Newsletters

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The US Department of Justice has doxxed over 50 state-sponsored hackers from China and Iran in a spree of indictments and sanctions.

The indictments exposed 'front companies' for intelligence services in both countries that engage in cybercrime and espionage operations. They included:

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Despite repeated attempts by this newsletter to rename CISA the "Critical Infrastructure Security Agency", the stubborn bureaucrats and LOSERS in Congress want to stick with "Cybersecurity and Infrastructure Security Agency". Our name works better, but whatever. (Apologies for the repeated error).

Eight weeks out from the 2020 Presidential election, the United States hasn't had to contend with the 'hack and leak' operations that marred the lead-up to the 2016 election. Yet.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Chile's national CSIRT placed the country on 'high alert' yesterday after one of the country's largest banks was crippled by a ransomware attack.

On Sunday, Banco Estado announced that malicious software has been detected on its systems over the weekend. The bank reassured clients that digital channels (ATMs, websites, apps) were unaffected but encouraged them to avoid branches the following day. Despite these assurances, hundreds of users complained on social media that some online banking features were not working.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The US Government has stepped up its campaign to expose North Korea's state-backed cybercrime operations, this week doxxing malware the DPRK uses to cash out attacks on banks and the techniques it uses to launder funds stolen from cryptocurrency exchanges.

Four US Government agencies co-authored an update to a 2018 report on how North Korea's "BeagleBoyz" steals funds from ATMs. “BeagleBoyz” is IC-speak for a cybercrime unit within North Korea's General Reconnaissance Bureau accused of stealing up to US$2 billion for Kim Jong-Un's regime.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

Uber's former chief security officer Joe Sullivan has been charged with obstruction and misprision (concealing evidence of a felony) over his role in Uber's handling of a 2016 data breach.

The US Department of Justice alleges in a criminal complaint that while Uber CSO, Sullivan withheld information about an ongoing security incident from Federal Trade Commission (FTC) investigators, who were investigating the ride-sharing company over a 2014 breach that pre-dated Sullivan's tenure.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

The NSA’s exposure of Linux malware developed by Russia’s GRU is capturing the lion’s share of attention this week, but the issue affecting everyone right now is something less flashy but a lot more urgent: OAuth phishing.

This week we learned that attackers stole 28,000 emails from the SANS Institute after tricking one of its employees into installing a malicious Microsoft 365 app that allowed access to their mailbox.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

A US-China trade war and a global pandemic have in a few short months accelerated a drift into 'network sovereignty': a world in which the internet is no longer a truly open, global network.

US President Donald Trump signed two executive orders on Friday that will ban Americans from “transacting” with WeChat and TikTok, two consumer apps used by well over a billion people.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

CORRECTION(S): Last week's newsletter erroneously reported that the US ordered two Chinese consulates to close down. Only one Chinese consulate, in Houston, was subject to this order. A second consulate was ordered closed: the US consulate in Chengdu was shuttered by the Chinese government. The same story misspelled ‘Guangdong’ province. A big thanks to the readers that spotted these clangers so quickly.

Donald Trump’s personal involvement in threats to ban TikTok is distracting from any legitimate national security concerns the video sharing app might present to the United States.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

US authorities have unsealed the indictment of two prolific state-sponsored Chinese hackers accused of a ten-year espionage and cybercrime spree that pilfered data from dozens of organisations across the globe.

The indictment details how Li Xiaoyu and Dong Jiazhi were routinely tasked by Guangdong State Security Department (part of China's Ministry of State Security) with the theft of secrets of national significance. Li and Dong were essentially independent contractors who also dabbled in cybercrime as a side-hustle.

Your weekly dose of Seriously Risky Business news is supported by the Cyber Initiative at the Hewlett Foundation.

If it's any consolation, the most capable infosec teams in the world are having just as much trouble dealing with the current onslaught of high severity vulnerabilities as you are.

It's exceedingly rare for severe vulnerabilities in so many critical enterprise systems to be made public and actively exploited in such a compressed period of time.