Risky Business #712 -- The 336,000 undead Fortigates of DOOM

PLUS: What FSB doing?
12 Jul 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • The SEC is targeting SolarWinds executives
  • UK to make banks liable for fraud
  • NSA issues advice on UEFI trojan
  • Microsoft blocks 100+ dodgy drivers
  • The US IC knew what Prihozhin was up to. But what FSB doing?
  • Much, much more

This week’s show is brought to you by Netwrix. Martin Cannard, Netwrix’s VP of Product Strategy, is this week’s sponsor guest. He talks about why zero standing privilege is a worthy goal.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation | Cybersecurity Dive
While Australian banks refuse most scam victims refunds, the UK is making them mandatory - ABC News
New law could allow GCHQ to monitor UK internet logs in real-time to tackle fraud
Federal incentives could help utilities overcome major cybersecurity hurdle: money | CyberScoop
Major Japanese port suspends operation following ransomware attack
Petro-Canada reports service restoration after suspected Suncor breach | Cybersecurity Dive
Chinese state-backed hackers accidentally infected a European hospital with malware
Hackers exploit gaping Windows loophole to give their malware kernel access | Ars Technica
336,000 servers remain unpatched against critical Fortigate vulnerability | Ars Technica
CISA says latest VMware analytics bug being exploited
MOVEit vulnerability snags almost 200 victims, more expected | Cybersecurity Dive
Actively exploited vulnerability threatens hundreds of solar power stations | Ars Technica
U.S. intelligence learned in mid-June Prigozhin was plotting uprising - The Washington Post
Russian election-meddling ‘troll factory’ reportedly shut down after Wagner revolt
Russian telecom confirms hack after group backing Wagner boasted about an attack | CyberScoop
Hackers claim to take down Russian satellite communications provider
Russian railway site allegedly taken down by Ukrainian hackers
Several US states investigating ‘SiegedSec’ hacking campaign
Hacking crew targeting states over transition bans claims cyberattack hitting global satellite systems | CyberScoop
Hacktivists steal government files from Texas city Fort Worth | TechCrunch
Belarusian hacktivists сlaim to breach country’s leading state university
British prosecutors say teen Lapsus$ member was behind hacks on Uber, Rockstar
Silk Road’s Second-in-Command, Variety Jones, Gets 20 Years in Prison | WIRED
Russian cyber expert arrested in Kazakhstan, triggering a showdown between US and Moscow
More than 6,500 arrested since French and Dutch police’s EncroChat hack
BreachForums seized by FBI three months after arrest of alleged admin
BreachForums replacement emerges as robust forum for criminal hackers to trade their spoils | CyberScoop
Genesis Market gang tries to sell platform after FBI disruption
Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn | Cybersecurity Dive
Hacks targeting British exam boards raise fears of students cheating
More than $125 million taken from crypto platform Multichain
Twitter’s chaotic weekend of outages and rate limits leaves more questions than answers
Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking | Ars Technica