Risky Business #652 -- Cyber Partisans take down Belarusian rail systems

Ransomware, but not as we know it...
26 Jan 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Belarusian Cyber Partisans ransom train network
  • A look at developments in Ukraine
  • Merck wins NotPetya insurance lawsuit
  • US VC firm in talks to acquire NSO Group
  • Much, much more

This week’s show is brought to you by Trail of Bits, the security engineering firm. Dan Guido joins us this week week to talk about zkdocs, a bunch of documentation Trail of Bits put together to provide guidance on how to implement some of these newfangled concepts – like zero knowledge proofs – that are popular in blockchain and cryptoland.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Hactivists say they hacked Belarus rail system to stop Russian military buildup | Ars Technica
A top Ukrainian security official on defending the nation against cyber attacks - The Record by Recorded Future
Former Ukrainian official sanctioned for assisting Russian cyberattacks - The Record by Recorded Future
FSB detains administrator of UniCC carding forum - The Record by Recorded Future
Opinion | Russia’s takedown of REvil hacking collective sends an ominous message - The Washington Post
Merck wins cyber-insurance lawsuit related to NotPetya attack - The Record by Recorded Future
Canada confirms cyber-attack on foreign affairs ministry - The Record by Recorded Future
(1) Global Affairs Canada suffers ‘cyber attack’ amid Russia-Ukraine tensions: sources - National | Globalnews.ca
U.S. venture capital firm in talks to buy Israel's infamous spyware maker NSO - Business - Haaretz.com
Red Cross begs hackers not to leak data of "highly vulnerable people" - The Record by Recorded Future
Assange permitted to file U.K. Supreme Court appeal in extradition case
New MoonBounce UEFI bootkit can't be removed by replacing the hard drive - The Record by Recorded Future
Sketchy ‘Account Recovery’ Services Are Trying to Scam Hacking Victims on Twitter
A UK government-backed campaign aims to thwart end-to-end encryption rollout - The Record by Recorded Future
UK government plans to release Nmap scripts for finding vulnerabilities - The Record by Recorded Future
OpenSubtitles discloses successful extortion attempt, data breach - The Record by Recorded Future
IRS Will Soon Require Selfies for Online Access – Krebs on Security
New Log4j attacks target SolarWinds, ZyXEL devices - The Record by Recorded Future
Supply chain attack used legitimate WordPress add-ons to backdoor sites | Ars Technica
GitHub Actions flaw that allowed code to be approved without review is addressed with new feature rollout | The Daily Swig
‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls | WIRED
Flaws in third-party software exposed dozens of Teslas to remote access | TechCrunch
Dark Souls servers taken down following discovery of critical vulnerability | Ars Technica
F5 fixes high-risk NGINX Controller vulnerability in January patch rollout | The Daily Swig
RCE bug chain patched in CentOS Web Panel | The Daily Swig
Chain of vulnerabilities led to RCE on Cisco Prime servers | The Daily Swig
People Can’t See Some NFTs on Twitter, Crypto Wallets After OpenSea Goes Down
Hacker abuses OpenSea to buy NFTs at older, cheaper prices - The Record by Recorded Future
Crypto.com finally confirms major hack, says it lost $34 million - The Record by Recorded Future
A Hacker Is Negotiating With Victims on the Blockchain After $1.4M Heist
‘White Hat’ Hacker Returns $1 Million Stolen In Crypto Theft Disaster
Pirates Spammed an Infamous Soviet Short-wave Radio Station with Memes
Introduction | ZKDocs
Trail of Bits | Careers