Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

• The UHS ransomware attack
• Someone is messing with TrickBot: Did the USA release the hounds?
• US Treasury issues final warning on sanctioned ransomware crews
• Azerbaijan and Armenia going at it
• Fancy Bear owns US government department

Nucleus Security co-founder Scott Kuffer joins the show in this week’s sponsor interview to talk about how they have discovered a LOT of enterprises are actually trying to develop in-house vulnerability management software and how that is not going well.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes A Ransomware Attack Has Struck a Major US Hospital Chain | WIRED German investigators treating ransomware attack as negligent homicide, reports say Attacks Aimed at Disrupting the Trickbot Botnet — Krebs on Security Microsoft: Some ransomware attacks take less than 45 minutes | ZDNet US Treasury says some ransomware payments may need its express approval | ZDNet Front companies for Chinese and Iranian APTs doxxed - Risky Business Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack — Krebs on Security Alleged Iranian hackers balanced espionage with personal cybercrime, US indictment says - CyberScoop US charges Iranian hackers for breaching US satellite companies | ZDNet A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware | WIRED Microsoft says Iranian hackers are exploiting the Zerologon vulnerability | ZDNet Spies hacked Azerbaijan government officials as Nagorno-Karabakh conflict escalated North Korea has tried to hack 11 officials of the UN Security Council | ZDNet Federal Agency Compromised by Malicious Cyber Actor | CISA Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency | WIRED Microsoft removed 18 Azure AD apps used by Chinese state-sponsored hacker group | ZDNet TikTok, WeChat survive in US app stores — one with a deal, the other with a judge's help Russia wants to ban the use of secure protocols such as TLS 1.3, DoH, DoT, ESNI | ZDNet Kevin Rudd: «The Dollar is One of the Things China Fears» Portland passes landmark private sector facial recognition technology ban | The Daily Swig All four of the world's largest shipping companies have now been hit by cyber-attacks | ZDNet UN maritime agency says it was hacked | ZDNet Trump officials hint at update for US maritime cybersecurity Encrochat Investigation Finds Corrupt Cops Leaking Information to Criminals KuCoin cryptocurrency exchange hacked for $150 million | ZDNet GitHub rolls out new Code Scanning security feature to all users | ZDNet Facebook sues two Chrome extension makers for scraping user data | ZDNet Senator asks DHS if foreign-controlled browser extensions threaten the US | Ars Technica A security flaw in Grindr let anyone easily hijack user accounts | TechCrunch Hackers claim they can now jailbreak Apple's T2 security chip | ZDNet Critical stored XSS vulnerability in Instagram’s Spark AR Studio nets 14-year-old researcher $25,000 | The Daily Swig Mozilla shuts down Firefox Send and Firefox Notes services | ZDNet Member of 'The Dark Overlord' hacking group sentenced to five years in prison | ZDNet LinkedIn hacker Nikulin sentenced to 7 years in prison after years of legal battles John McAfee arrested in Spain, charged with tax evasion