Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

https://risky.biz/

subscribe
share






Risky Business #582 -- Germans indict APT28 operator


On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Salt framework 1Day wreaks havoc
  • Toll Group hit with ransomware attack. Again.
  • Germans indict APT28 operator
  • Ransomware a key word in SEC filings
  • Much, much more!

This week’s show is brought to you by Remediant. They offer software that lets you get privileged accounts under control very quickly. In this week’s sponsor interview we’re chatting with Remediant’s COO Paul Lanzi and Julie Smith, the executive director of the Identity Defined Security Alliance (IDSA). We’ll be talking about what the IDSA actually is and what its goals are.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Salt DevOps framework shaken by data center server security flaws | The Daily Swig CT2 Log Compromised via Salt Vulnerability - Google Groups Ghost blogging platform servers hacked and infected with crypto-miner | ZDNet Hackers seize on software flaw to breach two victims, despite patch availability Hackers breach LineageOS servers via unpatched vulnerability | ZDNet German authorities charge Russian hacker for 2015 Bundestag hack | ZDNet bellingcat - Who Is Dmitry Badin, The GRU Hacker Indicted By Germany Over The Bundestag Hacks? - bellingcat Toll Group suffers second ransomware attack this year - Security - iTnews Taiwan’s state-owned energy company suffers ransomware attack Ransomware mentioned in 1,000+ SEC filings over the past year | ZDNet Indonesian e-commerce giant probes reported breach of 91 million credentials Estonia: Foreign hackers breached local email provider for targeted attacks | ZDNet Google and Apple Reveal How Covid-19 Alert Apps Might Look | WIRED Australia’s COVID-19 app is buggy, not yet operational - Risky Business (13) Senator Murray Watt on Twitter: "Here are just a few of the issues with the Govt’s #COVIDSafe app that we’ll explore at today’s #COVID-19 Senate hearing. If it’s central to our recovery, we need to know it works. ⁦@riskybusiness⁩ https://t.co/ATtL6UExqs" / Twitter Coronavirus Australia: COVIDSafe app privacy law to seek jail time for offenders The United Nations Coronavirus App Doesn’t Work - VICE Apple, Google ban use of location tracking in contact tracing apps - Reuters Hacker Bribed 'Roblox' Insider to Access User Data - VICE CursedChrome turns your browser into a hacker's proxy | ZDNet Google announces Chrome Web Store crackdown for August 2020 | ZDNet First seen in the wild - Malware uses Corporate MDM as attack vector - Check Point Research Executive Order on Securing the United States Bulk-Power System | The White House DHS CISA to provide DoH and DoT servers for government use | ZDNet UK NCSC to stop using 'whitelist' and 'blacklist' due to racial stereotyping | ZDNet SAP notifying 9% of customers about mysterious cloud products security holes | ZDNet Adult Cam Site CAM4 Exposed 10.88 Billion Records Online | WIRED How Cybercriminals are Weathering COVID-19 — Krebs on Security NSO Group partly disputes claim about use of U.S.-based servers in WhatsApp spy campaign LabCorp investors file lawsuit, alleging 'persistent' failure to secure data Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use Apple will make it easier to unlock your iPhone while wearing a face mask | TechCrunch Magento security: Adobe patches six critical flaws in e-commerce platform | The Daily Swig Oracle warns of attacks against recently patched WebLogic security bug | ZDNet Putting Identity at the Center of Security - Identity Defined Security Alliance Remediant: Privileged Access Management | SecureONE


fyyd: Podcast Search Engine
share








 May 6, 2020  n/a