Risky Business Podcast

June 03, 2020

Risky Business #586 -- Google TAGs Indian mercenaries

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • NSA warns of Sandworm Exim exploitation
  • Huawei CFO extradition process to continue
  • Google TAG implicates Indian hacker-for-hire outfits in espionage
  • Black lives matter
  • F–k police brutality

This week’s sponsor interview is with Marco Slaviero of Thinkst Canary. He’ll be talking through a few of the partnerships Thinkst has entered into over the years. He’ll also talk a bit about some new Canary integrations, such as a new one with HD Moore’s Rumble.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #586 -- Google TAGs Indian mercenaries
0:00 / 0:00

Show notes

NSA: Russia's Sandworm Hackers Have Hijacked Mail Servers | WIRED

Canadian judge OKs extradition proceedings for Huawei CFO

Google highlights Indian 'hack-for-hire' companies in new TAG report | ZDNet

Updates about government-backed hacking and disinformation

REvil Ransomware Gang Starts Auctioning Victim Data — Krebs on Security

Michigan State University hit by ransomware gang | ZDNet

Microsoft warns about attacks with the PonyFinal ransomware | ZDNet

Lawsuit seeking billions in damages filed against EasyJet

Anonymous, aiming for relevance, spins old data as new hacks

Exclusive: Zoom plans to roll out strong encryption for paying customers - Reuters

(5) Patrick Gray on Twitter: "Pretty funny that Zoom announced its plans to introduce e2e for paid accounts on May 7 and nobody blinked, but when they actually followed through a few weeks later people lost their minds over it. https://t.co/qsI9Pppey3" / Twitter

An advanced and unconventional hack is targeting industrial firms | Ars Technica

Rod Rosenstein is working with NSO Group, the Israeli firm accused of spying on dissidents

GitHub warns Java developers of new malware poisoning NetBeans projects | ZDNet

Hacker leaks database of dark web hosting provider | ZDNet

Career Choice Tip: Cybercrime is Mostly Boring — Krebs on Security

UK Ad Campaign Seeks to Deter Cybercrime — Krebs on Security

Researcher claims $100,000 for ‘Sign in with Apple’ hack

Zero-day in Sign in with Apple

Facebook security: Researcher scoops $31k bug bounty for flagging SSRF vulnerabilities | The Daily Swig

Google launches CTF-style bug bounty challenge for Kubernetes | The Daily Swig

Shadowserver, an Internet Guardian, Finds a Lifeline | WIRED

DOD's third attempt to implement IPv6 isn't going well | ZDNet

OpenSSH to deprecate SHA-1 logins due to security risk | ZDNet

G Suite Marketplace primed for a privacy scandal, researchers warn | ZDNet

(6) Christopher Glyer on Twitter: "Ewww - one of my favorite subjects. Just like we reported in 2016/2017 with Google - an attacker can create an Oauth app (an Azure app). Once user consents - the app can bypass MFA. Unless you have E5 license only choice is to either enable/disable ALL apps #FireEyeSummit https://t.co/8BsTnkiGPL" / Twitter

Judge rules Capital One must hand over Mandiant's forensic data breach report

Surprise Capital One court decision spells trouble for incident response - Risky Business