Risky Business #613 -- It's time to check your Accellion logs

PLUS: Hobbyists and cops vape Emotet...
03 Feb 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Emotet is… gone?
  • Accellion FTAs were owned everywhere, not just in ANZ
  • US courts air-gap sensitive filings in wake of Holiday Bear attacks
  • iOS 14 brings iMessage security improvements
  • Much, much more

Proofpoint’s Sherrod DeGrippo is this week’s sponsor guest. She joins the show to talk about Emotet’s demise, Trickbot’s survival, BEC, ransomware and more.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Cops Disrupt Emotet, the Internet's ‘Most Dangerous Malware’ | WIRED
Emotet, NetWalker and TrickBot have taken big blows, but will it be enough?
New Trickbot module uses Masscan for local network reconnaissance | ZDNet
U.K. Arrest in ‘SMS Bandits’ Phishing Service — Krebs on Security
Accellion appliances under attack - Risky Business
Accellion FTA Targeted by Web Shell | GuidePoint Security
Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say | Morningstar
Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources | Reuters
Russian hack brings changes, uncertainty to US court system
After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case
South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds
Apple Fixes One of the iPhone's Most Pressing Security Risks | WIRED
The Taxman Cometh for ID Theft Victims — Krebs on Security
Ransomware gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks | ZDNet
Facebook Ad Services Let Anyone Target US Military Personnel | WIRED
Pranking My Roommate With Eerily Targeted Facebook Ads
Hezbollah's cyber unit hacked into telecoms and ISPs | ZDNet
Google bans another misbehaving CA from Chrome | ZDNet
A network of Twitter bots has attacked the Belgian government's Huawei 5G ban | ZDNet
FonixCrypter ransomware gang releases master decryption key | ZDNet
For Microsoft, cybersecurity has become bigger than business
Google funds project to secure Apache web server project with new Rust component | ZDNet
SonicWall zero-day exploited in the wild | ZDNet
Ollie Whitehouse on Twitter: "@SonicWall @NCCGroupInfosec We have had confirmed receipt from yourselves" / Twitter
Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST] | SonicWall
British Mensa website hacked after directors quit over ‘data protection failures’ | The Daily Swig
Huawei’s HarmonyOS: “Fake it till you make it” meets OS development | Ars Technica