Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• A spate of ransomware attacks on European energy and transport
• Russian authorities extend cybercrime crackdown
• Irritating influencers arrested for laundering 2016 Bitfinex hack proceeds
• IRS abandons ID.me trial
• Microsoft disables macros by default, disables MSIX protocol handler
• Much, much more

This week’s show is brought to you by ExtraHop.

Extrahop’s Ted Driggs is this week’s sponsor guest – he was on the show about a year ago talking about how we should really start thinking about putting together software bills of behaviours as well as bills of material. Ted is back to tell us how that effort is progressing. As you’ll hear, a lot of the behavioural data on software already exists, but it’s being hoarded by different vendors.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Ransomware spree hitting European oil, transport companies
• String of cyberattacks on European oil and chemical sectors likely not coordinated, officials say - The Record by Recorded Future
• Weeks after a ransomware attack, some workers still worry about paychecks
• Russian government continues crackdown on cybercriminals
• Cyberattack brings down Vodafone Portugal mobile, voice, and TV services - The Record by Recorded Future
• An ALPHV (BlackCat) representative discusses the group’s plans for a ransomware ‘meta-universe’ - The Record by Recorded Future
• DOJ seizes $3.6 billion from 2016 Bitfinex hack, arrests New York couple - The Record by Recorded Future
• Woman Who Allegedly Laundered $1B in Bitcoin Was Cringe YouTube Rapper
• NetWalker ransomware affiliate sentenced to seven years in prison - The Record by Recorded Future
• IRS abandons plans to use third-party facial recognition
• DHS assembles Cyber Safety Review Board to imitate fed agency that studies aviation accidents
• Senate lawmakers try again on cyber incident reporting legislation - The Record by Recorded Future
• Microsoft temporarily disables MSIX protocol handler following malware abuse - The Record by Recorded Future
• Microsoft to block internet macros by default in five Office applications - The Record by Recorded Future
• Microsoft says MFA adoption remains low, only 22% among enterprise customers - The Record by Recorded Future
• Google Cloud adds new cryptomining threat detection capability - The Record by Recorded Future
• News Corp. says Wall Street Journal, New York Post were targeted by hackers
• European governments targeted by Chinese hackers with a Zimbra webmail zero-day - The Record by Recorded Future
• Palestinian hacking group evolving with new malware, researchers say
• State Department sounds alarm over Red Cross breach
• State Department offers $10M for information on Iranian election interference
• Iran's national TV stream hacked for the second time in a week - The Record by Recorded Future
• Open Source Security Foundation launches new initiative to stem the tide of software supply chain attacks | The Daily Swig
• The Apache Log4j team talks about the Log4Shell patching process - The Record by Recorded Future
• npm enrolls Top 100 package maintainers into mandatory 2FA - The Record by Recorded Future
• Target open-sources its web skimmer detector - The Record by Recorded Future
• North Korea Hacked Him. So He Took Down Its Internet | WIRED
• Cryptocurrency platform Wormhole hacked for an estimated $322 million - The Record by Recorded Future