Risky Business Podcast

September 21, 2022

Risky Business #679 -- A look at Uber's very bad week

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • A look at how Uber got owned so hard
  • Why cleartext cookie storage in Microsoft Teams’ Electron-based app is actually a big deal
  • Russian official: Starlink is a legitimate military target
  • Wagner mercs get doxxed
  • Kiwi Farms having a bad time
  • Much, much more

In this week’s sponsor interview we’ll be chatting to Nucleus’s CEO Steve Carter about CISA’s KEV list. He has feelings about the KEV list – they’re mostly positive, but he also has a few reasonable gripes and he joins me to talk about them.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #679 -- A look at Uber's very bad week
0:00 / 0:00

Show notes

Uber attributes hack to Lapsus$, working with FBI and DOJ on investigation - The Record by Recorded Future

Uber confirms it is investigating cybersecurity incident - The Record by Recorded Future

Microsoft Teams stores cleartext auth tokens, won’t be quickly patched | Ars Technica

SharpTongue Deploys Clever Mail-Stealing Browser Extension "SHARPEXT" | Volexity

Hacking group focused on Central America dumps 10 terabytes of military emails, files

Securing the Supply Chain of Nothing | Kelly Shortridge

Russia Makes Veiled Threat to Destroy SpaceX's Starlink

Pro-Ukraine Hacktivists Claim to Have Hacked Notorious Russian Mercenary Group

Fears grow of Russian spies turning to industrial espionage - The Record by Recorded Future

Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records

Alternative payment apps such as AliPay a boon for cybercriminals, experts tell Congress

CISA floats plan to partner with local universities for '311' cyberattack triage service - The Record by Recorded Future

Breach of software maker used to backdoor ecommerce servers | Ars Technica

Kiwi Farms has been breached; assume passwords and emails have been leaked | Ars Technica

(8) Kevin Beaumont on Twitter: "The saga continues - there was (also?) a script injected for a month on Kiwi Farms called Troonshine, gathering information and credentials from user’s systems, posting it to “https://t.co/XnrUu4t3sd”. They look very, very owned. https://t.co/kxdR8kxtC1" / Twitter

Pentagon reviews psychological operations amid Facebook, Twitter complaints - The Washington Post

Bosnia and Herzegovina investigating alleged ransomware attack on parliament - The Record by Recorded Future

Botched Crypto Mugging Lands Three U.K. Men in Jail – Krebs on Security

Cryptocurrency company Wintermute says hackers stole $160 million - The Record by Recorded Future

Anonymous hacker, who bragged about exploits on TikTok, says he was raided by Canadian police