cyberattacks on China's aviation university. Unusually, a strong protest issued by China's Foreign Ministry. Chinese media write about NSA extensively, and doxx/point at Rob Joyce, specifically. Highly amusing! https://t.co/PG1XzZoIcW https://t.co/wRMEAokhVj" / Twitter Patrick Gray on Twitter: "Great thread" / Twitter FBI and French officials arrive in Montenegro to investigate ransomware attack - The Record by Recorded Future Chile says gov’t agency struggling with ransomware attack - The Record by Recorded Future Italy warns of cyberattacks on energy industry after Eni, GSE incidents - The Record by Recorded Future Ransomware Gang Accessed Water Supplier’s Control System Experts warn of more Ragnar Locker attacks, days after group targets airline - The Record by Recorded Future Kevin Beaumont on Twitter: "IHG Hotel Group incident is ransomware" / Twitter Criminal hackers targeting K-12 schools, U.S. government warns QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign - The Record by Recorded Future Cloudflare Suggests It Won’t Cut Off Anti-Trans Stalking Forum Cloudflare reverses decision and drops trans trolling website Kiwi Farms | Internet | The Guardian Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire – Krebs on Security State Department debars ex-NSA cyber mercenaries who aided vast UAE surveillance operation Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App Light Flashing, Siren Wailing: A Rich Muscovite in a Rush - The New York Times TikTok denies security breach after hackers leak user data, source code Samsung denies Social Security numbers involved in latest breach - The Record by Recorded Future Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking | by SlowMist | Coinmonks | Aug, 2022 | Medium nanog: Yet another BGP hijacking towards AS16509 A Windows 11 Automation Tool Can Easily Be Hijacked | WIRED Actors behind PyPI supply chain attack have been active since late 2021 | Ars Technica Cybercriminal Service 'EvilProxy' Seeks to Hijack Accounts Careless Errors in Hundreds of Apps Could Expose Troves of Data | WIRED WatchGuard firewall exploit threatens appliance takeover | The Daily Swig Patched TikTok security flaw allowed one-click account takeovers - The Record by Recorded Future Chrome extensions with 1.4M installs covertly track visits and inject code | Ars Technica Peter Eckersley, co-creator of Let’s Encrypt, dies at just 43 – Naked Security DownUnderCTF
Risky Business #677 -- A day late and a dollar short: China doxxes NSA op
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: China’s super spies figure out Rob Joyce ran TAO ops FBI, French authorities fly to Montenegro to investigate ransomware attack NEWSFLASH: Cloudflare are still a bunch of Nazi cuddlers SIM swap drama spills into real world shootings, firebombings Yandex Taxi hack clogs Moscow streets The TikTok breach that wasn’t Project Raven veterans get wings clipped Why recent BGP hijacks are getting a bit concerning Much, much more This week’s show is brought to you by Corelight, the company that maintains Zeek. Corleight’s Federal CTO Jean Schaffer joins us in this week’s sponsor interview to talk about whether or not the White House’s executive order on Zero Trust is actually changing anything. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Exclusive: Evidence shows US’ NSA behind attack on email system of leading Chinese aviation university - Global Times Lukasz Olejnik on Twitter: "Chinese accusation of US/NSA cyberattacks on China's aviation university. Unusually, a strong protest issued by China's Foreign Ministry. Chinese media write about NSA extensively, and doxx/point at Rob Joyce, specifically. Highly amusing! https://t.co/PG1XzZoIcW https://t.co/wRMEAokhVj" / Twitter Patrick Gray on Twitter: "Great thread" / Twitter FBI and French officials arrive in Montenegro to investigate ransomware attack - The Record by Recorded Future Chile says gov’t agency struggling with ransomware attack - The Record by Recorded Future Italy warns of cyberattacks on energy industry after Eni, GSE incidents - The Record by Recorded Future Ransomware Gang Accessed Water Supplier’s Control System Experts warn of more Ragnar Locker attacks, days after group targets airline - The Record by Recorded Future Kevin Beaumont on Twitter: "IHG Hotel Group incident is ransomware" / Twitter Criminal hackers targeting K-12 schools, U.S. government warns QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign - The Record by Recorded Future Cloudflare Suggests It Won’t Cut Off Anti-Trans Stalking Forum Cloudflare reverses decision and drops trans trolling website Kiwi Farms | Internet | The Guardian Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire – Krebs on Security State Department debars ex-NSA cyber mercenaries who aided vast UAE surveillance operation Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App Light Flashing, Siren Wailing: A Rich Muscovite in a Rush - The New York Times TikTok denies security breach after hackers leak user data, source code Samsung denies Social Security numbers involved in latest breach - The Record by Recorded Future Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking | by SlowMist | Coinmonks | Aug, 2022 | Medium nanog: Yet another BGP hijacking towards AS16509 A Windows 11 Automation Tool Can Easily Be Hijacked | WIRED Actors behind PyPI supply chain attack have been active since late 2021 | Ars Technica Cybercriminal Service 'EvilProxy' Seeks to Hijack Accounts Careless Errors in Hundreds of Apps Could Expose Troves of Data | WIRED WatchGuard firewall exploit threatens appliance takeover | The Daily Swig Patched TikTok security flaw allowed one-click account takeovers - The Record by Recorded Future Chrome extensions with 1.4M installs covertly track visits and inject code | Ars Technica Peter Eckersley, co-creator of Let’s Encrypt, dies at just 43 – Naked Security DownUnderCTF
