Risky Business -- #665 You can ransomware whole countries now

PLUS: The US DoJ tells prosecutors to leave security researchers alone...
25 May 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Conti’s war against Costa Rica
  • DoJ revises CFAA guidance
  • Naughty kids get access to DEA portal
  • A look at a Russian disinfo tool
  • PyPI and PHP supply chain drama
  • Much, much more

This week’s show is brought to you by Thinkst Canary. Its founder Haroon Meer will join us in this week’s sponsor interview to talk about what might happen to infosec programs now the world economy is getting all funky.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

President Rodrigo Chaves says Costa Rica is at war with Conti hackers - BBC News
Costa Ricans scrambled to pay taxes by hand after cyberattack took down country’s collection system
Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts
K-12 school districts in New Mexico, Ohio crippled by cyberattacks - The Record by Recorded Future
Greenland says health services 'severely limited’ after cyberattack - The Record by Recorded Future
Notorious cybercrime gang Conti 'shuts down,' but its influence and talent are still out there - The Record by Recorded Future
'Multi-tasking doctor' was mastermind behind 'Thanos' ransomware builder, DOJ says - The Record by Recorded Future
Researchers warn of REvil return after January arrests in Russia - The Record by Recorded Future
Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit | The Daily Swig
Bank refuses to pay ransom to hackers, sends dick pics instead • Graham Cluley
GoodWill ransomware forces victims to donate to the poor and provides financial assistance to patients in need - CloudSEK
Catalin Cimpanu on Twitter: "Report on a new ransomware strain named GoodWill that forces victims to perform acts of kindness to recover their files https://t.co/T0rhj5wjyC https://t.co/T92KPUJe61" / Twitter
Water companies are increasingly uninsurable due to ransomware, industry execs say
Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act | OPA | Department of Justice
DEA Investigating Breach of Law Enforcement Data Portal – Krebs on Security
Intelligence Update. A question of timing: examining the circumstances surrounding the Nauru Police Force hack and leak
FSB's Fronton DDoS tool was actually designed for 'massive' fake info campaigns, researchers say
Sonatype PiPI blog post
Dvuln Labs - ServiceNSW’s Digital Drivers Licence Security appears to be Super Bad
New Bluetooth hack can unlock your Tesla—and all kinds of other devices | Ars Technica
Researchers devise iPhone malware that runs even when device is turned off | Ars Technica
New Research Paper: Pre-hijacking Attacks on Web User Accounts – Microsoft Security Response Center
CISA issues directive for exploited VMware bug after IR team deployed to ‘large’ org - The Record by Recorded Future
Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating | Ars Technica
Google, Apple, Microsoft Commit to Eliminating Passwords - Security Boulevard
Thinkst Canary