Risky Business #627 -- USG claws back Colonial pipeline ransom money

PLUS: Use our crime app! It's great for planning crimes! No cops allowed!! Pinky swear!!
09 Jun 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • US Government claws back Colonial ransom bitcoin. We don’t think the FBI acted alone.
  • Meet an0m, the cute little app for planning crimes that drinks milkshakes.
  • Ransomware stuff, duh.
  • Trickbot developer arrested in Florida
  • Supreme court upends CFAA “exceed authorised access” element
  • Much, much more

This week’s show is brought to you by Datadog. Michael Yamnitsky will be along in this week’s sponsor interview to talk about cloud security posture management. DataDog is launching a product in that space, so we’ll be hearing about the types of issues CSPM products can help to unearth.

If you book a demo of their product they’ll send you a free Datadog tee-shirt. The link is in the show notes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Feds recover millions from pipeline ransom hackers, hint at U.S. internet tactic
Exclusive: U.S. to give ransomware hacks similar priority as terrorism | Reuters
Hacking accusations are meant to stir conflict ahead of US summit, Russian president says
(11) Jenna McLaughlin on Twitter: "He also says "ransomware is a national security priority" particularly when it come to critical infrastructure. He would like to see out of G7 an "action plan" on how to increase resilience, share info, and "deal with the cryptocurrency challenge" when it comes to ransomware." / Twitter
Cyberattack hits JBS, world's largest meat processor - The Washington Post
FBI: JBS ransomware attack was carried out by REvil | The Record by Recorded Future
TV news stations become apparent target in next cyberattack
Ransomware attack disrupts Massachusetts ferries | The Record by Recorded Future
Fujifilm shuts down computer systems following apparent ransomware intrusion
Ransomware hits Capitol Hill contractor | The Record by Recorded Future
Sensitive medical, financial data exposed in extortion of Massachusetts hospital
Ransomware Struck Another Pipeline Firm—and 70GB of Data Leaked | WIRED
US arrests Latvian woman who worked on Trickbot malware source code | The Record by Recorded Future
Tokyo Olympics organizers' data swept up in Fujitsu hack: report
Supreme Court narrows scope of CFAA computer hacking law | The Record by Recorded Future
Australian Federal Police and FBI nab criminal underworld figures in worldwide sting using encrypted app - ABC News
(11) Seamus Hughes on Twitter: "Let's advance the story a bit w/ some original reporting: An FBI informant introduced Anom to Phantom Secure & Sky Global users in 2018. The informant gave each user a unique ID number, the FBI had full access to that ID list. Working w/ AFP, it was called Operation Trojan Horse" / Twitter
British military seeks briefings from Australia over security concerns about Israeli battle management technology - ABC News
Zerodium acquiring zero-days in Pidgin, an IM client popular with cybercriminals | The Record by Recorded Future
CISA launches platform to let hackers report security bugs to US federal agencies | TechCrunch
Ukraine warns of 'massive' Russian spear-phishing campaign | The Record by Recorded Future
Backdoor malware found on the Myanmar president's website, again | The Record by Recorded Future
Adventures in Contacting the Russian FSB – Krebs on Security
FireEye is selling its security products business for $1.2B
GitHub changes policy to welcome security researchers | The Daily Swig
This is not a drill: VMware vuln with 9.8 severity rating is under attack | Ars Technica
First major voting vendor, Hart InterCivic, partners with Microsoft on ambitious software security tool ElectionGuard
Akamai offers post-mortem on recently resolved authentication platform vulnerability | The Daily Swig
Akamai EAA Impersonation Vulnerability - A Deep Dive - The Akamai Blog
Cloud Security Posture Management -- get a demo and receive a free Datadog tee-shirt