Risky Business #583 -- COVID-19 collection intensifies, tensions mount

PLUS: All the other security news...
13 May 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • US takes aim at China over vaccine hax
  • ??? takes aim at Iranian port infrastructure over ???
  • Iran attacks Gilead pharma
  • Zoom acquires Keybase
  • Thunderbolt research discussed
  • US to drop more DPRK malware
  • Ransomware targets European hospital group
  • Australian flu vaccine distribution disrupted by ransomware
  • More!

CMD’s co-founder and CEO Jake King joins us in this week’s sponsor interview to talk about what happened when he came on to the show a couple of months ago to spruik their new freemium offering. There was a stampede! It’s a hit! So he’ll be along to tell us what shook out of that whole process, and also about what he’s seeing people use the CMD product for since the COVID-19 crisis began.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

U.S. to Accuse China of Trying to Hack Vaccine Data, as Virus Redirects Cyberattacks - The New York Times
Naikon, Group Tied to China's Military, Deploys Debilitating New Cyberattack Tool - The New York Times
Exclusive: Iran-linked hackers recently targeted coronavirus drugmaker Gilead - sources - Reuters
Iran reports failed cyber-attack on Strait of Hormuz port | ZDNet
When hacker code collides: A discovered malware sample uses tools from the NSA and a Chinese group
Zoom acquires Keybase to beef up encryption, ease security questions
Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking | WIRED
FBI, DHS to go public with suspected North Korean hacking tools
Former Ghana government officials sentenced to jail for doing business with NSO Group
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware — Krebs on Security
Ransomware Hit ATM Giant Diebold Nixdorf — Krebs on Security
Cognizant expects to lose between $50m and $70m following ransomware attack | ZDNet
Package delivery giant Pitney Bowes confirms second ransomware attack in 7 months | ZDNet
Seasonal influenza vaccination 2020 - Immunisation Programs
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents | FireEye Inc
DHS memo: 'Significant' security risks presented by online voting
Online Voting Has Worked So Far. That Doesn’t Mean It's Safe | WIRED
A hacker group is selling more than 73 million user records on the dark web | ZDNet
Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache | ZDNet
Hacker gains access to a small number of Microsoft's private GitHub repos | ZDNet
GitHub showcases new code-scanning security tools at virtual event | The Daily Swig
GitHub Takes Aim at Open Source Software Vulnerabilities | WIRED
Australian Tax Office detects ‘fraud’ over early superannuation scheme
Microsoft: 150 million people are using passwordless logins each month | ZDNet
Facebook will pay $52 million in settlement with moderators who developed PTSD on the job - The Verge
Hackers hide web skimmer behind a website's favicon | ZDNet
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 | ZDNet
A Department of Defense bulletin on a 'leaking' sinkhole has baffled cybersecurity experts
How hackers are updating the EVILNUM malware to target the global financial sector
Astaroth malware hides command servers in YouTube channel descriptions | ZDNet
Defcon Is Canceled | WIRED
For 8 years, a hacker operated a massive IoT botnet just to download Anime videos | ZDNet
Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software | Decipher
The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet | WIRED
Attacks on healthcare are crossing all the red lines - Risky Business
Risky Biz - Cmd