On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- The aftermath of the Colonial ransomware attack
- Biden signs cybersecurity EO
- DarkSide crew hounded off the Internet. For now.
- Ransomware campaigns continue, hitting health, insurance targets globally
- IIS PoC released
- Rapid7 discloses Codecov-related source code breach
- Much, much more
This week’s show is brought to you by AttackIQ. Its VP of Product Mark Bagley and Senior Director of Cybersecurity Strategy and Policy Jonathan Reiber are this week’s sponsor guests.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Colonial Pipeline resumes operations after ransomware prompted closure | Ars Technica
- Colonial Pipeline hit by brief network outage amid efforts to harden system | Reuters
- US government plans to disrupt hackers behind Colonial Pipeline ransomware, Biden says
- DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security
- Popular hacking forum bans ransomware ads | The Record by Recorded Future
- Ransomware hits near pre-Colonial Pipeline levels, data suggests | Reuters
- Lawmakers say Colonial Pipeline's refusal to discuss ransom undermines US efforts
- Darkside gang estimated to have made over $90 million from ransomware attacks | The Record by Recorded Future
- Ransomware Hackers Claim To Leak 250GB Of Washington, D.C., Police Data After Cops Don’t Pay $4 Million Ransom
- Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards
- Ransomware’s Dangerous New Trick Is Double-Encrypting Your Data | WIRED
- Ransomware strikes AXA shortly after insurer announces it will stop covering extortion fees
- Irish Prime Minister says government won't pay ransom after hack forces hospitals to alter services
- Cyber attack at Waikato hospitals: Patients anxiously wait for updates | RNZ News
- Toshiba subsidiary confirms ransomware attack, as reports suggest possible DarkSide involvement
- PoC released for wormable Windows IIS bug | The Record by Recorded Future
- Security firm Rapid7 says Codecov hackers accessed some of its source code | The Record by Recorded Future
- Suspected Pakistani spies use catfishing, stealthy hacking tools to target Indian defense sector
- Beyond Lazarus: North Korean cyber-threat groups become top-tier, ‘reckless’ adversaries | The Daily Swig
- Florida water plant compromise came hours after worker visited malicious site | Ars Technica
- Brazilian gang defrauds Uber, Lyft, DoorDash using GPS spoofing and stolen IDs | The Record by Recorded Future
- Operator of WeLeakInfo database marketplace sentenced to two years in prison | The Record by Recorded Future
- Pentagon Surveilling Americans Without a Warrant, Senator Reveals
- Hackers Are Having a Field Day With AirTags
- AirTags Can Be Used To Figure Out When a House Is Empty, Researcher Warns
- Two attacks disclosed against AMD's SEV virtual machine protection system | The Record by Recorded Future
- Microsoft releases free online ‘playbooks’ to help businesses defend against cyber-attacks | The Daily Swig
- Risky Biz Feature Podcast: A primer on Microsoft cloud security - Risky Business