This episode sponsored by Greynoise.On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- NSO Group tools found on US embassy staff phones in Uganda
- Mitto is up to shady bidnez
- Ubiquiti “whistleblower” charged over hack
- Hounds everywhere
- Planned Parenthood breached
- Much, much more
This week’s sponsor interview is with Andrew Morris of Greynoise.
Greynoise has a bunch of sensors out there on the Internets, so they can tell you when and IP that’s hitting you is also hitting everyone else. If you work in a SOC, you know this is very useful. Greynoise has just signed a $30m deal with the US Department of Defense. As Andrew will explain in just a moment, this means if you work in a DoD agency it’s now very easy for you to get a subscription. In this interview I also talk to Andrew about his adventures chasing down one of the people spamming Internet attached receipt printers with the antiwork manifesto from Reddit.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- NSO Pegasus spyware used to hack U.S. diplomats’ phones - The Washington Post
- This Swiss Firm Exec Is Said To Have Operated A Secret Surveillance Operation - Bloomberg
- Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” – Krebs on Security
- Cyber Command boss acknowledges US military actions against ransomware groups
- Canadian spy agency targeted foreign hackers to ‘impose a cost’ for cybercrime - National | Globalnews.ca
- FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs
- gov.uscourts.2.2.million-ransom-seizure - DocumentCloud
- 400,000 Planned Parenthood users' data stolen in ransomware attack
- Canadian police arrest Ottawa resident for ransomware attacks - The Record by Recorded Future
- Ransomware tracker: the latest figures [December 2021] - The Record by Recorded Future
- Court hands Microsoft control of websites linked to spying by Chinese hackers
- NICKEL targeting government organizations across Latin America and Europe - Microsoft Security Blog
- A mysterious threat actor is running hundreds of malicious Tor relays - The Record by Recorded Future
- The Justice Department is ramping up its crackdown on money mules
- FIN7 hacker trialed in Russia gets no prison time - The Record by Recorded Future
- 1.5 million users joined Facebook Protect since September - The Record by Recorded Future
- Facebook Will Force More At-Risk Accounts to Use Two-Factor | WIRED
- Cyber incident reporting mandates suffer another congressional setback
- (5) Derek B Johnson on Twitter: "This statement from House Homeland Chair Bennie Thompson and Cyber Subcommittee Chair Yvette Clarke says process around incident reporting legislation was wracked with "dysfunction" and appears to firmly shut the door on the bill being reinserted into the NDAA. https://t.co/iBpmxAFJgQ" / Twitter
- BitMart loses $150 million in the second-largest crypto-heist of the year - The Record by Recorded Future
- Hacked Cryptocurrency Platform Begs Hacker to Please Return $119 Million
- Really stupid “smart contract” bug let hackers steal $31 million in digital coin | Ars Technica
- Received Some Random Cryptocurrency? It Might Be a Phishing Scam.
- Web skimmers hit 300+ sites hidden inside Google Tag Manager containers - The Record by Recorded Future
- New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers
- Zoho warns of new zero-day vulnerability exploited in attacks - The Record by Recorded Future
- APT groups from China, Russia, and India adopt novel attack technique - The Record by Recorded Future
- Flaws in Tonga’s top-level domain left Google, Amazon, Tether web services vulnerable to takeover | The Daily Swig
- Compromising Email Supply Chains | CanIPhish
- GitHub - SummitRoute/csp_security_mistakes: Cloud service provider security mistakes
- USB Over Ethernet | Multiple Vulnerabilities in AWS and Other Major Cloud Services - SentinelOne
- A different way to do PAM -- Paul Lanzi, Remediant - YouTube
- Material Security: Keeping email safe at rest - YouTube
- The Sweeney Background Music (1975-1978) - YouTube