Risky Business #676 -- Okta, Authy users among Twilio hack targets
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: The Twilio breach was actually a big deal How a Belarusian Cyber Partisans hack burned a GRU illegal Who wants 25m hashed passwords from Russia? An NFT we can get behind How attackers are using game anti-cheat drivers to defeat EDR Much, much more This week’s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Why the Twilio Breach Cuts So Deep | WIRED Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica The number of companies caught up in recent hacks keeps growing | Ars Technica How 1-Time Passcodes Became a Corporate Liability – Krebs on Security (1) Christo Grozev on Twitter: "We first noticed her thanks to a super useful database shared with us by @cpartisans: the border crossing records of Belarus. We knew the passport ranges of GRU and FSB spies, so we decided to search in that data-set by partial matches, leaving the last 3 digits out as wildcards." / Twitter (1) Belarusian Cyber-Partisans on Twitter: "🧵1/3🔥For the 1st time in human history a #hacktivist collective obtained passport info of the ALL country's citizens. Now we're offering you an opportunity to become a part of this history 😎. Get a unique digital version of #lukashenka passport as #NFT https://t.co/gOlWdoUehi https://t.co/RxdWpBqA8f" / Twitter A huge Chinese database of faces and vehicle license plates spilled online | TechCrunch Leading Russian streaming platform suffers data leak allegedly impacting 44 million users - The Record by Recorded Future Plex imposes password reset after hackers steal data for >15 million users | Ars Technica Montenegro struggles to recover from cyberattack that officials blame on Russia - The Record by Recorded Future Patrick Gray on Twitter: "https://t.co/DOFdMExsPe" / Twitter European data privacy watchdogs grill Twitter over Mudge security claims - The Record by Recorded Future Google announces open source vulnerability reward program after Log4j, Codecov issues - The Record by Recorded Future Google Online Security Blog: Announcing Google’s Open Source Software Vulnerability Rewards Program Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware' - The Record by Recorded Future LockBit ransomware group implicated in crippling attack on French hospital - The Record by Recorded Future Major U.S. library service confirms ransomware attack, struggling to restore affected systems - The Record by Recorded Future China-linked hackers target organizations operating in South China Sea - The Record by Recorded Future Chinese hackers zero in on Australian manufacturers, wind turbine operators FTC sues data broker that tracks locations of 125M phones per month | Ars Technica FCC launches investigation into mobile carriers’ geolocation data practices - The Record by Recorded Future Most top mobile carriers retain geolocation data for two years on average, FCC findings show - CyberScoop Buddle co-accused one of 50 alleged criminals preparing challenge to police sting Researchers discover sprawling pro-U.S. social media influence campaign Unheard Voice: Evaluating five years of pro-Western covert influence operations Rights groups, company leaders decry silence over VLC player ban in India - The Record by Recorded Future
Risky Business #676 -- Okta, Authy users among Twilio hack targets
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: The Twilio breach was actually a big deal How a Belarusian Cyber Partisans hack burned a GRU illegal Who wants 25m hashed passwords from Russia? An NFT we can get behind How attackers are using game anti-cheat drivers to defeat EDR Much, much more This week’s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Why the Twilio Breach Cuts So Deep | WIRED Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica The number of companies caught up in recent hacks keeps growing | Ars Technica How 1-Time Passcodes Became a Corporate Liability – Krebs on Security (1) Christo Grozev on Twitter: "We first noticed her thanks to a super useful database shared with us by @cpartisans: the border crossing records of Belarus. We knew the passport ranges of GRU and FSB spies, so we decided to search in that data-set by partial matches, leaving the last 3 digits out as wildcards." / Twitter (1) Belarusian Cyber-Partisans on Twitter: "🧵1/3🔥For the 1st time in human history a #hacktivist collective obtained passport info of the ALL country's citizens. Now we're offering you an opportunity to become a part of this history 😎. Get a unique digital version of #lukashenka passport as #NFT https://t.co/gOlWdoUehi https://t.co/RxdWpBqA8f" / Twitter A huge Chinese database of faces and vehicle license plates spilled online | TechCrunch Leading Russian streaming platform suffers data leak