Risky Business #706 -- Why BlackBerry thinks Cuba ransomware is a Russian front

PLUS: Wazawaka charged and PlugwalkJoe pleads guilty...
17 May 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Wazawaka charged, sanctioned
  • PlugwalkJoe extradited, pleads guilty
  • BlackBerry thinks Cuba ransomware is a front for Russian intelligence
  • Anonymous Sudan pops up in Israel
  • Microsoft’s Outlook patch fail
  • Much, much more

This week’s show is brought to you by Bloodhound Enterprise. Andy Robbins is this week’s sponsor guest. He talks about how graph theory could help us to uncover more lolbins.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Alleged Babuk ransomware gang leader ‘Wazawaka’ indicted, sanctioned by US
Who is the Network Access Broker ‘Wazawaka?’ – Krebs on Security
British man involved in Twitter hack extradited to US, pleads guilty to numerous cybercrimes
Cybercriminals who targeted Ukraine are actually Russian government hackers, researchers say | TechCrunch
Slapdash attempt to hack rocket sirens may be cause for serious alarm about Iran | The Times of Israel
Twitter’s Encrypted DMs Are Deeply Inferior to Signal and WhatsApp | WIRED
Twitter under fire for restricting content before Turkish presidential election - CBS News
Three opposition media outlets hit by cyber attack
Patrick Gray on Twitter: "https://t.co/n5b7wPjI6Y https://t.co/UmDbHbhEcS" / Twitter
(1) Patrick Gray on Twitter: "Switched to a domain validated username at the other place. Very easy. https://t.co/U46zABPnJl" / Twitter
Emerging ransomware group quickly hits 4 critical infrastructure providers | Cybersecurity Dive
A ransomware source code leak spawned at least 10 ‘Babuk’ imitators, researchers say
Philadelphia Inquirer unable to go to print due to ‘cyber incident’
Hackers attempt to extort Dragos and its executives in suspected ransomware attempt | CyberScoop
Dallas says it 'will likely take weeks to get back to full functionality' after ransomware attack
Swiss tech giant ABB confirms ‘IT security incident’
CISA: Bl00dy Ransomware Gang using printer vulnerability to attack schools
Capita says responding to ransomware attack will cost up to £20 million
National Gallery of Canada recovering from ransomware incident
Yum Brands faces class action suits from employees after ransomware attack | Cybersecurity Dive
Knocking down Hive: How the FBI ran its own ransomware decryption operation
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack | Ars Technica
FBI nukes Russian Snake data theft malware with self-destruct command
The FBI’s New Malware Eradication Service Is on Thin Legal Ice
Cisco warns of new ‘Greatness’ phishing-as-a-service tool seen in the wild
VMware’s ‘target-rich environment’ is growing more volatile, CrowdStrike warns | Cybersecurity Dive
UK's National Crime Agency wins major legal challenge over Encrochat hack
Inside the Italian Mafia’s Encrypted Phone of Choice
Microsoft releases fix for patched Outlook issue exploited by Russian hackers
Scammer Made Thousands Selling 'Leaked' Frank Ocean Tracks That Were Fake, AI-Generated