Risky Business #582 -- Germans indict APT28 operator

PLUS: Groundhog day for Toll Group...
06 May 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Salt framework 1Day wreaks havoc
  • Toll Group hit with ransomware attack. Again.
  • Germans indict APT28 operator
  • Ransomware a key word in SEC filings
  • Much, much more!

This week’s show is brought to you by Remediant. They offer software that lets you get privileged accounts under control very quickly. In this week’s sponsor interview we’re chatting with Remediant’s COO Paul Lanzi and Julie Smith, the executive director of the Identity Defined Security Alliance (IDSA). We’ll be talking about what the IDSA actually is and what its goals are.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Salt DevOps framework shaken by data center server security flaws | The Daily Swig
CT2 Log Compromised via Salt Vulnerability - Google Groups
Ghost blogging platform servers hacked and infected with crypto-miner | ZDNet
Hackers seize on software flaw to breach two victims, despite patch availability
Hackers breach LineageOS servers via unpatched vulnerability | ZDNet
German authorities charge Russian hacker for 2015 Bundestag hack | ZDNet
bellingcat - Who Is Dmitry Badin, The GRU Hacker Indicted By Germany Over The Bundestag Hacks? - bellingcat
Toll Group suffers second ransomware attack this year - Security - iTnews
Taiwan’s state-owned energy company suffers ransomware attack
Ransomware mentioned in 1,000+ SEC filings over the past year | ZDNet
Indonesian e-commerce giant probes reported breach of 91 million credentials
Estonia: Foreign hackers breached local email provider for targeted attacks | ZDNet
Google and Apple Reveal How Covid-19 Alert Apps Might Look | WIRED
Australia’s COVID-19 app is buggy, not yet operational - Risky Business
(13) Senator Murray Watt on Twitter: "Here are just a few of the issues with the Govt’s #COVIDSafe app that we’ll explore at today’s #COVID-19 Senate hearing. If it’s central to our recovery, we need to know it works. ⁦@riskybusiness⁩ https://t.co/ATtL6UExqs" / Twitter
Coronavirus Australia: COVIDSafe app privacy law to seek jail time for offenders
The United Nations Coronavirus App Doesn’t Work - VICE
Apple, Google ban use of location tracking in contact tracing apps - Reuters
Hacker Bribed 'Roblox' Insider to Access User Data - VICE
CursedChrome turns your browser into a hacker's proxy | ZDNet
Google announces Chrome Web Store crackdown for August 2020 | ZDNet
First seen in the wild - Malware uses Corporate MDM as attack vector - Check Point Research
Executive Order on Securing the United States Bulk-Power System | The White House
DHS CISA to provide DoH and DoT servers for government use | ZDNet
UK NCSC to stop using 'whitelist' and 'blacklist' due to racial stereotyping | ZDNet
SAP notifying 9% of customers about mysterious cloud products security holes | ZDNet
Adult Cam Site CAM4 Exposed 10.88 Billion Records Online | WIRED
How Cybercriminals are Weathering COVID-19 — Krebs on Security
NSO Group partly disputes claim about use of U.S.-based servers in WhatsApp spy campaign
LabCorp investors file lawsuit, alleging 'persistent' failure to secure data
Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
Apple will make it easier to unlock your iPhone while wearing a face mask | TechCrunch
Magento security: Adobe patches six critical flaws in e-commerce platform | The Daily Swig
Oracle warns of attacks against recently patched WebLogic security bug | ZDNet
Putting Identity at the Center of Security - Identity Defined Security Alliance
Remediant: Privileged Access Management | SecureONE