On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:UK, USA ban Chinese security cameras What is the Boa webserver and why is it everywhere? Vanuatu, Guadeloupe smashed by ransomware REvil back with more dumps despite ASD attention Much, much more
This week?s sponsor guest is Jake King from Elastic Security, who joins us to talk through the company?s most recent threat report. There?s a link to the report in our show notes.British government bans Chinese surveillance cameras from sensitive locations - The Record by Recorded Future US government bans Huawei, ZTE and Hikvision tech over ?unacceptable? spying fears | TechCrunch What if Russian commercial aviation cuts too many safety corners? ? Meduza Microsoft attributes alleged Chinese attack on Indian power grid to ?Boa? IoT vulnerability - The Record by Recorded Future U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer ? Krebs on Security Guadeloupe kickstarts continuity plan after wide-ranging cyberattack - The Record by Recorded Future Vanuatu hospital staff using pen and paper after cyber attack that crippled public sector - ABC News Extortion site used in Medibank attack goes offline after Australian gov pledges ?offensive? actions - The Record by Recorded Future ThreatMon Ransomware Monitoring on Twitter: Risky Biz News: Australia passes new privacy bill with huge data breach fines Sandworm hacking group linked to new ransomware deployed in Ukraine - The Record by Recorded Future UK Parliament launches inquiry into national security strategy around ransomware - The Record by Recorded Future Canadian food giant refuses to pay ransom after gang threatens data leak - The Record by Recorded Future Almost 1,000 suspects arrested in Interpol operation which seized over $129 million - The Record by Recorded Future Risky Biz News: Authorities seize iSpoof in major blow to fraudsters and cybercrime groups Espionage group using USB devices to hack targets in Southeast Asia - The Record by Recorded Future WikiLeaks' Website Is Slowly Falling Apart European Parliament declares Russia a terrorism sponsor, then its site goes down | Ars Technica Hackers are spreading malware via trending TikTok challenge: report - The Record by Recorded Future Samantha Borrego iS iNfeCtEd noT pArAnOID on Twitter: elastic-global-threat-report-vol-1-2022.pdf
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Half of all UK COBRA meetings are ransomware related Ransomware biggest risk to US port security White House to move on spyware industry EU to launch its own Starlink equivalent Much, much more
AttackIQ?s Jonathan Reiber will be joining us in this week?s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs.Ransomware incidents now make up majority of British government?s crisis management COBRA meetings - The Record by Recorded Future DHS Secretary: Cyberattacks are the most significant threat to port infrastructure - The Record by Recorded Future Michigan school districts reopen after three-day closure due to ransomware attack - The Record by Recorded Future Microsoft: Royal ransomware group using Google Ads in campaign - The Record by Recorded Future Researchers Quietly Cracked Zeppelin Ransomware Keys ? Krebs on Security Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor US, Estonian authorities arrest two over $575 million cryptocurrency fraud - The Record by Recorded Future New FTX CEO details 'complete failure of corporate controls' at crypto platform OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs EU reaches agreement on new satellite constellation - The Record by Recorded Future Ukraine?s Engineers Dodged Russian Mines To Get Kherson Back Online?With A Little Help From Elon Musk?s Satellites Senate Democrats call on FTC to investigate Twitter's data security 11.17.22 - FTC - Twitter Letter Twitter has a lot of your data. Here's what you can do about it. Mastodon vulnerable to multiple system configuration problems | The Daily Swig System misconfiguration is the number one vulnerability, at least for Mastodon White House expected to issue executive order reining in spyware H20220930-005_Himes-Speier cc's - DocumentCloud A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup | WIRED Risky Biz News: Iranian state hackers breached US government agency and deployed a cryptominer, out of all things India removes ban on VLC media player after cybersecurity concerns addressed - The Record by Recorded Future Amazon addresses vulnerability affecting AWS AppSync - The Record by Recorded Future CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization | CISA
In this podcast we speak with Randall Degges who leads the Developer Relations & Community team at Snyk. He?s here to talk to us about how to get developers enthusiastic about security, how to get them to use the right tooling, and how this tooling will evolve in the future to actually help developers fix bugs in their code.Show notes The Big Fix | Snyk
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Australia lets ASD loose on ransomware crews, but will it work? (Tom Uren joins us to chat about this one) Twitter?s wheels haven?t fallen off yet but they sure are wobbling Hundreds of millions stolen from FTX mid implosion Security researchers start looking at Mastodon and? yeah Much, much more!