allegedly impacting 44 million users - The Record by Recorded Future Plex imposes password reset after hackers steal data for >15 million users | Ars Technica Montenegro struggles to recover from cyberattack that officials blame on Russia - The Record by Recorded Future Patrick Gray on Twitter: "https://t.co/DOFdMExsPe" / Twitter European data privacy watchdogs grill Twitter over Mudge security claims - The Record by Recorded Future Google announces open source vulnerability reward program after Log4j, Codecov issues - The Record by Recorded Future Google Online Security Blog: Announcing Google’s Open Source Software Vulnerability Rewards Program Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware' - The Record by Recorded Future LockBit ransomware group implicated in crippling attack on French hospital - The Record by Recorded Future Major U.S. library service confirms ransomware attack, struggling to restore affected systems - The Record by Recorded Future China-linked hackers target organizations operating in South China Sea - The Record by Recorded Future Chinese hackers zero in on Australian manufacturers, wind turbine operators FTC sues data broker that tracks locations of 125M phones per month | Ars Technica FCC launches investigation into mobile carriers’ geolocation data practices - The Record by Recorded Future Most top mobile carriers retain geolocation data for two years on average, FCC findings show - CyberScoop Buddle co-accused one of 50 alleged criminals preparing challenge to police sting Researchers discover sprawling pro-U.S. social media influence campaign Unheard Voice: Evaluating five years of pro-Western covert influence operations Rights groups, company leaders decry silence over VLC player ban in India - The Record by Recorded Future
Risky Business #675 -- The problem with Mudge's whistleblowing complaint
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A deep look at Mudge’s sensational whistleblower complaint against Twitter Brazilian Federal Police raid Lapsus$ crew NSO CEO to stand down (again), 100 staff to be let go Signal users impacted in Twilio incident Tornado Cash OFACs around and finds out Much, much more This week’s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don’t miss that one. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Patrick Gray on Twitter: "Jesus… can open, worms everywhere. You basically can’t find anyone more credible than @dotMudge in infosec so this is a massive deal https://t.co/TaDQzTEtzR" / Twitter Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number - The Record by Recorded Future A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years | WIRED TikTok Says, No, It Isn't Stealing Your Passwords Brazilian police launch investigation targeting Lapsus$ group - The Record by Recorded Future Israeli spyware company NSO Group CEO steps down | Reuters How a Third-Party SMS Service Was Used to Take Over Signal Accounts VIASAT hack impacted French critical services | Cybernews DOJ now relies on paper for its most sensitive court documents, official says Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs - The Record by Recorded Future Lloyd’s to forbid insurers from covering losses due to state-backed hacks - The Record by Recorded Future U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury OFAC Around and Find Out - Lawfare Suspected Tornado Cash developer arrested in Netherlands - The Record by Recorded Future Report: Ransomware gangs, fraudsters laundered $540 million through RenBridge platform - The Record by Recorded Future Risky Biz News: Is ransomware going after the Global South? Sure looks like it! Ransomware Now Threatens the Global South | Royal United Services Institute Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape | Radware Blog Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED Malicious code exploiting recent VMware bug publicly available, company warns - The Record by Recorded Future Breaking SIDH in polynomial time Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects Cisco confirms May attack by Yanluowang ransomware group - The Record by Recorded Future Cisco releases advisories for bug affecting more than 1 million security devices - The Record by Recorded Future Cisco warns of critical vulnerabilities in routers - The Record by Recorded Future North Korea-backed hackers have a clever way to read your Gmail | Ars Technica When Efforts to Contain a Data Breach Backfire – Krebs on Security Microsoft: Bug in Janet Jackson’s “Rhythm Nation” could crash a laptop - The Record by Recorded Future Anonymous poop gifting site hacked, customers exposed
Risky Business #675 -- The problem with Mudge's whistleblowing complaint
