Risky Business Podcast

April 27, 2022

Risky Business #663 -- Israel cracks down on spyware exports

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Co-host at large

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Israel Ministry of Defence is denying a lot of spyware export licences
  • Private detective in New York pleads guilty over BellTroX shenanigans
  • Scammers enrol stolen credit cards into Apple Pay
  • The Blackcat ransomware crew is very active right now
  • VirusTotal shells lol
  • Much, much more

This week’s sponsor interview is with Okta’s Brett Winterford, who talks in detail about the company’s brush with the Lapsus$ hacking crew. It’s unusual for a sponsor interview to be a must listen, but here we are.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #663 -- Israel cracks down on spyware exports
0:00 / 58:26

Show notes

Export controls strangling Israel's cyberattack industry - Globes

Israeli charged in global hacker-for-hire scheme pleads guilty | Reuters

Criminals Abuse Apple Pay in Spending Sprees

Wealthy cybercriminals are using zero-day hacks more than ever | MIT Technology Review

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code – Krebs on Security

FBI: 60 organizations worldwide hit with BlackCat/ALPHV ransomware - The Record by Recorded Future

FBI warns agricultural sector of heightened risk of ransomware attacks

Russia's war on Ukraine making life difficult for Russian cybercriminals

In a first, Treasury Department sanctions major cryptocurrency mining firm

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure | CISA

(6) Rewards for Justice on Twitter: "REWARD! Up to $10M for information on 6 Russian GRU hackers. They targeted U.S. critical infrastructure with malicious cyber ops. Send us info on their activities via our Dark Web-based tips line at: https://t.co/WvkI416g4W https://t.co/oZCKNHU3fY https://t.co/u1NMAZ9HQl" / Twitter

Foreign Malicious Cyber Activity Against U.S. Critical Infrastructure – Rewards For Justice

From the front lines of ‘the first real cyberwar’ - The Record by Recorded Future

CySource virus total blog

(3) Bernardo Quintero on Twitter: "for transparency purposes, this was my internal reply on May 21, 2021 at 03:09PM https://t.co/WR3QTRlxDc" / Twitter

Critical bug could have let hackers commandeer millions of Android devices | Ars Technica

Hot patch for Log4Shell vulnerability in AWS allowed full host takeover | The Daily Swig

Major cryptography blunder in Java enables “psychic paper” forgeries | Ars Technica

Brokers' sales of U.S. military personnel data overseas stir national security fears

Bored Ape Yacht Club Instagram Hacked, NFTs Worth Millions Stolen

A Crypto Entrepreneur Is on the Lam After Dev Jailed for North Korea Trip

Okta Concludes its Investigation Into the January 2022 Compromise | Okta

Risky Business News | Substack