This week?s show is brought to you by Gigamon. George Sandford from Gigamon pops in for this week?s sponsor interview to talk about how to successfully stand up an NDR program.Risky Biz News: Australia to hack the hackers Australia to consider banning ransomware payments - The Record by Recorded Future Two enormous cyberattacks convince Australia to 'hack the hackers' - The Washington Post Australian Federal Police say cybercriminals in Russia behind Medibank hack - The Record by Recorded Future The Hunt for the FTX Thieves Has Begun | WIRED US reissues sanctions on Tornado Cash, tying it to North Korea's nuclear weapons program - The Record by Recorded Future Twitter?s SMS Two-Factor Authentication Is Melting Down | WIRED Is it safe to use Twitter? Security fears rise after Elon Musk drives off staff Twitter?s Security And Privacy Leaders Quit Amidst Musk?s Chaotic Takeover FTC tracking developments at Twitter with 'deep concern' after CISO resigns - The Record by Recorded Future Mastodon users vulnerable to password-stealing attacks | The Daily Swig Risky Biz News: Major hack-and-leak info-op unfolding in Moldova All Day DevOps: Third of Log4j downloads still pull vulnerable version despite threat of supply chain attacks | The Daily Swig Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries | Symantec Enterprise Blogs Lenovo driver goof poses security risk for users of 25 notebook models | Ars Technica Cisco: InterPlanetary File System seeing ?widespread? abuse by hackers - The Record by Recorded Future Project Zero: A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain Google Pixel screen-lock hack earns researcher $70k | The Daily Swig DJ Zavala & DMNTED - Welcome to Ukraine - YouTube
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:DoJ seizes 50k bitcoin stolen from Silk Road, charges thief Australian health insurer Medibank refuses to pay ransom, data leaked Inside Qatar?s $386m world cup espionage operation EU Parliament report into spyware lands SolarWinds settles shareholder lawsuit, faces SEC enforcement action Much, much more
This week?s sponsor guest is Andrew Morris from Greynoise Intelligence.DOJ says it seized billions in Bitcoin stolen by hacker from Silk Road darknet marketplace - The Record by Recorded Future U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | USAO-SDNY | Department of Justice Medibank says it will not pay ransom in hack that impacted 9.7 million customers - The Record by Recorded Future Names, addresses, birthdays posted to dark web by hackers after Medibank ransom deadline passes - ABC News ?Project Merciless?: how Qatar spied on the world of football in Switzerland - SWI swissinfo.ch How Qatar hacked the World Cup ? The Bureau of Investigative Journalism (en-GB) FBI probing ex-CIA officer's spying for World Cup host Qatar - The Washington Post EU governments accused of using spyware ?to cover up corruption and criminal activity? - The Record by Recorded Future Press conference on draft findings of EP spyware inquiry | News | European Parliament SolarWinds says it?s facing SEC ?enforcement action? over 2020 hack | TechCrunch Microsoft accuses China of abusing vulnerability disclosure requirements - The Record by Recorded Future ???????????????????????????????????????-?????????????????? Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup Could a ?digital Red Cross emblem? protect hospitals from cyber warfare? - The Record by Recorded Future TrustCor Systems verifies web addresses, but its address is a UPS Store - The Washington Post Cyber incident at Boeing subsidiary causes flight planning disruptions - The Record by Recorded Future FIN7 cybercrime cartel tied to Black Basta ransomware operation: report - The Record by Recorded Future More than 100 election jurisdictions waiting on federal cyber help, sources say $28 million stolen from cryptocurrency platform Deribit - The Record by Recorded Future Nigerian scammer sentenced to 11 years in US prison - The Record by Recorded Future Hackers get into Dropbox developer accounts on GitHub, access 130 code repositories and more - The Record by Recorded Future Urlscan.io API unwittingly leaks sensitive URLs, data | The Daily Swig The Most Vulnerable Place on the Internet | WIRED So long and thanks for all the bits - NCSC.GOV.UK
