Newsletters

Written content from the Risky Business Media team

Risky Biz News: Russia sentences REvil members to prison. Yes! Really!

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Russian authorities have sentenced four members of the REvil ransomware gang to prison on hacking and money laundering charges.

The sentence was announced last week by a St. Petersburg military court in a case that has taken more than two years to unfold.

Artem Zayets was sentenced to 4.5 years, Alexey Malozemov to five years, Daniil Puzyrevsky to 5.5 years, and Ruslan Khansvyarov to six years in a general regime penal colony.

Risky Biz News: US offers reward for suspected Tortoiseshell APT members

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The US government is offering a $10 million reward for information on four members of an Iranian hacking group named Shahid Hemmat.

The group allegedly "works" for Iran's Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), an agency inside the Iranian armed forces that specializes in cyber operations.

US officials say the four—Manuchehr Akbari, Amir Hosein Hoseini, Mohammad Hosein Moradi, and Mohammad Reza Rafatinezhad—conducted cyber and intelligence operations that targeted US critical infrastructure.

The EU Throws a Hand Grenade on Software Liability

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

The EU and US are taking very different approaches to the introduction of liability for software products. While the US kicks the can down the road, the EU is rolling a hand grenade down it to see what happens. 

Under the status quo, the software industry is extensively protected from liability for defects or issues and this results in systemic underinvestment in product security. Authorities believe that by making software companies liable for damages when they peddle crapware, those companies will be motivated to improve product security. 

Introducing software liability is a big idea of the Biden administration's 2023 Cyber Security Strategy. Per the strategy:

Risky Biz News: Apple wants to reduce the lifespan of TLS certificates to 45 days

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Apple has put forward a proposal to gradually reduce the lifespan of TLS certificates from the current 398 days to only 45.

The planned move will take place across four phases between September next year and April 2027.

TLS lifespan will be reduced to 200 days in September 2025, to 100 in September 2026, and just 45 in April 2027.

Risky Biz News: The EU will make vendors liable for bugs

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The European Union has updated its product liability law to cover software and associated risks, like security flaws and planned obsolescence.

The new EU Directive on Liability for Defective Products [PDF] replaces one of the EU's oldest directives and will provide consumers with the legal tools to hold companies liable in court if they sell defective products.

The biggest change to the old directive is the addition of software products to the list of covered goods.

Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The US government has charged two members of the Anonymous Sudan hacking group after the FBI secretly seized server infrastructure and disrupted its operations in March this year.

The indictment names two brothers—Ahmed Omer, 22, and Alaa Omer, 27—as the two main individuals behind the group's operations.

The two are accused of launching thousands of DDoS attacks against government agencies, hospitals, critical infrastructure, and private businesses all over the world.

Russia's GRU Thugs Double Down on Recruiting Cybercrooks

Presented by

Tom Uren
Tom Uren

Policy & Intelligence

Several strands of evidence suggest Russia's use of cybercriminals to support its war effort in Ukraine is now planned and deliberate rather than ad hoc and opportunistic. 

Russia's strategy to harness cybercriminal resources has evolved over the duration of the war. Prior to the conflict, connections between the Russian state and cybercriminals appeared to be opportunistic and based on relationships and connections between individuals.

However, a Mandiant report from April this year suggested that Sandworm (aka Unit 74455 of the GRU), was acquiring tools and bulletproof hosting services from criminal marketplaces. Now Russian intelligence services are taking the next logical step and are directly acquiring people from the criminal talent pool.  

Risky Biz News: China says the US is framing other countries for espionage operations

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

The Chinese government has put out another report of questionable quality this week, claiming that the US is trying to smear poor lil' China as a bad cyber actor.

Beijing officials say that the US is actually the country behind most cyber espionage operations today, and they possess a "cyber weapon" that can mislead investigators and frame other states for its intrusions.

The report [English PDF] is the third in a series of reports that China's National Computer Virus Emergency Response Center (CVERC) has published on the topic this year, after previous reports in April and July.

Risky Biz News: Pro-Kremlin disinfo cluster disrupted ahead of Moldova's election

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Meta has taken down a network of fake accounts engaged in a disinformation campaign targeting Moldova a week before the small Eastern European country is set to hold presidential elections and a referendum to join the EU.

The network used fake accounts to manage pages that posed as "independent" news entities.

They posted content primarily in Russian that criticized the country's current president Maia Sandu, Moldova's pro-EU politicians, and the country's ever-increasing closer ties to neighboring Romania.

Risky Biz News: Dutch government to physically replace tens of thousands of hackable traffic lights

Presented by

Catalin Cimpanu
Catalin Cimpanu

News Editor

Dutch authorities will have to replace tens of thousands of insecure road traffic lights over the next six years by 2030.

Officials are taking this extreme and very expensive step after a security researcher found a vulnerability that could allow threat actors to change traffic lights on demand.

The issue was discovered earlier this year by Alwin Peppels, a security engineer for Dutch security firm Cyber Seals.