Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Some arrests of suspected Lapsus$ members in the UK
• Why the Okta incident is probably a fizzer
• Four FSB officers indicted over Triton/Trisis malware
• Kim Zetter interviewed Intrusion Truth
• Australian government to upsize ASD
• Wave bye bye to Finfisher
• Much, much more

This week’s sponsor interview is with Mike Wiacek from Stairwell.

Stairwell makes a product that catalogues the files in your environment and lets you slice and dice that data. That makes threat hunting pretty easy and Mike is joining the show this week to talk about why organisations of all stripes should be doing threat hunting.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal - BBC News
• Okta ‘identifying and contacting’ customers potentially affected by Lapsus$ breach - The Record by Recorded Future
• Okta revises original statement, says 366 customers affected by Lapsus$ breach - The Record by Recorded Future
• Okta apologizes for waiting two months to notify customers of Lapsus$ breach - The Record by Recorded Future
• Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show | TechCrunch
• DOJ unseals indictments of four Russian gov’t officials for cyberattacks on energy companies - The Record by Recorded Future
• Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide | OPA | Department of Justice
• Intrusion Truth - Five Years of Naming and Shaming China’s Spies
• ASD to double in size after $10bn cyber security funding boost - Security - iTnews
• How the Biden budget goes big on cyber - The Record by Recorded Future
• FBI, CISA advise 13,000 orgs to have 'low threshold' for reporting cyberattacks - The Record by Recorded Future
• Senate report examines REvil ransomware attacks on US firms - The Record by Recorded Future
• Senate ransomware investigation says FBI leaving victims in the lurch
• Surveillance software firm FinFisher declares insolvency - The Record by Recorded Future
• NSO refused Ukraine’s request for Pegasus spyware so it wouldn’t anger Russia - The Washington Post
• FCC puts Kaspersky on security threat list, says it poses “unacceptable risk” | Ars Technica
• Traffic at major Ukrainian internet service provider Ukrtelecom disrupted - The Record by Recorded Future
• An interview with the chief technical officer at Ukrtelecom - The Record by Recorded Future
• Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests” – Krebs on Security
• North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets | Ars Technica
• Google releases emergency security update for Chrome users after second 0-day of 2022 discovered - The Record by Recorded Future
• Npm maintainers remove malicious packages after typosquatting attempt - The Record by Recorded Future
• ‘Spam Nation’ Villain Vrublevsky Charged With Fraud – Krebs on Security
• $2 million stolen from DeFi protocol Revest Finance, platform unable to reimburse victims - The Record by Recorded Future
• Flash loan attack on One Ring protocol nets crypto-thief $1.4 million | The Daily Swig
• More than $625 million stolen in DeFi hack of Ronin Network - The Record by Recorded Future
• Hackers Who Stole $50 Million in Crypto Say They Will Refund Some Victims