Risky Business #670 -- China's world record data breach

A billion records from Shanghai police servers for sale...
06 Jul 2022 » Risky Business

On this week’s show Patrick Gray and guest cohost Mark Piper discuss the week’s security news, including:

  • A billion records leaked in China
  • China to develop desktop operating system
  • HackerOne fires insider for stealing hackers’ work and bounties
  • FSB officer charged with stealing hacker’s bitcoin
  • Why Microsoft is wrong on Russia and Ukraine
  • Much, much more

Red Canary’s Adam Mashinchi and Brian Donohue will be along in this week’s sponsor interview to talk about Atomic Red Team, the open source adversary emulation framework they help to maintain.

Links to everything that we discussed are below and you can follow Patrick on Twitter if that’s your thing.

Show notes

Hacker claims to have stolen 1 bln records of Chinese citizens from police | Reuters
China lured graduate jobseekers into digital espionage | Ars Technica
Tech war: China doubles down on domestic operating systems to cut reliance on Windows, MacOS from the US | South China Morning Post
Risky Biz News: HackerOne discloses malicious insider incident, and nobody's surprised
(2) Paranoid Ninja (Brute Ratel C4) on Twitter: "A thoroughly detailed blog on Brute Ratel C4 by Palo Alto. Proper Actions have been taken to against the found licenses which were sold in the Black Market. As for existing customers, #BRc4 v1.1 release will change every aspect of IOC found in the previous releases." / Twitter
Microsoft Exchange servers worldwide hit by stealthy new backdoor | Ars Technica
Подполковника УФСБ по Самарской области арестовали за кражу криптовалюты у хакера - ТАСС
Cybersecurity experts question Microsoft's Ukraine report
(4) Victor Zhora on Twitter: "One more evidence of coordination of kinetic and cyber operations by russian aggressors. Ukrainian largest private energy company DTEK was cyberattacked simulateously with shelling of thermal power plant of the same company in Kryvyi Rih. Both targets are 100% civilian." / Twitter
Вслід за ракетними ударами по ТЕС ворог завдає хакерських атак по енергосистемі — ДТЕК
CyberKnow on Twitter: "Another new pro-russian hacktivist group. They have been conducting #ddos ops against #Norway with other groups. #cybersecurity #infosec #RussianUkrainianWar #UkraineRussiaWar https://t.co/rX069XVaof" / Twitter
Hacktivist personas back latest GhostWriter disinfo op targeting Poland, Ukraine
Gantz orders probe after TV reports hint IDF behind Iran steel plant cyberattack | The Times of Israel
Info of over 300,000 Israelis leaked as Iranian hackers target travel booking sites | The Times of Israel
TSA to change cybersecurity rules for pipelines following industry criticism - The Record by Recorded Future
After a sharp rise, cyber insurance rates show signs of stabilizing - The Record by Recorded Future
California DOJ apologizes for ‘unacceptable’ breach involving Firearms Dashboard - The Record by Recorded Future
Cops Investigating ‘WhatsApp for Gangsters’ Arrest Key Suspect in Caribbean
Publishing giant Macmillan still unable to process orders after ransomware attack - The Record by Recorded Future
State unemployment, jobs services down around the country after cyberattack
NIST selects first group of quantum-resistant encryption tools - The Record by Recorded Future
UnRAR path traversal flaw can lead to RCE in Zimbra | The Daily Swig
Universiteit Maastricht krijgt losgeld voor hack terug met flinke winst
Nearly $9 million stolen from DeFi platform Crema Finance - The Record by Recorded Future
North Korea accused of orchestrating $100 million Harmony crypto hack - The Record by Recorded Future
Nucleus Security's vulnerability management platform - YouTube
Explore Atomic Red Team