Risky Business Podcast

January 19, 2022

Risky Business #651 -- Russia's ransomware diplomacy

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray, Adam Boileau and Dmitri Alperovitch discuss the week’s security news, including:

  • Russia arrests REvil crew
  • Ukraine government hit in messy hacks
  • White House hosts open source pow-wow, but is it pointless?
  • US cyber reporting law will come back from the dead
  • Report: Israeli police targeted activists with NSO but without warrants
  • Much, much more

This week’s sponsor interview is with HD Moore, the founder of Rumble. We’re talking through what how he and his team helped customers respond to the log4j drama. They quickly added the capability to scan customer’s environments for log4shell-affected tech. When asset discovery meets rapid vuln response!

Links to everything that we discussed are below and you can follow Patrick, Dmitri or Adam on Twitter if that’s your thing.

Risky Business #651 -- Russia's ransomware diplomacy
0:00 / 0:00

Show notes

Russia arrests ransomware gang responsible for high-profile cyberattacks

Celebrations over REvil ransomware arrests in Russia may be premature | The Daily Swig

Ransomware gang behind attacks on 50 companies arrested in Ukraine - The Record by Recorded Future

Europol takes down VPNLab, a service used by ransomware gangs - The Record by Recorded Future

Albuquerque schools are having a cybersecurity snow day—and they aren't alone - The Record by Recorded Future

What We Know and Don’t Know about the Cyberattacks Against Ukraine - (updated)

Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack

Belarus: Cyber upstart, or Russian staging ground?

White House hosts open-source software security summit in light of expansive Log4j flaw

Apache Software Foundation warns its patching efforts are being undercut by use of end-of-life software | The Daily Swig

GitLab shifts left to patch high-impact vulnerabilities | The Daily Swig

Cyber incident reporting backers pledge to resume push - The Record by Recorded Future

Israeli police used spyware to hack its own citizens, a report says : NPR

El Salvador journalists hacked with NSO's Pegasus spyware - The Record by Recorded Future

Cyber Command ties hacking group to Iranian intelligence - The Record by Recorded Future

Earth Lusca threat actor targets governments and cryptocurrency companies alike - The Record by Recorded Future

North Korea stole a record $400 million in cryptocurrency last year, researchers say

Crypto.com Says Alleged $15 Million Hack Was Just an 'Incident'

Who is the Network Access Broker ‘Wazawaka?’ – Krebs on Security

New Chrome security measure aims to curtail an entire class of Web attack | Ars Technica

EA blames support staff for recent hacks of high-profile FIFA accounts - The Record by Recorded Future

Researchers discover ‘extremely easy’ 2FA bypass in Box cloud management software | The Daily Swig

Introducing vAPI – an open source lab environment to learn about API security | The Daily Swig