Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective

The Black Sea vacations are over and the Russians are back, baby....
22 Sep 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • BlackMatter is back in the USA’s critical supply chain
  • The FBI and friends apparently got up in REvil’s business
  • The Azure OMI thing is totally the disaster we were expecting
  • Much, much more

Brett Winterford is this week’s sponsor guest. These days Brett is a senior director of cybersecurity strategy at Okta, but the reason you might recognise his name is because he took a year off working for vendors to be our newsletter author – he was the founding editor of the Seriously Risky Business newsletter.

He’ll be along to talk about legacy auth and why vendors should have deprecation policies.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain
After Biden Warning, Hackers Define ‘Critical’ as They See Fit - Bloomberg
Customer Care Giant TTEC Hit By Ransomware – Krebs on Security
Opinion | America Is Being Held for Ransom. It Needs to Fight Back. - The New York Times
(4) Patrick Gray on Twitter: "Achievement unlocked: The Risky Biz release the hounds doctrine has now been condemned by gg. https://t.co/6W9uHwHLyl" / Twitter
FBI held back ransomware decryption key from businesses to run operation targeting hackers - The Washington Post
Biden administration to target ransomware attacks by cracking down on crypto payments - The Washington Post
The battle between the U.S. and ransomware hackers is escalating
DDoS botnets, cryptominers target Azure systems after OMIGOD exploit goes public - The Record by Recorded Future
Microsoft fixes OMIGOD bugs in secret Azure app - The Record by Recorded Future
Why Government and Military Sites Are Hosting Porn and Viagra Ads
Report: China-linked hackers take aim at Times of India and a biometric bonanza - The Record by Recorded Future
(5) Andrew Roth on Twitter: "Apple and Google have deleted the @navalny app from their store as Duma elections begin, bowing to pressure from the government. Russians can’t find the app in their store, it still works outside of country. https://t.co/CtTf0ZushW" / Twitter
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Former NSA Hacker Describes Being Recruited for UAE Spy Program - by Kim Zetter - Zero Day
Key security agencies split over whether to sanction a Huawei spinoff, Honor, by placing it on a Commerce blacklist - The Washington Post
106 Italian mafia members arrested for SIM swapping, BEC scams, phishing - The Record by Recorded Future
Man who bribed AT&T employees to install malware on the company's network gets 12 years in prison - The Record by Recorded Future
Supply chain attacks against the open source ecosystem soar by 650% – report | The Daily Swig
Google announces partnership to review security of open source software projects | The Daily Swig
Researcher discloses iPhone lock screen bypass on iOS 15 launch day - The Record by Recorded Future
Google will extend Permission Auto-Reset feature to older Android versions - The Record by Recorded Future
Malware samples found trying to hack Windows from its Linux subsystem - The Record by Recorded Future
AMD CPU driver bug can break KASLR, expose passwords - The Record by Recorded Future
Microsoft to let users completely remove account passwords and go passwordless - The Record by Recorded Future
Auditing your Okta org for Legacy Authentication | Okta Security