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Twitter bluechecks face phishing barrage Australian government goes berserk on Medibank hack response Former WSJ journalist sues law firm over email hack and info op that got him fired OpenSSL bug lands with a whimper Apple macOS Ventura update breaks security tools Much, much more
This week?s show is brought to you by Thinkst Canary. Marco Slaviero, Thinkst?s head of engineering, joins us this week to talk through the company?s latest release, codenamed Quokka.Twitter?s verification chaos is now a cybersecurity problem | TechCrunch Unconfirmed hack of Liz Truss? phone prompts calls for ?urgent investigation? | Ars Technica Chinese hackers are scanning state political party headquarters, FBI says - The Washington Post Former WSJ reporter says law firm used Indian hackers to sabotage his career | Reuters The source - Columbia Journalism Review Upcoming ?critical? OpenSSL update prompts feverish speculation | The Daily Swig OpenSSL vulnerability downgraded to ?high? severity | The Daily Swig Medibank says hackers had access to ?all personal data? belonging to all customers - The Record by Recorded Future Australia to tighten privacy laws, increase fines after series of data breaches - The Record by Recorded Future Votes in Slovakia's parliament suspended after alleged ?cybersecurity incident? - The Record by Recorded Future NY Post confirms hack after website, Twitter feed flooded with threats toward Biden, AOC - The Record by Recorded Future Apple MacOS Ventura Bug Breaks Third-Party Security Tools | WIRED Microsoft ties Vice Society hackers to additional ransomware strains - The Record by Recorded Future How Vice Society Got Away With a Global Ransomware Spree | WIRED FTC seeks action against Drizly ? and its CEO ? for cybersecurity failures - The Record by Recorded Future Critical authentication bug in Fortinet products actively exploited in the wild | The Daily Swig Google Play apps with >20M downloads depleted batteries and network bandwidth | Ars Technica Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn ? Krebs on Security Microsoft leaked 2.4TB of data belonging to sensitive customer. Critics are furious | Ars Technica Microsoft disputes report on Office 365 Message encryption issue after awarding bug bounty - The Record by Recorded Future Microsoft Office Online Server open to SSRF-to-RCE exploit | The Daily Swig Microsoft's Sociopathic Cybersecurity Pedantry Brazilian police announce arrest of alleged Lapsus$ member - The Record by Recorded Future Accused ?Raccoon? Malware Developer Fled Ukraine After Russian Invasion ? Krebs on Security European gang that sold car hacking tools to thieves arrested - The Record by Recorded Future How a Microsoft blunder opened millions of PCs to potent malware attacks | Ars Technica
Snake Oilers isn?t our regular weekly podcast, it?s a wholly sponsored series we do at Risky.Biz where vendors come on to the show to pitch their products to you, the Risky Business listener. To be clear ? everyone you hear in one of these editions, paid to be here.
We?ll hear from three vendors in this edition of Snake Oilers:Truffle Security talks secrets discovery KSOC builds Kubernetes security tools Snyk has a new product to better secure Infrastructure as Code Show notes Unearth Your Secrets - Truffle Security KSOC: Kubernetes Security Operations Center Cloud Security across the SDLC with Policy as Code | Snyk
Snake Oilers isn?t our regular weekly podcast, it?s a wholly sponsored series we do at Risky.Biz where vendors come on to the show to pitch their products to you, the Risky Business listener. To be clear ? everyone you hear in one of these editions, paid to be here.
