Threat hunters studying the IoCs released in the NSA’s May 2020 advisory on recent Sandworm activity have used them to identify a large amount of infrastructure that looks custom-made to conduct credential phishing attacks against email and social media accounts used in Western countries.
On this week’s show Patrick and Adam discuss the week’s security news, including:
Researchers have exposed gaps in the security and privacy design of OmniBallot - another online voting system used in the United States. It has no privacy policy, and curiously sends user voting preferences to a central server even when a user chooses to print out a completed ballot to return by mail.
There are sound reasons why anxious governments are tasking signals intelligence services to track the progress of COVID-19 vaccines and treatments.
The Soap Box podcasts we run here at Risky.Biz are wholly sponsored affairs – everyone you hear in a soap box podcast, paid to be here.
The idea is vendors get to come on to the show and chat about their products, what their stuff does, the thinking behind it, so on and so on.
Today we’re hearing from Justin McCarthy of strongDM.
strongDM is a bit of a niche player – essentially what they do is make a product that provisions secure access to engineers who need to access various back end services.
On this week’s show Patrick and Adam discuss the week’s security news, including:
The NSA warns that Sandworm, one of Russia’s most formidable offensive cyber operations, has been exploiting a known flaw in the Exim mail transfer agent (MTA) in attacks for at least 10 months. Sandworm - part of Russia’s GRU intelligence unit - were fingered for NotPetya and crippling wiper attacks on Ukraine’s power grid. You don’t want these guys up in your business.
When litigants suing Capital One sought a forensic incident response report into its 2019 data breach, the bank played a reliable card: the report was commissioned by its outside law firm, and therefore subject to attorney-client privilege.
In a surprising move, this week a US District Court rejected the bank’s claim to privilege and demanded the document be handed over, in what appears to set an unsettling precedent.
Regular listeners to the podcast would know that for the last year or so, my cohost Adam Boileau and I have been talking a lot about how governments might involve non law enforcement agencies in a response to the big game ransomware epidemic. To discuss that, we’re joined by Bobby Chesney, the co-founder of the Lawfare blog and a very highly respected figure in US national security circles.
The United Kingdom is pulling together a plan to remove Huawei from its mobile networks within the next three years, following the lead of Australia and the United States.
On this week’s show Patrick and Adam discuss the week’s security news, including:
On this week’s show Patrick and Adam discuss the week’s security news, including:
Russia has some competition in the disinformation game. The US administration’s claim that the COVID-19 outbreak was caused by a laboratory accident was based on a report that has now been thoroughly debunked.
The US Government has spent a decade and tens of billions trying to centralise cybersecurity capability across civilian agencies, without much success. So why now are policymakers so buzzed about CISA?
This isn’t the normal, weekly Risky Business podcast, Soap Box is the wholly sponsored podcast series we do here at Risky.Biz where vendors pay us money to come on to the show and talk about topics that interest them.
Today we’re speaking with Jesse Rothstein, the co-founder and CTO of ExtraHop Networks. ExtraHop is a network security play, but they started off more in the application monitoring and performance space before gradually moving into security over time.
In this interview Jesse talks about network security monitoring, ExtraHop’s history, and what people are using the ExtraHop tech to do during the COVID-19 crisis.
On this week’s show Patrick and Adam discuss the week’s security news, including:
The ongoing march of destructive attacks on medical organisations and a frenzy of espionage interest in COVID-19 vaccine and treatment research is testing the restraint of several governments. This week’s Seriously Risky Biz newsletter and our livestream discuss the ethical and policy dilemmas this race poses.
On this week’s show Patrick and Adam discuss the week’s security news, including:
How’s this for a cogent data point: Catalin Cimpanu at ZDNet had the curiosity and foresight to search for the word ‘ransomware’ in recent SEC filings. Cimpanu found that over 1000 public US companies now list ransomware attacks as a forward-looking risk.
It wasn’t long ago that a company getting popped in a ransomware attack would rate a mention on the Risky Business podcast. Today, it takes a novel attack to raise an eyebrow.
The Australian Government has placed uptake of its COVID-19 contact tracing app front and centre of its strategy to walk back lockdown measures, despite mounting evidence it isn’t fit for purpose.
On Friday, Australia’s Prime Minister Scott Morrison framed uptake of the government’s contact tracing app as one of a few remaining pre-conditions before lockdown measures would be lifted.
However, according to multiple reports, the government’s COVIDSafe app is barely functional on iOS devices, state health authorities don’t yet have access to the contact tracing data it was designed to collect and the app is interfering with some Bluetooth-based medical devices.
