Risky Business Podcast

July 20, 2022

Risky Business #672 -- "Expected behaviour" is in the eye of the beholder

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • A look at the DHS Cyber Safety Review Board’s Log4j report
  • Joshua Schulte no longer the “alleged” Vault7 leaker
  • Chinese APT crews targeted US political journalists before Jan 6
  • Ransomware gangs make leak sites searchable
  • Why recovering plaintext passwords from Okta is expected behaviour
  • US Government seizes North Korean ransomware payment
  • Much, much more

This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he’ll tell us about work Trail of Bits did for DARPA on investigating blockchain security fundamentals.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #672 -- "Expected behaviour" is in the eye of the beholder
0:00 / 0:00

Show notes

Patrick Gray on Twitter: "During our discussion yesterday on the show we didn’t know pre-existing MDM was preserved when iOS lockdown mode is enabled, which is great!" / Twitter

DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure

Ex-CIA Hacker Convicted for ‘One of the Most Damaging Acts of Espionage in American History’

Chinese hackers targeted U.S. political reporters just ahead of Jan. 6 attack, researchers say

Experts concerned about ransomware groups creating searchable databases of victim data - The Record by Recorded Future

Who-is-Trickbot.pdf

A Deep Dive Into the Residential Proxy Service ‘911’ – Krebs on Security

Risky Biz News: Google removes app permissions from the Play Store

Ongoing phishing campaign can hack you even when you’re protected with MFA | Ars Technica

‘Password extraction risk’ in identity provider Okta disputed | The Daily Swig

Authomize Discovers Password Stealing and Impersonation Risks in Okta | Authomize.com

Okta Response to Security Report | Okta

DOJ seized ransoms paid by health centers in Kansas, Colorado after 2021 attacks - The Record by Recorded Future

North Korean hackers target small businesses with H0lyGh0st ransomware, Microsoft warns - The Record by Recorded Future

Colorado police investigating ransomware attack on small town - The Record by Recorded Future

Albania shuts down government websites, services due to wide ranging cyberattack - The Record by Recorded Future

Bandai Namco confirms cyberattack after ransomware group threatens leak - The Record by Recorded Future

MiCODUS MV720 GPS tracker | CISA

Honda redesigning latest vehicles to address key fob vulnerabilities - The Record by Recorded Future

Russia Released a Ukrainian App for Hacking Russia That Was Actually Malware

Are blockchains decentralized? | Trail of Bits Blog

Announcing the new Trail of Bits podcast | Trail of Bits Blog

GitHub - trailofbits/it-depends: A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.