Risky Business #690 -- 2023 will be a rough year for critical online services
01/10/23 • 68 min
1 Listener
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes:
- Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume
- All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more
- A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem
- Why automotive security research will actually be interesting this year
- PLUS: A bunch of random news!
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff!
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica
- Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig
- LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News
- GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News
- Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News
- Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News
- Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News
- Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News
- CISA researchers: Russia's Fancy Bear infiltrated US satellite network
- Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters
- NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop
- Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine
- Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News
- New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News
- Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News
- Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica
- Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News
On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes:
- Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume
- All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more
- A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem
- Why automotive security research will actually be interesting this year
- PLUS: A bunch of random news!
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff!
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica
- Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig
- LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News
- GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News
- Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News
- Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News
- Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News
- Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News
- CISA researchers: Russia's Fancy Bear infiltrated US satellite network
- Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters
- NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop
- Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine
- Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News
- New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News
- Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News
- Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica
- Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News
Previous Episode
Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Apple to introduce user-encrypted backups, FBI is sad
- Twitter ices e2ee plans for DMs
- RackSpace is getting sued over its hosted Exchange ransomware incident
- Dodgy driving: Microsoft signs some shady stuff
- Japan to change laws, release the Shibas
- A look at the US NDAA
- Much, much more
This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Apple Expands End-to-End Encryption to iCloud Backups | WIRED
- FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors
- Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED
- Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold
- I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant
- Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future
- Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response
- New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security
- Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED
- Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED
- Risky Biz News: Disgruntled member doxes and extorts URSNIF gang
- U.S. agency warns that hackers are going after Citrix networking gear | Reuters
- Police raid offices of Predator spyware seller Intellexa | eKathimerini.com
- $858 billion defense bill focuses heavily on cyber. These are some highlights.
- Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future
- Fantasy – a new Agrius wiper deployed through a supply‐chain attack | WeLiveSecurity
- Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future
- US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future
- ‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future
- Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future
Next Episode
Risky Business #691 -- LockBit and "Pablo Escobar syndrome"
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
- CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
- Cloudflare backs Mastodon
- Paul Nakasone: NSA did some great stuff! It was really good!
- Cisco won’t patch SMB routers sold in 2020
- Much, much more
This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Royal Mail cyberattack linked to LockBit ransomware operation
- Ransomware Diaries: Volume 1 | Analyst1
- Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News
- Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News
- CircleCI incident report for January 4, 2023 security incident
- Researchers: Large language models will revolutionize digital propaganda campaigns
- Nick Cave - The Red Hand Files - Issue #218
- GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server
- Meta sues Voyager Labs over scraping user data
- Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News
- A Police App Exposed Secret Details About Raids and Suspects | WIRED
- ODIN Intelligence website is defaced as hackers claim breach | TechCrunch
- Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News
- The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News
- Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News
- Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations
- The FBI Won't Say Whether It Hacked Dark Web ISIS Site
- Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News
- Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News
- Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica
- Vulnerability with 9.8 severity in Control W...
If you like this episode you’ll love
Episode Comments
Featured in these lists
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/risky-business-43859/risky-business-690-2023-will-be-a-rough-year-for-critical-online-servi-27318323"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to risky business #690 -- 2023 will be a rough year for critical online services on goodpods" style="width: 225px" /> </a>
Copy