December 06, 2022

Risky Business #688 -- APT41 pickpockets Uncle Sam

Listen Later

1 hour 3 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Samsung, LG Android signing keys pinched

LastPass gets owned again

APT41 steal covid relief money

Amnesty International hacked in Canada

Much, much more

This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware

Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog

100 - Platform certificates used to sign malware - apvi

Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future

Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says

Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future

Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future

New details on commercial spyware vendor Variston

‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future

Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica

ChatGPT shows promise of using AI to write malware - CyberScoop

DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future

Kris Nóva: "We are currently investigating…" - Hachyderm.io

Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica

Spam is drowning out Twitter posts about Covid protests in China

French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future

Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com

Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future

Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald

UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future

Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice

Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future

Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica

Go SAML library vulnerable to authentication bypass | The Daily Swig

Okta and Phishing Resistant Authentication - YouTube

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

354354 ratings

December 06, 2022

Risky Business #688 -- APT41 pickpockets Uncle Sam

Listen Later

1 hour 3 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Samsung, LG Android signing keys pinched

LastPass gets owned again

APT41 steal covid relief money

Amnesty International hacked in Canada

Much, much more

This week’s show is brought to you by Airlock Digital. Its CEO and CTO join host Patrick Gray this week to talk about admin to kernel as a security boundary, and the limitations of kernel driver blocklists.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Risky Biz News: Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware

Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog

100 - Platform certificates used to sign malware - apvi

Hackers accessed LastPass customer details using information stolen in August hack - The Record by Recorded Future

Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says

Amnesty International breach linked to Chinese government, investigation finds - The Record by Recorded Future

Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch - The Record by Recorded Future

New details on commercial spyware vendor Variston

‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter - The Record by Recorded Future

Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices | Ars Technica

ChatGPT shows promise of using AI to write malware - CyberScoop

DHS cyber safety board to probe Lapsus$ hacks - The Record by Recorded Future

Kris Nóva: "We are currently investigating…" - Hachyderm.io

Hive Social turns off servers after researchers warn hackers can access all data | Ars Technica

Spam is drowning out Twitter posts about Covid protests in China

French hospital complex suspends operations, transfers patients after ransomware attack - The Record by Recorded Future

Rackspace Confirms Ransomware Attack as It Tries to Determine If Data Was Stolen | SecurityWeek.Com

Guatemala's Foreign Ministry investigating ransomware attack - The Record by Recorded Future

Ransomware attacks: Privacy Commissioner plans investigation as Justice, Health hit - NZ Herald

UK introducing mandatory cyber incident reporting for managed service providers - The Record by Recorded Future

Florida Man Sentenced To 18 Months For Theft Of Over $20 Million In SIM Swap Scheme | USAO-SDNY | Department of Justice

Binance freezes $3 million worth of crypto stolen in Ankr hack - The Record by Recorded Future

Play app with 100K downloads booted for forwarding texts to developer server | Ars Technica

Go SAML library vulnerable to authentication bypass | The Daily Swig

Okta and Phishing Resistant Authentication - YouTube

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,974 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

366 Listeners

Hacked by Hacked

Hacked

176 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,006 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Click Here by Recorded Future News

Click Here

408 Listeners

Malicious Life by Malicious Life

Malicious Life

925 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,876 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

166 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners