Risky Business Podcast
February 21, 2024
Risky Business #737 -- LockBit gets absolutely rekt
Presented by
CEO and Publisher
Technology Editor
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
- LockBit has been taken down by law enforcement
- Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON
- GRU gets its Moobot network shutdown
- Signal adding usernames is… complicated
- Much, much more
In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Windows policies are set and forget, but sadly, this is not so.
Brought to you by Devicie
Cloud-native device management platform
Show notes
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates – Krebs on Security
Law enforcement disrupt world’s biggest ransomware operation
Shanghai Anxun’s information is unreliable and is a trap for national government agencies.
China spy agency renews foreign cyber intelligence warning after data breaches
US Justice Department says it disrupted Russian intelligence hacking network | Reuters
Several Ukrainian media outlets attacked by Russian hackers
Polish PM says previous ruling party used Pegasus spyware against ‘very long’ list of victims
Hackers are targeting Asian bank accounts using stolen facial recognition data
Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private | WIRED
Code injection or backdoor: A new look at Ivanti’s CVE-2021-44529
“the "AB" trigger has similar vibes to the Unreal IRCd and ProFTPD backdoors of the same timeframe.”
FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING
National Security Agency Announces Retirement of Cybersecurity Director
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard