Newsletters

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Uber's former chief security officer Joe Sullivan has been charged with obstruction and misprision (concealing evidence of a felony) over his role in Uber's handling of a 2016 data breach.

The US Department of Justice alleges in a criminal complaint that while Uber CSO, Sullivan withheld information about an ongoing security incident from Federal Trade Commission (FTC) investigators, who were investigating the ride-sharing company over a 2014 breach that pre-dated Sullivan's tenure.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The NSA’s exposure of Linux malware developed by Russia’s GRU is capturing the lion’s share of attention this week, but the issue affecting everyone right now is something less flashy but a lot more urgent: OAuth phishing.

This week we learned that attackers stole 28,000 emails from the SANS Institute after tricking one of its employees into installing a malicious Microsoft 365 app that allowed access to their mailbox.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

A US-China trade war and a global pandemic have in a few short months accelerated a drift into 'network sovereignty': a world in which the internet is no longer a truly open, global network.

US President Donald Trump signed two executive orders on Friday that will ban Americans from “transacting” with WeChat and TikTok, two consumer apps used by well over a billion people.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

CORRECTION(S): Last week's newsletter erroneously reported that the US ordered two Chinese consulates to close down. Only one Chinese consulate, in Houston, was subject to this order. A second consulate was ordered closed: the US consulate in Chengdu was shuttered by the Chinese government. The same story misspelled ‘Guangdong’ province. A big thanks to the readers that spotted these clangers so quickly.

Donald Trump’s personal involvement in threats to ban TikTok is distracting from any legitimate national security concerns the video sharing app might present to the United States.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

US authorities have unsealed the indictment of two prolific state-sponsored Chinese hackers accused of a ten-year espionage and cybercrime spree that pilfered data from dozens of organisations across the globe.

The indictment details how Li Xiaoyu and Dong Jiazhi were routinely tasked by Guangdong State Security Department (part of China's Ministry of State Security) with the theft of secrets of national significance. Li and Dong were essentially independent contractors who also dabbled in cybercrime as a side-hustle.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

If it's any consolation, the most capable infosec teams in the world are having just as much trouble dealing with the current onslaught of high severity vulnerabilities as you are.

It's exceedingly rare for severe vulnerabilities in so many critical enterprise systems to be made public and actively exploited in such a compressed period of time.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

A critical, trivially exploitable vulnerability in the management interface of F5’s Big-IP devices (CVE-2020-5902) is the latest in a string of nasty bugs in networking equipment critical to enterprise computing.

Like last year’s Citrix NetScaler and Pulse Secure vulnerabilities, this one is going to hurt.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Three US Senators have put forward a bill that apes the powers of the UK Investigatory Powers Act and Australia's Assistance and Access Act, while omitting many of the (albeit weak) safeguards that protect that power from being abused.

The Lawful Access to Encrypted Data Act of 2020, introduced by Republican Senators Lindsay Graham, Tom Cotton and Marsha Blackburn, compels device manufacturers and digital service providers to provide access to user data when served with a warrant. It’s the Nike approach: Just do it!

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The Australian Government has lost patience with the cyber shenanigans of its largest trading partner, prompting the Prime Minister to make it publicly known that government and industry are becoming more frequent targets of state-backed cyber espionage.

Prime Minister Scott Morrison told reporters that an unnamed state-based actor is engaged in a campaign targeting all levels of government and private sector entities. An accompanying set of indicators released by the Australian Cyber Security Centre left little doubt as to who is responsible for the attacks.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Three indicators of compromise released in the NSA's May 2020 advisory [pdf] on recent Sandworm activity reveal a lot more about Russia's formidable military hacking teams than a one-off, opportunistic campaign to hack vulnerable Exim mail transfer agents (MTAs).

Threat hunters studying those IoCs have used them to identify a large amount of infrastructure that looks custom-made to conduct credential phishing attacks against email and social media accounts used in Western countries.