Risky Business #724 -- Exploitation moves away from Microsoft, Google and Apple products

Bugs in enterprise crapware cemented as the new black...
04 Oct 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Ransomware crews target WS_FTP and Jetbrains servers
  • Global energy supply shapes up as big target
  • The Dossier Center drops another banger
  • Indian nationalists DDoS Canadian targets
  • A look at the Exim drama
  • Much, much more

This week’s show is brought to you by Kroll Cyber. George Glass is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Multiple exploits hit Progress Software’s WS_FTP Server | Cybersecurity Dive
Progress Software discloses 8 vulnerabilities in one of its other file-transfer services | Cybersecurity Dive
Progress Software says business impact ‘minimal’ from MOVEit attack spree | Cybersecurity Dive
Гостайна по электричеству - Досье
Russian flight booking system suffers ‘massive’ cyberattack
Cyberattacks hit military, Parliament websites as India-based group targets Canada | CBC News
NATO investigating breach, leak of internal documents | CyberScoop
Chinese hackers stole emails from US State Dept in Microsoft breach, Senate staffer says | Reuters
FBI warns energy sector of likely increase in targeting by Chinese, Russian hackers
Cisco routers abused by China-linked hackers against US, Japan companies | Cybersecurity Dive
Suspected China-based hackers target Middle Eastern telecom, Asian government
North Korean hackers posed as Meta recruiter on LinkedIn | CyberScoop
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
Ransomware gangs destroying data, using multiple strains during attacks: FBI
Critical vulnerabilities in Exim threaten over 250k email servers worldwide | Ars Technica
NSA is creating a hub for AI security, Nakasone says
Privacy watchdog recommends court approval for FBI searches of spy data | CyberScoop
Vulnerable Arm GPU drivers under active exploitation. Patches may not be available | Ars Technica
‘Snatch’ Ransom Group Exposes Visitor IP Addresses – Krebs on Security
IronNet, founded by former NSA director, shuts down and lays off staff | TechCrunch