Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• easyJet breach linked to Chinese APT
• Israel claims credit for attack against Iranian port
• Chinese-linked crew behind Taiwan energy hax
• Crypto-wars reignite over Pensacola shooter’s phone
• Much, much more

This week’s show is brought to you by Gigamon Threat Insight. Will Peteroy is our sponsor guest in this week’s show and he drops by with a pretty sobering message: large companies are provisioning VPN access to all and sundry right now because of the COVID-19 crisis and ransomware crews are sailing right on in on the back of that access.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes EasyJet announces breach impacting 9 million people China hackers suspected in easyJet attack Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company 'Greenbug' hacking group hits three telecom firms in Pakistan US will try Joshua Schulte again for allegedly leaking CIA hacking tools iPhone crypto hid al-Qaida link to naval base shooting, AG fumes | Ars Technica iPhone Research Tool Sued by Apple Says It’s Just Like a PlayStation Emulator - VICE Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump | ZDNet UK electricity middleman hit by cyber-attack | ZDNet Hackers preparing to launch ransomware attacks against hospitals arrested in Romania | ZDNet Supercomputers hacked across Europe to mine cryptocurrency | ZDNet Security incident knocks UK supercomputer service offline for days U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs — Krebs on Security Scammers steal $10 million from Norfund, the largest sovereign wealth fund FBI warns about attacks on Magento online stores via old plugin vulnerability | ZDNet Top 10 Routinely Exploited Vulnerabilities | CISA Hackers target the air-gapped networks of the Taiwanese and Philippine military | ZDNet New Ramsay malware can steal sensitive documents from air-gapped networks | ZDNet COMpfun authors spoof visa application with HTTP status-based Trojan | Securelist Pentagon Contractors’ Report on ‘Wuhan Lab’ Origins of Coronavirus Is Bogus This Service Helps Malware Authors Fix Flaws in their Code — Krebs on Security A cybercrime store is selling access to more than 43,000 hacked servers | ZDNet US Commerce Department tightens screws on Huawei export controls Huawei denies involvement in buggy Linux kernel patch proposal | ZDNet Chrome will soon block resource-draining ads. Here’s how to turn it on now | Ars Technica Google to start rolling out Chrome Tab Groups feature next week | ZDNet Microsoft adds initial support for DNS-over-HTTPS (DoH) in Windows Insiders | ZDNet Cloud security: Attacking Azure AD to expose sensitive accounts and assets | The Daily Swig Service NSW: Australian government agency hit by cyber-attack | The Daily Swig PrintDemon vulnerability impacts all Windows versions | ZDNet Critical SharePoint and browser security flaws star in May Patch Tuesday | The Daily Swig XSS vulnerability in ‘Login with Facebook’ button earns $20,000 bug bounty | The Daily Swig BIND 9 security releases address two high severity vulnerabilities | The Daily Swig Web Giants Scrambled to Head Off a Dangerous DDoS Technique | WIRED Hundreds of thousands of QNAP devices vulnerable to remote takeover attacks | ZDNet How to use Trend Micro's Rootkit Remover to Install a Rootkit – Bill Demirkapi's Blog – The adventures of a 18 year old security researcher. Officials: Israel linked to a disruptive cyberattack on Iranian port facility - The Washington Post Gigamon ThreatINSIGHT| Network Detection and Response | Gigamon