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: A deep look at Mudge’s sensational whistleblower complaint against Twitter Brazilian Federal Police raid Lapsus$ crew NSO CEO to stand down (again), 100 staff to be let go Signal users impacted in Twilio incident Tornado Cash OFACs around and finds out Much, much more This week’s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don’t miss that one. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Patrick Gray on Twitter: "Jesus… can open, worms everywhere. You basically can’t find anyone more credible than @dotMudge in infosec so this is a massive deal https://t.co/TaDQzTEtzR" / Twitter Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number - The Record by Recorded Future A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years | WIRED TikTok Says, No, It Isn't Stealing Your Passwords Brazilian police launch investigation targeting Lapsus$ group - The Record by Recorded Future Israeli spyware company NSO Group CEO steps down | Reuters How a Third-Party SMS Service Was Used to Take Over Signal Accounts VIASAT hack impacted French critical services | Cybernews DOJ now relies on paper for its most sensitive court documents, official says Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs - The Record by Recorded Future Lloyd’s to forbid insurers from covering losses due to state-backed hacks - The Record by Recorded Future U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury OFAC Around and Find Out - Lawfare Suspected Tornado Cash developer arrested in Netherlands - The Record by Recorded Future Report: Ransomware gangs, fraudsters laundered $540 million through RenBridge platform - The Record by Recorded Future Risky Biz News: Is ransomware going after the Global South? Sure looks like it! Ransomware Now Threatens the Global South | Royal United Services Institute Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape | Radware Blog Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED Malicious code exploiting recent VMware bug publicly available, company warns - The Record by Recorded Future Breaking SIDH in polynomial time Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects Cisco confirms May attack by Yanluowang ransomware group - The Record by Recorded Future Cisco releases advisories for bug affecting more than 1 million security devices - The Record by Recorded Future Cisco warns of critical vulnerabilities in routers - The Record by Recorded Future North Korea-backed hackers have a clever way to read your Gmail | Ars Technica When Efforts to Contain a Data Breach Backfire – Krebs on Security Microsoft: Bug in Janet Jackson’s “Rhythm Nation” could crash a laptop - The Record by Recorded Future Anonymous poop gifting site hacked, customers exposed
Risky Biz Soap Box: Okta's Brett Winterford on session cookie theft and mitigations
In this edition of the Soap Box podcast Okta’s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware. He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication. Show notes Defending against session hijacking
Risky Biz Soap Box: Okta's Brett Winterford on session cookie theft and mitigations
In this edition of the Soap Box podcast Okta’s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware. He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication. Show notes Defending against session hijacking
Risky Business #674 -- "Free money" exploit spawns $150m blockchain feeding frenzy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Taiwan tensions fail to conjure the cyber apocalypse Crypto bridge exploit results in $150m feeding frenzy Chainalysis evidence to be challenged in court Post-quantum NIST candidate algorithm gets smoked DSIRF’s Russia links Much, much more This week’s sponsor interview is with Jerrod Chong from Yubico. He’s joining the show to talk about why consumer-focussed implementations of Webauthn like Apple’s Passkeys aren’t a great enterprise solution. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Taiwanese websites hit with DDoS attacks as Pelosi begins visit 'Frenzied mob' steals more than $156 million from crypto platform Nomad - The Record by Recorded Future Bitcoin Fog Case Could Put Cryptocurrency Tracing on Trial | WIRED Post-quantum encryption contender is taken out by single-core PC and 1 hour | Ars Technica Federal court system suffered previously undisclosed breach, congressional committee says Australian police charge man with developing spyware used by more than 14,500 people - The Record by Recorded Future Risky Biz News: Microsoft puts the limelight on another spyware maker—DSIRF from Austria Eavesdropping probe finds Israeli police exceeded authority | AP News Hacker use of Microsoft macros plummeted after default block: report - The Record by Recorded Future On security researcher's newsletter, exposing cybercriminals behind ransomware Luxembourg energy companies struggling with alleged ransomware attack, data breach - The Record by Recorded Future At least 34 healthcare orgs affected by alleged ransomware attack on OneTouchPoint - The Record by Recorded Future American Dental Association says April cyberattack involved ransomware - The Record by Recorded Future Ransomware group demands £500,000 from British schools, citing cyber insurance policy - The Record by Recorded Future Hackers stole passwords for accessing 140,000 payment terminals | TechCrunch Experts warn of hacker claiming access to 50 U.S. companies through breached MSP - The Record by Recorded Future German prosecutors issue warrant for Russian government hacker over energy sector attacks - The Record by Recorded Future The commercial satellite boom is leaving space vulnerable to hackers - The Record by Recorded Future Report to Congress of the U.S.-China Economic and Security Review Commission - U.S.-China Economic and Security Review Commission - Google Books Spanish police arrest two accused of hacking radioactivity alert system - The Record by Recorded Future