On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- The Twilio breach was actually a big deal
- How a Belarusian Cyber Partisans hack burned a GRU illegal
- Who wants 25m hashed passwords from Russia?
- An NFT we can get behind
- How attackers are using game anti-cheat drivers to defeat EDR
- Much, much more
This week’s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Why the Twilio Breach Cuts So Deep | WIRED
- Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica
- The number of companies caught up in recent hacks keeps growing | Ars Technica
- How 1-Time Passcodes Became a Corporate Liability – Krebs on Security
- (1) Christo Grozev on Twitter: "We first noticed her thanks to a super useful database shared with us by @cpartisans: the border crossing records of Belarus. We knew the passport ranges of GRU and FSB spies, so we decided to search in that data-set by partial matches, leaving the last 3 digits out as wildcards." / Twitter
- (1) Belarusian Cyber-Partisans on Twitter: "🧵1/3🔥For the 1st time in human history a #hacktivist collective obtained passport info of the ALL country's citizens. Now we're offering you an opportunity to become a part of this history 😎. Get a unique digital version of #lukashenka passport as #NFT https://t.co/gOlWdoUehi https://t.co/RxdWpBqA8f" / Twitter
- A huge Chinese database of faces and vehicle license plates spilled online | TechCrunch
- Leading Russian streaming platform suffers data leak allegedly impacting 44 million users - The Record by Recorded Future
- Plex imposes password reset after hackers steal data for >15 million users | Ars Technica
- Montenegro struggles to recover from cyberattack that officials blame on Russia - The Record by Recorded Future
- Patrick Gray on Twitter: "https://t.co/DOFdMExsPe" / Twitter
- European data privacy watchdogs grill Twitter over Mudge security claims - The Record by Recorded Future
- Google announces open source vulnerability reward program after Log4j, Codecov issues - The Record by Recorded Future
- Google Online Security Blog: Announcing Google’s Open Source Software Vulnerability Rewards Program
- Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims
- An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware' - The Record by Recorded Future
- LockBit ransomware group implicated in crippling attack on French hospital - The Record by Recorded Future
- Major U.S. library service confirms ransomware attack, struggling to restore affected systems - The Record by Recorded Future
- China-linked hackers target organizations operating in South China Sea - The Record by Recorded Future
- Chinese hackers zero in on Australian manufacturers, wind turbine operators
- FTC sues data broker that tracks locations of 125M phones per month | Ars Technica
- FCC launches investigation into mobile carriers’ geolocation data practices - The Record by Recorded Future
- Most top mobile carriers retain geolocation data for two years on average, FCC findings show - CyberScoop
- Buddle co-accused one of 50 alleged criminals preparing challenge to police sting
- Researchers discover sprawling pro-U.S. social media influence campaign
- Unheard Voice: Evaluating five years of pro-Western covert influence operations
- Rights groups, company leaders decry silence over VLC player ban in India - The Record by Recorded Future