Risky Business Podcast

December 07, 2022

Risky Business #688 -- APT41 pickpockets Uncle Sam

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Samsung, LG Android signing keys pinched
  • LastPass gets owned again
  • APT41 steal covid relief money
  • Amnesty International hacked in Canada
  • Much, much more

This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #688 -- APT41 pickpockets Uncle Sam
0:00 / 0:00

Show notes

Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware

Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog

100 - Platform certificates used to sign malware - apvi

Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future

Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says

Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future

Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future

New details on commercial spyware vendor Variston

‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future

Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica

ChatGPT shows promise of using AI to write malware - CyberScoop

DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future

Kris Nóva: "We are currently investigating…" - Hachyderm.io

Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica

Spam is drowning out Twitter posts about Covid protests in China

French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future

Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com

Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future

Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald

UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future

Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice

Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future

Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica

Go SAML library vulnerable to authentication bypass | The Daily Swig

Okta and Phishing Resistant Authentication - YouTube