Risky Business Podcast

April 21, 2022

Risky Business #662 -- It's a bad month to be an electricity grid

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray, Adam Boileau and Dmitri Alperovitch discuss the week’s security news, including:

  • Ukraine foils Russian ICS hack
  • US Government burns someone’s ICS toolkit
  • China gets all up in India’s energy gridz
  • The Heroku/Hithub/Travis CI story is very confusing
  • US DOJ removes GRU malware from Watchguard boxes under Rule 41
  • North Korea behind $540m crypto hack
  • Much, much more

This week’s sponsor interview is with Scott Kuffer, co-founder of Nucleus Security, and Jared Semrau of Mandiant. They’ll be joining us to talk about how you can now plug Mandiant data into the Nucleus vulnerability scan aggregator.

Links to everything that we discussed are below and you can follow Patrick, Dmitri or Adam on Twitter if that’s your thing.

Risky Business #662 -- It's a bad month to be an electricity grid
0:00 / 0:00

Show notes

Ukraine foiled Russian cyberattack that tried to shut down energy grid

(4) Catalin Cimpanu on Twitter: "Days later... anyone managed to confirm or debunk this?" / Twitter

(4) Matthew Garrahan on Twitter: "Ukraine has since adapted a government app so that people can more easily upload information about Russian military positions https://t.co/oWRctXBTxU" / Twitter

Pipedream Malware: Feds Uncover 'Swiss Army Knife' for Industrial System Hacking | WIRED

Suspected Chinese hackers are targeting India's power grid

Lawmakers ask Energy Department to take point on sector digital security - The Record by Recorded Future

Threat of Russian cyberattack prompts energy firms to collaborate with U.S. government - The Washington Post

US says it disrupted Russian botnet 'before it could be weaponized'

DOJ's Sandworm operation raises questions about how far feds can go to disarm botnets

Microsoft seizes internet domains linked to GRU cyberattacks against Ukraine

WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers | Ars Technica

Microsoft uses court order to disrupt ZLoader botnet - The Record by Recorded Future

DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii

US agency attributes $540 million Ronin hack to North Korean APT group - The Record by Recorded Future

Chemical sector targeted by North Korea-linked hacking group, researchers say - The Record by Recorded Future

U.S. offers $5 million for info on North Korean cyber operators - The Record by Recorded Future

Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog

After a brief decline, organizations once again are bombarded with ransomware - The Record by Recorded Future

BlackCat ransomware group claims attack on Florida International University - The Record by Recorded Future

North Carolina A&T hit with ransomware after ALPHV attack - The Record by Recorded Future

Ransomware groups go after a new target: Russian organizations - The Record by Recorded Future

T-Mobile Secretly Bought Its Customer Data from Hackers to Stop Leak. It Failed.

Experts warn of concerns around Microsoft RPC bug - The Record by Recorded Future

Make phishing great again. VSTO office files are the new macro nightmare? | by Daniel Schell | Apr, 2022 | Medium

VMware patches critical flaws in Workspace ONE Access identity management software | The Daily Swig

Researcher finds cryptomining malware targeting AWS Lambda - The Record by Recorded Future

Apple paid out $36,000 bug bounty for HTTP request smuggling flaws on core web apps – research | The Daily Swig

Hackers steal more than $11 million from Elephant Money DeFi platform - The Record by Recorded Future

WonderHero game disabled after hackers steal $320,000 in cryptocurrency - The Record by Recorded Future

'We Are Fucked': Crypto Stablecoin Collapses After $182M Hack

The Original APT: Advanced Persistent Teenagers – Krebs on Security