April 18, 2023

Risky Business #702 -- 3CX: It's like SolarWinds, but stupider

1 hour 1 minute

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

Why 3CX was the dumbest supply chain attack we’ve seen

Why Wiz’s AzureAD research was a showstopper that didn’t get the attention it deserved

How attackers are burning down cloud infrastructure

The latest from the world of spyware

Much, much more

This week’s show is brought to you by Nucleus Security. Chris Hughes from Aquia is this week’s sponsor guest. He appeared at Nucleus Security’s invitation.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms | WIRED

3CX support tells customers to investigate malware warnings themselves | Ars Technica

North Korean hackers linked to 3CX supply-chain attack, investigation finds

BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover | Wiz Blog

Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands | CyberScoop

MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog

CISA, Cisco highlight Russian military targeting of router vulnerabilities

Israeli spyware software surveilling journalists, politicians

Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch

Israeli Spyware Maker QuaDream Closes, Fires All Employees - National Security & Cyber - Haaretz.com

Hackers used spyware made in Spain to target users in the UAE, Google says | TechCrunch

Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch

US commits $25 million to Costa Rica for Conti ransomware recovery

State Department, Congress working on formal program for US cyber aid

CISA and partners issue secure-by-design principles for software manufacturers | FedScoop

Time to Designate Space Systems as Critical Infrastructure

Apple’s Macs Have Long Escaped Ransomware. That May Be Changing | WIRED

Cyber company Darktrace gets caught up in LockBit gang's apparent blunder

Payments giant says it is investigating ransomware incident that caused POS outage

Cyberattack causing treatment delays at Canadian hospital

German arms manufacturer Rheinmetall confirms cyberattack

Hackers using Log4j bug to profit from victim IP addresses through ‘proxyjacking’ scheme

Police arrest almost 120 people globally following Genesis Market takedown

FBI accessed Genesis Market's backend servers as part of takedown

LinkedIn Verification Now Lets You Verify Your Job and Account | WIRED

Tech industry’s pain is NSA’s gain, cyber leader says about layoffs

QueueJumper: Critical Unauthenticated RCE Vulnerability in MSMQ Service - Check Point Research

Microsoft shifts to a new threat actor naming taxonomy - Microsoft Security Blog

Leaked Pentagon Document Claims Russian Hacktivists Breached Canadian Gas Pipeline Company

Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not. | CyberScoop

From Discord to 4chan: The Improbable Journey of a US Intelligence Leak - bellingcat

U.S. intel agencies may change how they monitor social media, chatrooms after missing leaked U.S. documents for weeks

Taiwan highly vulnerable to Chinese air attack, leaked documents show - The Washington Post

Pentagon document leak raises questions about internal security - The Washington Post

Leaked secret documents detail additional Chinese spy balloons - The Washington Post

...more

View all episodes

By Patrick Gray

4.6

354354 ratings