Risky Business #628 -- Microsoft is not your friend

They put out the trash last Friday afternoon. It worked...
30 Jun 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • Microsoft reluctantly and belatedly discloses breach
  • Chinese APT suspected of Air India breach
  • JBS paid $11m even though they successfully restored systems
  • cl0p money launderer arrests
  • Ransomware news roundup
  • All the latest research and MORE

This week’s show is brought to you by Greynoise. Its founder and CEO, Andrew Morris, joins us this week to talk through some of the work he’s been doing to extend Greynoise’s use cases. It’s a great chat, that one.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Microsoft says SolarWinds hacking group has breached three new victims - The Record by Recorded Future
Are The FBI’s ‘Most Wanted’ Chinese Spies Hacking The Airline Industry?
Sprawling cyber-espionage campaign linked to Chinese military unit - The Record by Recorded Future
APT group targets diplomatic organizations in Africa and the Middle East - The Record by Recorded Future
Al Jazeera repels cyber-attacks that sought to disrupt media network | The Daily Swig
Beef supplier JBS paid ransomware hackers $11 million
Arrested Clop gang members laundered over $500M in ransomware payments - The Record by Recorded Future
A week after arrests, Cl0p ransomware group dumps new tranche of stolen data | Ars Technica
Tulsa police say 18,000 files are leaked after Conti ransomware hack
City of Liege, Belgium hit by ransomware - The Record by Recorded Future
Ransomware group 'Hades' claims more victims as investigators seek answers
New Australian bill would force companies to disclose ransomware payments - The Record by Recorded Future
White House weighs cracking down on secret ransomware payments, pursuing hackers
Using VMs to hide ransomware attacks is becoming more popular - The Record by Recorded Future
Ransomware gangs are increasingly going after SonicWall devices - The Record by Recorded Future
Cisco routers come under attack, including a destructive hacktivist campaign - The Record by Recorded Future
Microsoft admits to signing a malicious rootkit driver - The Record by Recorded Future
Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents
Zyxel says a threat actor is targeting its enterprise firewall and VPN devices - The Record by Recorded Future
MyBook Users Urged to Unplug Devices from Internet – Krebs on Security
French Spyware Executives Are Indicted for Aiding Torture | WIRED
Google to require 2FA and a physical address from Android app devs - The Record by Recorded Future
Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison
FIN7 scammers posed as SEC officials, sick restaurant customers to hack victims
Cybercriminals are deploying legit security tools far more than before, researchers conclude
NFC Flaws Let Researchers Hack ATMs by Waving a Phone | WIRED
North Korean hackers breach South Korean submarine builder (again) - The Record by Recorded Future
North Korean hackers breach South Korea's atomic research agency through VPN bug - The Record by Recorded Future
MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework - The Record by Recorded Future
Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened
US Computer Fraud and Abuse Act: What the ‘landmark’ Van Buren ruling means for security researchers | The Daily Swig
Episode 204: [Insert Inscrutable Title Here] – The National Security Law Podcast
Supreme Court revives LinkedIn case to protect user data from web scrapers | TechCrunch
Biden revokes Trump TikTok and WeChat ban order - The Washington Post
EA source code stolen by hacker claiming to sell it online | Ars Technica
PoC exploit accidentally leaks for dangerous Windows PrintNightmare bug - The Record by Recorded Future
Project Zero: An EPYC escape: Case-study of a KVM breakout
Instagram vulnerability nets researcher $30k after exposing users’ private content | The Daily Swig
A Well-Meaning Feature Leaves Millions of Dell PCs Vulnerable | WIRED
Connecting to malicious Wi-Fi networks can mess with your iPhone | Ars Technica
Google patches Chrome zero-day linked to 'commercial exploit company' - The Record by Recorded Future
Hackers can mess with HTTPS connections by sending data to your email server | Ars Technica
NSA leaker Reality Winner released early for good behavior - The Record by Recorded Future
AV mogul John McAfee found dead by hanging in Spanish prison cell | Ars Technica
Canadian Navy wins US Cyber Command training exercise - The Record by Recorded Future