Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
In Machines We Trust
A podcast about the automation of everything. Host Jennifer Strong and the team at MIT Technology Review look at what it means to entrust artificial intelligence with our most sensitive decisions.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Risky Biz Soap Box: Tools alone won't solve your vuln management problems
In this Soap Box edition of the show Nucleus Security’s Scott Kuffer discusses Stakeholder-Specific Vulnerability Categorization (SSVC) and why tools alone can’t fix a dysfunctional vulnerability management program.
Risky Business #691 -- LockBit and "Pablo Escobar syndrome"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Royal Mail attack was LockBit and GCHQ will probably “bust some heads” CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age Cloudflare backs Mastodon Paul Nakasone: NSA did some great stuff! It was really good! Cisco won’t patch SMB routers sold in 2020 Much, much more This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Royal Mail cyberattack linked to LockBit ransomware operation Ransomware Diaries: Volume 1 | Analyst1 Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News CircleCI incident report for January 4, 2023 security incident Researchers: Large language models will revolutionize digital propaganda campaigns Nick Cave - The Red Hand Files - Issue #218 GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server Meta sues Voyager Labs over scraping user data Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News A Police App Exposed Secret Details About Raids and Suspects | WIRED ODIN Intelligence website is defaced as hackers claim breach | TechCrunch Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations The FBI Won't Say Whether It Hacked Dark Web ISIS Site Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica
Risky Business #691 -- LockBit and "Pablo Escobar syndrome"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Royal Mail attack was LockBit and GCHQ will probably “bust some heads” CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age Cloudflare backs Mastodon Paul Nakasone: NSA did some great stuff! It was really good! Cisco won’t patch SMB routers sold in 2020 Much, much more This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Royal Mail cyberattack linked to LockBit ransomware operation Ransomware Diaries: Volume 1 | Analyst1 Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News CircleCI incident report for January 4, 2023 security incident Researchers: Large language models will revolutionize digital propaganda campaigns Nick Cave - The Red Hand Files - Issue #218 GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server Meta sues Voyager Labs over scraping user data Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News A Police App Exposed Secret Details About Raids and Suspects | WIRED ODIN Intelligence website is defaced as hackers claim breach | TechCrunch Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations The FBI Won't Say Whether It Hacked Dark Web ISIS Site Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica
Risky Business #690 -- 2023 will be a rough year for critical online services
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals’ latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren’t so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch
Risky Business #690 -- 2023 will be a rough year for critical online services
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes: Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem Why automotive security research will actually be interesting this year PLUS: A bunch of random news! This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff! Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News CISA researchers: Russia's Fancy Bear infiltrated US satellite network Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News Guardian newspaper hit by suspected ransomware attack, staff told not to come to office - The Record from Recorded Future News British company that helps make semiconductors hit by cyber incident - The Record from Recorded Future News Port of Lisbon website still down as LockBit gang claims cyberattack - The Record from Recorded Future News SickKids: 80% of hospital priority systems back online after LockBit ransomware attack - The Record from Recorded Future News Canada's largest children's hospital struggles to recover from pre-Christmas ransomware attack - The Record from Recorded Future News Canadian copper mine suffers ransomware attack, shuts down mills - The Record from Recorded Future News Los Angeles housing authority says cyberattack disrupting systems - The Record from Recorded Future News The Guardian contacts data protection regulator after suspected ransomware incident - The Record from Recorded Future News Australian fire service operating 85 stations shuts down network after cyberattack - The Record from Recorded Future News San Francisco BART investigating ransomware attack - The Record from Recorded Future News Hackers leak sensitive files following attack on San Francisco transit police New U.S. cyber strategy will require critical infrastructure companies to protect against hacks - The Washington Post Car hackers discover vulnerabilities that could let them hijack millions of vehicles Compromised dispatch system helped move taxis to front of the line | Ars Technica Researcher Deepfakes His Voice, Uses AI to Demand Refund From Wells Fargo Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots Cybercriminals’ latest grift: powdered milk and sugar by the truckload - The Record from Recorded Future News This app will self-destruct: How Belarusian hackers created an alternative Telegram for activists - The Record from Recorded Future News Chinese researchers claim to have broken RSA with a quantum computer. Experts aren’t so sure. - The Record from Recorded Future News Key bitcoin developer calls on FBI to recover $3.6M in digital coin | Ars Technica Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems - The Record from Recorded Future News Microsoft ends Windows 7 security updates | TechCrunch
Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple to introduce user-encrypted backups, FBI is sad Twitter ices e2ee plans for DMs RackSpace is getting sued over its hosted Exchange ransomware incident Dodgy driving: Microsoft signs some shady stuff Japan to change laws, release the Shibas A look at the US NDAA Much, much more This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Apple Expands End-to-End Encryption to iCloud Backups | WIRED FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED Risky Biz News: Disgruntled member doxes and extorts URSNIF gang U.S. agency warns that hackers are going after Citrix networking gear | Reuters Police raid offices of Predator spyware seller Intellexa | eKathimerini.com $858 billion defense bill focuses heavily on cyber. These are some highlights. Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future ‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future LockBit ransomware crew claims attack on California Department of Finance PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED Internet Explorer 0-day exploited by North Korean actor APT37 Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED
Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple to introduce user-encrypted backups, FBI is sad Twitter ices e2ee plans for DMs RackSpace is getting sued over its hosted Exchange ransomware incident Dodgy driving: Microsoft signs some shady stuff Japan to change laws, release the Shibas A look at the US NDAA Much, much more This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Apple Expands End-to-End Encryption to iCloud Backups | WIRED FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED Risky Biz News: Disgruntled member doxes and extorts URSNIF gang U.S. agency warns that hackers are going after Citrix networking gear | Reuters Police raid offices of Predator spyware seller Intellexa | eKathimerini.com $858 billion defense bill focuses heavily on cyber. These are some highlights. Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future ‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future LockBit ransomware crew claims attack on California Department of Finance PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED Internet Explorer 0-day exploited by North Korean actor APT37 Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED
Risky Biz Soap Box: Attack Path Management is the New Hotness
In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint’s acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive
Risky Biz Soap Box: Attack Path Management is the New Hotness
In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint’s acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive
Risky Business #688 -- APT41 pickpockets Uncle Sam
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Samsung, LG Android signing keys pinched LastPass gets owned again APT41 steal covid relief money Amnesty International hacked in Canada Much, much more This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog 100 - Platform certificates used to sign malware - apvi Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future New details on commercial spyware vendor Variston ‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica ChatGPT shows promise of using AI to write malware - CyberScoop DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future Kris Nóva: "We are currently investigating…" - Hachyderm.io Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica Spam is drowning out Twitter posts about Covid protests in China French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica Go SAML library vulnerable to authentication bypass | The Daily Swig Okta and Phishing Resistant Authentication - YouTube
Risky Business #688 -- APT41 pickpockets Uncle Sam
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Samsung, LG Android signing keys pinched LastPass gets owned again APT41 steal covid relief money Amnesty International hacked in Canada Much, much more This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog 100 - Platform certificates used to sign malware - apvi Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future New details on commercial spyware vendor Variston ‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica ChatGPT shows promise of using AI to write malware - CyberScoop DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future Kris Nóva: "We are currently investigating…" - Hachyderm.io Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica Spam is drowning out Twitter posts about Covid protests in China French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica Go SAML library vulnerable to authentication bypass | The Daily Swig Okta and Phishing Resistant Authentication - YouTube
Risky Business #687 -- Shady deeds in sunny places: Ransomware smashes Vanuatu, Guadeloupe
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: UK, USA ban Chinese security cameras What is the Boa webserver and why is it everywhere? Vanuatu, Guadeloupe smashed by ransomware REvil back with more dumps despite ASD attention Much, much more This week’s sponsor guest is Jake King from Elastic Security, who joins us to talk through the company’s most recent threat report. There’s a link to the report in our show notes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes British government bans Chinese surveillance cameras from sensitive locations - The Record by Recorded Future US government bans Huawei, ZTE and Hikvision tech over ‘unacceptable’ spying fears | TechCrunch What if Russian commercial aviation cuts too many safety corners? — Meduza Microsoft attributes alleged Chinese attack on Indian power grid to ‘Boa’ IoT vulnerability - The Record by Recorded Future U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer – Krebs on Security Guadeloupe kickstarts continuity plan after wide-ranging cyberattack - The Record by Recorded Future Vanuatu hospital staff using pen and paper after cyber attack that crippled public sector - ABC News Extortion site used in Medibank attack goes offline after Australian gov pledges ‘offensive’ actions - The Record by Recorded Future ThreatMon Ransomware Monitoring on Twitter: Risky Biz News: Australia passes new privacy bill with huge data breach fines Sandworm hacking group linked to new ransomware deployed in Ukraine - The Record by Recorded Future UK Parliament launches inquiry into national security strategy around ransomware - The Record by Recorded Future Canadian food giant refuses to pay ransom after gang threatens data leak - The Record by Recorded Future Almost 1,000 suspects arrested in Interpol operation which seized over $129 million - The Record by Recorded Future Risky Biz News: Authorities seize iSpoof in major blow to fraudsters and cybercrime groups Espionage group using USB devices to hack targets in Southeast Asia - The Record by Recorded Future WikiLeaks' Website Is Slowly Falling Apart European Parliament declares Russia a terrorism sponsor, then its site goes down | Ars Technica Hackers are spreading malware via trending TikTok challenge: report - The Record by Recorded Future Samantha Borrego iS iNfeCtEd noT pArAnOID on Twitter: elastic-global-threat-report-vol-1-2022.pdf
Risky Business #687 -- Shady deeds in sunny places: Ransomware smashes Vanuatu, Guadeloupe
