May 30, 2023

Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure

Listen Later

52 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

China’s lolbin-powered intrusions into critical infrastructure

Trend Micro backs BlackBerry’s Cuba call

Anonymous Sudan shakes down Scandanavian Airlines

Iranian opposition party MEK publishes gargantuan leak

Much, much more

This week’s show is brought to you by Kubernetes security company KSOC. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog

(1) New Messages!

U.S. warns China could hack infrastructure, including pipelines, rail systems | Reuters

Factbox: What is Volt Typhoon, the alleged China-backed hacking group? | Reuters

Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target? - The New York Times

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines

Iranian dissidents take over high-security servers of regime presidency |

Iran-linked hackers Agrius deploying new ransomware against Israeli orgs

Exclusive: Chinese hackers attacked Kenyan government as debt strains grew | Reuters

Risky Biz News: PyPI to enforce 2FA, reduce stored IP addresses

NSO spyware used in Armenia-Azerbaijan conflict, report finds

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

SMS pumping fraud: take care how you configure MFA - TechHQ

Full Disclosure: Printerlogic multiple vulnerabilities

Barracuda Networks issue added to CISA vulnerability list

Barracuda patches actively exploited zero-day vulnerability in email gateways | Cybersecurity Dive

Developing: RaidForums users db leaked

Phishing Domains Tanked After Meta Sued Freenom – Krebs on Security

Broad coalition of advocacy groups urges Slack to protect users' messages from eavesdropping | CyberScoop

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

364364 ratings

May 30, 2023

Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure

Listen Later

52 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

China’s lolbin-powered intrusions into critical infrastructure

Trend Micro backs BlackBerry’s Cuba call

Anonymous Sudan shakes down Scandanavian Airlines

Iranian opposition party MEK publishes gargantuan leak

Much, much more

This week’s show is brought to you by Kubernetes security company KSOC. Jimmy Mesta is this week’s sponsor guest and he joins us to talk about the big security challenges in Kubernetes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog

(1) New Messages!

U.S. warns China could hack infrastructure, including pipelines, rail systems | Reuters

Factbox: What is Volt Typhoon, the alleged China-backed hacking group? | Reuters

Chinese Malware Hits Systems on Guam. Is Taiwan the Real Target? - The New York Times

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines

Iranian dissidents take over high-security servers of regime presidency |

Iran-linked hackers Agrius deploying new ransomware against Israeli orgs

Exclusive: Chinese hackers attacked Kenyan government as debt strains grew | Reuters

Risky Biz News: PyPI to enforce 2FA, reduce stored IP addresses

NSO spyware used in Armenia-Azerbaijan conflict, report finds

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

SMS pumping fraud: take care how you configure MFA - TechHQ

Full Disclosure: Printerlogic multiple vulnerabilities

Barracuda Networks issue added to CISA vulnerability list

Barracuda patches actively exploited zero-day vulnerability in email gateways | Cybersecurity Dive

Developing: RaidForums users db leaked

Phishing Domains Tanked After Meta Sued Freenom – Krebs on Security

Broad coalition of advocacy groups urges Slack to protect users' messages from eavesdropping | CyberScoop

...more

More shows like Risky Business

Hacked by Hacked

Hacked

186 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,005 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

652 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,025 Listeners

Smashing Security by Graham Cluley

Smashing Security

319 Listeners

Click Here by Recorded Future News

Click Here

419 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,076 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

176 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

140 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

44 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

168 Listeners