Risky Business #673 -- When throwing computers into a woodchipper is standard IR

UEFI rootkits are properly in the wild now...
27 Jul 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Why Entrust being ransomwared is good news
  • UEFI bootkits turn hardware into landfill
  • Microsoft resumes macro blocking rollout
  • Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea
  • Much, much more

This week’s sponsor guest is Paul “The Voice” Lanzi of Remediant. He’s popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Italy investigating ransomware attack on tax agency - The Record by Recorded Future
IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future
Microsoft resuming default block of Office VBA macros - The Record by Recorded Future
Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica
China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs
Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future
Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health
Congress goes after spyware purveyors. Will it make a difference?
Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future
TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future
Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED
Federal privacy legislation progresses, but concerns about data brokers loom
China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future
T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future
Former Coinbase Manager Arrested by Feds for Alleged Insider Trading
Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig
Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig
Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica