Risky Business #671 -- The case for an American-owned NSO Group

PLUS: Microsoft flip flops on changes to macro defaults...
13 Jul 2022 » Risky Business

On this week’s show Patrick Gray and guest cohost Dmitri Alperovitch discuss the week’s security news, including:

  • Why an American defence contractor acquiring NSO Group would be a nonproliferation win
  • A look at Microsoft’s botched macro measures
  • iPhone’s Lockdown Mode
  • Ukraine goes big on Yubikeys
  • Aerojet Rocketdyne pays millions over poor security controls, CISO whistleblower gets bag of cash
  • Much, much more

This week’s show is sponsored by Proofpoint. Ryan Kalember, Proofpoint’s Executive Vice President of Cybersecurity Strategy, joins us in this week’s sponsor interview to talk about changes he’s observed in the criminal ecosystem.

NOTE: This podcast contains an error. We say that iOS Lockdown Mode prevents users from using an MDM profile on their devices. It doesn’t, it just stops new MDM profiles from being loaded while in Lockdown Mode, so corporate users will be able to turn it on just fine.

Links to everything that we discussed are below and you can follow Patrick or Dmitri on Twitter if that’s your thing.

Show notes

L3Harris drops bid for NSO spyware following U.S. concerns - The Washington Post
Apple introduces 'Lockdown Mode' iPhone feature to block elite spyware
Risky Biz News: Thousands of Yubikeys have been deployed in Ukraine, more to come
PyPI repo to distribute 4,000 security keys to maintainers of ‘critical projects’ in 2FA drive | The Daily Swig
Microsoft makes major course reversal, allows Office to run untrusted macros [Updated] | Ars Technica
Microsoft says decision to stop blocking Office VBA macros by default is ‘temporary’ - The Record by Recorded Future
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents'
Rocket maker agrees to pay $9 million to settle allegations of cybersecurity violations - The Record by Recorded Future
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector | CISA
North Korea is targeting hospitals with ransomware, U.S. agencies warn
Medical debt collection firm says ransomware attack exposed info on 650+ healthcare orgs - The Record by Recorded Future
French telecom company La Poste Mobile struggling to recover from ransomware attack - The Record by Recorded Future
Cyberattack knocks out California community college email, website, landlines - The Record by Recorded Future
OPM breach victims expected to receive about $700 each after class action settlement - The Record by Recorded Future
Chinese Hackers Targeting Russian Government and Telcos
DeFi Hacker Returns $8m
Millions in Cryptocurrency Stolen in Phishing Attacks