Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #593 -- China promises "mortal combat in the tech realm"
On this week’s show Patrick and Adam discuss the week’s security news, including:
- Trump’s war on TikTok (featuring guest Alex Stamos)
- Twitter hackers caught. Pretty embarrassing stuff, really.
- NSO implants target Easter Bunny
- Garmin may need a good OFAC lawyer (featuring comment from Dmitri Alperovitch)
- Blackberry cracked after five years leads to multiple arrests in Australia
- Much, much more
Matt Cauthorn of ExtraHop Networks is this week’s news guest. He’ll join us to talk about how the pivot to work from home has changed incident response workflows. The tl;dr is the north-south traffic might look a bit different these days but the east-west shenanigans are still the same.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes TikTok review reduced to meaningless farce - Risky Business China will not accept U.S. 'theft' of TikTok: China Daily - Reuters Beware of find-my-phone, Wi-Fi, and Bluetooth, NSA tells mobile users | Ars Technica Three Individuals Charged For Alleged Roles In Twitter Hack | USAO-NDCA | Department of Justice How the Alleged Twitter Hackers Got Caught | WIRED US files superseding indictment against former Twitter employees accused of spying for Saudi Arabia Twitter prepares to pay up to $250 million for using security data for advertising Exclusive: Papers leaked before UK election in suspected Russian operation were hacked from ex-trade minister - sources - Reuters Religious, political leaders in Togo allegedly targeted with NSO Group spyware 'Payment sent' - travel giant CWT pays $4.5 million ransom to cyber criminals - Reuters Garmin 'paid multi-million dollar ransom to criminals using Arete IR', say sources | Science & Tech News | Sky News Ransomware gang publishes tens of GBs of internal data from LG and Xerox | ZDNet Blackberry cracked five years after seizure sparks mass arrests for drug importation For North Korea, phishing with fake job-recruitment emails never gets old Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor | ZDNet Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH) | ZDNet EU sanctions China, Russia, and North Korea for past hacks | ZDNet Hackers Broke Into Real News Sites to Plant Fake Stories | WIRED Here's how Army Cyber Command plans to take on information warfare Exclusive: China-backed hackers 'targeted COVID-19 vaccine firm Moderna' - Reuters Kaspersky: New hacker-for-hire mercenary group is targeting European law firms | ZDNet BootHole fixes causing boot problems across multiple Linux distros | ZDNet Theoretical technique to abuse EMV cards detected used in the real world | ZDNet Is Your Chip Card Secure? Much Depends on Where You Bank — Krebs on Security New tool detects shadow admin accounts in AWS and Azure environments | ZDNet Cloud Native Security: Network Detection and Response | ExtraHop