Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

On this week’s show Patrick Gray and Adam Boileau discuss the news we missed while on break. Because it’s the first show of the year, we split the discussion into themes:

• Attacks against critical online services like Okta, CircleCI, Slack and Lastpass will increase in volume
• All the latest global intrigue, from NSO being noped by the US Supreme Court to DDoS attacks in Serbia, Turla’s latest campaign, supply chain attacks against Ukraine, why Russia has been more active than we realised and much more
• A ransomware wrap, a discussion about the rise of data extortion and why it’s unlikely to remain a huge problem
• Why automotive security research will actually be interesting this year
• PLUS: A bunch of random news!

This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about something they’ve developed – a zero knowledge proof of exploit technique. Very interesting stuff!

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

• First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica
• Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig
• LastPass: Hackers accessed and copied customers’ password vaults - The Record from Recorded Future News
• GitHub incident allowed attacker to copy Okta's source code - The Record from Recorded Future News
• Supreme Court dismisses spyware company NSO Group’s claim of immunity - The Record from Recorded Future News
• Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans - The Record from Recorded Future News
• Iran’s support of Russia draws attention of pro-Ukraine hackers - The Record from Recorded Future News
• Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it - The Record from Recorded Future News
• CISA researchers: Russia's Fancy Bear infiltrated US satellite network
• Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters
• NSA cyber director warns of Russian digital assaults on global energy sector - CyberScoop
• Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine
• Military operations software in Ukraine was hit by Russian hackers - The Record from Recorded Future News
• New supply chain attack targeted Ukrainian government networks - The Record from Recorded Future News
• Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News
• Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation | Ars Technica
• Cyber Command conducted offensive operations to protect midterm elections - The Record from Recorded Future News