Risky Business Podcast

May 25, 2022

Risky Business -- #665 You can ransomware whole countries now

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Conti’s war against Costa Rica
  • DoJ revises CFAA guidance
  • Naughty kids get access to DEA portal
  • A look at a Russian disinfo tool
  • PyPI and PHP supply chain drama
  • Much, much more

This week’s show is brought to you by Thinkst Canary. Its founder Haroon Meer will join us in this week’s sponsor interview to talk about what might happen to infosec programs now the world economy is getting all funky.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business -- #665 You can ransomware whole countries now
0:00 / 0:00

Show notes

President Rodrigo Chaves says Costa Rica is at war with Conti hackers - BBC News

Costa Ricans scrambled to pay taxes by hand after cyberattack took down country’s collection system

Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts

K-12 school districts in New Mexico, Ohio crippled by cyberattacks - The Record by Recorded Future

Greenland says health services 'severely limited’ after cyberattack - The Record by Recorded Future

Notorious cybercrime gang Conti 'shuts down,' but its influence and talent are still out there - The Record by Recorded Future

'Multi-tasking doctor' was mastermind behind 'Thanos' ransomware builder, DOJ says - The Record by Recorded Future

Researchers warn of REvil return after January arrests in Russia - The Record by Recorded Future

Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit | The Daily Swig

Bank refuses to pay ransom to hackers, sends dick pics instead • Graham Cluley

GoodWill ransomware forces victims to donate to the poor and provides financial assistance to patients in need - CloudSEK

Catalin Cimpanu on Twitter: "Report on a new ransomware strain named GoodWill that forces victims to perform acts of kindness to recover their files https://t.co/T0rhj5wjyC https://t.co/T92KPUJe61" / Twitter

Water companies are increasingly uninsurable due to ransomware, industry execs say

Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act | OPA | Department of Justice

download

DEA Investigating Breach of Law Enforcement Data Portal – Krebs on Security

Intelligence Update. A question of timing: examining the circumstances surrounding the Nauru Police Force hack and leak

FSB's Fronton DDoS tool was actually designed for 'massive' fake info campaigns, researchers say

Sonatype PiPI blog post

Dvuln Labs - ServiceNSW’s Digital Drivers Licence Security appears to be Super Bad

New Bluetooth hack can unlock your Tesla—and all kinds of other devices | Ars Technica

Researchers devise iPhone malware that runs even when device is turned off | Ars Technica

New Research Paper: Pre-hijacking Attacks on Web User Accounts – Microsoft Security Response Center

CISA issues directive for exploited VMware bug after IR team deployed to ‘large’ org - The Record by Recorded Future

Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating | Ars Technica

Google, Apple, Microsoft Commit to Eliminating Passwords - Security Boulevard

Thinkst Canary