Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #601 -- Everyone's messing with TrickBot
On this week’s show Patrick and Adam discuss the week’s security news, including:
- Yep, it was Cyber Command
- Also Microsoft, Symantec, Lumen and others
- Norwegian parliament hack pinned on Russia
- We finally talk about “ethics in OST”
- More
Netflix senior security engineer Scott Behrens also joins the show this week. This week’s episode if brought to you by Signal Sciences – which is now a part of Fastly – and they suggested we talk to Scott for their sponsor slot this week. So, Scott joins the show to talk through how Netflix handles appsec.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes Report: U.S. Cyber Command Behind Trickbot Tricks — Krebs on Security Persistently Engaging TrickBot: USCYBERCOM Takes on a Notorious Botnet - Lawfare (1) Ciaran Martin on Twitter: "Fascinating account from @BobbyChesney on new adaptation of persistent engagement: the hounds released against #ransomware. https://t.co/Dk5Spcjkmy" / Twitter Trickbot and the Context of Cyber Warfare – Stranded on Pylos TrickBot botnet survives takedown attempt, but Microsoft sets new legal precedent | ZDNet The Man Who Speaks Softly—and Commands a Big Cyber Army | WIRED FBI/DHS: Government election systems face threat from active Zerologon exploits | Ars Technica DHS warns that Emotet malware is one of the most prevalent threats today | Ars Technica Norway says Russian hackers carried out breach at parliament Russian-speaking hackers target Russian organizations with industrial spying tools Chinese hackers suspected in cyber-espionage operation against Russia, India 'Mercenary' hacker group runs rampant in Middle East, cybersecurity research shows | Reuters Lined up in the sights of Vietnamese hackers Five Eyes governments, India, and Japan make new call for encryption backdoors | ZDNet Cyber Command and Microsoft pile in on TrickBot - Risky Business Top reason to apply October, 2020’s Microsoft patches: Ping of Death Redux – Sophos News German tech giant Software AG down after ransomware attack | ZDNet Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work — Krebs on Security Malware gangs love open source offensive hacking tools | ZDNet Researchers map threat actors’ use of open source offensive security tools | The Daily Swig Researchers Found 55 Flaws in Apple's Corporate Network | WIRED Swiss Post releases bug bounty safe harbor wording under Creative Commons license | The Daily Swig