Risky Business #671 -- The case for an American-owned NSO Group

On this week’s show Patrick Gray and guest cohost Dmitri Alperovitch discuss the week’s security news, including:

• Why an American defence contractor acquiring NSO Group would be a nonproliferation win
• A look at Microsoft’s botched macro measures
• iPhone’s Lockdown Mode
• Ukraine goes big on Yubikeys
• Aerojet Rocketdyne pays millions over poor security controls, CISO whistleblower gets bag of cash
• Much, much more

This week’s show is sponsored by Proofpoint. Ryan Kalember, Proofpoint’s Executive Vice President of Cybersecurity Strategy, joins us in this week’s sponsor interview to talk about changes he’s observed in the criminal ecosystem.

NOTE: This podcast contains an error. We say that iOS Lockdown Mode prevents users from using an MDM profile on their devices. It doesn’t, it just stops new MDM profiles from being loaded while in Lockdown Mode, so corporate users will be able to turn it on just fine.

Links to everything that we discussed are below and you can follow Patrick or Dmitri on Twitter if that’s your thing.

Show notes

• L3Harris drops bid for NSO spyware following U.S. concerns - The Washington Post
• Apple introduces 'Lockdown Mode' iPhone feature to block elite spyware
• Risky Biz News: Thousands of Yubikeys have been deployed in Ukraine, more to come
• PyPI repo to distribute 4,000 security keys to maintainers of ‘critical projects’ in 2FA drive | The Daily Swig
• Microsoft makes major course reversal, allows Office to run untrusted macros [Updated] | Ars Technica
• Microsoft says decision to stop blocking Office VBA macros by default is ‘temporary’ - The Record by Recorded Future
• Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents'
• Rocket maker agrees to pay $9 million to settle allegations of cybersecurity violations - The Record by Recorded Future
• North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector | CISA
• North Korea is targeting hospitals with ransomware, U.S. agencies warn
• Medical debt collection firm says ransomware attack exposed info on 650+ healthcare orgs - The Record by Recorded Future
• French telecom company La Poste Mobile struggling to recover from ransomware attack - The Record by Recorded Future
• Cyberattack knocks out California community college email, website, landlines - The Record by Recorded Future
• OPM breach victims expected to receive about $700 each after class action settlement - The Record by Recorded Future
• Chinese Hackers Targeting Russian Government and Telcos
• DeFi Hacker Returns $8m
• Millions in Cryptocurrency Stolen in Phishing Attacks