Risky Business Podcast

March 30, 2022

Risky Business #660 -- Lapsus$ arrests, latest on Okta incident

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Some arrests of suspected Lapsus$ members in the UK
  • Why the Okta incident is probably a fizzer
  • Four FSB officers indicted over Triton/Trisis malware
  • Kim Zetter interviewed Intrusion Truth
  • Australian government to upsize ASD
  • Wave bye bye to Finfisher
  • Much, much more

This week’s sponsor interview is with Mike Wiacek from Stairwell.

Stairwell makes a product that catalogues the files in your environment and lets you slice and dice that data. That makes threat hunting pretty easy and Mike is joining the show this week to talk about why organisations of all stripes should be doing threat hunting.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #660 -- Lapsus$ arrests, latest on Okta incident
0:00 / 0:00

Show notes

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal - BBC News

Okta ‘identifying and contacting’ customers potentially affected by Lapsus$ breach - The Record by Recorded Future

Okta revises original statement, says 366 customers affected by Lapsus$ breach - The Record by Recorded Future

Okta apologizes for waiting two months to notify customers of Lapsus$ breach - The Record by Recorded Future

Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show | TechCrunch

DOJ unseals indictments of four Russian gov’t officials for cyberattacks on energy companies - The Record by Recorded Future

Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide | OPA | Department of Justice

Intrusion Truth - Five Years of Naming and Shaming China’s Spies

ASD to double in size after $10bn cyber security funding boost - Security - iTnews

How the Biden budget goes big on cyber - The Record by Recorded Future

FBI, CISA advise 13,000 orgs to have 'low threshold' for reporting cyberattacks - The Record by Recorded Future

Senate report examines REvil ransomware attacks on US firms - The Record by Recorded Future

Senate ransomware investigation says FBI leaving victims in the lurch

Surveillance software firm FinFisher declares insolvency - The Record by Recorded Future

NSO refused Ukraine’s request for Pegasus spyware so it wouldn’t anger Russia - The Washington Post

FCC puts Kaspersky on security threat list, says it poses “unacceptable risk” | Ars Technica

Traffic at major Ukrainian internet service provider Ukrtelecom disrupted - The Record by Recorded Future

An interview with the chief technical officer at Ukrtelecom - The Record by Recorded Future

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests” – Krebs on Security

North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets | Ars Technica

Google releases emergency security update for Chrome users after second 0-day of 2022 discovered - The Record by Recorded Future

Npm maintainers remove malicious packages after typosquatting attempt - The Record by Recorded Future

‘Spam Nation’ Villain Vrublevsky Charged With Fraud – Krebs on Security

$2 million stolen from DeFi protocol Revest Finance, platform unable to reimburse victims - The Record by Recorded Future

Flash loan attack on One Ring protocol nets crypto-thief $1.4 million | The Daily Swig

More than $625 million stolen in DeFi hack of Ronin Network - The Record by Recorded Future

Hackers Who Stole $50 Million in Crypto Say They Will Refund Some Victims