Risky Business #686 -- White House to move on spyware industry

PLUS: Why the EU is launching its own IP satellite constellation…
23 Nov 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Half of all UK COBRA meetings are ransomware related
  • Ransomware biggest risk to US port security
  • White House to move on spyware industry
  • EU to launch its own Starlink equivalent
  • Much, much more

AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Ransomware incidents now make up majority of British government’s crisis management COBRA meetings - The Record by Recorded Future
DHS Secretary: Cyberattacks are the most significant threat to port infrastructure - The Record by Recorded Future
Michigan school districts reopen after three-day closure due to ransomware attack - The Record by Recorded Future
Microsoft: Royal ransomware group using Google Ads in campaign - The Record by Recorded Future
Researchers Quietly Cracked Zeppelin Ransomware Keys – Krebs on Security
Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor
US, Estonian authorities arrest two over $575 million cryptocurrency fraud - The Record by Recorded Future
New FTX CEO details 'complete failure of corporate controls' at crypto platform
OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs
EU reaches agreement on new satellite constellation - The Record by Recorded Future
Ukraine’s Engineers Dodged Russian Mines To Get Kherson Back Online–With A Little Help From Elon Musk’s Satellites
Senate Democrats call on FTC to investigate Twitter's data security
11.17.22 - FTC - Twitter Letter
Twitter has a lot of your data. Here's what you can do about it.
Mastodon vulnerable to multiple system configuration problems | The Daily Swig
System misconfiguration is the number one vulnerability, at least for Mastodon
White House expected to issue executive order reining in spyware
H20220930-005_Himes-Speier cc's - DocumentCloud
A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup | WIRED
Risky Biz News: Iranian state hackers breached US government agency and deployed a cryptominer, out of all things
India removes ban on VLC media player after cybersecurity concerns addressed - The Record by Recorded Future
Amazon addresses vulnerability affecting AWS AppSync - The Record by Recorded Future
CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization | CISA