Risky Business Podcast

September 07, 2022

Risky Business #677 -- A day late and a dollar short: China doxxes NSA op

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • China’s super spies figure out Rob Joyce ran TAO ops
  • FBI, French authorities fly to Montenegro to investigate ransomware attack
  • NEWSFLASH: Cloudflare are still a bunch of Nazi cuddlers
  • SIM swap drama spills into real world shootings, firebombings
  • Yandex Taxi hack clogs Moscow streets
  • The TikTok breach that wasn’t
  • Project Raven veterans get wings clipped
  • Why recent BGP hijacks are getting a bit concerning
  • Much, much more

This week’s show is brought to you by Corelight, the company that maintains Zeek. Corleight’s Federal CTO Jean Schaffer joins us in this week’s sponsor interview to talk about whether or not the White House’s executive order on Zero Trust is actually changing anything.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #677 -- A day late and a dollar short: China doxxes NSA op
0:00 / 0:00

Show notes

Exclusive: Evidence shows US’ NSA behind attack on email system of leading Chinese aviation university - Global Times

Lukasz Olejnik on Twitter: "Chinese accusation of US/NSA cyberattacks on China's aviation university. Unusually, a strong protest issued by China's Foreign Ministry. Chinese media write about NSA extensively, and doxx/point at Rob Joyce, specifically. Highly amusing! https://t.co/PG1XzZoIcW https://t.co/wRMEAokhVj" / Twitter

Patrick Gray on Twitter: "Great thread" / Twitter

FBI and French officials arrive in Montenegro to investigate ransomware attack - The Record by Recorded Future

Chile says gov’t agency struggling with ransomware attack - The Record by Recorded Future

Italy warns of cyberattacks on energy industry after Eni, GSE incidents - The Record by Recorded Future

Ransomware Gang Accessed Water Supplier’s Control System

Experts warn of more Ragnar Locker attacks, days after group targets airline - The Record by Recorded Future

Kevin Beaumont on Twitter: "IHG Hotel Group incident is ransomware" / Twitter

Criminal hackers targeting K-12 schools, U.S. government warns

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign - The Record by Recorded Future

Cloudflare Suggests It Won’t Cut Off Anti-Trans Stalking Forum

Cloudflare reverses decision and drops trans trolling website Kiwi Farms | Internet | The Guardian

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire – Krebs on Security

State Department debars ex-NSA cyber mercenaries who aided vast UAE surveillance operation

Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App

Light Flashing, Siren Wailing: A Rich Muscovite in a Rush - The New York Times

TikTok denies security breach after hackers leak user data, source code

Samsung denies Social Security numbers involved in latest breach - The Record by Recorded Future

Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking | by SlowMist | Coinmonks | Aug, 2022 | Medium

nanog: Yet another BGP hijacking towards AS16509

A Windows 11 Automation Tool Can Easily Be Hijacked | WIRED

Actors behind PyPI supply chain attack have been active since late 2021 | Ars Technica

Cybercriminal Service 'EvilProxy' Seeks to Hijack Accounts

Careless Errors in Hundreds of Apps Could Expose Troves of Data | WIRED

WatchGuard firewall exploit threatens appliance takeover | The Daily Swig

Patched TikTok security flaw allowed one-click account takeovers - The Record by Recorded Future

Chrome extensions with 1.4M installs covertly track visits and inject code | Ars Technica

Peter Eckersley, co-creator of Let’s Encrypt, dies at just 43 – Naked Security

DownUnderCTF