Newsletters

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The Biden White House's ransomware summit kicked off today and it wasn't the empty stunt we expected it to be.

We had been wondering what prompted officials from the Netherlands, UK and Australia to signal a more aggressive, military and intelligence agency-backed response to the ransomware threat, and now we know: They were sharpening up their policy positions ahead of the White House-coordinated meeting.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Keyword and geofence warrants that tap into the panopticon of Google's data holdings feel a bit creepy, but these searches can be both targeted and proportional. They are a valuable investigative tool and should have oversight and limits applied to them rather than being banned.

Geofence warrants provide law enforcement with details of devices (and hence potential suspects) at the scene of a crime at a specific time. These warrants have been used extensively to identify participants in the January 6 Capitol riots and are increasingly common — Google received over 11,000 of these warrants in 2020.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Chinese firms are so closely interlinked with the Chinese government that they cannot be trusted in critical infrastructure. The release of two Canadians held by China immediately after Huawei CFO Meng Wanzhou struck a plea deal and returned to China, proves it.

"Huawei Princess" Meng Wanzhou, Huawei founder Ren Zhengfei's daughter, had been under house arrest in her two Vancouver mansions for three years as the US sought her extradition in relation to Huawei's alleged sanction-breaking dealings with Iran. Two Canadian citizens, Michael Kovrig and Michael Spavor (often referred to as the two Michaels) were detained in China in apparent retaliation nine days after Meng was arrested in Canada in December 2018.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The censorship battle between tech companies and illiberal governments is kicking off in earnest, and so far the tech firms are being completely pantsed.

The cold, hard fact is state power trumps technology companies' content policies. This week we saw this truth in action when Russian authorities forced tech platforms to take down apps and content promoting jailed Russian opposition leader Aleksei Navalny's election-related efforts.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

It's counterintuitive, but it's likely the booming number of 0day exploits being captured in the wild is good news.

Security Week has documented 66 0days exploited in the wild so far this year; 15 targeted iOS and macOS, 20 affected Microsoft products including Exchange, Office, the Windows print spooler, etc. Just this week Google, Apple and Microsoft all patched 0days that were being actively exploited.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Apple has backflipped on its plan to implement on-device scanning for known Child Sexual Abuse Material (CSAM) with the introduction of iOS15.

"Based on feedback from customers, advocacy groups, researchers, and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features," a company release read.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

As this newsletter speculated in mid-August, there's mounting evidence an ongoing cyber campaign in Belarus is the work of genuine hacktivists. What's missing from all the media coverage we've seen, however, is a history lesson on all the hacktivism that wasn't.

State actors have an established record of pretending to be hacktivists and misattribution is common, at least initially. Structured analysis is useful when trying to understand what is actually going on.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

It's been nearly four months since the DarkSide ransomware attack against America's Colonial Pipeline -- and all the tough talk from America resulting from that attack -- but there's little evidence much has changed since.

We polled several organisations that use different methods for tracking ransomware:

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Multiple ransomware gangs are exploiting Microsoft's PrintNightmare bug.

There's confusion about what exactly PrintNightmare is, but in June, July and August a series of bugs were discovered relating to Windows printing functions and services that allowed either local or remote privilege escalation.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

It's a bad time to be a Belarusian KGB agent.

An activist group calling itself the Belarusian Cyber Partisans has conducted escalating compromises since September 2020, aiming to disrupt the Belarusian security apparatus as citizens agitate for political change. This week the hacktivists revealed the extent of their compromise of information pertaining to the Belarusian security apparatus and, hoo boy, they really have the goods.