Risky Business #673 -- When throwing computers into a woodchipper is standard IR
07/27/22 • 0 min
1 Listener
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Why Entrust being ransomwared is good news
- UEFI bootkits turn hardware into landfill
- Microsoft resumes macro blocking rollout
- Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea
- Much, much more
This week’s sponsor guest is Paul “The Voice” Lanzi of Remediant. He’s popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Italy investigating ransomware attack on tax agency - The Record by Recorded Future
- IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future
- Microsoft resuming default block of Office VBA macros - The Record by Recorded Future
- Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica
- China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs
- Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future
- Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health
- Congress goes after spyware purveyors. Will it make a difference?
- Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future
- TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future
- Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED
- Federal privacy legislation progresses, but concerns about data brokers loom
- China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future
- T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future
- Former Coinbase Manager Arrested by Feds for Alleged Insider Trading
- Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig
- Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig
- Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Why Entrust being ransomwared is good news
- UEFI bootkits turn hardware into landfill
- Microsoft resumes macro blocking rollout
- Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea
- Much, much more
This week’s sponsor guest is Paul “The Voice” Lanzi of Remediant. He’s popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Italy investigating ransomware attack on tax agency - The Record by Recorded Future
- IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future
- Microsoft resuming default block of Office VBA macros - The Record by Recorded Future
- Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica
- China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs
- Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future
- Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health
- Congress goes after spyware purveyors. Will it make a difference?
- Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future
- TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future
- Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED
- Federal privacy legislation progresses, but concerns about data brokers loom
- China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future
- T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future
- Former Coinbase Manager Arrested by Feds for Alleged Insider Trading
- Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig
- Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig
- Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica
Previous Episode
Risky Business #672 -- "Expected behaviour" is in the eye of the beholder
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- A look at the DHS Cyber Safety Review Board’s Log4j report
- Joshua Schulte no longer the “alleged” Vault7 leaker
- Chinese APT crews targeted US political journalists before Jan 6
- Ransomware gangs make leak sites searchable
- Why recovering plaintext passwords from Okta is expected behaviour
- US Government seizes North Korean ransomware payment
- Much, much more
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he’ll tell us about work Trail of Bits did for DARPA on investigating blockchain security fundamentals.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Patrick Gray on Twitter: "During our discussion yesterday on the show we didn’t know pre-existing MDM was preserved when iOS lockdown mode is enabled, which is great!" / Twitter
- DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure
- Ex-CIA Hacker Convicted for ‘One of the Most Damaging Acts of Espionage in American History’
- Chinese hackers targeted U.S. political reporters just ahead of Jan. 6 attack, researchers say
- Experts concerned about ransomware groups creating searchable databases of victim data - The Record by Recorded Future
- Who-is-Trickbot.pdf
- A Deep Dive Into the Residential Proxy Service ‘911’ – Krebs on Security
- Risky Biz News: Google removes app permissions from the Play Store
- Ongoing phishing campaign can hack you even when you’re protected with MFA | Ars Technica
- ‘Password extraction risk’ in identity provider Okta disputed | The Daily Swig
- Authomize Discovers Password Stealing and Impersonation Risks in Okta | Authomize.com
- Okta Response to Security Report | Okta
- DOJ seized ransoms paid by health centers in Kansas, Colorado after 2021 attacks - The Record by Recorded Future
- North Korean hackers target small businesses with H0lyGh0st ransomware, Microsoft warns - The Record by Recorded Future
- Colorado police investigating ransomware attack on small town - The Record by Recorded Future
- Albania shuts down government websites, services due to wide ranging cyberattack - The Record by Recorded Future
- Bandai Namco confirms cyberattack after ransomware group threatens leak - The Record by Recorded Future
- MiCODUS MV720 GPS tracker | CISA
- Honda redesigning latest vehicles to address key fob vulnerabilities - The Record by Recorded Future
Next Episode
Risky Business #674 -- "Free money" exploit spawns $150m blockchain feeding frenzy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Taiwan tensions fail to conjure the cyber apocalypse
- Crypto bridge exploit results in $150m feeding frenzy
- Chainalysis evidence to be challenged in court
- Post-quantum NIST candidate algorithm gets smoked
- DSIRF’s Russia links
- Much, much more
This week’s sponsor interview is with Jerrod Chong from Yubico. He’s joining the show to talk about why consumer-focussed implementations of Webauthn like Apple’s Passkeys aren’t a great enterprise solution.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Taiwanese websites hit with DDoS attacks as Pelosi begins visit
- 'Frenzied mob' steals more than $156 million from crypto platform Nomad - The Record by Recorded Future
- Bitcoin Fog Case Could Put Cryptocurrency Tracing on Trial | WIRED
- Post-quantum encryption contender is taken out by single-core PC and 1 hour | Ars Technica
- Federal court system suffered previously undisclosed breach, congressional committee says
- Australian police charge man with developing spyware used by more than 14,500 people - The Record by Recorded Future
- Risky Biz News: Microsoft puts the limelight on another spyware maker—DSIRF from Austria
- Eavesdropping probe finds Israeli police exceeded authority | AP News
- Hacker use of Microsoft macros plummeted after default block: report - The Record by Recorded Future
- On security researcher's newsletter, exposing cybercriminals behind ransomware
- Luxembourg energy companies struggling with alleged ransomware attack, data breach - The Record by Recorded Future
- At least 34 healthcare orgs affected by alleged ransomware attack on OneTouchPoint - The Record by Recorded Future
- American Dental Association says April cyberattack involved ransomware - The Record by Recorded Future
- Ransomware group demands £500,000 from British schools, citing cyber insurance policy - The Record by Recorded Future
- Hackers stole passwords for accessing 140,000 payment terminals | TechCrunch
- Experts warn of hacker claiming access to 50 U.S. companies through breached MSP - The Record by Recorded Future
- German prosecutors issue warrant for Russian government hacker over energy sector attacks - The Record by Recorded Future
- The commercial satellite boom is leaving space vulnerable to hackers - The Record by Recorded Future
If you like this episode you’ll love
Episode Comments
Featured in these lists
Generate a badge
Get a badge for your website that links back to this episode
Select type & size
<a href="https://goodpods.com/podcasts/risky-business-43859/risky-business-673-when-throwing-computers-into-a-woodchipper-is-stand-22266405"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to risky business #673 -- when throwing computers into a woodchipper is standard ir on goodpods" style="width: 225px" /> </a>
Copy