Risky Business #587 -- Full scale of Indian hacking-for-hire revealed

PLUS: Contact tracing apps flop...
10 Jun 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Full scale of Indian hacker-for-hire firm revealed
  • IBM exits facial recognition
  • Contact tracing apps flop
  • Much, much more

This week’s show is brought to you by AttackIQ.

AttackIQ’s Chris Kennedy will be along in this week’s sponsor interview to talk about how for some organisations threat intelligence has moved from a nice-to-have to being central to blue team efforts. As you’ll hear he says MITRE ATT&CK makes threat intel actionable, and some orgs playing on hard mode are really kicking some goals that way.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Exclusive: Obscure Indian cyber firm spied on politicians, investors worldwide - Reuters
Dark Basin: Uncovering a Massive Hack-For-Hire Operation - The Citizen Lab
Huge Cyberattacks Attempt To Silence Black Rights Movement With DDoS Attacks
Petition · Take down the racist "Chimpmania" website. It attacks our children · Change.org
Cyberattacks since the murder of George Floyd
IBM will no longer offer, develop, or research facial recognition technology - The Verge
Contact tracing bug bounty: France’s StopCovid project launches public program | The Daily Swig
Another online voting system teardown, Big game hunters net Honda and Lion, and more... - Risky Business
Qatar: Contact tracing app exposes personal details of more than one million - Amnesty International Australia
Hackers target senior executives at German company procuring PPE
Why spies are targeting vaccine research - Risky Business
Shoddy US government review of Chinese telcos endangered national security, Senate panel finds
Election security: Democracy Live’s online voting system ‘open to manipulation’ | The Daily Swig
Facebook sues to stop domain scammers from impersonating Instagram, WhatsApp sites
Hackers hijack one of Coincheck's domains for spear-phishing attacks | ZDNet
New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs | ZDNet
Plundering of crypto keys from ultrasecure SGX sends Intel scrambling again | Ars Technica
DARPA invites hackers to break hardware to make it more secure
ST Engineering conducting ‘rigorous review’ of systems after US subsidiary hit by ransomware attack | The Daily Swig
Ransomware gang says it breached one of NASA's IT contractors | ZDNet
Ransomware crooks attack Conduent, another large IT provider
QNAP NAS devices targeted in another wave of ransomware attacks | ZDNet
Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity — Krebs on Security
Honda puts some manufacturing on hold over computer 'disruption'
Lion hit by cyber attack as hackers target corporate Australia
South African healthcare provider hit by cyber-attack | The Daily Swig
IT-bedrijf moet schade na ransomware-uitbraak vergoeden | Executive People
There’s a new Java ransomware family on the block
Exploit code for wormable flaw on unpatched Windows devices published online | Ars Technica
CallStranger vulnerability lets attacks bypass security systems and scan LANs | ZDNet
Commonwealth Bank to suspend users over abuse in online transaction descriptions
Zoom defenders cite legit reasons to not end-to-end encrypt free calls | Ars Technica
Zoom has partially fixed two new flaws, with other security hurdles ahead
Nintendo now says 300,000 accounts breached by hackers | TechCrunch
Google apps and websites get support for more security keys on iOS devices | ZDNet
Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion — Krebs on Security
RMIScout: New hacking tool brute-forces Java RMI servers for vulnerabilities | The Daily Swig
Spy secret revealed: SIS and MI6 raided Czechoslovakian embassy in Wellington | RNZ News
CVE-2020-13777: TLS 1.3 session resumption works without master key, allowing MITM (#1011) · Issues · gnutls / GnuTLS · GitLab