Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.



Risky Business #635 -- Owned via telnet? Must be "highly sophisticated attackers"!

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • T-Mobile owned hard
  • USA no fly list winds up on unsecured ElasticSearch in Bahrain… because reasons
  • Facebook scrambles to secure Afghani accounts
  • Hacker steals and returns $600 from de-fi platform
  • Healthcare sector struggles with ransomware attacks
  • A very sweet TCP-based amplification technique that will be A Problem
  • Much, much more

Evan Sultanik and Dan Guido will be joining us to talk about Fickling – a tool developed by Trail of Bits to do unnatural things to the Python Pickle files that are heavily used as a means to share machine learning models. The machine learning supply chain is really quite wobbly, and they’ll be joining us later to talk about that.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes T-Mobile breach climbs to over 50 million people T-Mobile: Breach Exposed SSN/DOB of 40M+ People – Krebs on Security 1.9 million records from the FBI's terrorist watchlist leaked online - The Record by Recorded Future Facebook, other platforms scramble to secure user accounts in Afghanistan This $600 Million Crypto Heist Is the Most Bizarre Hack in Recent Memory A Hacker Stole and Then Returned $600 Million Japanese crypto-exchange Liquid hacked for $94 million - The Record by Recorded Future Operator of the Helix bitcoin mixer pleads guilty to money laundering - The Record by Recorded Future Healthcare provider expected to lose $106.8 million following ransomware attack - The Record by Recorded Future Hospitals hamstrung by ransomware are turning away patients | Ars Technica US healthcare org sends data breach warning to 1.4m patients following ransomware attack | The Daily Swig The pandemic revealed the health risks of hospital ransomware attacks - The Verge Ransomware hackers could hit U.S. supply chain, experts warn Ransomware hits Lojas Renner, Brazil's largest clothing store chain - The Record by Recorded Future RansomClave project uses Intel SGX enclaves for ransomware attacks - The Record by Recorded Future Wanted: Disgruntled Employees to Deploy Ransomware – Krebs on Security Japan's Tokio Marine is the latest insurer to be victimized by ransomware Cyber insurance market encounters ‘crisis moment’ as ransomware costs pile up White House to tackle cyber challenges with Apple, IBM, insurance CEOs | Reuters FBI sends its first-ever alert about a 'ransomware affiliate' - The Record by Recorded Future New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks - The Record by Recorded Future Multiple ransomware gangs pounce on 'PrintNightmare' vulnerability Peterborough NH Cyberattack: Town Loses $2.3M in Taxpayer Money – NBC Boston Almost 2,000 Exchange servers hacked using ProxyShell exploit - The Record by Recorded Future ALTDOS hacking group wreaks havoc across Southeast Asia - The Record by Recorded Future Hackers Leak Surveillance Camera Videos Purportedly Taken From Inside Iran's Evin Prison - by Kim Zetter - Zero Day Apple reopens legal fight against security firm Corellium, raising concerns for ethical hackers Apple says researchers can vet its child safety features. But it’s suing a startup that does just that. | MIT Technology Review This $500 Million Russian Cyber Mogul Planned To Take His Company Public—Then America Accused It Of Hacking For Putin’s Spies Cisco: Security devices are vulnerable to SNIcat data exfiltration technique - The Record by Recorded Future SNIcat: Circumventing the guardians | mnemonic BlackBerry's popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings Realtek SDK vulnerabilities impact dozens of downstream IoT vendors | The Daily Swig Hundreds of thousands of Realtek-based devices under attack from IoT botnet - The Record by Recorded Future Accellion Kiteworks Vulnerabilities | Insomnia Security Firewalls and middleboxes can be weaponized for gigantic DDoS attacks - The Record by Recorded Future Hackers tried to exploit two zero-days in Trend Micro's Apex One EDR platform - The Record by Recorded Future Exhaustive study puts China’s infamous Great Firewall under the microscope | The Daily Swig Web hosting platform cPanel & WHM is vulnerable to authenticated RCE and privilege escalation | The Daily Swig Benno on Twitter: "I will donate $50 to a charity of @riskybusiness' choice if he puts this in the show." / Twitter Never a dill moment: Exploiting machine learning pickle files PrivacyRaven: Implementing a proof of concept for model inversion GitHub - trailofbits/fickling: A Python pickling decompiler and static analyzer


 2021-08-25  n/a