Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

• Apple backs down on CSAM measures
• FTC shuts down spouseware company
• REvil is back!
• Confluence boxes are getting owned a lot
• Trickbot crew member arrested in South Korea
• The Juniper/NSA backdoor story just keeps on truckin’

This week’s show is brought to you by Thinkst Canary. Thinkst’s Jacob Torrey is this week’s sponsor guest. He pops by to tell us about the relaunch of Thinkstscapes, a fantastic quarterly publication that analyses security research.

(Editor’s note: Dmitri Alperovitch is a guest in this podcast and wishes to express his gratitude to Matthew Green of Johns Hopkins University for helping guide him on the Juniper story.)

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Apple Backs Down on Its Controversial Photo-Scanning Plans | WIRED
• ProtonMail forced to collect an activist's IP address in police investigation - The Record by Recorded Future
• FTC Bans SpyFone and CEO from Surveillance Business and Orders Company to Delete All Secretly Stolen Data | Federal Trade Commission
• REvil ransomware group returns following Kaseya attack - The Record by Recorded Future
• White House double downs on warning about cyberattacks over the holidays - The Record by Recorded Future
• Cyber Command alerts US firms of 'ongoing' hacks targeting Atlassian enterprise software
• Confluence enterprise servers targeted with recent vulnerability - The Record by Recorded Future
• Jenkins project discloses security breach following Confluence server hack - The Record by Recorded Future
• US farm loses $9 million in the aftermath of a ransomware attack - The Record by Recorded Future
• Howard University cancels classes after ransomware attack
• TrickBot gang member arrested after getting stuck in South Korea due to COVID-19 pandemic - The Record by Recorded Future
• Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
• SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign
• Malware found preinstalled in classic push-button phones sold in Russia - The Record by Recorded Future
• (1) C:\Windows\System32\last.exe on Twitter: "Hey, wanna see a magic trick? That's how you bypass UAC on a machine to which you have GUI access! 1/n" / Twitter
• Microsoft warns of new IE zero-day exploited in targeted Office attacks - The Record by Recorded Future
• Ghostscript zero-day allows full server compromises - The Record by Recorded Future
• Cisco urges users to patch critical vulnerability in virtualized network devices after PoC is made public | The Daily Swig
• Billions of devices impacted by new BrakTooth Bluetooth vulnerabilities - The Record by Recorded Future
• Node.js archives serious tar handling vulnerabilities with software update | The Daily Swig
• Microsoft will split Defender pricing plans to lower the entry bar for SMBs - The Record by Recorded Future
• Mozi botnet authors arrested in China - The Record by Recorded Future
• Google pauses quantum security feature in Chrome because of buggy middleware - The Record by Recorded Future
• Breach notification window, accountability are focus of coming fight on cyber legislation in Congress
• The IRS Goes Undercover As A Bitcoin Trader In $180,000 Sting
• CREST: NCC Group ‘vicariously responsible’ for those involved in exam controversy | The Daily Swig
• Raider: A tool to test authentication in web applications | The Daily Swig
• ThinkstScapes
• thinkst Thoughts...