Risky Business #664 -- The Spanish Prime Minister got Pegasus'd

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Spanish PM’s phone infected by Pegasus
  • Microsoft drops Ukraine research report
  • We can’t make heads or tails out of the FBI’s transparency report
  • France hit with coordinated fibre sabotage campaign
  • Why Musk’s algorithm pledge is meaningless
  • Much, much more

This week’s sponsor interview is with ExtraHop Networks’ CEO Patrick Dennis. He’s joining us this week to talk about how you can turn “Shield’s Up!” advice into something actionable.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #664 -- The Spanish Prime Minister got Pegasus'd
0:00 / 0:00

Show notes

Spyware attack targeted Spanish prime minister’s phone - The Record by Recorded Future

Over 200 Spanish mobile numbers ‘possible targets of Pegasus spyware’ | Spain | The Guardian

Russia’s hackers and military went after the same targets in Ukraine, Microsoft says

Russia Is Being Hacked at an Unprecedented Scale | WIRED

Russia reroutes internet in occupied Ukrainian territory through Russian telcos - The Record by Recorded Future

Russia cyber case prompted big portion of FBI's surveillance database searches in 2021 - The Record by Recorded Future

2022_ASTR_for_CY2020_FINAL.pdf

Wyden: “Surveillance Transparency Report” Fails To Explain How Many Americans’ Communications Are Searched By the FBI | U.S. Senator Ron Wyden of Oregon

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities

Who tried to hack Hawaii’s undersea cable? - The Record by Recorded Future

Nauru police emails leaked to protest against Australia's offshore detention

Fighting Fake EDRs With ‘Credit Ratings’ for Police – Krebs on Security

Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline

Musk's plans to make Twitter's algorithms public raises disinformation conundrum

Elon Musk’s Plan to Open Source the Twitter Algorithm Won’t Solve Anything | WIRED

Kronos cyber attack sparks lawsuits against employers | BenefitsPRO

German wind farm operator confirms cybersecurity incident - The Record by Recorded Future

German library service struggling to recover from ransomware attack - The Record by Recorded Future

Trinidad’s largest supermarket chain crippled by cyberattack - The Record by Recorded Future

Austin Peay State University becomes latest US school hit with ransomware - The Record by Recorded Future

NC Prohibits Gov Entities from Paying Hacker Cybersecurity Ransoms

Connecticut inches closer to becoming fifth state with data privacy law - The Record by Recorded Future

Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog

Google touts new tool that scans for malicious packages in popular open-source repositories - The Record by Recorded Future

Log4Shell, ProxyLogon and Atlassian bug top CISA's list of routinely exploited vulnerabilities in 2021 - The Record by Recorded Future

Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954 | Rapid7 Blog

Microsoft finds Linux desktop flaw that gives root to untrusted users | Ars Technica

More than $13 million stolen from DeFi platform Deus Finance - The Record by Recorded Future

Binance freezes stolen Axie Infinity crypto after North Korean hackers move funds - The Record by Recorded Future

Everscale blockchain wallet shutters web version after vulnerability found - The Record by Recorded Future

Hackers steal $90 million from DeFi platforms Rari Capital and Saddle Finance - The Record by Recorded Future

Crypto Hackers Stole More Than $370 Million In April Alone

Airlock Digital Demo - YouTube

Risky Business News | Patrick Gray | Substack