Risky Business #651 -- Russia's ransomware diplomacy

PLUS: Some messy hacks target Ukraine government...
19 Jan 2022 » Risky Business

On this week’s show Patrick Gray, Adam Boileau and Dmitri Alperovitch discuss the week’s security news, including:

  • Russia arrests REvil crew
  • Ukraine government hit in messy hacks
  • White House hosts open source pow-wow, but is it pointless?
  • US cyber reporting law will come back from the dead
  • Report: Israeli police targeted activists with NSO but without warrants
  • Much, much more

This week’s sponsor interview is with HD Moore, the founder of Rumble. We’re talking through what how he and his team helped customers respond to the log4j drama. They quickly added the capability to scan customer’s environments for log4shell-affected tech. When asset discovery meets rapid vuln response!

Links to everything that we discussed are below and you can follow Patrick, Dmitri or Adam on Twitter if that’s your thing.

Show notes

Russia arrests ransomware gang responsible for high-profile cyberattacks
Celebrations over REvil ransomware arrests in Russia may be premature | The Daily Swig
Ransomware gang behind attacks on 50 companies arrested in Ukraine - The Record by Recorded Future
Europol takes down VPNLab, a service used by ransomware gangs - The Record by Recorded Future
Albuquerque schools are having a cybersecurity snow day—and they aren't alone - The Record by Recorded Future
What We Know and Don’t Know about the Cyberattacks Against Ukraine - (updated)
Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack
Belarus: Cyber upstart, or Russian staging ground?
White House hosts open-source software security summit in light of expansive Log4j flaw
Apache Software Foundation warns its patching efforts are being undercut by use of end-of-life software | The Daily Swig
GitLab shifts left to patch high-impact vulnerabilities | The Daily Swig
Cyber incident reporting backers pledge to resume push - The Record by Recorded Future
Israeli police used spyware to hack its own citizens, a report says : NPR
El Salvador journalists hacked with NSO's Pegasus spyware - The Record by Recorded Future
Cyber Command ties hacking group to Iranian intelligence - The Record by Recorded Future
Earth Lusca threat actor targets governments and cryptocurrency companies alike - The Record by Recorded Future
North Korea stole a record $400 million in cryptocurrency last year, researchers say
Crypto.com Says Alleged $15 Million Hack Was Just an 'Incident'
Who is the Network Access Broker ‘Wazawaka?’ – Krebs on Security
New Chrome security measure aims to curtail an entire class of Web attack | Ars Technica
EA blames support staff for recent hacks of high-profile FIFA accounts - The Record by Recorded Future
Researchers discover ‘extremely easy’ 2FA bypass in Box cloud management software | The Daily Swig
Introducing vAPI – an open source lab environment to learn about API security | The Daily Swig