Risky Business Podcast

February 15, 2023

Risky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legal

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Co-host at large

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • North Korea is ransomwaring hospitals with homegrown and Russian strains
  • Russia proposes law greenlighting “patriotic hacks”
  • It’s 702 renewal time… again
  • CISA releases ESXiArgs recovery script (yay!)
  • UK mulls crimephone ban
  • Much, much more

This week’s show is brought to you by Thinkst Canary. Haroon Meer is this week’s sponsor guest and joins us to talk about Thinkst’s latest release: the credit card canary.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legal
0:00 / 60:00

Show notes

North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics

Risky Biz News: US and UK sanction seven Trickbot members

United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury

Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability

The FBI’s Most Controversial Surveillance Tool Is Under Threat | WIRED

Meet the Creator of North Korea’s Favorite Crypto Privacy Service | WIRED

CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News

decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack

Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News

UK Proposes Making the Sale and Possession of Encrypted Phones Illegal

UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News

Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop

Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News

Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News

This week’s Reddit breach shows company’s security is (still) woefully inadequate | Ars Technica

Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News

Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica

DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs

OAuth ‘masterclass’ crowned top web hacking technique of 2022 | The Daily Swig

New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig

'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News

A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop