Risky Business #711 -- Albanian authorities raid MEK camp over Iran hacks

PLUS: Microsoft admits basic Anonymous Sudan DDoS took down Azure...
21 Jun 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Albanian authorities raid MEK over Iran hacks
  • Microsoft admits “Anonymous Sudan” took down its services
  • US Government puts $10m bounty on CL0P
  • A deeper look at the Barracuda hack campaign
  • Much, much more

This week’s show is brought to you by Material Security. We’ll be hearing from one of Material’s friends – Courtney Healey, senior manager of insider threat at Coinbase – in this week’s sponsor interview.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Police raid Iranian opposition camp in Albania, seize computers | AP News
Risky Biz News: Microsoft embarrassingly admits it got DDoSed into the ground by Anonymous Sudan
Anonymous Sudan and Killnet strike again, target EIB
Pro-Russian hackers remain active amid Ukraine counteroffensive | CyberScoop
Hackers infect Russian-speaking gamers with fake WannaCry ransomware
US puts $10M bounty on Clop as federal agencies confirm data compromises | Cybersecurity Dive
(1) Catherine Herridge on Twitter: "Tonight, sources tell @cbsnews senior government officials are racing to limit impact - of what one cyber expert calls - potentially the largest theft + extortion event in recent history. USG official says no evidence to date US MIL or INTEL compromised. https://t.co/R4f6naFqFx" / Twitter
U.S. government says several agencies hacked as part of broader cyberattack
Clop names a dozen MOVEit victims, but holds back details | Cybersecurity Dive
Another MOVEit vulnerability found, as state and federal agencies reveal breaches | Cybersecurity Dive
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China | Mandiant
New DOJ unit will focus on prosecuting nation-state cybercrime
EU states told to restrict Huawei and ZTE from 5G networks ‘without delay’
The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips | WIRED
Widow of slain Saudi journalist Jamal Khashoggi files suit against Pegasus spyware maker
Jamal Khashoggi’s wife to sue NSO Group over Pegasus spyware | Jamal Khashoggi | The Guardian
Bipartisan bill would protect Americans’ data from export abroad
District of Nebraska | Massachusetts Man Sentenced for Computer Intrusion | United States Department of Justice
I Was Sentenced to 18 Months in Prison for Hacking Back - My Story | HackerNoon
New FCC privacy task force takes aim at data breaches, SIM-swaps | CyberScoop
Bloodied Macbooks and Stacks of Cash: Inside the Increasingly Violent Discord Servers Where Kids Flaunt Their Crimes
Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses | OPA | Department of Justice
BrianKrebs: "Haha love it when a data ranso…" - Infosec Exchange