Risky Business #603 -- YOU get sanctions, and YOU get sanctions

28 Oct 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • “Proud Boys” email campaign attributed to Iran in record time
  • Sanctions for everyone!
  • US doxes more adversary TTPs
  • Katie Nickels and Chris Krebs join the show

This week’s show is brought to you by attack simulation platform company AttackIQ. Carl Wright from AttackIQ joins us this week to talk about the distinct possibility that large organisations are going to start slashing their security budgets in response to the changing economy.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

CISA, FBI roll the dice on transparency - Risky Business
Exclusive: 'Dumb mistake' exposed Iranian hand behind fake Proud Boys U.S. election emails - sources | Reuters
FBI News Conference on Election Security | C-SPAN.org
Iran’s bogus email campaign on U.S. elections had a Facebook disinformation prong
Why the US was so fast to blame Iran for voter intimidation emails in Florida
US Treasury sanctions 5 Iranian organizations for alleged election influence operations
'MuddyWater' spies suspected in attacks against Middle East governments, telecoms
The US Sanctions Russians for Potentially ‘Fatal’ Triton Malware | WIRED
EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack
DOD, FBI, DHS warn of active North Korean government-linked hacking operation
FBI, CISA: Russian hackers breached US government networks, exfiltrated data | ZDNet
The Hunter Biden laptop could be fake. Or it could be real. We may never know. - The Washington Post
Exclusive: National Guard called in to thwart cyberattack in Louisiana weeks before election | Reuters
Phishing groups are collecting user data, email and banking passwords via fake voter registration forms | ZDNet
(1) John Hultquist on Twitter: "If the hackers claim to be criminal and there’s no way to pay them, that raises doubt. Likewise, if they claim to be ideological and ask for money..." / Twitter
Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals
Dr. Reddy's shuts 'key' plants worldwide after potential cyberattack hits COVID work | FiercePharma
Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts
A Hacker Is Threatening to Leak Patients' Therapy Notes | WIRED
Tech giants among those affected by breach at PDF signature software maker Nitro | The Daily Swig
Massive Nitro data breach impacts Microsoft, Google, Apple, more
404 Error | Nitro
Hacker steals $24 million from cryptocurrency service 'Harvest Finance' | ZDNet
MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states | ZDNet
(3) Patrick Gray on Twitter: "Wooo... about time" / Twitter
Apple notarizes six malicious apps posing as Flash installers | ZDNet
The Now-Defunct Firms Behind 8chan, QAnon — Krebs on Security
CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant
Over 100 irrigation systems left exposed online without a password | ZDNet
Microsoft launches machine learning cyber-attack threat matrix | The Daily Swig
WordPress deploys forced security update for dangerous bug in popular plugin | ZDNet
NSA whistleblower Edward Snowden granted permanent residency in Russia | ZDNet
Process Herpaderping | herpaderping