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: UK, USA ban Chinese security cameras What is the Boa webserver and why is it everywhere? Vanuatu, Guadeloupe smashed by ransomware REvil back with more dumps despite ASD attention Much, much more This week’s sponsor guest is Jake King from Elastic Security, who joins us to talk through the company’s most recent threat report. There’s a link to the report in our show notes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes British government bans Chinese surveillance cameras from sensitive locations - The Record by Recorded Future US government bans Huawei, ZTE and Hikvision tech over ‘unacceptable’ spying fears | TechCrunch What if Russian commercial aviation cuts too many safety corners? — Meduza Microsoft attributes alleged Chinese attack on Indian power grid to ‘Boa’ IoT vulnerability - The Record by Recorded Future U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer – Krebs on Security Guadeloupe kickstarts continuity plan after wide-ranging cyberattack - The Record by Recorded Future Vanuatu hospital staff using pen and paper after cyber attack that crippled public sector - ABC News Extortion site used in Medibank attack goes offline after Australian gov pledges ‘offensive’ actions - The Record by Recorded Future ThreatMon Ransomware Monitoring on Twitter: Risky Biz News: Australia passes new privacy bill with huge data breach fines Sandworm hacking group linked to new ransomware deployed in Ukraine - The Record by Recorded Future UK Parliament launches inquiry into national security strategy around ransomware - The Record by Recorded Future Canadian food giant refuses to pay ransom after gang threatens data leak - The Record by Recorded Future Almost 1,000 suspects arrested in Interpol operation which seized over $129 million - The Record by Recorded Future Risky Biz News: Authorities seize iSpoof in major blow to fraudsters and cybercrime groups Espionage group using USB devices to hack targets in Southeast Asia - The Record by Recorded Future WikiLeaks' Website Is Slowly Falling Apart European Parliament declares Russia a terrorism sponsor, then its site goes down | Ars Technica Hackers are spreading malware via trending TikTok challenge: report - The Record by Recorded Future Samantha Borrego iS iNfeCtEd noT pArAnOID on Twitter: elastic-global-threat-report-vol-1-2022.pdf
Risky Business #686 -- White House to move on spyware industry
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Half of all UK COBRA meetings are ransomware related Ransomware biggest risk to US port security White House to move on spyware industry EU to launch its own Starlink equivalent Much, much more AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Ransomware incidents now make up majority of British government’s crisis management COBRA meetings - The Record by Recorded Future DHS Secretary: Cyberattacks are the most significant threat to port infrastructure - The Record by Recorded Future Michigan school districts reopen after three-day closure due to ransomware attack - The Record by Recorded Future Microsoft: Royal ransomware group using Google Ads in campaign - The Record by Recorded Future Researchers Quietly Cracked Zeppelin Ransomware Keys – Krebs on Security Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor US, Estonian authorities arrest two over $575 million cryptocurrency fraud - The Record by Recorded Future New FTX CEO details 'complete failure of corporate controls' at crypto platform OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs EU reaches agreement on new satellite constellation - The Record by Recorded Future Ukraine’s Engineers Dodged Russian Mines To Get Kherson Back Online–With A Little Help From Elon Musk’s Satellites Senate Democrats call on FTC to investigate Twitter's data security 11.17.22 - FTC - Twitter Letter Twitter has a lot of your data. Here's what you can do about it. Mastodon vulnerable to multiple system configuration problems | The Daily Swig System misconfiguration is the number one vulnerability, at least for Mastodon White House expected to issue executive order reining in spyware H20220930-005_Himes-Speier cc's - DocumentCloud A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup | WIRED Risky Biz News: Iranian state hackers breached US government agency and deployed a cryptominer, out of all things India removes ban on VLC media player after cybersecurity concerns addressed - The Record by Recorded Future Amazon addresses vulnerability affecting AWS AppSync - The Record by Recorded Future CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization | CISA
Risky Business #686 -- White House to move on spyware industry
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Half of all UK COBRA meetings are ransomware related Ransomware biggest risk to US port security White House to move on spyware industry EU to launch its own Starlink equivalent Much, much more AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Ransomware incidents now make up majority of British government’s crisis management COBRA meetings - The Record by Recorded Future DHS Secretary: Cyberattacks are the most significant threat to port infrastructure - The Record by Recorded Future Michigan school districts reopen after three-day closure due to ransomware attack - The Record by Recorded Future Microsoft: Royal ransomware group using Google Ads in campaign - The Record by Recorded Future Researchers Quietly Cracked Zeppelin Ransomware Keys – Krebs on Security Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor US, Estonian authorities arrest two over $575 million cryptocurrency fraud - The Record by Recorded Future New FTX CEO details 'complete failure of corporate controls' at crypto platform OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs EU reaches agreement on new satellite constellation - The Record by Recorded Future Ukraine’s Engineers Dodged Russian Mines To Get Kherson Back Online–With A Little Help From Elon Musk’s Satellites Senate Democrats call on FTC to investigate Twitter's data security 11.17.22 - FTC - Twitter Letter Twitter has a lot of your data. Here's what you can do about it. Mastodon vulnerable to multiple system configuration problems | The Daily Swig System misconfiguration is the number one vulnerability, at least for Mastodon White House expected to issue executive order reining in spyware H20220930-005_Himes-Speier cc's - DocumentCloud A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup | WIRED Risky Biz News: Iranian state hackers breached US government agency and deployed a cryptominer, out of all things India removes ban on VLC media player after cybersecurity concerns addressed - The Record by Recorded Future Amazon addresses vulnerability affecting AWS AppSync - The Record by Recorded Future CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization | CISA