Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Germany issues stark warning to Kaspersky users
• Ukraine SATCOM hack keeps getting more interesting
• Russia to spin up its own CA, but it’s not what it seems
• Why the ransomware threat could get worse, then better
• Much, much more

This week’s show is brought to you by Fastly. Kelly Shortridge, Fastly’s Senior Principal Product Technologist, joins the show this week to tell us what modern security actually looks like. Kelly is always fascinating so we were thrilled she was in the sponsor chair this week.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• German government issues warning about Kaspersky products - CyberScoop
• Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say | Reuters
• SATELLITE SYSTEMS, SATCOM AND SPACE SYSTEMS UPDATE
• Russia to create its own security certificate authority, alarming experts
• Political fallout in cybercrime circles upping the threat to Western targets
• (2) Oleg Shakirov on Twitter: "Russia's deputy foreign minister says he hopes the Russian-U.S. dialogue on cyber security will be resumed in response to a question whether it has been frozen He adds that it can bring tangible results like the disruption of REvil https://t.co/m817WD80vr" / Twitter
• FinCEN warns ransomware proceeds could be part of Russia sanctions evasion
• Biden takes big step toward government-backed digital currency
• Ukrainian hackers say HackerOne is blocking their bug bounty payouts | TechCrunch
• (2) Techmeme on Twitter: "Sources: Apple and Google removed Kremlin critic Navalny's app in September after FSB agents came to homes of top execs and threatened to take them to prison (Washington Post) https://t.co/nqvtHmG1Ft https://t.co/gQCcnFhnyo" / Twitter
• Government agencies in Ukraine targeted in cyber-attacks deploying MicroBackdoor malware | The Daily Swig
• (2) ESET research on Twitter: "#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine ????????. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 https://t.co/gVzzlT6AzN" / Twitter
• Ukraine facing major regional internet outages as Russian invasion continues
• Transparency Org Releases Alleged Leak of Russian Censorship Agency
• Denial-of-service attack knocked Israeli government sites offline
• The Lapsus$ Hacking Group Is Off to a Chaotic Start | WIRED
• Penny Arcade - Comic - Also Known As Blackmail
• Man charged with Kaseya hack extradited to the US - The Record by Recorded Future
• NetWalker ransomware affiliate extradited to the US - The Record by Recorded Future
• Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 | Ars Technica
• New method that amplifies DDoSes by 4 billion-fold. What could go wrong? | Ars Technica
• SEC weighs reporting requirements for publicly traded companies
• Biden signs cyber incident reporting bill into law - The Record by Recorded Future
• Join The Dept of Know_ Live!
• BAYRAKTAR-Official Song (english) - YouTube
• Product Demo: Proofpoint Nexus People Explorer - YouTube