Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Belarusian Cyber Partisans ransom train network
• A look at developments in Ukraine
• Merck wins NotPetya insurance lawsuit
• US VC firm in talks to acquire NSO Group
• Much, much more

This week’s show is brought to you by Trail of Bits, the security engineering firm. Dan Guido joins us this week week to talk about zkdocs, a bunch of documentation Trail of Bits put together to provide guidance on how to implement some of these newfangled concepts – like zero knowledge proofs – that are popular in blockchain and cryptoland.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Hactivists say they hacked Belarus rail system to stop Russian military buildup | Ars Technica
• A top Ukrainian security official on defending the nation against cyber attacks - The Record by Recorded Future
• Former Ukrainian official sanctioned for assisting Russian cyberattacks - The Record by Recorded Future
• FSB detains administrator of UniCC carding forum - The Record by Recorded Future
• Opinion | Russia’s takedown of REvil hacking collective sends an ominous message - The Washington Post
• Merck wins cyber-insurance lawsuit related to NotPetya attack - The Record by Recorded Future
• Canada confirms cyber-attack on foreign affairs ministry - The Record by Recorded Future
• (1) Global Affairs Canada suffers ‘cyber attack’ amid Russia-Ukraine tensions: sources - National | Globalnews.ca
• U.S. venture capital firm in talks to buy Israel's infamous spyware maker NSO - Business - Haaretz.com
• Red Cross begs hackers not to leak data of "highly vulnerable people" - The Record by Recorded Future
• Assange permitted to file U.K. Supreme Court appeal in extradition case
• New MoonBounce UEFI bootkit can't be removed by replacing the hard drive - The Record by Recorded Future
• Sketchy ‘Account Recovery’ Services Are Trying to Scam Hacking Victims on Twitter
• A UK government-backed campaign aims to thwart end-to-end encryption rollout - The Record by Recorded Future
• UK government plans to release Nmap scripts for finding vulnerabilities - The Record by Recorded Future
• OpenSubtitles discloses successful extortion attempt, data breach - The Record by Recorded Future
• IRS Will Soon Require Selfies for Online Access – Krebs on Security
• New Log4j attacks target SolarWinds, ZyXEL devices - The Record by Recorded Future
• Supply chain attack used legitimate WordPress add-ons to backdoor sites | Ars Technica
• https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
• GitHub Actions flaw that allowed code to be approved without review is addressed with new feature rollout | The Daily Swig
• ‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls | WIRED
• Flaws in third-party software exposed dozens of Teslas to remote access | TechCrunch
• Dark Souls servers taken down following discovery of critical vulnerability | Ars Technica
• F5 fixes high-risk NGINX Controller vulnerability in January patch rollout | The Daily Swig
• RCE bug chain patched in CentOS Web Panel | The Daily Swig
• Chain of vulnerabilities led to RCE on Cisco Prime servers | The Daily Swig
• People Can’t See Some NFTs on Twitter, Crypto Wallets After OpenSea Goes Down
• Hacker abuses OpenSea to buy NFTs at older, cheaper prices - The Record by Recorded Future
• Crypto.com finally confirms major hack, says it lost $34 million - The Record by Recorded Future
• A Hacker Is Negotiating With Victims on the Blockchain After $1.4M Heist
• ‘White Hat’ Hacker Returns $1 Million Stolen In Crypto Theft Disaster
• Pirates Spammed an Infamous Soviet Short-wave Radio Station with Memes
• Introduction | ZKDocs
• Trail of Bits | Careers