Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.



Risky Business #631 -- USA and friends send nastygram to China

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • USA and friends send a sternly worded letter
  • NSO group in the news, but parts of the coverage don’t add up
  • Google TAG drops another great post
  • We unveil the details of the earth shattering Kaseya 0day cyberweapon
  • MORE

This week’s show is brought to you by Signal Sciences, which is now a part of Fastly. Instead of booking an interview with one of their staff, they suggested we interview one of their customers – so this week’s sponsor guest is J J Agha, the CISO of Compass, the American real estate website.

He’ll be joining us to talk about his general approach, and yes, Signal Sciences is a part of that, but he’ll speak to automation and orchestration and a bunch of other stuff too.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes The United States, Joined by Allies and Partners, Attributes Malicious Cyber Activity and Irresponsible State Behavior to the People’s Republic of China | The White House Mircrosoft hack: U.S., allies accuse China of Exchange breach and condoning other cyberattacks - The Washington Post US says Chinese hackers breached 13 pipeline operators between 2011 and 2013 - The Record by Recorded Future U.S. accuses China of abetting ransomware attack Microsoft links Serv-U zero-day attacks to Chinese hacking group - The Record by Recorded Future Pegasus: NSO clients spying disclosures prompt political rows across world | India | The Guardian Pegasus spyware: NSO Group’s cloud infrastructure shut down by Amazon, says Vice Saudis behind NSO spyware attack on Jamal Khashoggi’s family, leak suggests | Jamal Khashoggi | The Guardian Response from NSO and governments | World news | The Guardian This tool tells you if NSO’s Pegasus spyware targeted your phone | TechCrunch Windows spyware and zero-days linked to prodigious Israeli hack-for-hire company - The Record by Recorded Future Google: Three recent zero-days have been used against Armenian targets - The Record by Recorded Future The SolarWinds Hackers Used an iOS Flaw to Compromise iPhones | WIRED How we protect users from 0-day attacks Google patches Chrome zero-day, eighth one in 2021 - The Record by Recorded Future That iPhone WiFi crash bug is far worse than initially thought - The Record by Recorded Future Brian in Pittsburgh on Twitter: "The vulnerabilities exploited to accomplish the Kaseya customer intrusions were as dumb as you were probably expecting: https://t.co/eOnManp6ar" / Twitter Ransomware incident at major cloud provider disrupts real estate, title industry - The Record by Recorded Future Lawmakers Look to Improve Cyber Workforce, Especially for Acquisitions - Nextgov GSA blocks senator from reviewing documents used to approve Zoom for government use | TechCrunch TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware US offers $10 million reward for info on state-sponsored hackers disrupting critical infrastructure - The Record by Recorded Future US government launches plans to cut cybercriminals off from cryptocurrency Microsoft takes control of 17 domains used by West African BEC gang - The Record by Recorded Future Momentum builds on federal oversight of facial recognition tech after reported abuses Amnesty sues NYPD, seeking details about facial recognition technology and arrest data Windows Hello bypassed using infrared image - The Record by Recorded Future Inside the Industry That Unmasks People at Scale Instagram rolls out new tool to help users secure hacked accounts - The Record by Recorded Future Facebook says Iranian hackers used it to lure defense company employees Annoying LinkedIn Networkers Actually Russian Hackers Spreading Zero-Days, Google Says DevSecAI: GitHub Copilot prone to writing security flaws | The Daily Swig Hackers Move to Extort Gaming Giant EA RCE vulnerability in Cloudflare CDN could have allowed complete compromise of websites | The Daily Swig Patrick Gray on Twitter: "Good to know!" / Twitter Kevin Beaumont on Twitter: "Oh dear. I need to validate this myself, but it seems like MS may have goofed up and made the SAM database (user passwords) accessible to non-admin users in Win 10." / Twitter Vortimo [www] – Pro browser extension Demand More from Your WAF - Signal Sciences


 2021-07-21  n/a