Risky Business Podcast

December 14, 2022

Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Apple to introduce user-encrypted backups, FBI is sad
  • Twitter ices e2ee plans for DMs
  • RackSpace is getting sued over its hosted Exchange ransomware incident
  • Dodgy driving: Microsoft signs some shady stuff
  • Japan to change laws, release the Shibas
  • A look at the US NDAA
  • Much, much more

This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #689 -- FBI baulks at Apple's iCloud encryption push
0:00 / 56:03

Show notes

Apple Expands End-to-End Encryption to iCloud Backups | WIRED

FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors

Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED

Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold

I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant

Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future

Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response

New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security

Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED

Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED

Risky Biz News: Disgruntled member doxes and extorts URSNIF gang

U.S. agency warns that hackers are going after Citrix networking gear | Reuters

Police raid offices of Predator spyware seller Intellexa | eKathimerini.com

$858 billion defense bill focuses heavily on cyber. These are some highlights.

Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future

Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity

Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future

US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future

‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future

Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future

LockBit ransomware crew claims attack on California Department of Finance

PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future

Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED

Internet Explorer 0-day exploited by North Korean actor APT37

Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future

JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig

Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED