Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Similar Podcasts
Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
Risky Business #712 -- The 336,000 undead Fortigates of DOOM
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The SEC is targeting SolarWinds executives UK to make banks liable for fraud NSA issues advice on UEFI trojan Microsoft blocks 100+ dodgy drivers The US IC knew what Prihozhin was up to. But what FSB doing? Much, much more This week’s show is brought to you by Netwrix. Martin Cannard, Netwrix’s VP of Product Strategy, is this week’s sponsor guest. He talks about why zero standing privilege is a worthy goal. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation | Cybersecurity Dive While Australian banks refuse most scam victims refunds, the UK is making them mandatory - ABC News New law could allow GCHQ to monitor UK internet logs in real-time to tackle fraud Federal incentives could help utilities overcome major cybersecurity hurdle: money | CyberScoop Major Japanese port suspends operation following ransomware attack Petro-Canada reports service restoration after suspected Suncor breach | Cybersecurity Dive Chinese state-backed hackers accidentally infected a European hospital with malware Hackers exploit gaping Windows loophole to give their malware kernel access | Ars Technica 336,000 servers remain unpatched against critical Fortigate vulnerability | Ars Technica CISA says latest VMware analytics bug being exploited MOVEit vulnerability snags almost 200 victims, more expected | Cybersecurity Dive Actively exploited vulnerability threatens hundreds of solar power stations | Ars Technica U.S. intelligence learned in mid-June Prigozhin was plotting uprising - The Washington Post Russian election-meddling ‘troll factory’ reportedly shut down after Wagner revolt Russian telecom confirms hack after group backing Wagner boasted about an attack | CyberScoop Hackers claim to take down Russian satellite communications provider Russian railway site allegedly taken down by Ukrainian hackers Several US states investigating ‘SiegedSec’ hacking campaign Hacking crew targeting states over transition bans claims cyberattack hitting global satellite systems | CyberScoop Hacktivists steal government files from Texas city Fort Worth | TechCrunch Belarusian hacktivists сlaim to breach country’s leading state university British prosecutors say teen Lapsus$ member was behind hacks on Uber, Rockstar Silk Road’s Second-in-Command, Variety Jones, Gets 20 Years in Prison | WIRED Russian cyber expert arrested in Kazakhstan, triggering a showdown between US and Moscow More than 6,500 arrested since French and Dutch police’s EncroChat hack BreachForums seized by FBI three months after arrest of alleged admin BreachForums replacement emerges as robust forum for criminal hackers to trade their spoils | CyberScoop Genesis Market gang tries to sell platform after FBI disruption Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn | Cybersecurity Dive CSI_BlackLotus_Mitigation_Guide.PDF Hacks targeting British exam boards raise fears of students cheating More than $125 million taken from crypto platform Multichain Twitter’s chaotic weekend of outages and rate limits leaves more questions than answers Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking | Ars Technica
Risky Biz Soap Box: Defeating Living of the Land
In this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land. The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively used so-called living off the land techniques. So the question becomes – what can you do about an attacker in your environment who has privilege and isn’t using malware? Guests David Cottingham and Daniel Schell, the CEO and CTO of Airlock Digital, join the show to talk it through.
Risky Biz Soap Box: Defeating Living of the Land
In this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land. The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively used so-called living off the land techniques. So the question becomes – what can you do about an attacker in your environment who has privilege and isn’t using malware? Guests David Cottingham and Daniel Schell, the CEO and CTO of Airlock Digital, join the show to talk it through.
Risky Business #711 -- Albanian authorities raid MEK camp over Iran hacks
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Albanian authorities raid MEK over Iran hacks Microsoft admits “Anonymous Sudan” took down its services US Government puts $10m bounty on CL0P A deeper look at the Barracuda hack campaign Much, much more This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Police raid Iranian opposition camp in Albania, seize computers | AP News Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan Anonymous Sudan and Killnet strike again, target EIB Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop Hackers infect Russian-speaking gamers with fake WannaCry ransomware US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive (1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter U.S. government says several agencies hacked as part of broader cyberattack Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant New DOJ unit will focus on prosecuting nation-state cybercrime EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’ The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian Bipartisan bill would protect Americans’ data from export abroad District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon CID-FLYER-TEMPLATE New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop Bloodied Macbooks and Stacks of Cash: Inside the Increasingly Violent Discord Servers Where Kids Flaunt Their Crimes Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses | OPA | Department of Justice BrianKrebs: "Haha love it when a data ranso…" - Infosec Exchange
Risky Business #711 -- Albanian authorities raid MEK camp over Iran hacks
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Albanian authorities raid MEK over Iran hacks Microsoft admits “Anonymous Sudan” took down its services US Government puts $10m bounty on CL0P A deeper look at the Barracuda hack campaign Much, much more This week’s show is brought to you by Nucleus Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Police raid Iranian opposition camp in Albania, seize computers | AP News Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan Anonymous Sudan and Killnet strike again, target EIB Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop Hackers infect Russian-speaking gamers with fake WannaCry ransomware US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive (1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter U.S. government says several agencies hacked as part of broader cyberattack Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant New DOJ unit will focus on prosecuting nation-state cybercrime EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’ The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian Bipartisan bill would protect Americans’ data from export abroad District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon CID-FLYER-TEMPLATE New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop Bloodied Macbooks and Stacks of Cash: Inside the Increasingly Violent Discord Servers Where Kids Flaunt Their Crimes Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses | OPA | Department of Justice BrianKrebs: "Haha love it when a data ranso…" - Infosec Exchange
Risky Business #710 -- Why your corporate VPN will get you owned
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Fortinet 0day Groundhog Day CISA’s new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds’ of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous’ traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans’ Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn’t close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT’s package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive
Risky Business #710 -- Why your corporate VPN will get you owned
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Fortinet 0day Groundhog Day CISA’s new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds’ of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous’ traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans’ Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn’t close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT’s package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive
Risky Business #709 -- Cl0p goes berserk with MOVEit 0day
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Russia’s FSB uncovers “NSA malware” on iPhones Cl0p mass harvests data from MOVEit file transfer servers ASD discloses a bunch of operations against ISIS, criminals Why China’s prepositioning is probably… prepositioning Much, much more This week’s show is brought to you by Thinkst Canary. Marco Slaviero is this week’s sponsor guest and he joins us to talk about indirect LLM prompt injection and the latest Canary release. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Russia says US hacked thousands of Apple phones in spy plot | Reuters Risky Biz News: Russia's FSB says NSA hacked iPhones in cyber-espionage campaign Russia wants 2 million phones with home-grown Aurora OS for use by officials Доверенная мобильная среда. Мобильная операционная система «Аврора» — Ростелеком Why China's Latest APT Campaign is Legitimately Worrying War crimes committed through cyberspace must not escape international justice, says Estonian president Hacks Against Ukraine's Emergency Response Services Rise During Bombings | WIRED How Australian cyber spies used 'Rickrolling' to disrupt Islamic State militants in Iraq - ABC News Australian intelligence's secret hand in bringing down the Bali bombers - ABC News Microsoft Threat Intelligence on Twitter: "Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations & running the Clop extortion site. The threat actor has used similar vulnerabilities in the past to steal data & extort victims. https://t.co/q73WtGru7j" / Twitter What we know about the MOVEit vulnerability and compromises | Cybersecurity Dive metlstorm: "Great, so now I have to roll i…" - Infosec Exchange Dave Aitel: "@riskybusiness @chort honestly…" - Infosec Exchange Critical Barracuda 0-day was used to backdoor networks for 8 months | Ars Technica Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED Ask Fitis, the Bear: Real Crooks Sign Their Malware – Krebs on Security Wayback Machine Discord Admins Hacked by Malicious Bookmarks – Krebs on Security Google’s Android and Chrome extensions are a very sad place. Here’s why | Ars Technica How university cybersecurity clinics can help cities fight ransomware | CyberScoop Atomic - Crypto Wallet on Twitter: "We have received reports of wallets being compromised. We are doing all we can to investigate and analyse the situation. As we have more information, we will share it accordingly. For any questions and concerns, contact support@atomicwallet.io" / Twitter BrianKrebs: "Russian news outlet Kommersant…" - Infosec Exchange Thinkst
Risky Business #709 -- Cl0p goes berserk with MOVEit 0day
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Russia’s FSB uncovers “NSA malware” on iPhones Cl0p mass harvests data from MOVEit file transfer servers ASD discloses a bunch of operations against ISIS, criminals Why China’s prepositioning is probably… prepositioning Much, much more This week’s show is brought to you by Thinkst Canary. Marco Slaviero is this week’s sponsor guest and he joins us to talk about indirect LLM prompt injection and the latest Canary release. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Russia says US hacked thousands of Apple phones in spy plot | Reuters Risky Biz News: Russia's FSB says NSA hacked iPhones in cyber-espionage campaign Russia wants 2 million phones with home-grown Aurora OS for use by officials Доверенная мобильная среда. Мобильная операционная система «Аврора» — Ростелеком Why China's Latest APT Campaign is Legitimately Worrying War crimes committed through cyberspace must not escape international justice, says Estonian president Hacks Against Ukraine's Emergency Response Services Rise During Bombings | WIRED How Australian cyber spies used 'Rickrolling' to disrupt Islamic State militants in Iraq - ABC News Australian intelligence's secret hand in bringing down the Bali bombers - ABC News Microsoft Threat Intelligence on Twitter: "Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer 0-day vulnerability to Lace Tempest, known for ransomware operations & running the Clop extortion site. The threat actor has used similar vulnerabilities in the past to steal data & extort victims. https://t.co/q73WtGru7j" / Twitter What we know about the MOVEit vulnerability and compromises | Cybersecurity Dive metlstorm: "Great, so now I have to roll i…" - Infosec Exchange Dave Aitel: "@riskybusiness @chort honestly…" - Infosec Exchange Critical Barracuda 0-day was used to backdoor networks for 8 months | Ars Technica Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED Ask Fitis, the Bear: Real Crooks Sign Their Malware – Krebs on Security Wayback Machine Discord Admins Hacked by Malicious Bookmarks – Krebs on Security Google’s Android and Chrome extensions are a very sad place. Here’s why | Ars Technica How university cybersecurity clinics can help cities fight ransomware | CyberScoop Atomic - Crypto Wallet on Twitter: "We have received reports of wallets being compromised. We are doing all we can to investigate and analyse the situation. As we have more information, we will share it accordingly. For any questions and concerns, contact support@atomicwallet.io" / Twitter BrianKrebs: "Russian news outlet Kommersant…" - Infosec Exchange Thinkst
Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: China’s lolbin-powered intrusions into critical infrastructure Trend Micro backs BlackBerry’s Cuba call Anonymous Sudan shakes down Scandanavian Airlines Iranian opposition party MEK publishes gargantuan leak Much, much more This week’s show is brought to you by Kubernetes security company KSOC. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog (1) New Messages! U.S. warns China could hack infrastructure, including pipelines, rail systems | Reuters Factbox: What is Volt Typhoon, the alleged China-backed hacking group? | Reuters Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target? - The New York Times COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines Iranian dissidents take over high-security servers of regime presidency | Iran-linked hackers Agrius deploying new ransomware against Israeli orgs Exclusive: Chinese hackers attacked Kenyan government as debt strains grew | Reuters Risky Biz News: PyPI to enforce 2FA, reduce stored IP addresses NSO spyware used in Armenia-Azerbaijan conflict, report finds Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware SMS pumping fraud: take care how you configure MFA - TechHQ Full Disclosure: Printerlogic multiple vulnerabilities Barracuda Networks issue added to CISA vulnerability list Barracuda patches actively exploited zero-day vulnerability in email gateways | Cybersecurity Dive Developing: RaidForums users db leaked Phishing Domains Tanked After Meta Sued Freenom – Krebs on Security Broad coalition of advocacy groups urges Slack to protect users' messages from eavesdropping | CyberScoop
Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: China’s lolbin-powered intrusions into critical infrastructure Trend Micro backs BlackBerry’s Cuba call Anonymous Sudan shakes down Scandanavian Airlines Iranian opposition party MEK publishes gargantuan leak Much, much more This week’s show is brought to you by Kubernetes security company KSOD. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog (1) New Messages! U.S. warns China could hack infrastructure, including pipelines, rail systems | Reuters Factbox: What is Volt Typhoon, the alleged China-backed hacking group? | Reuters Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target? - The New York Times COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines Iranian dissidents take over high-security servers of regime presidency | Iran-linked hackers Agrius deploying new ransomware against Israeli orgs Exclusive: Chinese hackers attacked Kenyan government as debt strains grew | Reuters Risky Biz News: PyPI to enforce 2FA, reduce stored IP addresses NSO spyware used in Armenia-Azerbaijan conflict, report finds Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware SMS pumping fraud: take care how you configure MFA - TechHQ Full Disclosure: Printerlogic multiple vulnerabilities Barracuda Networks issue added to CISA vulnerability list Barracuda patches actively exploited zero-day vulnerability in email gateways | Cybersecurity Dive Developing: RaidForums users db leaked Phishing Domains Tanked After Meta Sued Freenom – Krebs on Security Broad coalition of advocacy groups urges Slack to protect users' messages from eavesdropping | CyberScoop
Risky Biz Soap Box: Why your EDR won't save you
In this Soap Box podcast Patrick Gray talks to George Glass, the threat intelligence operations leader in the Cyber Risk practice at Kroll. They talk about all sorts of things, like: How the ransomware ecosystem is evolving into “ma and pa” operations Some killer detections they’ve figured out What separates the good networks from the bad ones Why EDR is of limited value if you’re not actually monitoring it Why not letting MDRs do the R part of their job is really, really, really dumb
Risky Biz Soap Box: Why your EDR won't save you
In this Soap Box podcast Patrick Gray talks to George Glass, the threat intelligence operations leader in the Cyber Risk practice at Kroll. They talk about all sorts of things, like: How the ransomware ecosystem is evolving into “ma and pa” operations Some killer detections they’ve figured out What separates the good networks from the bad ones Why EDR is of limited value if you’re not actually monitoring it Why not letting MDRs do the R part of their job is really, really, really dumb
Risky Business #707 -- Inside China's information lockdown with Chris Krebs
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Germans charge FinFisher executives The got FBI busted misusing 702 data Special guest Chris Krebs talks China, new CISA mandates and more New research breaks Android fingerprint auth Much, much more This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about the work Trail of Bits is doing in securing AI systems, and making them safe. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes Congress looks to expand CISA's role, adding responsibilities for satellites and open source software | CyberScoop Biden nominates Lt. Gen. Timothy Haugh for top position at NSA, Cyber Command Unsere Strafanzeige: Staatsanwaltschaft erhebt Anklage gegen FinFisher The Real Risks in Google’s New .Zip and .Mov Domains | WIRED FBI misused controversial surveillance tool to investigate Jan. 6 protesters Suspicion stalks Genesis Market’s competitors following FBI takedown Crimephones Are a Cop's Best Friend - by Tom Uren The Underground History of Turla, Russia's Most Ingenious Hacker Group | WIRED Some Of Russia’s Most Dangerous Cybercriminals Just Had Their Malware Dealer Unmasked Shifting tactics fuel surge in Business Email Compromise Treasury Department sanctions entities tied to North Korean IT scams, hacking | CyberScoop Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto | WIRED Leaked EU Document Shows Spain Wants to Ban End-to-End Encryption | WIRED Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones | Ars Technica It took 48 hours, but the mystery of the mass Asus router outage is solved | Ars Technica Popular Android TV boxes sold on Amazon are laced with malware | TechCrunch Teen hacker charged in scheme to siphon funds from sports betting accounts Researchers tie FIN7 cybercrime family to Clop ransomware German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack Dallas courts still closed 2 weeks post-ransomware attack | Cybersecurity Dive Health insurer says patients’ information was stolen in ransomware attack Patients angered after Oklahoma allergy clinic blames cyberattack for shutdown UK steel industry supplier Vesuvius says ‘cyber incident’ cost £3.5 million Researchers infiltrate Qilin ransomware group, finding lucrative affiliate payouts A different kind of ransomware demand: Donate to charity to get your data back | CyberScoop Joe Tidy on Twitter: "A bizarre one from Reading courts - an IT Security worker pleads guilty to piggy-backing off a cyber attack against his own firm. Liles switched the ransom payment details to his own Bitcoin wallet and changed the hacker's email to secretly apply pressured on bosses to pay up. https://t.co/Ze4yAJA6vM" / Twitter ChatGPT Scams Are Infiltrating Apple's App Store and Google Play | WIRED
Risky Business #707 -- Inside China's information lockdown with Chris Krebs
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Germans charge FinFisher executives The got FBI busted misusing 702 data Special guest Chris Krebs talks China, new CISA mandates and more New research breaks Android fingerprint auth Much, much more This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about the work Trail of Bits is doing in securing AI systems, and making them safe. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.