Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• UK, Netherlands and Australia promise offensive response to big ticket ransomware
• Wave of major cyber regulation and legislation in USA
• Iran up in yer O365s, Russians in yer gmails
• Submarine spy guy would have been fine, if he didn’t make one very big mistake
• Much, much more

Jonathan Reiber is this week’s sponsor guest. He’s senior director of cybersecurity at AttackIQ and he’s joining us to talk through the US Government’s executive order on Zero Trust. Jonathan says it is actually born of a realisation the US Government needs to do something differently, that the old approaches aren’t working.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• UK cyber head says Russia responsible for 'devastating' ransomware attacks - BBC News
• Netherlands can use intelligence or armed forces to respond to ransomware attacks - The Record by Recorded Future
• Ransomware Action Plan
• Ransomware hackers find vulnerable target in U.S. grain supply
• Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets
• Macquarie Health Corporation hit by cyberattack as hackers claim 6700 people affected | news.com.au — Australia’s leading news site
• Microsoft: Iran-linked hackers breached Office 365 customer accounts - The Record by Recorded Future
• Google notifies 14,000 Gmail users of targeted APT28 attacks - The Record by Recorded Future
• Google distributing 10,000 security keys to journalists, elected officials, human rights activists | The Daily Swig
• Peanut butter and ProtonMail: US charges underscore evolution of espionage in digital age
• Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes | Reuters
• Senate committee advances major cybersecurity legislation - The Record by Recorded Future
• Justice Department launches a National Cryptocurrency Enforcement Team - The Record by Recorded Future
• DOJ to go after government contractors who don't disclose breaches - The Record by Recorded Future
• TSA to impose cybersecurity mandates on major rail and subway systems - The Washington Post
• OMB orders federal agencies to let CISA access defenses of devices, servers
• CIA Funding Arm Gave Encrypted App Wickr $1.6 Million
• U.S. prosecution of alleged WikiLeaks ‘Vault 7’ source hits multiple roadblocks
• Ukraine arrests operator of DDoS botnet with 100,000 bots - The Record by Recorded Future
• Botnet abuses TP-Link routers for years in SMS messaging-as-a-service scheme - The Record by Recorded Future
• Microsoft said it mitigated a 2.4 Tbps DDoS attack, the largest ever - The Record by Recorded Future
• Report links Indian company to spyware that targeted Togolese activist - The Record by Recorded Future
• Trolls defaced Twitch's website with pictures of Jeff Bezos, the latest security concern
• Twitch says no user passwords or cards numbers were exposed in major hack - The Record by Recorded Future
• Video game streaming service Twitch suffers major data breach
• Woman Allegedly Hacked Flight School, Cleared Planes With Maintenance Issues to Fly
• Microsoft to disable Excel 4.0 macros, one of the most abused Office features - The Record by Recorded Future
• NSA warns of ALPACA TLS attack, use of wildcard TLS certificates - The Record by Recorded Future
• Azure, GitHub, GitLab, BitBucket mass-revoke SSH keys following bug report - The Record by Recorded Future
• Reverse engineering and decrypting CyberArk vault credential files | Jelle Vergeer
• Security researchers find another UEFI bootkit used for cyber-espionage - The Record by Recorded Future
• Apple patches iPhone zero-day in iOS 15.0.2 - The Record by Recorded Future
• Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2 | IOMFB_integer_overflow_poc
• Apache HTTP Server update fails to squash path traversal, RCE bugs | The Daily Swig
• Executive Order on Improving the Nation's Cybersecurity | The White House