Risky Business #638 -- Licensed to Pwn

Register your hacking fingers as deadly weapons or face the ITAR wrath...
15 Sep 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss recent security news, including:

  • Apple 0day has everyone freaking out
  • So much more 0day in the wild
  • American Project Raven staffers settle with DoJ
  • Two absolutely bonkers Azure security problems
  • SEC tells corporate America to spill on breaches
  • Much, much more

In this week’s sponsor interview Gigamon’s security product manager Fayyaz Rajpari will be along to talk about some of the work they’ve been doing to integrate their NDR product with Crowdstrike.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Apple iPhone security update points to growing problem of 'zero days'
Apple urges security update after new iMessage flaw disclosed
Apple patches an NSO zero-day flaw affecting all devices | TechCrunch
(8) Shane Huntley on Twitter: "@riskybusiness Let’s not jump to the conclusion that NSO have an endless supply of zero click exploits and there is nothing that can be done. Security nihilism and learned helplessness plays into attackers’ hands. We can make progress here." / Twitter
Warning: Update Chrome Now As Hackers Attack Two Major Vulnerabilities In Google Browser
Microsoft Windows 10 Windows Server Office CVE-2021-40444 0day attack
Microsoft patches Office zero-day in today's Patch Tuesday - The Record by Recorded Future
CISA warns of Zoho server zero-day exploited in the wild - The Record by Recorded Future
“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution | Wiz Blog
(8) Ami Luttwak on Twitter: "@GossiTheDog This is even more severe. The RCE is the simplest RCE you can ever imagine. Simply remove the auth header and you are root. remotely. on all machines. Is this really 2021? https://t.co/iIHNyqgew4" / Twitter
Cross-Account Container Takeover in Azure Container Instances
VMware denies allegations it leaked Confluence RCE exploit | The Daily Swig
US fines former NSA employees who provided hacker-for-hire services to UAE - The Record by Recorded Future
Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government | OPA | Department of Justice
Hacking Team Customer in Turkey Was Arrested for Spying on Police Colleagues [or: The Spy Story That Spun a Tangled Web] - by Kim Zetter - Zero Day
Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America | Reuters
Chad Loder on Twitter: "Anonymous has just announced a massive hack of Epik, long known as the hosting provider of choice for neonazis, right-wing extremists, and other Internet trash. Anonymous are releasing a decade's worth of detailed Epik customer & domain data, passwords, emails, and private keys. https://t.co/3rbfonegtq" / Twitter
Anonymous Claims It Hacked Everything From Nazis' Favorite Web Host
Wikimedia bans seven Chinese users citing "security risk" - The Record by Recorded Future
Report: Beijing, Moscow step up efforts to control the Internet’s backbone - The Record by Recorded Future
Australia supplants China to build undersea cable for Solomon Islands | Solomon Islands | The Guardian
Indonesian intelligence agency compromised in suspected Chinese hack - The Record by Recorded Future
OWASP Top 10 ranking has a new leader after ten years - The Record by Recorded Future
Encrypted Phone Firm Ciphr, Used by Criminals, Moves to Cut Off Australia
Technology giant Olympus hit by BlackMatter ransomware | TechCrunch
U.S. Cyber Czar: Too soon to tell if Russia ransomware has stopped - The Record by Recorded Future
'No indication' Russia has cracked down on ransomware gangs, top FBI official says - The Record by Recorded Future
Groove ransomware gang is a motley crew of disgruntled hackers, researchers say
Bail services affected in South Africa after ransomware attack - The Record by Recorded Future
Hackers stole Puma source code, no customer data, company says - The Record by Recorded Future
WhatsApp adds end-to-end encryption to chat backups, locking up data in the cloud
New CPU side-channel attack takes aim at Chrome's Site Isolation feature - The Record by Recorded Future
Fortinet warns customers after hackers leak passwords for 87,000 VPNs - The Record by Recorded Future
New York State vaccine pass shortcomings offer lessons for other coronavirus app developers | The Daily Swig
(5) Thái "thaidn" Dương on Twitter: "Hanoi citizens currently have to apply for a COVID movement pass in order to go outside. Each pass is QR code containing the holder's name and dates they're allowed to go out. The data are signed with RSA, to prevent fake passes. @0xfatty found that it's using 512-bit keys =)" / Twitter
(4,319) Find a vaccination clinic in New South Wales - COVID-19 Near Me
(5) ken tsang (@jxeeno) / Twitter
Why I decided to build my own vaccine booking search engine instead of using the Government’s one | by Ken Tsang | Sep, 2021 | Medium