Risky Business #728 -- The Citrixbleed ransomware disaster

PLUS: Why we secretly stan DPRK APTs...
29 Nov 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • The Citrixbleed ransomware crisis
  • Why the FBI hasn’t arrested Scattered Spider members
  • DPRK is in your supply chains
  • Microsoft has a brainwave and buys a HSM
  • When civil war meets pig butchering
  • Much, much more

This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
Australian ports operator recovering after major cyber incident
Minister lashes DP World hack failure
Gang says ICBC paid ransom over hack that disrupted US Treasury market | Reuters
Cyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states | CNN Politics
Fidelity National Financial investigating cyberattack that led to service disruption | Cybersecurity Dive
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
North Texas water utility serving 2 million hit with cyberattack
Healthcare manufacturer Henry Schein expects platform restored this week after cyberattack
High-profile ransomware gang suspects arrested in Ukraine
FBI struggled to disrupt dangerous casino hacking gang, cyber responders say | Reuters
Chinese spies had acces to Dutch chip maker NXP's systems for over two years: report | NL Times
North Korean supply chain attacks prompt joint warning from Seoul and London
North Korean attack on CyberLink impacted devices around the world, Microsoft says
North Korean ‘BlueNoroff’ group targeting financial institutions with macOS malware
Microsoft upgrades security for signing keys in wake of Chinese breach | CyberScoop
(14) Microsoft Should Look to the Past for Its Security Future
Sacked Ukrainian cyber chief released on bail amid corruption probe
Second top Ukrainian cyber official arrested amid corruption probe
Report claims to reveal identity of Russian hacktivist leader
Rebel offensive in Myanmar takes aim at online scam industry
Myanmar Rebel Offensive Helps China's Cybercrime Crackdown
Shadowy hacking group targeting Israel shows outsized capabilities | CyberScoop
Nearly two dozen Danish energy companies hacked through firewall bug in May
Senate proposes surveillance bill without FBI warrant requirement
The FCC says new rules will curb SIM swapping. I’m pessimistic | Ars Technica
EU urged to drop new law that could allow member states to intercept and decrypt global web traffic
Google researchers discover 'Reptar,’ a new CPU vulnerability | Google Cloud Blog
Spavor blames fellow prisoner Kovrig for Chinese detention, alleges he was used for intelligence gathering - The Globe and Mail
The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story | WIRED