Risky Business Podcast

November 10, 2021

Risky Business #644 -- USA sanctions NSO Group, hits REvil

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • US sanctions NSO, Candiru, COSEINC and Positive Technologies
  • We wrap up the action in ransomware
  • Why exploit tournaments are boring in America and exciting in China
  • More malicious npm packages in the wild
  • Pentagon updates CMMC to 2.0
  • Much, much more

We’ll hear from Corelight’s CISO Bernard Brantley in this week’s sponsor interview. We’re talking about how attackers think in graphs and defenders think in lists.. Microsoft’s John Lambert wrote a post about that back in 2015, and Bernard joins the show this week to talk about why it’s just as relevant as ever. Stick around for that one.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #644 -- USA sanctions NSO Group, hits REvil
0:00 / 0:00

Show notes

U.S. sanctions Israel’s NSO Group over Pegasus spyware - The Washington Post

Risky Business #310 -- Export exploits? Wassenaar says no - Risky Business

Positive Technologies says US sanctions had little or no effect on its business - The Record by Recorded Future

Hungarian official confirms government bought and used Pegasus spyware - The Record by Recorded Future

NSO's Pegasus spyware found on the devices of six Palestinian activists - The Record by Recorded Future

“A grim outlook”: How cyber surveillance is booming on a global scale | MIT Technology Review

Spyware providers are flocking to international arms fairs to sell to NATO foes

Ukraine discloses identity of Gamaredon members links it to Russia's FSB - The Record by Recorded Future

PRC says FCC decision to pull China Telecom license was ‘based on suspicion,’ not facts - The Record by Recorded Future

China says a foreign spy agency hacked its airlines, stole passenger records - The Record by Recorded Future

Hackers with Chinese links breach defense, energy targets, including one in US

Pwn2Own Austin 2021: Synacktiv crowned Masters of Pwn after Sonos One, WD NAS exploits | The Daily Swig

House approves massive infrastructure plan that includes $1.9 billion for cybersecurity - The Record by Recorded Future

Malware found in coa and rc, two npm packages with 23M weekly downloads - The Record by Recorded Future

Pentagon issues revised cyber standards for contractors - The Record by Recorded Future

Hacker steals $55 million from bZx DeFi platform - The Record by Recorded Future

Suspect in scheme to breach major Twitter accounts is now charged with hacking crypto executives

Scammer Convinced Instagram That Its Top Executive Was Dead

GitLab servers are being exploited in DDoS attacks in excess of 1 Tbps - The Record by Recorded Future

Dangerous XSS bug in Google Chrome’s ‘New Tab’ page bypassed security features | The Daily Swig

US offers $10 million reward for info on Darkside ransomware group - The Record by Recorded Future

Hackers Apologize to Arab Royal Families for Leaking Their Data

A ransomware gang shut down after Cybercom hijacked its site and it discovered it had been hacked - The Washington Post

BlackMatter ransomware says its shutting down due to pressure from local authorities - The Record by Recorded Future

CERT-France: Lockean ransomware group behind attacks on French companies - The Record by Recorded Future

The ‘Groove’ Ransomware Gang Was a Hoax – Krebs on Security

Ransomware crackdown spreads in U.S., Europe and Asia

US Treasury sanctions crypto-exchange Chatex for links to ransomware payments - The Record by Recorded Future

Shared/Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.md at master · JohnLaTwC/Shared · GitHub

Compare to open source Zeek