We?ll hear from three vendors in this edition of Snake Oilers:Tines, the no code security automation solution that people are going absolutely nuts over Code42, the insider threat detection solution maker Kroll talks about its MDR offering
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Why former Uber CISO Joe Sullivan?s guilty verdict shouldn?t worry you United States puts chipmaking restrictions on China, APT activity is coming Elon blinks and Starlink goes dark on Ukraine?s front line Master cyber criminal arrested in Australia Much, much more
This week?s show is brought to you by runZero, the asset inventory and network visibility solution. runZero?s founding CTO and industry legend HD Moore is this week?s sponsor guest.Risky Biz News: Good news for the Capital One hacker, bad news for the former Uber CSO Joe Sullivan guilty in Uber hacking case - The Washington Post Security chiefs fear ?CISO scapegoating? following Uber-Sullivan verdict - The Record by Recorded Future U.S. imposes foreign direct product rule on China for AI and supercomputing - The Washington Post Popular censorship circumvention tools face fresh blockade by China | TechCrunch 'Fear' driving Chinese state to manipulate tech ecosystem... - GCHQ.GOV.UK Risky Biz News: China blocks several protocols used to bypass the Great Firewall Joint_CSA_Top_CVEs_Exploited_by_PRC_cyber_actors_TLPWHITE - DocumentCloud Starlink goes dark Coverage of Killnet DDoS attacks plays into attackers' hands, experts say - The Record by Recorded Future Ukrainian cybersecurity officer killed by Russian missile strike - The Record by Recorded Future Biden signs new US-EU privacy framework, setting up surveillance safeguards - The Record by Recorded Future White House to unveil ambitious cybersecurity labeling effort modeled after Energy Star Australian teen charged with using leaked Optus data to blackmail customers - The Record by Recorded Future Report: Big U.S. Banks Are Stiffing Account Takeover Victims ? Krebs on Security Hackers steal at least $100 million from Binance-linked blockchain - The Record by Recorded Future Someone is clogging up the Zcash blockchain with a spam attack Alberto Rodriguez, and Erik Hunstad - Stop writing malware! The Blue team has done it for you - YouTube CVE-2022-34689 - Security Update Guide - Microsoft - Windows CryptoAPI Spoofing Vulnerability Get root on macOS 12.3.1: proof-of-concepts for Linus Henze?s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) | Worth Doing Badly Risky Biz News: LofyGang runs amok in the npm ecosystem with minimal gains
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:More Exchange 0days cause more havoc A look at some earlier Exchange hack incidents How the CIA got its agents killed with its truly awful online opsec Ex NSA staffer arrested for espionage Much, much more
This week?s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint?s EVP of cybersecurity strategy, joins the show this week to talk about some overlooked detection opportunities ? some simple stuff you can look for in your environment that should raise gigantic flashing red flags.Microsoft confirms two Exchange Server zero days are being used in cyberattacks - The Record by Recorded Future CISA: Multiple government hacking groups had ?long-term? access to defense company - The Record by Recorded Future Mexican president confirms ?Guacamaya? hack targeting regional militaries - The Record by Recorded Future Mexican journalists targeted by zero-click spyware infections - The Record by Recorded Future Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets Putin grants citizenship to Edward Snowden, who disclosed US eavesdropping - The Washington Post U.S. fails in bid to extradite Brit for helping North Korea evade sanctions with cryptocurrency - The Record by Recorded Future Bill Marczak on Twitter: "NEW REPORT today from @Reuters @JoelSchectman providing more detail about fatal flaws in the CIA's defunct communications network. Iran and China compromised the network in 2011, and killed dozens of CIA assets https://t.co/AwN8pQtWL2" / Twitter Numerous orgs hacked after installing weaponized open source apps | Ars Technica 'Poisoned' Tor Browser tracks Chinese users' online history, location Mystery Hackers Are ?Hyperjacking? Targets for Insidious Spying | WIRED A Matrix Update Patches Serious End-to-End Encryption Flaws | WIRED LA officials confirm ransomware group leaked students? personal data - The Record by Recorded Future Nearly 700 ransomware incidents traced back to wholesale access markets: report - The Record by Recorded Future Semiconductor industry faced 8 attacks from ransomware groups, extortion gangs in 2022 - The Record by Recorded Future CISA directs federal agencies to track software and vulnerabilities - The Record by Recorded Future Fake CISO Profiles on LinkedIn Target Fortune 500s ? Krebs on Security House Democrats debut new bill to limit US police use of facial recognition | TechCrunch EP000: Operation Aurora | HACKING GOOGLE - YouTube
In this Soap Box podcast Patrick Gray interviews Airlock Digital CTO Daniel Schell and CEO David Cottingham about Microsoft?s new Smart Application Control feature, why controlling browser extensions via endpoint instrumentation is really hard and why PAM solutions don?t actually do allowlisting, even if they claim they do.
