March 14, 2023

Risky Business #699 -- BYOD risks ramp up

Listen Later

59 minutes

Threat actors are really enjoying home networks and BYOD these days…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Why our LastPass/DPRK hunch weakened

CISA launches ransomware warning program

Is the Ring data extortion real?

White House flags cloud service security regulation

Pig Butchering overtakes BEC as top cybercrime earner

Much more!

This week’s show is sponsored by Yubico. The company’s COO, Jerrod Chong, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970 | Mandiant

Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW | Mandiant

North Korean hackers target security researchers with a new backdoor | Ars Technica

Ring won’t say if it was hacked after ransomware gang claims attack | TechCrunch

Biden admin’s cloud security problem: ‘It could take down the internet like a stack of dominos’ - POLITICO

CISA unveils ransomware warning pilot for critical infrastructure

Data breach hits lawmakers and staff on Capitol Hill

Hacker posts more D.C. Health Link data online, exposing lawmakers' personal information | CyberScoop

Cancer patient sues medical provider after ransomware group posts her photos online | CyberScoop

Telehealth startup Cerebral shared millions of patients’ data with advertisers | TechCrunch

The FBI Just Admitted It Bought US Location Data | WIRED

‘Pig Butchering’ Scams Are Now a $3 Billion Threat | WIRED

Malware infecting widely used security appliance survives firmware updates | Ars Technica

People Used Facebook's Leaked AI to Create a 'Based' Chatbot that Says the N-Word

OpenAI releases GPT-4, artificial intelligence that can 'see' and do taxes

Australian official demands Russia bring criminal hackers ‘to heel’

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit - Microsoft Security Blog

Sued by Meta, Freenom Halts Domain Registrations – Krebs on Security

Twitter’s Most Important Anti-Censorship Tool Is Currently Dead

CVE-2023-23415 - Security Update Guide - Microsoft - Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

CVE-2023-23397 - Security Update Guide - Microsoft - Microsoft Outlook Elevation of Privilege Vulnerability

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

352352 ratings

March 14, 2023

Risky Business #699 -- BYOD risks ramp up

Listen Later

59 minutes

Threat actors are really enjoying home networks and BYOD these days…

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

Why our LastPass/DPRK hunch weakened

CISA launches ransomware warning program

Is the Ring data extortion real?

White House flags cloud service security regulation

Pig Butchering overtakes BEC as top cybercrime earner

Much more!

This week’s show is sponsored by Yubico. The company’s COO, Jerrod Chong, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970 | Mandiant

Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW | Mandiant

North Korean hackers target security researchers with a new backdoor | Ars Technica

Ring won’t say if it was hacked after ransomware gang claims attack | TechCrunch

Biden admin’s cloud security problem: ‘It could take down the internet like a stack of dominos’ - POLITICO

CISA unveils ransomware warning pilot for critical infrastructure

Data breach hits lawmakers and staff on Capitol Hill

Hacker posts more D.C. Health Link data online, exposing lawmakers' personal information | CyberScoop

Cancer patient sues medical provider after ransomware group posts her photos online | CyberScoop

Telehealth startup Cerebral shared millions of patients’ data with advertisers | TechCrunch

The FBI Just Admitted It Bought US Location Data | WIRED

‘Pig Butchering’ Scams Are Now a $3 Billion Threat | WIRED

Malware infecting widely used security appliance survives firmware updates | Ars Technica

People Used Facebook's Leaked AI to Create a 'Based' Chatbot that Says the N-Word

OpenAI releases GPT-4, artificial intelligence that can 'see' and do taxes

Australian official demands Russia bring criminal hackers ‘to heel’

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit - Microsoft Security Blog

Sued by Meta, Freenom Halts Domain Registrations – Krebs on Security

Twitter’s Most Important Anti-Censorship Tool Is Currently Dead

CVE-2023-23415 - Security Update Guide - Microsoft - Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

CVE-2023-23397 - Security Update Guide - Microsoft - Microsoft Outlook Elevation of Privilege Vulnerability

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,961 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

634 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

368 Listeners

Hacked by Hacked

Hacked

176 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,008 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Click Here by Recorded Future News

Click Here

386 Listeners

Malicious Life by Malicious Life

Malicious Life

923 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,840 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

141 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

182 Listeners

Hacking Humans by N2K Networks

Hacking Humans

309 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

71 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

120 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners