Risky Business #684 -- DoJ seizes 50,000 stolen bitcoins from popcorn tin

PLUS: WaPo details root CA's shady links with surveillance industry…
09 Nov 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • DoJ seizes 50k bitcoin stolen from Silk Road, charges thief
  • Australian health insurer Medibank refuses to pay ransom, data leaked
  • Inside Qatar’s $386m world cup espionage operation
  • EU Parliament report into spyware lands
  • SolarWinds settles shareholder lawsuit, faces SEC enforcement action
  • Much, much more

This week’s sponsor guest is Andrew Morris from Greynoise Intelligence.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

DOJ says it seized billions in Bitcoin stolen by hacker from Silk Road darknet marketplace - The Record by Recorded Future
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | USAO-SDNY | Department of Justice
Medibank says it will not pay ransom in hack that impacted 9.7 million customers - The Record by Recorded Future
Names, addresses, birthdays posted to dark web by hackers after Medibank ransom deadline passes - ABC News
‘Project Merciless’: how Qatar spied on the world of football in Switzerland - SWI swissinfo.ch
How Qatar hacked the World Cup — The Bureau of Investigative Journalism (en-GB)
FBI probing ex-CIA officer's spying for World Cup host Qatar - The Washington Post
EU governments accused of using spyware ‘to cover up corruption and criminal activity’ - The Record by Recorded Future
Press conference on draft findings of EP spyware inquiry | News | European Parliament
SolarWinds says it’s facing SEC ‘enforcement action’ over 2020 hack | TechCrunch
Microsoft accuses China of abusing vulnerability disclosure requirements - The Record by Recorded Future
Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup
Could a ‘digital Red Cross emblem’ protect hospitals from cyber warfare? - The Record by Recorded Future
TrustCor Systems verifies web addresses, but its address is a UPS Store - The Washington Post
Cyber incident at Boeing subsidiary causes flight planning disruptions - The Record by Recorded Future
FIN7 cybercrime cartel tied to Black Basta ransomware operation: report - The Record by Recorded Future
More than 100 election jurisdictions waiting on federal cyber help, sources say
$28 million stolen from cryptocurrency platform Deribit - The Record by Recorded Future
Nigerian scammer sentenced to 11 years in US prison - The Record by Recorded Future
Hackers get into Dropbox developer accounts on GitHub, access 130 code repositories and more - The Record by Recorded Future
Urlscan.io API unwittingly leaks sensitive URLs, data | The Daily Swig
The Most Vulnerable Place on the Internet | WIRED
So long and thanks for all the bits - NCSC.GOV.UK