Risky Business Podcast

April 27, 2022

Risky Business #663 -- Israel cracks down on spyware exports

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Israel Ministry of Defence is denying a lot of spyware export licences
  • Private detective in New York pleads guilty over BellTroX shenanigans
  • Scammers enrol stolen credit cards into Apple Pay
  • The Blackcat ransomware crew is very active right now
  • VirusTotal shells lol
  • Much, much more

This week’s sponsor interview is with Okta’s Brett Winterford, who talks in detail about the company’s brush with the Lapsus$ hacking crew. It’s unusual for a sponsor interview to be a must listen, but here we are.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #663 -- Israel cracks down on spyware exports
0:00 / 58:26

Show notes

Export controls strangling Israel's cyberattack industry - Globes

Israeli charged in global hacker-for-hire scheme pleads guilty | Reuters

Criminals Abuse Apple Pay in Spending Sprees

Wealthy cybercriminals are using zero-day hacks more than ever | MIT Technology Review

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code – Krebs on Security

FBI: 60 organizations worldwide hit with BlackCat/ALPHV ransomware - The Record by Recorded Future

FBI warns agricultural sector of heightened risk of ransomware attacks

Russia's war on Ukraine making life difficult for Russian cybercriminals

In a first, Treasury Department sanctions major cryptocurrency mining firm

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure | CISA

(6) Rewards for Justice on Twitter: "REWARD! Up to $10M for information on 6 Russian GRU hackers. They targeted U.S. critical infrastructure with malicious cyber ops. Send us info on their activities via our Dark Web-based tips line at: https://t.co/WvkI416g4W https://t.co/oZCKNHU3fY https://t.co/u1NMAZ9HQl" / Twitter

Foreign Malicious Cyber Activity Against U.S. Critical Infrastructure – Rewards For Justice

From the front lines of ‘the first real cyberwar’ - The Record by Recorded Future

CySource virus total blog

(3) Bernardo Quintero on Twitter: "for transparency purposes, this was my internal reply on May 21, 2021 at 03:09PM https://t.co/WR3QTRlxDc" / Twitter

Critical bug could have let hackers commandeer millions of Android devices | Ars Technica

Hot patch for Log4Shell vulnerability in AWS allowed full host takeover | The Daily Swig

Major cryptography blunder in Java enables “psychic paper” forgeries | Ars Technica

Brokers' sales of U.S. military personnel data overseas stir national security fears

Bored Ape Yacht Club Instagram Hacked, NFTs Worth Millions Stolen

A Crypto Entrepreneur Is on the Lam After Dev Jailed for North Korea Trip

Okta Concludes its Investigation Into the January 2022 Compromise | Okta

Risky Business News | Substack