Risky Business Podcast

February 03, 2021

Risky Business #613 -- It's time to check your Accellion logs

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Emotet is… gone?
  • Accellion FTAs were owned everywhere, not just in ANZ
  • US courts air-gap sensitive filings in wake of Holiday Bear attacks
  • iOS 14 brings iMessage security improvements
  • Much, much more

Proofpoint’s Sherrod DeGrippo is this week’s sponsor guest. She joins the show to talk about Emotet’s demise, Trickbot’s survival, BEC, ransomware and more.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #613 -- It's time to check your Accellion logs
0:00 / 0:00

Show notes

Cops Disrupt Emotet, the Internet's ‘Most Dangerous Malware’ | WIRED

Emotet, NetWalker and TrickBot have taken big blows, but will it be enough?

New Trickbot module uses Masscan for local network reconnaissance | ZDNet

U.K. Arrest in ‘SMS Bandits’ Phishing Service — Krebs on Security

Accellion appliances under attack - Risky Business

Accellion FTA Targeted by Web Shell | GuidePoint Security

Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say | Morningstar

Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources | Reuters

Russian hack brings changes, uncertainty to US court system

After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case

South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds

Apple Fixes One of the iPhone's Most Pressing Security Risks | WIRED

The Taxman Cometh for ID Theft Victims — Krebs on Security

Ransomware gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks | ZDNet

Facebook Ad Services Let Anyone Target US Military Personnel | WIRED

Pranking My Roommate With Eerily Targeted Facebook Ads

Hezbollah's cyber unit hacked into telecoms and ISPs | ZDNet

Google bans another misbehaving CA from Chrome | ZDNet

A network of Twitter bots has attacked the Belgian government's Huawei 5G ban | ZDNet

FonixCrypter ransomware gang releases master decryption key | ZDNet

For Microsoft, cybersecurity has become bigger than business

Google funds project to secure Apache web server project with new Rust component | ZDNet

SonicWall zero-day exploited in the wild | ZDNet

Ollie Whitehouse on Twitter: "@SonicWall @NCCGroupInfosec We have had confirmed receipt from yourselves" / Twitter

Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST] | SonicWall

British Mensa website hacked after directors quit over ‘data protection failures’ | The Daily Swig

Huawei’s HarmonyOS: “Fake it till you make it” meets OS development | Ars Technica