Risky Business #602 -- US DoJ hooks Sandworm

PLUS: A mercifully brief recap of the absolutely bonkers Wilmington Mac Shop story...
21 Oct 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • US DoJ unseals indictments against Sandworm operators
  • Twitter backtracks on “hacked materials” policy
  • No consensus on Trickbot c2 status
  • NSA publishes “most exploited” listicle that’s actually interesting
  • Much, much more

Cmd Security is this week’s sponsor. Its CEO Jake King and CTO Mike Sample join the show this week to talk though a new remote access tech release from Hashicorp called Boundary and what it might mean for Linux system observability in your environment.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit | WIRED
UK says Russia was preparing cyber-attacks against the Tokyo Olympics | ZDNet
Sandworm operators indicted - Risky Business
Microsoft says it took down 94% of TrickBot's command and control servers | ZDNet
NSA publishes list of top vulnerabilities currently targeted by Chinese hackers | ZDNet
800,000 SonicWall VPNs vulnerable to new remote code execution bug | ZDNet
New York Post Published Hunter Biden Report Amid Newsroom Doubts - The New York Times
Twitter Says It Blocked NY Post Hunter Biden Article Because It Contains Hacked Data
The Media Just Passed a Test It Failed Four Years Ago | WIRED
Brevard voters threatened in emails purportedly from 'Proud Boys'
Google offers details on Chinese hacking group that targeted Biden campaign
Industry alert pins state, local government hacking on suspected Russian group
New York regulator faults Twitter for lax security measures prior to big account breach
German authorities raid FinFisher offices | ZDNet
Shannon Vavra on Twitter: "Details via @hsu_spencer & @kfahim https://t.co/QTRooHnw0I" / Twitter
Encrochat Hack That Brought Down Hundreds of Criminals Faces Legal Challenges
Hackney Council unable to pay housing benefit after cyber attack | Science & Tech News | Sky News
London's Hackney Borough Council hit by hack attack - BBC News
Hackney Council services to be disrupted ‘for some time’
Meet FIN11, a cybercrime outfit going after pharma companies while leaning on extortion
QAnon/8Chan Sites Briefly Knocked Offline — Krebs on Security
Alexander Vinnik heads to trial in France on ransomware, money laundering charges
Alleged KickassTorrents founder Artem Vaulin jumped bail in Poland
Thousands of infected IoT devices used in for-profit anonymity service | Ars Technica
Microsoft adds option to disable JScript in Internet Explorer | ZDNet
Zoom to roll out end-to-end encrypted (E2EE) calls | ZDNet
QRadar: Popular IBM security tool open to remote code execution attacks | The Daily Swig
Google releases Chrome security update to patch actively exploited zero-day | ZDNet
Security testing firm NSS Labs ceases operations, citing coronavirus | TechCrunch
Ryuk in 5 Hours – The DFIR Report