Risky Business #691 -- LockBit and "Pablo Escobar syndrome"

Why LockBit's Royal Mail caper could backfire…
18 Jan 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
  • CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
  • Cloudflare backs Mastodon
  • Paul Nakasone: NSA did some great stuff! It was really good!
  • Cisco won’t patch SMB routers sold in 2020
  • Much, much more

This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Royal Mail cyberattack linked to LockBit ransomware operation
Ransomware Diaries: Volume 1 | Analyst1
Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News
Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News
CircleCI incident report for January 4, 2023 security incident
Researchers: Large language models will revolutionize digital propaganda campaigns
Nick Cave - The Red Hand Files - Issue #218
GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server
Meta sues Voyager Labs over scraping user data
Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News
A Police App Exposed Secret Details About Raids and Suspects | WIRED
ODIN Intelligence website is defaced as hackers claim breach | TechCrunch
Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News
The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News
Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News
Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations
The FBI Won't Say Whether It Hacked Dark Web ISIS Site
Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News
Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News
Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica
Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica
CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News
Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica