Risky Business #658 -- Germany sounds alarm on Kaspersky software

PLUS: More on the Ukraine SATCOM hack...
16 Mar 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Germany issues stark warning to Kaspersky users
  • Ukraine SATCOM hack keeps getting more interesting
  • Russia to spin up its own CA, but it’s not what it seems
  • Why the ransomware threat could get worse, then better
  • Much, much more

This week’s show is brought to you by Fastly. Kelly Shortridge, Fastly’s Senior Principal Product Technologist, joins the show this week to tell us what modern security actually looks like. Kelly is always fascinating so we were thrilled she was in the sponsor chair this week.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

German government issues warning about Kaspersky products - CyberScoop
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say | Reuters
Russia to create its own security certificate authority, alarming experts
Political fallout in cybercrime circles upping the threat to Western targets
(2) Oleg Shakirov on Twitter: "Russia's deputy foreign minister says he hopes the Russian-U.S. dialogue on cyber security will be resumed in response to a question whether it has been frozen He adds that it can bring tangible results like the disruption of REvil https://t.co/m817WD80vr" / Twitter
FinCEN warns ransomware proceeds could be part of Russia sanctions evasion
Biden takes big step toward government-backed digital currency
Ukrainian hackers say HackerOne is blocking their bug bounty payouts | TechCrunch
(2) Techmeme on Twitter: "Sources: Apple and Google removed Kremlin critic Navalny's app in September after FSB agents came to homes of top execs and threatened to take them to prison (Washington Post) https://t.co/nqvtHmG1Ft https://t.co/gQCcnFhnyo" / Twitter
Government agencies in Ukraine targeted in cyber-attacks deploying MicroBackdoor malware | The Daily Swig
(2) ESET research on Twitter: "#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine 🇺🇦. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 https://t.co/gVzzlT6AzN" / Twitter
Ukraine facing major regional internet outages as Russian invasion continues
Transparency Org Releases Alleged Leak of Russian Censorship Agency
Denial-of-service attack knocked Israeli government sites offline
The Lapsus$ Hacking Group Is Off to a Chaotic Start | WIRED
Penny Arcade - Comic - Also Known As Blackmail
Man charged with Kaseya hack extradited to the US - The Record by Recorded Future
NetWalker ransomware affiliate extradited to the US - The Record by Recorded Future
Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 | Ars Technica
New method that amplifies DDoSes by 4 billion-fold. What could go wrong? | Ars Technica
SEC weighs reporting requirements for publicly traded companies
Biden signs cyber incident reporting bill into law - The Record by Recorded Future
Join The Dept of Know_ Live!
BAYRAKTAR-Official Song (english) - YouTube
Product Demo: Proofpoint Nexus People Explorer - YouTube