Risky Business #636 -- Victims are shunning data extortion payments

PLUS: Details on the Azure Cosmos DB flaw and remediation...
01 Sep 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • More info on the Belarusian Cyber Patriots
  • How infosec overhyped election security risks
  • Is data ransoming dying?
  • All about the Azure Cosmos DB drama
  • Much, much more…

In this week’s sponsor interview Airlock Digital’s Daniel Schell and David Cottingham join the show to talk about EDR bypasses. They are a thing.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Belarusian hackers are turning the country's surveillance state against it | MIT Technology Review
A new wave of Hacktivists is turning the surveillance state against itself - The Record by Recorded Future
Trump conspiracies strain election cybersecurity experts
T-Mobile CEO apologizes after hacker stole millions of users' personal information
Bangkok Air confirms passenger PII leak after ransomware attack - The Record by Recorded Future
Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth • The Register
Hackers steal $29 million from crypto-platform Cream Finance - The Record by Recorded Future
U.S. spy agencies rule out possibility the coronavirus was created as a bioweapon, say origin will stay unknown without China’s help - The Washington Post
Australia's 'hacking' Bill passes the Senate after House made 60 amendments | ZDNet
White House rolls out pipeline, supply chain security initiatives as companies pledge billions in cyber spending
CISA adds single-factor authentication to its catalog of 'Bad Practices' - The Record by Recorded Future
DHS urges Microsoft customers to update Azure to avoid security flaw
Microsoft Azure vulnerability exposed thousands of cloud databases
CISA and the FBI warn of ransomware gangs' tendency of launching attacks over holidays and weekends - The Record by Recorded Future
FBI warns that Hive ransomware hackers are calling victims by phone
Deserialization bug in TensorFlow machine learning framework allowed arbitrary code execution | The Daily Swig
A Dark Web Murder-For-Hire Scammer Became An FBI Informant
WhatsApp, Facebook, and Twitter fined for not storing user data inside Russia - The Record by Recorded Future
A Bad Solar Storm Could Cause an 'Internet Apocalypse' | WIRED
Trial & Error in Kuwait - CyberScoop
How Data Brokers Sell Access to the Backbone of the Internet
Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents – Krebs on Security
Front Matter | Understanding and Managing Risk in Security Systems for the DOE Nuclear Weapons Complex: (Abbreviated Version) | The National Academies Press
JCP | Free Full-Text | An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors | HTML