Risky Business Podcast

February 02, 2022

Risky Business #653 -- REvil arrests: Sometimes a banana is just a banana

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray, Tom Uren and Joe Slowik discuss the week’s security news, including:

  • Why China’s Olympics app is probably not spyware
  • New DDoS record set at 3.47Tbps
  • USG goes all in on Zero Trust
  • Dmitry Medvedev makes all the right noises on ransomware cooperation
  • Iranian APT crew dabbles in ransomware
  • German fuel distribution ransomwared
  • The latest on NSO
  • Much, much more

This week’s show is brought to you by Google Cloud. Anton Chuvakin, the head of security solution strategy at Google Cloud will be along in this week’s sponsor interview to talk about why SIEM vendors – including Google Cloud – are gobbling up SOAR platforms in acquisitions.

Links to everything that we discussed are below and you can follow Patrick, Tom or Joeon Twitter if that’s your thing.

Risky Business #653 -- REvil arrests: Sometimes a banana is just a banana
0:00 / 0:00

Show notes

The surveillance concerns around China’s Winter Olympics app – explained | Surveillance | The Guardian

Cross-Country Exposure: Analysis of the MY2022 Olympics App - The Citizen Lab

Wiper in Ukraine Used Code Repurposed From WhiteBlackCrypt Ransomware

German government warns of APT27 activity targeting local companies - The Record by Recorded Future

Microsoft fends off record-breaking 3.47Tbps DDoS attack | Ars Technica

White House releases final zero-trust strategy for federal government - The Record by Recorded Future

White House expands digital regulations for U.S. water supply

Conti ransomware hits Apple, Tesla supplier - The Record by Recorded Future

Top Russian official cites REvil arrests as sign of cooperation, says Moscow is awaiting reciprocation

Совет Безопасности Российской Федерации

Major German fuel storage provider hit with cyberattack, working under limited operations

Iranian state-sponsored group APT35 linked to Memento ransomware - The Record by Recorded Future

Deadbolt ransomware hits more than 3,600 QNAP NAS devices - The Record by Recorded Future

QNAP warns NAS users of DeadBolt ransomware, urges customers to update | ZDNet

Unpacking the rise of BlackCat ransomware: High victim count, high payouts, customized features

Ransomware group says it took files from French Ministry of Justice

Cybercriminals laundered $8.6 billion worth of cryptocurrency in 2021 - The Record by Recorded Future

DeepDotWeb co-admin sentenced to 8 years in prison - The Record by Recorded Future

Booby-trapped sites delivered potent new backdoor trojan to macOS users | Ars Technica

Apple pays out $100k bounty for Safari webcam hack that imperiled victims’ online accounts | The Daily Swig

Qubit Finance platform hacked for $80 million worth of cryptocurrency - The Record by Recorded Future

Android malware will factory-reset a phone after stealing a user's funds - The Record by Recorded Future

2FA app with 10,000 Google Play downloads loaded well-known banking trojan | Ars Technica

Threat actor target Ubiquiti network appliances using Log4Shell exploits - The Record by Recorded Future

Finland says it found NSO's Pegasus spyware on diplomats' phones - The Record by Recorded Future

NSO offered US mobile security firm ‘bags of cash’, whistleblower claims | Surveillance | The Guardian

The Battle for the World’s Most Powerful Cyberweapon - The New York Times