Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

• A deep look at Mudge’s sensational whistleblower complaint against Twitter
• Brazilian Federal Police raid Lapsus$ crew
• NSO CEO to stand down (again), 100 staff to be let go
• Signal users impacted in Twilio incident
• Tornado Cash OFACs around and finds out
• Much, much more

This week’s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don’t miss that one.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

• Patrick Gray on Twitter: "Jesus… can open, worms everywhere. You basically can’t find anyone more credible than @dotMudge in infosec so this is a massive deal https://t.co/TaDQzTEtzR" / Twitter
• Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number - The Record by Recorded Future
• A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years | WIRED
• TikTok Says, No, It Isn't Stealing Your Passwords
• Brazilian police launch investigation targeting Lapsus$ group - The Record by Recorded Future
• Israeli spyware company NSO Group CEO steps down | Reuters
• How a Third-Party SMS Service Was Used to Take Over Signal Accounts
• VIASAT hack impacted French critical services | Cybernews
• DOJ now relies on paper for its most sensitive court documents, official says
• Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs - The Record by Recorded Future
• Lloyd’s to forbid insurers from covering losses due to state-backed hacks - The Record by Recorded Future
• U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury
• OFAC Around and Find Out - Lawfare
• Suspected Tornado Cash developer arrested in Netherlands - The Record by Recorded Future
• Report: Ransomware gangs, fraudsters laundered $540 million through RenBridge platform - The Record by Recorded Future
• Risky Biz News: Is ransomware going after the Global South? Sure looks like it!
• Ransomware Now Threatens the Global South | Royal United Services Institute
• Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research
• The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape | Radware Blog
• Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug
• A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED
• Malicious code exploiting recent VMware bug publicly available, company warns - The Record by Recorded Future
• Breaking SIDH in polynomial time
• Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects
• Cisco confirms May attack by Yanluowang ransomware group - The Record by Recorded Future
• Cisco releases advisories for bug affecting more than 1 million security devices - The Record by Recorded Future
• Cisco warns of critical vulnerabilities in routers - The Record by Recorded Future
• North Korea-backed hackers have a clever way to read your Gmail | Ars Technica
• When Efforts to Contain a Data Breach Backfire – Krebs on Security
• Microsoft: Bug in Janet Jackson’s “Rhythm Nation” could crash a laptop - The Record by Recorded Future
• Anonymous poop gifting site hacked, customers exposed