Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #617 -- Exchangapalooza '21
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- All the Exchange boxes on the planet have pretty much been owned lol
- See above
- Someone’s hacking Russian crime forums
- The Accellion scandal keeps on truckin’
- Dependency confusion attacks are going berserk in the wild
- Gab got owned. Again.
- John McAfee is in all sorts of trouble
- Much, much more
This week’s show is brought to you by Nucleus Security. Its director of APAC operations, Gil Azaria, joins us in this week’s sponsor interview to talk about how he became a Nucleus customer before he joined the vendor as its APAC guy.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes Warning the World of a Ticking Time Bomb — Krebs on Security Web shells everywhere - Risky Business A Basic Timeline of the Exchange Mass-Hack — Krebs on Security Attacks on Exchange servers expand from nation-states to cryptominers | The Record by Recorded Future At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software — Krebs on Security Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims | WIRED CISA orders US agencies to address Microsoft flaws exploited by suspected Chinese hackers Attacks on SolarWinds Servers Also Linked To Chinese Threat Actor | The Record by Recorded Future ‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer | WIRED Three Top Russian Cybercrime Forums Hacked — Krebs on Security The Accellion Breach Keeps Getting Worse—and More Expensive | WIRED Ransomware Gang Fully Doxes Bank Employees in Extortion Attempt Cloud security firm Qualys reportedly victimized by prolific scammers - CyberScoop Ransomware Gang Threatens To Launch DDoS Attacks, Call Reporters and Business Partners | The Record by Recorded Future A new type of supply-chain attack with serious consequences is flourishing | Ars Technica Open source software repositories play ‘whack-a-mole’ as ‘dependency confusion’ copycats exceed 5,000 | The Daily Swig Massive FluBot Botnet Infects 60,000 Android Smartphones | The Record by Recorded Future FluBot Malware Gang Arrested in Barcelona | The Record by Recorded Future Gab, a haven for pro-Trump conspiracy theories, has been hacked again | Ars Technica US Charges Infosec Veteran John McAfee over Cryptocurrency Pump-and-Dump Scheme | The Record by Recorded Future GitHub users forcibly logged out of accounts to patch ‘potentially serious’ security bug | The Daily Swig Airlines warn of data breaches after SITA passenger system hack | TechCrunch Solutions to Detect Ransomware Attacks Can Often Be Very Trivial | The Record by Recorded Future Research: How JSON parsers can create security risks when it comes to interoperability | The Daily Swig Trojan Spyware and BEC Attacks CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF NSA and CISA promote PDNS concept | The Record by Recorded Future Microsoft Exchange exploitation: how to detect, mitigate, and stay calm