Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #628 -- Microsoft is not your friend
On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:
- Microsoft reluctantly and belatedly discloses breach
- Chinese APT suspected of Air India breach
- JBS paid $11m even though they successfully restored systems
- cl0p money launderer arrests
- Ransomware news roundup
- All the latest research and MORE
This week’s show is brought to you by Greynoise. Its founder and CEO, Andrew Morris, joins us this week to talk through some of the work he’s been doing to extend Greynoise’s use cases. It’s a great chat, that one.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes Microsoft says SolarWinds hacking group has breached three new victims - The Record by Recorded Future Are The FBI’s ‘Most Wanted’ Chinese Spies Hacking The Airline Industry? Sprawling cyber-espionage campaign linked to Chinese military unit - The Record by Recorded Future APT group targets diplomatic organizations in Africa and the Middle East - The Record by Recorded Future Al Jazeera repels cyber-attacks that sought to disrupt media network | The Daily Swig Beef supplier JBS paid ransomware hackers $11 million Arrested Clop gang members laundered over $500M in ransomware payments - The Record by Recorded Future A week after arrests, Cl0p ransomware group dumps new tranche of stolen data | Ars Technica Tulsa police say 18,000 files are leaked after Conti ransomware hack City of Liege, Belgium hit by ransomware - The Record by Recorded Future Ransomware group 'Hades' claims more victims as investigators seek answers New Australian bill would force companies to disclose ransomware payments - The Record by Recorded Future White House weighs cracking down on secret ransomware payments, pursuing hackers Using VMs to hide ransomware attacks is becoming more popular - The Record by Recorded Future Ransomware gangs are increasingly going after SonicWall devices - The Record by Recorded Future Cisco routers come under attack, including a destructive hacktivist campaign - The Record by Recorded Future Microsoft admits to signing a malicious rootkit driver - The Record by Recorded Future Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents Zyxel says a threat actor is targeting its enterprise firewall and VPN devices - The Record by Recorded Future MyBook Users Urged to Unplug Devices from Internet – Krebs on Security French Spyware Executives Are Indicted for Aiding Torture | WIRED Google to require 2FA and a physical address from Android app devs - The Record by Recorded Future Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison FIN7 scammers posed as SEC officials, sick restaurant customers to hack victims Cybercriminals are deploying legit security tools far more than before, researchers conclude NFC Flaws Let Researchers Hack ATMs by Waving a Phone | WIRED North Korean hackers breach South Korean submarine builder (again) - The Record by Recorded Future North Korean hackers breach South Korea's atomic research agency through VPN bug - The Record by Recorded Future MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework - The Record by Recorded Future Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened US Computer Fraud and Abuse Act: What the ‘landmark’ Van Buren ruling means for security researchers | The Daily Swig Episode 204: [Insert Inscrutable Title Here] – The National Security Law Podcast Supreme Court revives LinkedIn case to protect user data from web scrapers | TechCrunch Biden revokes Trump TikTok and WeChat ban order - The Washington Post EA source code stolen by hacker claiming to sell it online | Ars Technica PoC exploit accidentally leaks for dangerous Windows PrintNightmare bug - The Record by Recorded Future Project Zero: An EPYC escape: Case-study of a KVM breakout Instagram vulnerability nets researcher $30k after exposing users’ private content | The Daily Swig A Well-Meaning Feature Leaves Millions of Dell PCs Vulnerable | WIRED Connecting to malicious Wi-Fi networks can mess with your iPhone | Ars Technica Google patches Chrome zero-day linked to 'commercial exploit company' - The Record by Recorded Future Hackers can mess with HTTPS connections by sending data to your email server | Ars Technica NSA leaker Reality Winner released early for good behavior - The Record by Recorded Future AV mogul John McAfee found dead by hanging in Spanish prison cell | Ars Technica Canadian Navy wins US Cyber Command training exercise - The Record by Recorded Future