Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Ransomware: down but not out
• Zero day prices on the rise…
• … and what it means for enterprise software
• Geopolitical conflict comes to computers in Palau
• Ukraine cyber chief Illia Vitiuk suspended
• More x86 microarchitectural bad times
• And much much more

Proofpoint’s chief strategy officer Ryan Kalember is this week’s sponsor guest. He takes aim at some recent vendor trends, like security companies describing themselves as “platforms”.

Show notes

• CyberCX_Report_DFIR 2023 Year in Review_Online.pdf
• Ransomlook Stats
• Vlad Styran ???????? on X: ".@riskybusiness has noted recently that there is an “orthodox Easter”-like low season in the ransomware village. Although my sources do not support this assessment, if true, there might be a simple explanation https://t.co/kM8lu6KbyY" / X
• Price of zero-day exploits rises as companies harden products against hackers | TechCrunch
• Mandiant spots advanced exploit activity in Ivanti devices | Cybersecurity Dive
• Pricing - Knocknoc
• ALPHV steps up laundering of Change Healthcare ransom payments | CyberScoop
• Extortion group threatens to sell Change Healthcare data | CyberScoop
• Attempted hack on NYC continues wave of cyberattacks against municipal governments
• Missouri county declares state of emergency amid suspected ransomware attack | Ars Technica
• Medusa cybercrime gang takes credit for another attack on US municipality
• Omni Hotels & Resorts hit by cyberattack | Cybersecurity Dive
• Targus says cyberattack is causing operational outage | TechCrunch
• German database company Genios confirms ransomware attack
• Researchers discover new ransomware gang ‘Muliaka’ attacking Russian businesses
• ‘An attack on the reputation of Palau’: officials question who was really behind ransomware incident
• 'They’re lying': Palau denies claims by ransomware gang over recent cyberattack
• Ukrainian security service’s cyber chief suspended following media investigation
• Russia seeks criminal charges against executives at flight booking service accused of failing to protect consumer data
• House hurtles toward showdown over expiring surveillance tools | CyberScoop
• D-Link tells customers to sunset actively exploited storage devices | Cybersecurity Dive
• A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask | WIRED
• Ahoi Attacks
• Linux Kernel Patched For Branch History Injection "BHI" Intel CPU Vulnerability - Phoronix
• Ransomware gang’s new extortion trick? Calling the front desk | TechCrunch
• Evolving Threat Landscape: A Deep Dive into Multichannel Attacks Targeting Retailers | Proofpoint US