Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #567 -- ToTok, Iran and big-game ransomware galore
In this week’s show Patrick Gray and Alex Stamos discuss all the week’s news, including:
- Will Iran cyber all the cybers?
- ToTok chat app alleged to be UAE spy tool
- China makes moves on own OS
- Big game ransomware hits crisis levels
- WSJ carries water for NSO Group
- Much, much more
This week’s show is brought to you Bugcrowd. We’ll be hearing from Bugcrowd’s Casey Ellis in this week’s sponsor interview. He’ll be talking about the US federal government’s decision to force all departments into accepting bug reports – he thinks this is a move that will have a big impact on the wider security ecosystem.
Links to everything are below!
Show notes Homeland Security warns businesses to brace for Iranian cyberattacks | TechCrunch After U.S. kills Iranian general, analysts warn of Tehran’s ability to retaliate in cyberspace Unpatched US government website gets pwned by pro-Iran script kiddie | Ars Technica Iranian Hackers Claim Defacement of Texas Government and Alabama Veterans Websites - VICE It Seemed Like a Popular Chat App. It’s Secretly a Spy Tool. - The New York Times Google Reinstates Reported UAE Surveillance App ToTok - VICE U.S. Army bans TikTok amid ongoing scrutiny of Chinese-made video app Two of China's largest tech firms are uniting to create a new 'domestic OS' | ZDNet Police Tracked a Terror Suspect—Until His Phone Went Dark After a Facebook Warning - WSJ US Coast Guard discloses Ryuk ransomware infection at maritime facility | ZDNet Frankfurt shuts down IT network following Emotet infection | ZDNet Sodinokibi ransomware plagues Travelex currency exchange as investigation continues Company shuts down because of ransomware, leaves 300 without jobs just before holidays | ZDNet Maze ransomware was behind Pensacola “cyber event,” Florida officials say | Ars Technica FBI warns U.S. companies about Maze ransomware, appeals for victim data - CyberScoop Another ransomware strain is now stealing data before encrypting it | ZDNet New Orleans hit by ransomware, city employees told to turn off computers | ZDNet Pensacola confirms ransomware attack but provides few details | Ars Technica Ransomware at IT Services Provider Synoptek — Krebs on Security Arkansas telemarketing firm blames ransomware for sudden holiday closure - CyberScoop Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up — Krebs on Security Hackensack Meridian Health pays attackers to thwart ransomware incident - CyberScoop Big Game Ransomware being delivered to organisations via Pulse Secure VPN The Hidden Cost of Ransomware: Wholesale Password Theft — Krebs on Security Hackers steal data for 15 million patients, then sell it back to lab that lost it | Ars Technica Apple sues security vendor for DMCA violations - The Verge Apple opens public bug bounty program, publishes official rules | ZDNet Not so IDLE hands: FBI program offers companies data protection via deception | Ars Technica A Twitter app bug was used to match 17 million phone numbers to user accounts | TechCrunch Chinese hacker group caught bypassing 2FA | ZDNet Critical flaw in Citrix applications could allow unauthorized access to internal networks Hacker who blackmailed Apple in 2017 gets no prison time | ZDNet Member of 'The Dark Overlord' hacking group extradited to the US | ZDNet Rambler will drop NGINX criminal case | ZDNet How Hackers Are Breaking Into Ring Cameras - VICE Over 1,500 Ring passwords have been found on the dark web | TechCrunch We Tested Ring’s Security. It’s Awful - VICE Creditors Seek to Exhume the Body of a Dead Crypto Executive | WIRED Lithuanian scammer gets 5 years for defrauding Google, Facebook of $120 million Web Cache Deception attacks still impact websites with 'substantial user populations' | ZDNet iPhones and iPads finally get key-based protection against account takeovers | Ars Technica Mozilla to force all add-on devs to use 2FA to prevent supply-chain attacks | ZDNet Npm team warns of new 'binary planting' bug | ZDNet Only 9.27% of all npm developers use 2FA | ZDNet Half of the websites using WebAssembly use it for malicious purposes | ZDNet U.S. Launches Fresh Assault On Apple’s ‘Warrant-Proof Encryption’ The Great $50M African IP Address Heist — Krebs on Security 'Shattered': Inside the secret battle to save America's undercover spies in the digital age