Risky Business #711 -- Albanian authorities raid MEK camp over Iran hacks
06/20/23 • 59 min
2 Listeners
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Albanian authorities raid MEK over Iran hacks
- Microsoft admits “Anonymous Sudan” took down its services
- US Government puts $10m bounty on CL0P
- A deeper look at the Barracuda hack campaign
- Much, much more
This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Police raid Iranian opposition camp in Albania, seize computers | AP News
- Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan
- Anonymous Sudan and Killnet strike again, target EIB
- Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop
- Hackers infect Russian-speaking gamers with fake WannaCry ransomware
- US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive
- (1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter
- U.S. government says several agencies hacked as part of broader cyberattack
- Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive
- Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive
- Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant
- New DOJ unit will focus on prosecuting nation-state cybercrime
- EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’
- The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED
- Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker
- Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian
- Bipartisan bill would protect Americans’ data from export abroad
- District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice
- I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon
- CID-FLYER-TEMPLATE
- New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Albanian authorities raid MEK over Iran hacks
- Microsoft admits “Anonymous Sudan” took down its services
- US Government puts $10m bounty on CL0P
- A deeper look at the Barracuda hack campaign
- Much, much more
This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Police raid Iranian opposition camp in Albania, seize computers | AP News
- Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan
- Anonymous Sudan and Killnet strike again, target EIB
- Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop
- Hackers infect Russian-speaking gamers with fake WannaCry ransomware
- US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive
- (1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter
- U.S. government says several agencies hacked as part of broader cyberattack
- Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive
- Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive
- Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant
- New DOJ unit will focus on prosecuting nation-state cybercrime
- EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’
- The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED
- Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker
- Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian
- Bipartisan bill would protect Americans’ data from export abroad
- District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice
- I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon
- CID-FLYER-TEMPLATE
- New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop
Previous Episode
Risky Business #710 -- Why your corporate VPN will get you owned
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Fortinet 0day Groundhog Day
- CISA’s new binding directive on exposed management interfaces
- Confirmed: US intelligence buying commercially available data
- MOVEit drama rolls on
- Much, much more
This week’s show is brought to you by Red Canary. Chris Rothe is this week’s sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek
- Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security
- MOVEit announces second vulnerability; Minnesota schools agency breached with original bug
- Confidential data downloaded from UK regulator Ofcom in cyberattack
- Ransomware group Clop issues extortion notice to ‘hundreds’ of victims
- Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch
- CISA orders US civilian agencies to remove tools from public-facing internet
- Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive
- Microsoft says Azure outage was caused by ‘anomalous’ traffic spike
- Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive
- Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco
- U.S. Spy Agencies Buy Vast Quantities of Americans’ Personal Data, U.S. Says - WSJ
- The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED
- Srsly Risky Biz: Thursday, July 29 - by Tom Uren
- National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post
- Senators say Biden administration isn’t close on overhauling surveillance law
- Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e
- North Korean hacking group Lazarus linked to $35 million cryptocurrency heist
- North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters
- An Illinois hospital links closure to ransomware attack
- Security professional's tweet forces big change to Google email authentication | CyberScoop
- Can you trust ChatGPT’s package recommendations?
Next Episode
Risky Biz Soap Box: Defeating Living of the Land
In this edition of the Soap Box podcast we’re going to be talking about a great topic – living off the land.
The recent Volt Typhoon report out of Microsoft chronicled the adventures of a Chinese APT crew in US critical infrastructure. But one of the most fascinating aspects of the Volt Typhoon campaign was that the attackers almost exclusively used so-called living off the land techniques.
So the question becomes – what can you do about an attacker in your environment who has privilege and isn’t using malware?
Guests David Cottingham and Daniel Schell, the CEO and CTO of Airlock Digital, join the show to talk it through.
If you like this episode you’ll love
Episode Comments
Featured in these lists
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/risky-business-43859/risky-business-711-albanian-authorities-raid-mek-camp-over-iran-hacks-30896120"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to risky business #711 -- albanian authorities raid mek camp over iran hacks on goodpods" style="width: 225px" /> </a>
Copy