Risky Business #643 -- Iranian fuel stations targeted, PNG ransomware a regional security risk

PLUS: Holiday Bear is still up in your clouds...
03 Nov 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Someone took down Iranian fuel stations
  • Papua New Guinea ransomware attack is pretty grim stuff
  • Russia’s SVR still going berserk in cloudtown
  • China Telecom America gets the boot
  • Much, much more

We’ll be hearing from Senetas CEO Andrew Wilson in this week’s sponsor interview. He’s joining us to talk about how the global semiconductor shortage is making him a very, very sad panda.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Iran says sweeping cyberattack took down gas stations across country
Cyber ​​group 'Adalat Ali' published documents related to the November 1998 protests - BBC News Farsi
Papua New Guinea Hit by Ransomware Hackers With Millions in Aid Frozen - Bloomberg
(1) Cloudpng on Twitter: "This is the setup for all agencies must be on-site at Vulupindi Haus, Finance dept POM to process claims for IFMS after the system was hacked in October 2021. It's pretty full so bookings must be made to secure a PC. #ifms #systems #png https://t.co/VCiUYE9hFL" / Twitter
(1) Hon Sasindran Muthuvel MP on Twitter: "Statement on the financial system failure and the challenges it now creates for all provinces. This issue must be addressed holistically and the Finance Dept must work in conjunction with the provinces. Sasi https://t.co/OLMAHxgDel" / Twitter
'Destructive' cyberattack hits National Bank of Pakistan - The Record by Recorded Future
Microsoft says Russia hacked at least 14 IT service providers this year - The Record by Recorded Future
Industry group warns of coordinated DDoS extortion campaign against VoIP providers - The Record by Recorded Future
Bandwidth.com expects to lose up to $12M following DDoS extortion attempt - The Record by Recorded Future
DDoS attacks hit multiple email providers - The Record by Recorded Future
FCC revokes license for China Telecom Americas amid national security concerns - The Record by Recorded Future
LinkedIn to Shutter Service in China - The Record by Recorded Future
A Roaming Threat to Telecommunications Companies | CrowdStrike
NSA warns of threat actors compromising entire 5G networks via cloud systems - The Record by Recorded Future
Commerce Department announces new rule aimed at stemming sale of hacking tools to Russia and China - The Washington Post
Windows 10, iOS 15, Ubuntu, Chrome fall at China's Tianfu hacking contest - The Record by Recorded Future
FBI Raids Chinese Point-of-Sale Giant PAX Technology – Krebs on Security
Malware found in npm package with millions of weekly downloads - The Record by Recorded Future
Polygon pays out record $2 million bug bounty reward for critical vulnerability | The Daily Swig
Hacker steals government ID database for Argentina's entire population - The Record by Recorded Future
Fraudsters Cloned Company Director’s Voice In $35 Million Bank Heist, Police Find
How Hackers Hijacked Thousands of High-Profile YouTube Accounts | WIRED
Instagram Hacker Forces Victim to Make Hostage-Style Video
Missouri governor calls for prosecution of journalist who flagged website flaw
Israeli hospital cancels non-urgent procedures following ransomware attack | The Daily Swig
Ransomware Has Disrupted Almost 1,000 Schools in the US This Year
Ransomware attack disrupts Toronto's public transportation system - The Record by Recorded Future
Workers sent home after ransomware attack on major automotive parts manufacturer - The Record by Recorded Future
Largest candy corn maker in US gets hacked ahead of Halloween
Sinclair Workers Say TV Channels Are in ‘Pandemonium’ After Ransomware Attack
Cybercriminals claim to have hacked the NRA
'Cyber event' knocks dairy giant Schreiber Foods offline amid industry ransomware outbreak - CyberScoop
Cyberattack hits Meliá, one of the largest hotel chains in the world - The Record by Recorded Future
Olympus US hack tied to sanctioned Russian ransomware group | TechCrunch
Europol detains suspects behind LockerGoga, MegaCortex, and Dharma ransomware attacks - The Record by Recorded Future
Hitting the BlackMatter gang where it hurts: In the wallet - Emsisoft | Security Blog
Ransomware hackers nervous, allege harassment from U.S.
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement - The Record by Recorded Future
Hackers use SQL injection bug in BillQuick billing app to deploy ransomware - The Record by Recorded Future
Ransomware gangs are abusing a zero-day in EntroLink VPN appliances - The Record by Recorded Future
Conti Ransom Gang Starts Selling Access to Victims – Krebs on Security
Cybercrime gang sets up fake company to hire security experts to aid in ransomware attacks - The Record by Recorded Future
FBI PIN on ransomware crew targeting trend
EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline | Reuters
REvil gang shuts down for the second time after its Tor servers were hacked - The Record by Recorded Future
Countries agree to fight ransomware together after White House meetings - The Record by Recorded Future
CISA, FBI, and NSA warn of BlackMatter attacks on agriculture and other critical infrastructure - The Record by Recorded Future
International community joins forces as ransomware attacks create major disruptions | PBS NewsHour
US Treasury said it tied $5.2 billion in BTC transactions to ransomware payments - The Record by Recorded Future
Stream when do we get on the beers cause i'm losing it by Candy Moore | Listen online for free on SoundCloud