Risky Business #637 -- Infosec's bigfoot

The Juniper Dual_EC_DRBG mystery refuses to resolve...
08 Sep 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • Apple backs down on CSAM measures
  • FTC shuts down spouseware company
  • REvil is back!
  • Confluence boxes are getting owned a lot
  • Trickbot crew member arrested in South Korea
  • The Juniper/NSA backdoor story just keeps on truckin’

This week’s show is brought to you by Thinkst Canary. Thinkst’s Jacob Torrey is this week’s sponsor guest. He pops by to tell us about the relaunch of Thinkstscapes, a fantastic quarterly publication that analyses security research.

(Editor’s note: Dmitri Alperovitch is a guest in this podcast and wishes to express his gratitude to Matthew Green of Johns Hopkins University for helping guide him on the Juniper story.)

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Apple Backs Down on Its Controversial Photo-Scanning Plans | WIRED
ProtonMail forced to collect an activist's IP address in police investigation - The Record by Recorded Future
FTC Bans SpyFone and CEO from Surveillance Business and Orders Company to Delete All Secretly Stolen Data | Federal Trade Commission
REvil ransomware group returns following Kaseya attack - The Record by Recorded Future
White House double downs on warning about cyberattacks over the holidays - The Record by Recorded Future
Cyber Command alerts US firms of 'ongoing' hacks targeting Atlassian enterprise software
Confluence enterprise servers targeted with recent vulnerability - The Record by Recorded Future
Jenkins project discloses security breach following Confluence server hack - The Record by Recorded Future
US farm loses $9 million in the aftermath of a ransomware attack - The Record by Recorded Future
Howard University cancels classes after ransomware attack
TrickBot gang member arrested after getting stuck in South Korea due to COVID-19 pandemic - The Record by Recorded Future
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign
Malware found preinstalled in classic push-button phones sold in Russia - The Record by Recorded Future
(1) C:\Windows\System32\last.exe on Twitter: "Hey, wanna see a magic trick? That's how you bypass UAC on a machine to which you have GUI access! 1/n" / Twitter
Microsoft warns of new IE zero-day exploited in targeted Office attacks - The Record by Recorded Future
Ghostscript zero-day allows full server compromises - The Record by Recorded Future
Cisco urges users to patch critical vulnerability in virtualized network devices after PoC is made public | The Daily Swig
Billions of devices impacted by new BrakTooth Bluetooth vulnerabilities - The Record by Recorded Future
Node.js archives serious tar handling vulnerabilities with software update | The Daily Swig
Microsoft will split Defender pricing plans to lower the entry bar for SMBs - The Record by Recorded Future
Mozi botnet authors arrested in China - The Record by Recorded Future
Google pauses quantum security feature in Chrome because of buggy middleware - The Record by Recorded Future
Breach notification window, accountability are focus of coming fight on cyber legislation in Congress
The IRS Goes Undercover As A Bitcoin Trader In $180,000 Sting
CREST: NCC Group ‘vicariously responsible’ for those involved in exam controversy | The Daily Swig
Raider: A tool to test authentication in web applications | The Daily Swig
thinkst Thoughts...