Risky Business Weekly (775): Cl0p is back, SEC hack disclosures disappoint

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

  • The SEC’s cyber incident reporting isn’t very exciting after all
  • China Telecom on the way to being thrown out of the US
  • The NSA/Cybercom might get two separate hats
  • The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
  • (Yet another) File upload bug in Struts makes Java admins weep
  • And much, much more.

This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing.

Show notes:

Our shiny new website: https://risky.biz/

SEC cyber incident reporting rule generates 71 filings in 11 months | Cybersecurity Dive https://www.cybersecuritydive.com/news/sec-cyber-rule-one-year/735249/

US senators, green groups call for accountability over hacking of Exxon critics | Reuters https://www.reuters.com/business/energy/us-senators-green-groups-call-accountability-over-hacking-exxon-critics-2024-12-12/

nytimes.com https://www.nytimes.com/2024/12/16/us/politics/biden-administration-retaliation-china-hack.html

Unfinished business for Trump: Ending the Cyber Command and NSA ‘dual hat’ | The Record from Recorded Future News https://therecord.media/cyber-command-nsa-dual-hat-trump

EU opens investigation into TikTok and the Romanian election – POLITICO https://www.politico.eu/article/eu-opens-investigation-into-tiktok-over-romanian-election/

Clop ransomware claims responsibility for Cleo data theft attacks https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks/

CISA warns of ransomware gangs exploiting Cleo, CyberPanel bugs | The Record from Recorded Future News https://therecord.media/cisa-ransomware-cleo-cyberpanel-bugs

CVE-2024-55956 | AttackerKB https://attackerkb.com/topics/geR0H8dgrE/cve-2024-55956/rapid7-analysis

Apache issues patches for critical Struts 2 RCE bug • The Register https://www.theregister.com/2024/12/12/apache_struts_2_vuln/

Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers | The Record from Recorded Future News https://therecord.media/kadokawa-japan-reported-ransomware-payment

reuters.com https://www.reuters.com/markets/deals/israeli-spyware-firm-paragon-acquired-by-us-investment-group-report-says-2024-12-16/

How Cryptocurrency Turns to Cash in Russian Banks – Krebs on Security https://krebsonsecurity.com/2024/12/how-cryptocurrency-turns-to-cash-in-russian-banks/

Arizona man arrested for alleged involvement in violent online terror networks | CyberScoop https://cyberscoop.com/baron-martin-arrested-for-child-abuse-material-cyberstalking-764-cvlt-networks/

Russia bans Viber, claiming app facilitates terrorism and drug trafficking | The Record from Recorded Future News https://therecord.media/russia-bans-viber-terrorism-trafficking

Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO | TechCrunch https://techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/