Newsletters

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

A US-China trade war and a global pandemic have in a few short months accelerated a drift into 'network sovereignty': a world in which the internet is no longer a truly open, global network.

US President Donald Trump signed two executive orders on Friday that will ban Americans from “transacting” with WeChat and TikTok, two consumer apps used by well over a billion people.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

CORRECTION(S): Last week's newsletter erroneously reported that the US ordered two Chinese consulates to close down. Only one Chinese consulate, in Houston, was subject to this order. A second consulate was ordered closed: the US consulate in Chengdu was shuttered by the Chinese government. The same story misspelled ‘Guangdong’ province. A big thanks to the readers that spotted these clangers so quickly.

Donald Trump’s personal involvement in threats to ban TikTok is distracting from any legitimate national security concerns the video sharing app might present to the United States.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

US authorities have unsealed the indictment of two prolific state-sponsored Chinese hackers accused of a ten-year espionage and cybercrime spree that pilfered data from dozens of organisations across the globe.

The indictment details how Li Xiaoyu and Dong Jiazhi were routinely tasked by Guangdong State Security Department (part of China's Ministry of State Security) with the theft of secrets of national significance. Li and Dong were essentially independent contractors who also dabbled in cybercrime as a side-hustle.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

If it's any consolation, the most capable infosec teams in the world are having just as much trouble dealing with the current onslaught of high severity vulnerabilities as you are.

It's exceedingly rare for severe vulnerabilities in so many critical enterprise systems to be made public and actively exploited in such a compressed period of time.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

A critical, trivially exploitable vulnerability in the management interface of F5’s Big-IP devices (CVE-2020-5902) is the latest in a string of nasty bugs in networking equipment critical to enterprise computing.

Like last year’s Citrix NetScaler and Pulse Secure vulnerabilities, this one is going to hurt.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Three US Senators have put forward a bill that apes the powers of the UK Investigatory Powers Act and Australia's Assistance and Access Act, while omitting many of the (albeit weak) safeguards that protect that power from being abused.

The Lawful Access to Encrypted Data Act of 2020, introduced by Republican Senators Lindsay Graham, Tom Cotton and Marsha Blackburn, compels device manufacturers and digital service providers to provide access to user data when served with a warrant. It’s the Nike approach: Just do it!

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The Australian Government has lost patience with the cyber shenanigans of its largest trading partner, prompting the Prime Minister to make it publicly known that government and industry are becoming more frequent targets of state-backed cyber espionage.

Prime Minister Scott Morrison told reporters that an unnamed state-based actor is engaged in a campaign targeting all levels of government and private sector entities. An accompanying set of indicators released by the Australian Cyber Security Centre left little doubt as to who is responsible for the attacks.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Three indicators of compromise released in the NSA's May 2020 advisory [pdf] on recent Sandworm activity reveal a lot more about Russia's formidable military hacking teams than a one-off, opportunistic campaign to hack vulnerable Exim mail transfer agents (MTAs).

Threat hunters studying those IoCs have used them to identify a large amount of infrastructure that looks custom-made to conduct credential phishing attacks against email and social media accounts used in Western countries.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Program at the Hewlett Foundation.

At the onset of the COVID-19 crisis, Risky Business predicted then tracked an increase in cyber-enabled espionage of medical research institutions.

We've been doing a lot of thinking about why. The urgent search for vaccines and treatments for the coronavirus appears a globally-organised, open and collaborative effort. Why do national governments feel compelled to hack research institutions to get the jump on progress? What national advantage does that information get them?

Your weekly dose of Seriously Risky Business news is supported by the Cyber Program at the Hewlett Foundation.

A US District Court has challenged the long-standing practice of using legal privilege to protect documents created during investigations into security incidents, by ruling that Capital One hand over a Mandiant IR report into its 2019 data breach.

Capital One argued that because its legal counsel commissioned the Mandiant report, the report's findings should be subject to legal privilege.