Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.



Risky Business #615 -- Dependency confusion is, uh, pretty bad

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • USA floats new sanctions against Russia
  • TikTok, WeChat get stay of execution
  • Dependency confusion is ugh
  • US indicts Lazarus crypto-thieves
  • France ties Sandworm crew to Centreon intrusion
  • MORE

This week’s show is brought to you by Thinkst Canary. Thinkst’s founder Haroon Meer is this week’s sponsor guest and he joins us to have a very Haroon-style conversation. We talk about how security controls and detections often fall over when things happen that take place outside of our assumptions: trojaned software updates, attackers hiding in unconventional places like monitors, things like that. That’s a great conversation.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Biden administration planning to sanction Russia for SolarWinds hacks - The Washington Post SolarWinds hackers targeted NASA, Federal Aviation Administration networks | TechCrunch SolarWinds hackers studied Microsoft source code for authentication and email | Reuters Centreon says only 15 entitites were targeted in recent Russian hacking spree | ZDNet France Ties Russia's Sandworm to a Multiyear Hacking Spree | WIRED Dax-Côte d’Argent hospital in France hit by ransomware attack | The Daily Swig FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group | ZDNet China Hijacked an NSA Hacking Tool in 2014—and Used It for Years | WIRED Biden administration pauses Trump's plans to ban WeChat, TikTok - CyberScoop North Korean Hackers Accused Of ‘Biggest Cryptocurrency Theft Of 2020’—Their Heists Are Now Worth $1.75 Billion Feds Indict North Korean Hackers for Years of Heists and Scams | WIRED Dependency confusion attack mounted via PyPi repo exposes flawed package installer behavior | The Daily Swig Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Feb, 2021 | Medium Microsoft warns enterprises of new 'dependency confusion' attack technique | ZDNet Microsoft starts removing Flash from Windows devices via new KB4577586 update | ZDNet Flash version distributed in China after EOL is installing adware | ZDNet Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang — Krebs on Security (2) The Riviera Maya Gang: Cash, Crime, Killing - YouTube Spike in ATM Skimming in Mexico? — Krebs on Security Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests | ZDNet New malware found on 30,000 Macs has security pros stumped | Ars Technica Apple Is Going to Make It Harder to Hack iPhones With Zero-Click Attacks RIPE NCC discloses failed brute-force attack on its SSO service | ZDNet Lawmakers Demand Answers from Military on Muslim App Data BIND implements DNS-over-HTTPS to offer enhanced privacy | The Daily Swig Parler Says It’s Back | WIRED Security bugs left unpatched in Android app with one billion downloads | ZDNet Yandex said it caught an employee selling access to users' inboxes | ZDNet Prosecutor charges former phone company employee in SIM-swap scheme | Ars Technica Authorities arrest SIM swapping gang that targeted celebrities | ZDNet Data retention laws: Australian police given new metadata recommendations Prosecutors Suspend Government Spyware Used in WhatsApp Phishing Attacks Canary — know when it matters


 2021-02-24  n/a