Risky Business

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.

https://risky.biz/

subscribe
share





Risky Business #636 -- Victims are shunning data extortion payments


On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • More info on the Belarusian Cyber Patriots
  • How infosec overhyped election security risks
  • Is data ransoming dying?
  • All about the Azure Cosmos DB drama
  • Much, much more…

In this week’s sponsor interview Airlock Digital’s Daniel Schell and David Cottingham join the show to talk about EDR bypasses. They are a thing.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes Belarusian hackers are turning the country's surveillance state against it | MIT Technology Review A new wave of Hacktivists is turning the surveillance state against itself - The Record by Recorded Future Trump conspiracies strain election cybersecurity experts T-Mobile CEO apologizes after hacker stole millions of users' personal information Bangkok Air confirms passenger PII leak after ransomware attack - The Record by Recorded Future Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth • The Register Hackers steal $29 million from crypto-platform Cream Finance - The Record by Recorded Future U.S. spy agencies rule out possibility the coronavirus was created as a bioweapon, say origin will stay unknown without China’s help - The Washington Post Australia's 'hacking' Bill passes the Senate after House made 60 amendments | ZDNet White House rolls out pipeline, supply chain security initiatives as companies pledge billions in cyber spending CISA adds single-factor authentication to its catalog of 'Bad Practices' - The Record by Recorded Future DHS urges Microsoft customers to update Azure to avoid security flaw Microsoft Azure vulnerability exposed thousands of cloud databases CISA and the FBI warn of ransomware gangs' tendency of launching attacks over holidays and weekends - The Record by Recorded Future FBI warns that Hive ransomware hackers are calling victims by phone Deserialization bug in TensorFlow machine learning framework allowed arbitrary code execution | The Daily Swig A Dark Web Murder-For-Hire Scammer Became An FBI Informant WhatsApp, Facebook, and Twitter fined for not storing user data inside Russia - The Record by Recorded Future A Bad Solar Storm Could Cause an 'Internet Apocalypse' | WIRED Trial & Error in Kuwait - CyberScoop How Data Brokers Sell Access to the Backbone of the Internet Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents – Krebs on Security Front Matter | Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version) | The National Academies Press JCP | Free Full-Text | An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors | HTML


share







 2021-09-01  n/a