January 24, 2023

Risky Business #692 -- Google search results spew malware, phishing sites

1 hour 5 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Google’s search results have become a malware-riddled sh*tshow

Ransomware payment values dropped by 40% YoY in 2022

Kraken takes over Solaris the old school way

Grand Theft Auto RCE is wreaking havoc

ManageEngine customers are all getting owned

So you know, pretty much business as usual

This week’s show is brought to you by Kroll.

Jim Hung co-leads the special projects and applied research team at Kroll and joins us to talk about the big changes happening in the incident response discipline.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Risky Biz News: Google Search and Ads have a major malware problem

Justice Department Sues Google for Monopolizing Digital Advertising Technologies | OPA | Department of Justice

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

A Sneaky Ad Scam Tore Through 11 Million Phones | WIRED

Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too

International Counter Ransomware Task Force kicks off - The Record from Recorded Future News

Risky Biz News: Dark web mega-hack as Kraken takes over Solaris

Congressman ‘coming for answers’ after ‘no-fly list’ hack - The Record from Recorded Future News

Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code

CVE - CVE-2023-24059

GoTo says hackers stole encrypted backups during November cyberattack - The Record from Recorded Future News

Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack - The Record from Recorded Future News

Pakistani authorities investigating if cyberattack caused nationwide blackout - The Record from Recorded Future News

Royal Mail trials ‘operational workarounds’ following suspected ransomware attack - The Record from Recorded Future News

Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut - The Record from Recorded Future News

Canada's largest alcohol retailer infected with card skimming malware twice since December - The Record from Recorded Future News

Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack - The Record from Recorded Future News

Samsung investigating claims of hack on South Korea systems, internal employee platform - The Record from Recorded Future News

Electronic health record giant NextGen dealing with cyberattack - The Record from Recorded Future News

Cyberattack on Nunavut energy supplier limits company operations - The Record from Recorded Future News

More than 100 Mailchimp accounts accessed via social engineering cyberattack - The Record from Recorded Future News

New T-Mobile Breach Affects 37 Million Accounts – Krebs on Security

Suspected Chinese hackers exploit vulnerability in Fortinet devices - The Record from Recorded Future News

More than 4,400 Sophos firewall servers remain vulnerable to critical exploits | Ars Technica

CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability | Rapid7 Blog

AWS patches bypass bug in CloudTrail API monitoring tool | The Daily Swig

2022 Microsoft Teams RCE

Git security audit reveals critical overflow bugs | The Daily Swig

U.S. arrests Bitzlato cofounder, alleges $700 mln of illicit funds processed | Reuters

FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft — FBI

...more

View all episodes

By Patrick Gray

4.6

354354 ratings