Risky Business Podcast
December 08, 2021
Risky Business #648 -- Adios, 2021, it's been real
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- NSO Group tools found on US embassy staff phones in Uganda
- Mitto is up to shady bidnez
- Ubiquiti “whistleblower” charged over hack
- Hounds everywhere
- Planned Parenthood breached
- Much, much more
This week’s sponsor interview is with Andrew Morris of Greynoise.
Greynoise has a bunch of sensors out there on the Internets, so they can tell you when and IP that’s hitting you is also hitting everyone else. If you work in a SOC, you know this is very useful. Greynoise has just signed a $30m deal with the US Department of Defense. As Andrew will explain in just a moment, this means if you work in a DoD agency it’s now very easy for you to get a subscription. In this interview I also talk to Andrew about his adventures chasing down one of the people spamming Internet attached receipt printers with the antiwork manifesto from Reddit.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by Greynoise
Real-Time Intelligence For Modern Threats
Show notes
NSO Pegasus spyware used to hack U.S. diplomats’ phones - The Washington Post
This Swiss Firm Exec Is Said To Have Operated A Secret Surveillance Operation - Bloomberg
Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” – Krebs on Security
Cyber Command boss acknowledges US military actions against ransomware groups
FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs
gov.uscourts.2.2.million-ransom-seizure - DocumentCloud
400,000 Planned Parenthood users' data stolen in ransomware attack
Canadian police arrest Ottawa resident for ransomware attacks - The Record by Recorded Future
Ransomware tracker: the latest figures [December 2021] - The Record by Recorded Future
Court hands Microsoft control of websites linked to spying by Chinese hackers
NICKEL targeting government organizations across Latin America and Europe - Microsoft Security Blog
The Justice Department is ramping up its crackdown on money mules
FIN7 hacker trialed in Russia gets no prison time - The Record by Recorded Future
1.5 million users joined Facebook Protect since September - The Record by Recorded Future
Facebook Will Force More At-Risk Accounts to Use Two-Factor | WIRED
Cyber incident reporting mandates suffer another congressional setback
Hacked Cryptocurrency Platform Begs Hacker to Please Return $119 Million
Really stupid “smart contract” bug let hackers steal $31 million in digital coin | Ars Technica
Received Some Random Cryptocurrency? It Might Be a Phishing Scam.
New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers
Zoho warns of new zero-day vulnerability exploited in attacks - The Record by Recorded Future
Compromising Email Supply Chains | CanIPhish
GitHub - SummitRoute/csp_security_mistakes: Cloud service provider security mistakes
USB Over Ethernet | Multiple Vulnerabilities in AWS and Other Major Cloud Services - SentinelOne
A different way to do PAM -- Paul Lanzi, Remediant - YouTube