March 21, 2023

Risky Business #700 -- Yevgeny Prigozhin's empire gets owned

Listen Later

57 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news in front of a live audience at AISA’s CyberCon in Canberra.

They cover:

Yevgeny Prigozhin’s entire enterprise got majorly owned

Kremlin bans iPhones among President’s staff

A look at those Android handset baseband bugs (woof)

A discussion of the acropalypse issue

Why you need to sort out your egress filtering in light of the latest Outlook bug

Shanna Daly joins us on stage to talk about why the infosec industry sucks

Plus much much more

This week’s show is sponsored by Stairwell. Mike Wiacek, Stairwell’s founder, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Dossier Center Investigation: Prigozhin's Cyber Troops

Unwanted communications - Newspaper Kommersant No. 46 (7491) dated 03/20/2023

Google tells users of some Android phones: Nuke voice calling to avoid infection | Ars Technica

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets

Severe exploit could expose sensitive data on Pixel screenshots previously cropped

Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug

Ransomware gang exploited a zero-day in Microsoft security feature, Google says

Feds Charge NY Man as BreachForums Boss “Pompompurin” – Krebs on Security

After BreachForums arrest, new site administrator says the platform will live on

3xp0rt on Twitter: "BreachForums is offline everywhere https://t.co/Q2o133e9Oy" / Twitter

Two U.S. Men Charged in 2022 Hacking of DEA Portal – Krebs on Security

Crypto ‘Mixer’ Laundered $700 Million For Customers, Including Russian And North Korean Spies, DOJ Says

China-linked hackers exploit Fortinet zero-day in new spying campaign

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA

Clop ransomware is victimizing GoAnywhere MFT customers

Security firm Rubrik is latest to be felled by GoAnywhere vulnerability | Ars Technica

Crypto ATM manufacturer General Bytes hacked, at least $1.5 million stolen

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

364364 ratings

March 21, 2023

Risky Business #700 -- Yevgeny Prigozhin's empire gets owned

Listen Later

57 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news in front of a live audience at AISA’s CyberCon in Canberra.

They cover:

Yevgeny Prigozhin’s entire enterprise got majorly owned

Kremlin bans iPhones among President’s staff

A look at those Android handset baseband bugs (woof)

A discussion of the acropalypse issue

Why you need to sort out your egress filtering in light of the latest Outlook bug

Shanna Daly joins us on stage to talk about why the infosec industry sucks

Plus much much more

This week’s show is sponsored by Stairwell. Mike Wiacek, Stairwell’s founder, is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Dossier Center Investigation: Prigozhin's Cyber Troops

Unwanted communications - Newspaper Kommersant No. 46 (7491) dated 03/20/2023

Google tells users of some Android phones: Nuke voice calling to avoid infection | Ars Technica

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets

Severe exploit could expose sensitive data on Pixel screenshots previously cropped

Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug

Ransomware gang exploited a zero-day in Microsoft security feature, Google says

Feds Charge NY Man as BreachForums Boss “Pompompurin” – Krebs on Security

After BreachForums arrest, new site administrator says the platform will live on

3xp0rt on Twitter: "BreachForums is offline everywhere https://t.co/Q2o133e9Oy" / Twitter

Two U.S. Men Charged in 2022 Hacking of DEA Portal – Krebs on Security

Crypto ‘Mixer’ Laundered $700 Million For Customers, Including Russian And North Korean Spies, DOJ Says

China-linked hackers exploit Fortinet zero-day in new spying campaign

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA

Clop ransomware is victimizing GoAnywhere MFT customers

Security firm Rubrik is latest to be felled by GoAnywhere vulnerability | Ars Technica

Crypto ATM manufacturer General Bytes hacked, at least $1.5 million stolen

...more

More shows like Risky Business

Hacked by Hacked

Hacked

187 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,007 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

651 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,019 Listeners

Smashing Security by Graham Cluley

Smashing Security

319 Listeners

Click Here by Recorded Future News

Click Here

417 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,057 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

179 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

188 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

139 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

44 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

168 Listeners