December 13, 2022

Risky Business #689 -- FBI baulks at Apple's iCloud encryption push

56 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Apple to introduce user-encrypted backups, FBI is sad

Twitter ices e2ee plans for DMs

RackSpace is getting sued over its hosted Exchange ransomware incident

Dodgy driving: Microsoft signs some shady stuff

Japan to change laws, release the Shibas

A look at the US NDAA

Much, much more

This week’s show is sponsored by Obsidian Security. Obsidian co-founder Ben Johnson joins the show this week to talk through SaaS configuration security and visibility/monitoring.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

" rel="noopener noreferrer">Apple Expands End-to-End Encryption to iCloud Backups | WIRED

" rel="noopener noreferrer">FBI Calls End-to-End Encryption 'Deeply Concerning' as Privacy Groups Hail Apple's Advanced Data Protection as a Victory for Users - MacRumors

" rel="noopener noreferrer">Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED

" rel="noopener noreferrer">Elon Musk Wanted Twitter To Encrypt Messages. His New Safety Chief Says It’s On Hold

" rel="noopener noreferrer">I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant

" rel="noopener noreferrer">Japan to amend laws to allow for offensive cyber operations against foreign hackers - The Record by Recorded Future

" rel="noopener noreferrer">Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response

" rel="noopener noreferrer">New Ransom Payment Schemes Target Executives, Telemedicine – Krebs on Security

" rel="noopener noreferrer">Hackers Planted Files to Frame Indian Priest Who Died in Custody | WIRED

" rel="noopener noreferrer">Scammers Are Scamming Other Scammers Out of Millions of Dollars | WIRED

" rel="noopener noreferrer">Risky Biz News: Disgruntled member doxes and extorts URSNIF gang

" rel="noopener noreferrer">U.S. agency warns that hackers are going after Citrix networking gear | Reuters

" rel="noopener noreferrer">Police raid offices of Predator spyware seller Intellexa | eKathimerini.com

" rel="noopener noreferrer">$858 billion defense bill focuses heavily on cyber. These are some highlights.

" rel="noopener noreferrer">Australia and Vanuatu sign defense and cybersecurity pact - The Record by Recorded Future

" rel="noopener noreferrer">Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity

" rel="noopener noreferrer">Ukrainian railway, state agencies allegedly targeted by DolphinCape malware - The Record by Recorded Future

" rel="noopener noreferrer">US Dept of Health warns of ‘increased’ Royal ransomware attacks on hospitals - The Record by Recorded Future

" rel="noopener noreferrer">‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack - The Record by Recorded Future

" rel="noopener noreferrer">Metropolitan Opera dealing with cyberattack that shut down website, box office - The Record by Recorded Future

" rel="noopener noreferrer">LockBit ransomware crew claims attack on California Department of Finance

" rel="noopener noreferrer">PLAY ransomware group claims responsibility for Antwerp attack as second Belgian city confirms new incident - The Record by Recorded Future

" rel="noopener noreferrer">Popular HR and Payroll Company Sequoia Discloses a Data Breach | WIRED

" rel="noopener noreferrer">Internet Explorer 0-day exploited by North Korean actor APT37

" rel="noopener noreferrer">Four accused in business email compromise scheme which reaped millions from victims - The Record by Recorded Future

" rel="noopener noreferrer">JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs | The Daily Swig

Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking | WIRED

...more

View all episodes

By Patrick Gray

4.6

352352 ratings