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Lapsus$?s Teapot arrested by UK police Optus hacker issues grovelling apology after feeling AFP and ASD heat Ukraine claims Russia is planning massive attacks on its infrastructure RSOCKS bot herder begs for extradition to USA Russians scammed when seeking military service exemptions Much, much more
This week?s show is sponsored by Votiro. Ravi Srinivasan, Votiro?s CEO, joins the show this week to talk about how people are using content disarm and reconstruction.British teen arrested in hacking case Australian cybersecurity minister lambasts Optus for ?unprecedented' hack - The Record by Recorded Future CISA: Iranian hackers spent 14 months in Albanian gov?t network before launching ransomware - The Record by Recorded Future Iran shutters mobile networks, Instagram, WhatsApp amid protests - The Record by Recorded Future US Treasury carves out Iran sanctions exceptions for internet providers - The Record by Recorded Future Signal Is Asking People Around the World to Help Iranians Access the Encrypted App Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine | WIRED Risky Biz News: XakNet "hacktivists" linked to APT28 and Russia's GRU intelligence service Russia plans ?massive cyberattacks? on critical infrastructure, Ukraine warns | Ars Technica Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S. ? Krebs on Security ???????? ??????????? ? ????????????? ? ???????? ????? "?????" ????????? - ??? ???????, 26.09.2022 SIM Swapper Abducted, Beaten, Held for $200k Ransom ? Krebs on Security How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000 | Ars Technica The record-setting DDoSes keep coming, with no end in sight | Ars Technica International conflicts driving increased strength of DDoS attacks: report - The Record by Recorded Future Tarfile path traversal bug from 2007 still present in 350k open source repos | The Daily Swig
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:A look at how Uber got owned so hard Why cleartext cookie storage in Microsoft Teams? Electron-based app is actually a big deal Russian official: Starlink is a legitimate military target Wagner mercs get doxxed Kiwi Farms having a bad time Much, much more
In this week?s sponsor interview we?ll be chatting to Nucleus?s CEO Steve Carter about CISA?s KEV list. He has feelings about the KEV list ? they?re mostly positive, but he also has a few reasonable gripes and he joins me to talk about them.Uber attributes hack to Lapsus$, working with FBI and DOJ on investigation - The Record by Recorded Future Uber confirms it is investigating cybersecurity incident - The Record by Recorded Future Microsoft Teams stores cleartext auth tokens, won?t be quickly patched | Ars Technica SharpTongue Deploys Clever Mail-Stealing Browser Extension "SHARPEXT" | Volexity Hacking group focused on Central America dumps 10 terabytes of military emails, files Securing the Supply Chain of Nothing | Kelly Shortridge Russia Makes Veiled Threat to Destroy SpaceX's Starlink Pro-Ukraine Hacktivists Claim to Have Hacked Notorious Russian Mercenary Group Fears grow of Russian spies turning to industrial espionage - The Record by Recorded Future Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records Alternative payment apps such as AliPay a boon for cybercriminals, experts tell Congress CISA floats plan to partner with local universities for '311' cyberattack triage service - The Record by Recorded Future Breach of software maker used to backdoor ecommerce servers | Ars Technica Kiwi Farms has been breached; assume passwords and emails have been leaked | Ars Technica (8) Kevin Beaumont on Twitter: "The saga continues - there was (also?) a script injected for a month on Kiwi Farms called Troonshine, gathering information and credentials from user?s systems, posting it to ?https://t.co/XnrUu4t3sd?. They look very, very owned. https://t.co/kxdR8kxtC1" / Twitter Pentagon reviews psychological operations amid Facebook, Twitter complaints - The Washington Post Bosnia and Herzegovina investigating alleged ransomware attack on parliament - The Record by Recorded Future Botched Crypto Mugging Lands Three U.K. Men in Jail ? Krebs on Security Cryptocurrency company Wintermute says hackers stole $160 million - The Record by Recorded Future Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police
In this edition of the Soap Box podcast Patrick Gray talks to Haroon Meer about Thinkst Canary?s new sensitive command token. It?s a great way to detect intruders on your Windows systems. Haroon also talks about how to use canaries strategically.Show notes Canaries as Network Motion Sensors Sensitive Command Token - So much offense in my defense
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Albania suffers under another crippling Iranian attack Iran?s APT42 using clever, multi-persona phishing State Department cyber snitching program paying off Former NSA director Gen. Keith Alexander sued over alleged IronNet pump and dump Mudge fronts US Senate Judiciary Committee Much, much more?
This week?s show is brought to you by Stairwell. Mike Wiacek, Stairwell?s founder and CEO is this week?s sponsor guest and he talks about why they?ve pushed their Inception platform beyond YARA hunting. You can see a demo of Inception on our YouTube product demo page.Risky Biz News: Albania-Iran cyber drama far from over US sanctions Iran intelligence agency over Albania cyberattack - The Record by Recorded Future Tom Uren on Cyber Embuggerance Iranian military using spoofed personas to target nuclear security researchers - The Record by Recorded Future Iranian hackers spy on journalists and government officials, researchers warn - The Record by Recorded Future FBI, DOJ defend ?offensive? actions against Chinese, Russian operations - The Record by Recorded Future State Department bounty program for cybercriminal tips has 'born fruit,' top FBI official says More than $30 million seized from North Korean hackers involved in Axie crypto-theft - The Record by Recorded Future $30 Million Seized: How the Cryptocurrency Community Is Making It Difficult for North Korean Hackers To Profit - Chainalysis Twitter whistleblower testifies to Congress, calls for tech regulation reforms - The Record by Recorded Future Twitter whistleblower testifies before Senate Former NSA Head Keith Alexander Accused of Pump-and-Dump Scheme Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonation - The Record by Recorded Future Pro-Ukraine hackers claim attack on Russian TV broadcasts - The Record by Recorded Future Initial access broker or ransomware gang has 'exclusive' access to Mitel zero-day exploit: report - The Record by Recorded Future Cyberattacks against U.S. hospitals mean higher mortality rates, study finds Buenos Aires legislature announces ransomware attack - The Record by Recorded Future Ransomware attack knocked a Kentucky city-operated ISP offline before holiday - The Record by Recorded Future Ransomware attacks on retail increase, average retail payment grows to more than $200K - The Record by Recorded Future Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan - The Record by Recorded Future Patreon security team layoffs cause backlash in creator community This Clever Anti-Censorship Tool Lets Russians Read Blocked News | WIRED Apple Kills Passwords in iOS 16 and macOS Ventura | WIRED Catalin Cimpanu on Twitter: "They're still recruiting, btw" / Twitter Cyberfella on Twitter: "@campuscodi Please convince Patrick to have a segment about NAFO named "Shitposting Dogs on the Bird App are making Vatniks Seethe and Cope" on the next riskybizz ep ???" / Twitter ironnet chart - Google Search Stairwell's Inception Platform - YouTube ??? ???? ??????? (Everything Will Be Ukraine) - YouTube Pink Floyd - Hey Hey Rise Up (feat. Andriy Khlyvnyuk of Boombox) - YouTube PROBASS ? HARDI - GOOD EVENING (WHERE ARE YOU FROM?) - YouTube
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:China?s super spies figure out Rob Joyce ran TAO ops FBI, French authorities fly to Montenegro to investigate ransomware attack NEWSFLASH: Cloudflare are still a bunch of Nazi cuddlers SIM swap drama spills into real world shootings, firebombings Yandex Taxi hack clogs Moscow streets The TikTok breach that wasn?t Project Raven veterans get wings clipped Why recent BGP hijacks are getting a bit concerning Much, much more
This week?s show is brought to you by Corelight, the company that maintains Zeek. Corleight?s Federal CTO Jean Schaffer joins us in this week?s sponsor interview to talk about whether or not the White House?s executive order on Zero Trust is actually changing anything.Exclusive: Evidence shows US? NSA behind attack on email system of leading Chinese aviation university - Global Times Lukasz Olejnik on Twitter: "Chinese accusation of US/NSA cyberattacks on China's aviation university. Unusually, a strong protest issued by China's Foreign Ministry. Chinese media write about NSA extensively, and doxx/point at Rob Joyce, specifically. Highly amusing! https://t.co/PG1XzZoIcW https://t.co/wRMEAokhVj" / Twitter Patrick Gray on Twitter: "Great thread" / Twitter FBI and French officials arrive in Montenegro to investigate ransomware attack - The Record by Recorded Future Chile says gov?t agency struggling with ransomware attack - The Record by Recorded Future Italy warns of cyberattacks on energy industry after Eni, GSE incidents - The Record by Recorded Future Ransomware Gang Accessed Water Supplier?s Control System Experts warn of more Ragnar Locker attacks, days after group targets airline - The Record by Recorded Future Kevin Beaumont on Twitter: "IHG Hotel Group incident is ransomware" / Twitter Criminal hackers targeting K-12 schools, U.S. government warns QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign - The Record by Recorded Future Cloudflare Suggests It Won?t Cut Off Anti-Trans Stalking Forum Cloudflare reverses decision and drops trans trolling website Kiwi Farms | Internet | The