Risky Business Podcast
November 02, 2022
Risky Business #683 -- OpenSSL bug is a fizzer, ASD responds to Medibank hack
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Twitter bluechecks face phishing barrage
- Australian government goes berserk on Medibank hack response
- Former WSJ journalist sues law firm over email hack and info op that got him fired
- OpenSSL bug lands with a whimper
- Apple macOS Ventura update breaks security tools
- Much, much more
This week’s show is brought to you by Thinkst Canary. Marco Slaviero, Thinkst’s head of engineering, joins us this week to talk through the company’s latest release, codenamed Quokka.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by Thinkst
Know. When it Matters!
Show notes
Twitter’s verification chaos is now a cybersecurity problem | TechCrunch
Unconfirmed hack of Liz Truss’ phone prompts calls for “urgent investigation” | Ars Technica
Chinese hackers are scanning state political party headquarters, FBI says - The Washington Post
Former WSJ reporter says law firm used Indian hackers to sabotage his career | Reuters
The source - Columbia Journalism Review
Upcoming ‘critical’ OpenSSL update prompts feverish speculation | The Daily Swig
OpenSSL vulnerability downgraded to ‘high’ severity | The Daily Swig
Apple MacOS Ventura Bug Breaks Third-Party Security Tools | WIRED
Microsoft ties Vice Society hackers to additional ransomware strains - The Record by Recorded Future
How Vice Society Got Away With a Global Ransomware Spree | WIRED
Critical authentication bug in Fortinet products actively exploited in the wild | The Daily Swig
Google Play apps with >20M downloads depleted batteries and network bandwidth | Ars Technica
Microsoft leaked 2.4TB of data belonging to sensitive customer. Critics are furious | Ars Technica
Microsoft Office Online Server open to SSRF-to-RCE exploit | The Daily Swig
Microsoft's Sociopathic Cybersecurity Pedantry
Brazilian police announce arrest of alleged Lapsus$ member - The Record by Recorded Future
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion – Krebs on Security
European gang that sold car hacking tools to thieves arrested - The Record by Recorded Future
How a Microsoft blunder opened millions of PCs to potent malware attacks | Ars Technica