Risky Business Podcast

May 26, 2021

Risky Business #625 -- Iranians wipe some machines, Israelis kaboom some

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • The latest news on the health system ransomware crisis in Ireland
  • TSA to force pipeline operators to disclose attacks they probably aren’t detecting anyway
  • Colonial paying ransom angers US congresspeople who really haven’t thought this through
  • Iran targets Israeli systems with new wipers
  • Israel targets Hamas systems with guided munitions that go bang
  • Much, much more

This week’s sponsor guest is Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint. He joins us to talk about how compromised o365 accounts are powering all sorts of threat actors right now – from ransomware operators to BEC crews and APT units, everyone loves a popped mailbox.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #625 -- Iranians wipe some machines, Israelis kaboom some
0:00 / 0:00

Show notes

U.S. didn’t hack DarkSide group that hacked Colonial Pipeline - The Washington Post

Hear ye, DarkSide! This honorable ransomware court is now in session | Ars Technica

Colonial Pipeline CEO to face questions from Congress on $4.4 million ransom payment

TSA to issue cyber directive for pipeline operators following Colonial ransomware attack

Irish officials warn of ongoing disruptions to health system, long recovery following ransomware incident

(2) hakan on Twitter: "So, one hour ago CONTI apparently decided to provide HSE with a free decryption tool, as per their statement (see screenshot. https://t.co/lyIuBoN6XP" / Twitter

Irish officials analyze decryption tool as long recovery process from ransomware continues

FBI: Conti ransomware gang attacked more than 400 orgs, including 911 centers | The Record by Recorded Future

Cyber insurance premiums rise as ransomware, hacks continue, GAO finds

New Iranian threat actor targets Israel with wipers disguised as ransomware | The Record by Recorded Future

Microsoft warns of malware campaign spreading a RAT masquerading as ransomware | The Record by Recorded Future

Israel bombed two Hamas cyber targets | The Record by Recorded Future

Israel Is a Cyber Superpower But Chooses Bombs to Fight Hackers in Gaza

FSB NKTsKI: Foreign 'cyber mercenaries' breached Russian federal agencies | The Record by Recorded Future

How Hydra, a Russian dark net market, made more than $1 billion in 2020

Air India says data breach impacts 4.5 million former passengers | The Record by Recorded Future

The Full Story of the Stunning RSA Hack Can Finally Be Told | WIRED

Nagios IT monitoring vulnerabilities chained to compromise telco customers en masse | The Daily Swig

Open source ecosystem ripe for dependency confusion attacks, research finds | The Daily Swig

DeepSloth: Researchers find denial-of-service equivalent against machine learning systems | The Daily Swig

Chinese governments has warned 222 apps to remove data slurping code | The Record by Recorded Future

Just a handful of Android apps exposed the data of more than 100 million users | The Record by Recorded Future

Microsoft releases SimuLand, a lab environment to simulate attacker tradecraft | The Record by Recorded Future

WordPress security: More than 600,000 sites hit by blind SQLi vulnerability in WP Statistics plugin | The Daily Swig

Arm and Qualcomm zero-days quietly patched in this month's Android security updates | The Record by Recorded Future

Vulnerability in VMware product has severity rating of 9.8 out of 10 | Ars Technica

Apple fixes macOS zero-day abused by XCSSET malware | The Record by Recorded Future

So long, Internet Explorer, and your decades of security bugs | TechCrunch

Webinar Registration - Zoom