Guardian Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire ? Krebs on Security State Department debars ex-NSA cyber mercenaries who aided vast UAE surveillance operation Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App Light Flashing, Siren Wailing: A Rich Muscovite in a Rush - The New York Times TikTok denies security breach after hackers leak user data, source code Samsung denies Social Security numbers involved in latest breach - The Record by Recorded Future Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking | by SlowMist | Coinmonks | Aug, 2022 | Medium nanog: Yet another BGP hijacking towards AS16509 A Windows 11 Automation Tool Can Easily Be Hijacked | WIRED Actors behind PyPI supply chain attack have been active since late 2021 | Ars Technica Cybercriminal Service 'EvilProxy' Seeks to Hijack Accounts Careless Errors in Hundreds of Apps Could Expose Troves of Data | WIRED WatchGuard firewall exploit threatens appliance takeover | The Daily Swig Patched TikTok security flaw allowed one-click account takeovers - The Record by Recorded Future Chrome extensions with 1.4M installs covertly track visits and inject code | Ars Technica Peter Eckersley, co-creator of Let?s Encrypt, dies at just 43 ? Naked Security DownUnderCTF
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:The Twilio breach was actually a big deal How a Belarusian Cyber Partisans hack burned a GRU illegal Who wants 25m hashed passwords from Russia? An NFT we can get behind How attackers are using game anti-cheat drivers to defeat EDR Much, much more
This week?s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks.Why the Twilio Breach Cuts So Deep | WIRED Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica The number of companies caught up in recent hacks keeps growing | Ars Technica How 1-Time Passcodes Became a Corporate Liability ? Krebs on Security (1) Christo Grozev on Twitter: "We first noticed her thanks to a super useful database shared with us by @cpartisans: the border crossing records of Belarus. We knew the passport ranges of GRU and FSB spies, so we decided to search in that data-set by partial matches, leaving the last 3 digits out as wildcards." / Twitter (1) Belarusian Cyber-Partisans on Twitter: "?1/3?For the 1st time in human history a #hacktivist collective obtained passport info of the ALL country's citizens. Now we're offering you an opportunity to become a part of this history ?. Get a unique digital version of #lukashenka passport as #NFT https://t.co/gOlWdoUehi https://t.co/RxdWpBqA8f" / Twitter A huge Chinese database of faces and vehicle license plates spilled online | TechCrunch Leading Russian streaming platform suffers data leak allegedly impacting 44 million users - The Record by Recorded Future Plex imposes password reset after hackers steal data for >15 million users | Ars Technica Montenegro struggles to recover from cyberattack that officials blame on Russia - The Record by Recorded Future Patrick Gray on Twitter: "https://t.co/DOFdMExsPe" / Twitter European data privacy watchdogs grill Twitter over Mudge security claims - The Record by Recorded Future Google announces open source vulnerability reward program after Log4j, Codecov issues - The Record by Recorded Future Google Online Security Blog: Announcing Google?s Open Source Software Vulnerability Rewards Program Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware' - The Record by Recorded Future LockBit ransomware group implicated in crippling attack on French hospital - The Record by Recorded Future Major U.S. library service confirms ransomware attack, struggling to restore affected systems - The Record by Recorded Future China-linked hackers target organizations operating in South China Sea - The Record by Recorded Future Chinese hackers zero in on Australian manufacturers, wind turbine operators FTC sues data broker that tracks locations of 125M phones per month | Ars Technica FCC launches investigation into mobile carriers? geolocation data practices - The Record by Recorded Future Most top mobile carriers retain geolocation data for two years on average, FCC findings show - CyberScoop Buddle co-accused one of 50 alleged criminals preparing challenge to police sting Researchers discover sprawling pro-U.S. social media influence campaign Unheard Voice: Evaluating five years of pro-Western covert influence operations Rights groups, company leaders decry silence over VLC player ban in India - The Record by Recorded Future
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:A deep look at Mudge?s sensational whistleblower complaint against Twitter Brazilian Federal Police raid Lapsus$ crew NSO CEO to stand down (again), 100 staff to be let go Signal users impacted in Twilio incident Tornado Cash OFACs around and finds out Much, much more
