Risky Business #610 -- Propellerheads in dark on JetBrains

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

Joe Slowik and Katie Nickels are guest co-hosts in this week’s edition of the show. They join Patrick Gray to talk about:

  • Mimecast having some stolen certificate, errr, “problems”
  • The confusing reports about JetBrains
  • Analysis of the malware used in the SolarWinds campaign
  • Australian man arrested in Germany and charged with running DarkMarket
  • The Great Deplatforming of 2021

This week’s show is brought to you by Gigamon.

If you’re a Gigamon shop you should really take a look at their ThreatInsight platform, that’s a no brainer. Even if you’re not, they’re real players in the network detection and response space. Joining us in this week’s sponsor interview is Jason Tesarz, a senior product manager for Gigamon ThreatInsight. He joined the show to talk about a few things, like how these days the NDR vendors are competing more around their workflows than trying to be the most comprehensive in detection.

Links to everything that we discussed are below and you can follow Patrick, Katie or Joe on Twitter if that’s your thing.

Risky Business #610 -- Propellerheads in dark on JetBrains
0:00 / 0:00

Show notes

Mimecast says hackers abused one of its certificates to access Microsoft accounts | ZDNet

JetBrains denies being involved in SolarWinds hack | ZDNet

Federal courts are latest apparent victim of SolarWinds hack

CISA: SolarWinds hackers also used password guessing to breach targets | ZDNet

Sealed U.S. Court Records Exposed in SolarWinds Breach — Krebs on Security

The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group | WIRED

(1) New Message!

SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack - CyberScoop

Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources | Reuters

DarkMarket: world's largest illegal dark web marketplace taken down | Europol

Rioters Had Physical Access to Lawmakers’ Computers. How Bad Is That?

Trump Is Permanently Suspended From Twitter

Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says - CyberScoop

Amazon boots Parler from web hosting service over violent content - CyberScoop

Google removes Parler app from Play Store | ZDNet

Twitter purges QAnon accounts; Facebook targets 'Stop the Steal' - CyberScoop

Some ransomware gangs are going after top execs to pressure companies into paying | ZDNet

Anti-Secrecy Activists Publish a Trove of Ransomware Victims' Data | WIRED

Hackers can clone Google Titan 2FA keys using a side channel in NXP chips | Ars Technica

Encrypted Client Hello: Upcoming Firefox 85 rollout builds momentum for ESNI successor | The Daily Swig

Telegram feature exposes your precise address to hackers | Ars Technica

WhatsApp gives users an ultimatum: Share data with Facebook or stop using the app | Ars Technica

More Chinese apps attract a ban from a presidential administration on the way out

China CCP to Nationalize Jack Ma's Alibaba and Ant Group - Report

CES 2021: Intel adds ransomware detection capabilities at the silicon level | ZDNet

Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes | Threatpost

Fortinet updates web application firewall to protect against SQL injection, denial-of-service attacks | The Daily Swig

Gigamon ThreatINSIGHT| Network Detection and Response | Gigamon