Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

https://risky.biz/

subscribe
share





Risky Business #629 -- Kaseya 0day was utter trash


On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • Our take on the REvil attack against Kaseya customers
  • Microsoft’s print spooler bug is a real worry
  • Reports the RNC breached by Russia’s SVR
  • NSA snaps GRU brute forcing efforts
  • Much, much more

This week’s show is brought to you by Material Security, a very interesting startup that has a completely different take on what email security actually is. Material’s co-founder Ryan Noon will be along in this week’s sponsor interview to talk about the cool stuff they’re doing on the analytics side.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Why the Kaseya ransomware attack has experts worried White House rebukes ransomware gang as number of apparent REvil victims remains uncertain - CyberScoop Patrick Gray on Twitter: "https://t.co/ppGlxTu4CL" / Twitter Hackers behind holiday crime spree demand $70 million, say they locked 1 million devices Kaseya zero-day involved in ransomware attack, patches coming - The Record by Recorded Future Supermarket chain Coop closes 800 stores following Kaseya ransomware attack - The Record by Recorded Future REvil ransomware gang executes supply chain attack via malicious Kaseya update - The Record by Recorded Future Researchers accidentally publish 'PrintNightmare' Stuxnet-style zero-day - Security - Software - iTnews Russia still using 'brute force' to break into computer systems Republican National Committee Hack: Russian Cozy Bear Group Breached Computers - Bloomberg Chinese cyberspies targeted the Afghan National Security Council - The Record by Recorded Future Mongolian certificate authority hacked eight times, compromised with malware - The Record by Recorded Future Israeli charged in global hacker-for-hire scheme wants plea deal -court filing | Reuters A new ‘digital violence’ platform maps dozens of victims of NSO Group’s spyware | TechCrunch Feds use gag orders to collect cloud data in secret, Microsoft executive tells Congress Dutch police takes down DoubleVPN, a service used by cybercrime groups - The Record by Recorded Future Gozi malware gang member arrested in Colombia - The Record by Recorded Future New charges filed against Capital One hacker, trial postponed to 2022 - The Record by Recorded Future Windows 11’s Security Push Puts Microsoft on a Collision Course | WIRED Apps with 5.8 million Google Play downloads stole users’ Facebook passwords | Ars Technica Microsoft Edge Translator contained uXSS flaw exploitable ‘on any web page’ | The Daily Swig GETTR Is the Trump Team’s Buggy, Leaky Twitter Clone Hackers Scrape 90,000 GETTR User Emails, Surprising No One Kaspersky Password Manager: All your passwords are belong to us | Donjon


share







 2021-07-07  n/a