This week?s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don?t miss that one.Patrick Gray on Twitter: "Jesus? can open, worms everywhere. You basically can?t find anyone more credible than @dotMudge in infosec so this is a massive deal https://t.co/TaDQzTEtzR" / Twitter Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number - The Record by Recorded Future A Slack Bug Exposed Some Users? Hashed Passwords for 5 Years | WIRED TikTok Says, No, It Isn't Stealing Your Passwords Brazilian police launch investigation targeting Lapsus$ group - The Record by Recorded Future Israeli spyware company NSO Group CEO steps down | Reuters How a Third-Party SMS Service Was Used to Take Over Signal Accounts VIASAT hack impacted French critical services | Cybernews DOJ now relies on paper for its most sensitive court documents, official says Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs - The Record by Recorded Future Lloyd?s to forbid insurers from covering losses due to state-backed hacks - The Record by Recorded Future U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury OFAC Around and Find Out - Lawfare Suspected Tornado Cash developer arrested in Netherlands - The Record by Recorded Future Report: Ransomware gangs, fraudsters laundered $540 million through RenBridge platform - The Record by Recorded Future Risky Biz News: Is ransomware going after the Global South? Sure looks like it! Ransomware Now Threatens the Global South | Royal United Services Institute Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape | Radware Blog Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED Malicious code exploiting recent VMware bug publicly available, company warns - The Record by Recorded Future Breaking SIDH in polynomial time Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects Cisco confirms May attack by Yanluowang ransomware group - The Record by Recorded Future Cisco releases advisories for bug affecting more than 1 million security devices - The Record by Recorded Future Cisco warns of critical vulnerabilities in routers - The Record by Recorded Future North Korea-backed hackers have a clever way to read your Gmail | Ars Technica When Efforts to Contain a Data Breach Backfire ? Krebs on Security Microsoft: Bug in Janet Jackson?s ?Rhythm Nation? could crash a laptop - The Record by Recorded Future Anonymous poop gifting site hacked, customers exposed
In this edition of the Soap Box podcast Okta?s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware.
He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication.Show notes Defending against session hijacking
On this week?s show Patrick Gray and Adam Boileau discuss the week?s security news, including:Taiwan tensions fail to conjure the cyber apocalypse Crypto bridge exploit results in $150m feeding frenzy Chainalysis evidence to be challenged in court Post-quantum NIST candidate algorithm gets smoked DSIRF?s Russia links Much, much more
This week?s sponsor interview is with Jerrod Chong from Yubico. He?s joining the show to talk about why consumer-focussed implementations of Webauthn like Apple?s Passkeys aren?t a great enterprise solution.Taiwanese websites hit with DDoS attacks as Pelosi begins visit 'Frenzied mob' steals more than $156 million from crypto platform Nomad - The Record by Recorded Future Bitcoin Fog Case Could Put Cryptocurrency Tracing on Trial | WIRED Post-quantum encryption contender is taken out by single-core PC and 1 hour | Ars Technica Federal court system suffered previously undisclosed breach, congressional committee says Australian police charge man with developing spyware used by more than 14,500 people - The Record by Recorded Future Risky Biz News: Microsoft puts the limelight on another spyware maker?DSIRF from Austria Eavesdropping probe finds Israeli police exceeded authority | AP News Hacker use of Microsoft macros plummeted after default block: report - The Record by Recorded Future On security researcher's newsletter, exposing cybercriminals behind ransomware Luxembourg energy companies struggling with alleged ransomware attack, data breach - The Record by Recorded Future At least 34 healthcare orgs affected by alleged ransomware attack on OneTouchPoint - The Record by Recorded Future American Dental Association says April cyberattack involved ransomware - The Record by Recorded Future Ransomware group demands £500,000 from British schools, citing cyber insurance policy - The Record by Recorded Future Hackers stole passwords for accessing 140,000 payment terminals | TechCrunch Experts warn of hacker claiming access to 50 U.S. companies through breached MSP - The Record by Recorded Future German prosecutors issue warrant for Russian government hacker over energy sector attacks - The Record by Recorded Future The commercial satellite boom is leaving space vulnerable to hackers - The Record by Recorded Future Report to Congress of the U.S.-China Economic and Security Review Commission - U.S.-China Economic and Security Review Commission - Google Books Spanish police arrest two accused of hacking radioactivity alert system - The Record by Recorded Future