Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective - Risky Business

Risky Business Podcast

September 22, 2021

Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective

Presented by

Patrick Gray

CEO and Publisher

Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

BlackMatter is back in the USA’s critical supply chain
The FBI and friends apparently got up in REvil’s business
The Azure OMI thing is totally the disaster we were expecting
Much, much more

Brett Winterford is this week’s sponsor guest. These days Brett is a senior director of cybersecurity strategy at Okta, but the reason you might recognise his name is because he took a year off working for vendors to be our newsletter author – he was the founding editor of the Seriously Risky Business newsletter.

He’ll be along to talk about legacy auth and why vendors should have deprecation policies.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective

0:00 / 0:00

Show notes

Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

After Biden Warning, Hackers Define ‘Critical’ as They See Fit - Bloomberg

Customer Care Giant TTEC Hit By Ransomware – Krebs on Security

Opinion | America Is Being Held for Ransom. It Needs to Fight Back. - The New York Times

(4) Patrick Gray on Twitter: "Achievement unlocked: The Risky Biz release the hounds doctrine has now been condemned by gg. https://t.co/6W9uHwHLyl" / Twitter

FBI held back ransomware decryption key from businesses to run operation targeting hackers - The Washington Post

Biden administration to target ransomware attacks by cracking down on crypto payments - The Washington Post

The battle between the U.S. and ransomware hackers is escalating

DDoS botnets, cryptominers target Azure systems after OMIGOD exploit goes public - The Record by Recorded Future

Microsoft fixes OMIGOD bugs in secret Azure app - The Record by Recorded Future

Why Government and Military Sites Are Hosting Porn and Viagra Ads

Report: China-linked hackers take aim at Times of India and a biometric bonanza - The Record by Recorded Future

(5) Andrew Roth on Twitter: "Apple and Google have deleted the @navalny app from their store as Duma elections begin, bowing to pressure from the government. Russians can’t find the app in their store, it still works outside of country. https://t.co/CtTf0ZushW" / Twitter

Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan

Former NSA Hacker Describes Being Recruited for UAE Spy Program - by Kim Zetter - Zero Day

Key security agencies split over whether to sanction a Huawei spinoff, Honor, by placing it on a Commerce blacklist - The Washington Post

106 Italian mafia members arrested for SIM swapping, BEC scams, phishing - The Record by Recorded Future

Man who bribed AT&T employees to install malware on the company's network gets 12 years in prison - The Record by Recorded Future

Supply chain attacks against the open source ecosystem soar by 650% – report | The Daily Swig

Google announces partnership to review security of open source software projects | The Daily Swig

Researcher discloses iPhone lock screen bypass on iOS 15 launch day - The Record by Recorded Future

Google will extend Permission Auto-Reset feature to older Android versions - The Record by Recorded Future

Malware samples found trying to hack Windows from its Linux subsystem - The Record by Recorded Future

AMD CPU driver bug can break KASLR, expose passwords - The Record by Recorded Future

Microsoft to let users completely remove account passwords and go passwordless - The Record by Recorded Future

Auditing your Okta org for Legacy Authentication | Okta Security