Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

• Apple 0day has everyone freaking out
• So much more 0day in the wild
• American Project Raven staffers settle with DoJ
• Two absolutely bonkers Azure security problems
• SEC tells corporate America to spill on breaches
• Much, much more

In this week’s sponsor interview Gigamon’s security product manager Fayyaz Rajpari will be along to talk about some of the work they’ve been doing to integrate their NDR product with Crowdstrike.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Apple iPhone security update points to growing problem of 'zero days'
• Apple urges security update after new iMessage flaw disclosed
• Apple patches an NSO zero-day flaw affecting all devices | TechCrunch
• (8) Shane Huntley on Twitter: "@riskybusiness Let’s not jump to the conclusion that NSO have an endless supply of zero click exploits and there is nothing that can be done. Security nihilism and learned helplessness plays into attackers’ hands. We can make progress here." / Twitter
• Warning: Update Chrome Now As Hackers Attack Two Major Vulnerabilities In Google Browser
• Microsoft Windows 10 Windows Server Office CVE-2021-40444 0day attack
• Microsoft patches Office zero-day in today's Patch Tuesday - The Record by Recorded Future
• CISA warns of Zoho server zero-day exploited in the wild - The Record by Recorded Future
• “Secret” Agent Exposes Azure Customers To Unauthorized Code Execution | Wiz Blog
• (8) Ami Luttwak on Twitter: "@GossiTheDog This is even more severe. The RCE is the simplest RCE you can ever imagine. Simply remove the auth header and you are root. remotely. on all machines. Is this really 2021? https://t.co/iIHNyqgew4" / Twitter
• Cross-Account Container Takeover in Azure Container Instances
• VMware denies allegations it leaked Confluence RCE exploit | The Daily Swig
• US fines former NSA employees who provided hacker-for-hire services to UAE - The Record by Recorded Future
• Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government | OPA | Department of Justice
• Hacking Team Customer in Turkey Was Arrested for Spying on Police Colleagues [or: The Spy Story That Spun a Tangled Web] - by Kim Zetter - Zero Day
• Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America | Reuters
• Chad Loder on Twitter: "Anonymous has just announced a massive hack of Epik, long known as the hosting provider of choice for neonazis, right-wing extremists, and other Internet trash. Anonymous are releasing a decade's worth of detailed Epik customer & domain data, passwords, emails, and private keys. https://t.co/3rbfonegtq" / Twitter
• Anonymous Claims It Hacked Everything From Nazis' Favorite Web Host
• Wikimedia bans seven Chinese users citing "security risk" - The Record by Recorded Future
• Report: Beijing, Moscow step up efforts to control the Internet’s backbone - The Record by Recorded Future
• Australia supplants China to build undersea cable for Solomon Islands | Solomon Islands | The Guardian
• Indonesian intelligence agency compromised in suspected Chinese hack - The Record by Recorded Future
• OWASP Top 10 ranking has a new leader after ten years - The Record by Recorded Future
• Encrypted Phone Firm Ciphr, Used by Criminals, Moves to Cut Off Australia
• Technology giant Olympus hit by BlackMatter ransomware | TechCrunch
• U.S. Cyber Czar: Too soon to tell if Russia ransomware has stopped - The Record by Recorded Future
• 'No indication' Russia has cracked down on ransomware gangs, top FBI official says - The Record by Recorded Future
• Groove ransomware gang is a motley crew of disgruntled hackers, researchers say
• Bail services affected in South Africa after ransomware attack - The Record by Recorded Future
• Hackers stole Puma source code, no customer data, company says - The Record by Recorded Future
• WhatsApp adds end-to-end encryption to chat backups, locking up data in the cloud
• New CPU side-channel attack takes aim at Chrome's Site Isolation feature - The Record by Recorded Future
• Fortinet warns customers after hackers leak passwords for 87,000 VPNs - The Record by Recorded Future
• New York State vaccine pass shortcomings offer lessons for other coronavirus app developers | The Daily Swig
• (5) Thái "thaidn" Dương on Twitter: "Hanoi citizens currently have to apply for a COVID movement pass in order to go outside. Each pass is QR code containing the holder's name and dates they're allowed to go out. The data are signed with RSA, to prevent fake passes. @0xfatty found that it's using 512-bit keys =)" / Twitter
• (4,319) Find a vaccination clinic in New South Wales - COVID-19 Near Me
• (5) ken tsang (@jxeeno) / Twitter
• Why I decided to build my own vaccine booking search engine instead of using the Government’s one | by Ken Tsang | Sep, 2021 | Medium