Risky Business Podcast

May 12, 2021

Risky Business #623 -- Ransomware threatens US energy security

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray, Adam Boileau and Chris Krebs discuss the week’s security news, including:

  • An analysis of the Colonial pipeline ransomware attack
  • More ransomware news
  • UK and US expose APT29’s preferred exploits (again)
  • IntrusionTruth drops a new post
  • 128m Apple devices were hit by XCodeGhost
  • Much, much more

This week’s sponsor interview is with Aaron Parecki, a Senior Security Architect at Okta. He’s also been a spec editor and member of the oath working group at IETF for nearly 11 years, so he knows a thing or two about OAuth. He’ll be joining me after the week’s news to talk through the latest OAuth guidance the IETF is going to release.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #623 -- Ransomware threatens US energy security
0:00 / 0:00

Show notes

Biden: No evidence Russian government is involved in Colonial ransomware attack | The Record by Recorded Future

15% of 2020 ransomware payments carried a sanctions violations risk | The Record by Recorded Future

A Closer Look at the DarkSide Ransomware Gang – Krebs on Security

US fuel pipeline hackers 'didn't mean to create problems' - BBC News

FBI blames DarkSide ransomware operators for Colonial Pipeline incident - CyberScoop

Experts suggest French insurer AXA's plan to shun ransomware payouts will set a precedent - CyberScoop

US issues emergency declaration following Colonial Pipeline ransomware incident, relaxing transport rules - CyberScoop

Pipeline Hackers Say They’re ‘Apolitical,’ Will Choose Targets More Carefully Next Time

Ransomware Infection on Colonial Pipeline Shows Potential for Worse Gas Disruption - Zero Day

The Colonial Pipeline Hack Is a New Extreme for Ransomware | WIRED

City of Tulsa hit by ransomware over the weekend | The Record by Recorded Future

Wave of Avaddon ransomware attacks triggers ACSC, FBI warning | The Record by Recorded Future

Ransomware crooks post cops’ psych evaluations after talks with DC police stall | Ars Technica

Court Authorizes Service of John Doe Summons Seeking Identities of U.S. Taxpayers Who Have Used Cryptocurrency | OPA | Department of Justice

UK and US share more vulnerabilities exploited by Russia's APT29 hackers | The Record by Recorded Future

Intrusion Truth details work of suspected Chinese hackers who are under indictment in US

SolarWinds says fewer than 100 customers were impacted by supply chain attack | The Record by Recorded Future

US spy agencies review software suppliers' ties to Russia following SolarWinds hack

Apple Execs Chose to Keep a Hack of 128 Million iPhones Quiet | WIRED

'Conspiracy is hard': Inside the Trump administration's secret plan to kill Qassem Soleimani

FragAttacks: Security flaws in all Wi-Fi devices

WiFi devices going back to 1997 vulnerable to new Frag Attacks | The Record by Recorded Future

An estimated 30% of all smartphones vulnerable to new Qualcomm bug | The Record by Recorded Future

New TsuNAME bug can be used to DDoS key DNS servers | The Record by Recorded Future

Google to make multi-factor authentication its default mode

Chinese military unit accused of cyber-espionage bought multiple western antivirus products | The Record by Recorded Future

Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse | Ars Technica

DOD expands vulnerability disclosure program, giving hackers more approved targets

Google and Mozilla will bake HTML sanitization into their browsers | The Daily Swig

Scammer Used Fake Court Order to Take Over Dark Web Drug Market Directory