Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

https://risky.biz/

subscribe
share





Risky Business #627 -- USG claws back Colonial pipeline ransom money


On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • US Government claws back Colonial ransom bitcoin. We don’t think the FBI acted alone.
  • Meet an0m, the cute little app for planning crimes that drinks milkshakes.
  • Ransomware stuff, duh.
  • Trickbot developer arrested in Florida
  • Supreme court upends CFAA “exceed authorised access” element
  • Much, much more

This week’s show is brought to you by Datadog. Michael Yamnitsky will be along in this week’s sponsor interview to talk about cloud security posture management. DataDog is launching a product in that space, so we’ll be hearing about the types of issues CSPM products can help to unearth.

If you book a demo of their product they’ll send you a free Datadog tee-shirt. The link is in the show notes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Feds recover millions from pipeline ransom hackers, hint at U.S. internet tactic Exclusive: U.S. to give ransomware hacks similar priority as terrorism | Reuters Hacking accusations are meant to stir conflict ahead of US summit, Russian president says (11) Jenna McLaughlin on Twitter: "He also says "ransomware is a national security priority" particularly when it come to critical infrastructure. He would like to see out of G7 an "action plan" on how to increase resilience, share info, and "deal with the cryptocurrency challenge" when it comes to ransomware." / Twitter Cyberattack hits JBS, world's largest meat processor - The Washington Post FBI: JBS ransomware attack was carried out by REvil | The Record by Recorded Future TV news stations become apparent target in next cyberattack Ransomware attack disrupts Massachusetts ferries | The Record by Recorded Future Fujifilm shuts down computer systems following apparent ransomware intrusion Ransomware hits Capitol Hill contractor | The Record by Recorded Future Sensitive medical, financial data exposed in extortion of Massachusetts hospital Ransomware Struck Another Pipeline Firm—and 70GB of Data Leaked | WIRED US arrests Latvian woman who worked on Trickbot malware source code | The Record by Recorded Future Tokyo Olympics organizers' data swept up in Fujitsu hack: report Supreme Court narrows scope of CFAA computer hacking law | The Record by Recorded Future Australian Federal Police and FBI nab criminal underworld figures in worldwide sting using encrypted app - ABC News (11) Seamus Hughes on Twitter: "Let's advance the story a bit w/ some original reporting: An FBI informant introduced Anom to Phantom Secure & Sky Global users in 2018. The informant gave each user a unique ID number, the FBI had full access to that ID list. Working w/ AFP, it was called Operation Trojan Horse" / Twitter British military seeks briefings from Australia over security concerns about Israeli battle management technology - ABC News Zerodium acquiring zero-days in Pidgin, an IM client popular with cybercriminals | The Record by Recorded Future CISA launches platform to let hackers report security bugs to US federal agencies | TechCrunch Ukraine warns of 'massive' Russian spear-phishing campaign | The Record by Recorded Future Backdoor malware found on the Myanmar president's website, again | The Record by Recorded Future Adventures in Contacting the Russian FSB – Krebs on Security FireEye is selling its security products business for $1.2B GitHub changes policy to welcome security researchers | The Daily Swig This is not a drill: VMware vuln with 9.8 severity rating is under attack | Ars Technica First major voting vendor, Hart InterCivic, partners with Microsoft on ambitious software security tool ElectionGuard Akamai offers post-mortem on recently resolved authentication platform vulnerability | The Daily Swig Akamai EAA Impersonation Vulnerability - A Deep Dive - The Akamai Blog Cloud Security Posture Management -- get a demo and receive a free Datadog tee-shirt


share







 2021-06-09  n/a