This episode sponsored by Thinkst.On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Ukraine sanctions may lead to Russia going “cyber feral”
- Brian Krebs links Red Cross breach to Iranian actor
- APT10 uses cred stuffing as misdirection
- Report: Global logistics behemoth Expeditors ransomwared
- NFT thefts still hilarious
- Inside the epic KlaySwap hack
- Much, much more
In this week’s sponsor interview Thinkst Canary’s Marco Slaviero talks about some work they’ve done on introducing a “Safety Net” against AWS token enumeration edge cases. That’s a very interesting interview.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- White House attributes Ukraine DDoS incidents to Russia's GRU - CyberScoop
- U.S. issues blanket warning on potential of destructive Russian hacks
- Russian hackers have probably penetrated critical Ukraine computer networks, U.S. says - The Washington Post
- Ukraine dismantles social media bot farm spreading "panic" - The Record by Recorded Future
- US says Russian hackers breached multiple DOD contractors - The Record by Recorded Future
- Red Cross blames hack on Zoho vulnerability, suspects APT attack - The Record by Recorded Future
- Red Cross Hack Linked to Iranian Influence Operation? – Krebs on Security
- Deep dive into hack against Iranian state TV yields wiper malware, other custom tools
- VMware Horizon servers are under active exploit by Iranian state hackers | Ars Technica
- Chinese hackers linked to months-long attack on Taiwanese financial sector - The Record by Recorded Future
- San Francisco 49ers confirm ransomware attack - The Record by Recorded Future
- Global logistics giant Expeditors suffers cyberattack, shuts down operations systems - FreightWaves
- Vodafone Portugal struggles to restore service following cyberattack | Ars Technica
- The US Crackdown on Spyware Vendors Is Only Beginning
- People Whose NFTs Were Stolen Are Getting Wildly Different Refunds from OpenSea
- Scam artists swindle NFTs worth 'millions' in OpenSea phishing attack | ZDNet
- KlaySwap crypto users lose funds after BGP hijack - The Record by Recorded Future
- Jaw-dropping Coinbase security bug allowed users to steal unlimited cryptocurrency | The Daily Swig
- For signs of cryptocurrency laundering, look closely at Moscow firms, report says
- Srsly Risky Biz: Thursday February 17
- More data on Canadian 'Freedom Convoy' donors leaked -website | Reuters
- Stream Episode 179: Truck Yeah, Canada feat Dan Boeckner by QAnon Anonymous | Listen online for free on SoundCloud
- FBI sees increase in use of virtual meeting platforms for BEC scams - The Record by Recorded Future
- This Is the ‘Hacking’ Investigation Into Journalist Who Clicked ‘View Source’ on Government Website
- Bhima Koregaon case: New report finds activist Rona Wilson was targeted by hackers linked to cyber espionage - The Washington Post
- Thousands of npm accounts use email addresses with expired domains - The Record by Recorded Future
- EARN IT Act gets no changes to encryption language in Senate committee
- SEC's breach notification proposal one step closer to a final vote
- In touch with Reality Winner - The Record by Recorded Future
- A “Safety Net” for AWS Canarytokens
