Risky Business #702 -- 3CX: It's like SolarWinds, but stupider
04/18/23 • 61 min
1 Listener
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why 3CX was the dumbest supply chain attack we’ve seen
- Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved
- How attackers are burning down cloud infrastructure
- The latest from the world of spyware
- Much, much more
This week’s show is brought to you by Nucleus Security. Chris Hughes from Aquia is this week’s sponsor guest. He appeared at Nucleus Security’s invitation.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms | WIRED
- 3CX support tells customers to investigate malware warnings themselves | Ars Technica
- North Korean hackers linked to 3CX supply-chain attack, investigation finds
- BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog
- Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands | CyberScoop
- MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
- CISA, Cisco highlight Russian military targeting of router vulnerabilities
- Israeli spyware software surveilling journalists, politicians
- Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
- Israeli Spyware Maker QuaDream Closes, Fires All Employees - National Security & Cyber - Haaretz.com
- Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch
- Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
- US commits $25 million to Costa Rica for Conti ransomware recovery
- State Department, Congress working on formal program for US cyber aid
- CISA and partners issue secure-by-design principles for software manufacturers | FedScoop
- Time to Designate Space Systems as Critical Infrastructure
- Apple’s Macs Have Long Escaped Ransomware. That May Be Changing | WIRED
- Cyber company Darktrace gets caught up in LockBit gang's apparent blunder
- Payments giant says it is investigating ransomware incident that caused POS outage
- Cyberattack causing treatment delays at Canadian hospital
- German arms manufacturer Rheinmetall confirms cyberattack
- Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why 3CX was the dumbest supply chain attack we’ve seen
- Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved
- How attackers are burning down cloud infrastructure
- The latest from the world of spyware
- Much, much more
This week’s show is brought to you by Nucleus Security. Chris Hughes from Aquia is this week’s sponsor guest. He appeared at Nucleus Security’s invitation.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms | WIRED
- 3CX support tells customers to investigate malware warnings themselves | Ars Technica
- North Korean hackers linked to 3CX supply-chain attack, investigation finds
- BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog
- Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands | CyberScoop
- MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
- CISA, Cisco highlight Russian military targeting of router vulnerabilities
- Israeli spyware software surveilling journalists, politicians
- Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
- Israeli Spyware Maker QuaDream Closes, Fires All Employees - National Security & Cyber - Haaretz.com
- Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch
- Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
- US commits $25 million to Costa Rica for Conti ransomware recovery
- State Department, Congress working on formal program for US cyber aid
- CISA and partners issue secure-by-design principles for software manufacturers | FedScoop
- Time to Designate Space Systems as Critical Infrastructure
- Apple’s Macs Have Long Escaped Ransomware. That May Be Changing | WIRED
- Cyber company Darktrace gets caught up in LockBit gang's apparent blunder
- Payments giant says it is investigating ransomware incident that caused POS outage
- Cyberattack causing treatment delays at Canadian hospital
- German arms manufacturer Rheinmetall confirms cyberattack
- Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme
Previous Episode
Risky Biz Soap Box: Haroon Meer on why the VC apocalypse is great news
In this Soap Box edition of the show, Thinkst Canary founder Haroon Meer joins us to talk about why the sudden pullback in venture funding in infosec is actually a good thing.
He thinks this will give founders licence to slow down and actually focus on making good products, instead of trying to build a company around vapourware or a minimum viable product.
Next Episode
Snake Oilers: Socket, Teleport and Mandiant's Purple Team
Snake Oilers isn’t our regular weekly podcast, it’s a wholly sponsored series we do at Risky.Biz where vendors come on to the show to pitch their products to you, the Risky Business listener. To be clear – everyone you hear in one of these editions, paid to be here.
We’ll hear from three vendors in this edition of Snake Oilers:
- Socket.dev, a software supply chain product that currently deploys as a GitHub addon
- Teleport, a company that makes a secure access gateway/single sign on product for engineers to securely access infrastructure
- Mandiant joins us to pitch its Purple Team engagement product
Enjoy!
Show notes
If you like this episode you’ll love
Episode Comments
Featured in these lists
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/risky-business-43859/risky-business-702-3cx-its-like-solarwinds-but-stupider-29461689"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to risky business #702 -- 3cx: it's like solarwinds, but stupider on goodpods" style="width: 225px" /> </a>
Copy