Risky Business Podcast

March 10, 2021

Risky Business #617 -- Exchangapalooza '21

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • All the Exchange boxes on the planet have pretty much been owned lol
  • See above
  • Someone’s hacking Russian crime forums
  • The Accellion scandal keeps on truckin’
  • Dependency confusion attacks are going berserk in the wild
  • Gab got owned. Again.
  • John McAfee is in all sorts of trouble
  • Much, much more

This week’s show is brought to you by Nucleus Security. Its director of APAC operations, Gil Azaria, joins us in this week’s sponsor interview to talk about how he became a Nucleus customer before he joined the vendor as its APAC guy.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #617 -- Exchangapalooza '21
0:00 / 0:00

Show notes

Warning the World of a Ticking Time Bomb — Krebs on Security

Web shells everywhere - Risky Business

A Basic Timeline of the Exchange Mass-Hack — Krebs on Security

Attacks on Exchange servers expand from nation-states to cryptominers | The Record by Recorded Future

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software — Krebs on Security

Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims | WIRED

CISA orders US agencies to address Microsoft flaws exploited by suspected Chinese hackers

Attacks on SolarWinds Servers Also Linked To Chinese Threat Actor | The Record by Recorded Future

‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer | WIRED

Three Top Russian Cybercrime Forums Hacked — Krebs on Security

The Accellion Breach Keeps Getting Worse—and More Expensive | WIRED

Ransomware Gang Fully Doxes Bank Employees in Extortion Attempt

Cloud security firm Qualys reportedly victimized by prolific scammers - CyberScoop

Ransomware Gang Threatens To Launch DDoS Attacks, Call Reporters and Business Partners | The Record by Recorded Future

A new type of supply-chain attack with serious consequences is flourishing | Ars Technica

Open source software repositories play ‘whack-a-mole’ as ‘dependency confusion’ copycats exceed 5,000 | The Daily Swig

Massive FluBot Botnet Infects 60,000 Android Smartphones | The Record by Recorded Future

FluBot Malware Gang Arrested in Barcelona | The Record by Recorded Future

Gab, a haven for pro-Trump conspiracy theories, has been hacked again | Ars Technica

US Charges Infosec Veteran John McAfee over Cryptocurrency Pump-and-Dump Scheme | The Record by Recorded Future

GitHub users forcibly logged out of accounts to patch ‘potentially serious’ security bug | The Daily Swig

Airlines warn of data breaches after SITA passenger system hack | TechCrunch

Solutions to Detect Ransomware Attacks Can Often Be Very Trivial | The Record by Recorded Future

Research: How JSON parsers can create security risks when it comes to interoperability | The Daily Swig

Trojan Spyware and BEC Attacks

CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF

NSA and CISA promote PDNS concept | The Record by Recorded Future

Microsoft Exchange exploitation: how to detect, mitigate, and stay calm