July 11, 2023

Risky Business #712 -- The 336,000 undead Fortigates of DOOM

1 hour 9 minutes

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

The SEC is targeting SolarWinds executives

UK to make banks liable for fraud

NSA issues advice on UEFI trojan

Microsoft blocks 100+ dodgy drivers

The US IC knew what Prihozhin was up to. But what FSB doing?

Much, much more

This week’s show is brought to you by Netwrix. Martin Cannard, Netwrix’s VP of Product Strategy, is this week’s sponsor guest. He talks about why zero standing privilege is a worthy goal.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation | Cybersecurity Dive

While Australian banks refuse most scam victims refunds, the UK is making them mandatory - ABC News

New law could allow GCHQ to monitor UK internet logs in real-time to tackle fraud

Federal incentives could help utilities overcome major cybersecurity hurdle: money | CyberScoop

Major Japanese port suspends operation following ransomware attack

Petro-Canada reports service restoration after suspected Suncor breach | Cybersecurity Dive

Chinese state-backed hackers accidentally infected a European hospital with malware

Hackers exploit gaping Windows loophole to give their malware kernel access | Ars Technica

336,000 servers remain unpatched against critical Fortigate vulnerability | Ars Technica

CISA says latest VMware analytics bug being exploited

MOVEit vulnerability snags almost 200 victims, more expected | Cybersecurity Dive

Actively exploited vulnerability threatens hundreds of solar power stations | Ars Technica

U.S. intelligence learned in mid-June Prigozhin was plotting uprising - The Washington Post

Russian election-meddling ‘troll factory’ reportedly shut down after Wagner revolt

Russian telecom confirms hack after group backing Wagner boasted about an attack | CyberScoop

Hackers claim to take down Russian satellite communications provider

Russian railway site allegedly taken down by Ukrainian hackers

Several US states investigating ‘SiegedSec’ hacking campaign

Hacking crew targeting states over transition bans claims cyberattack hitting global satellite systems | CyberScoop

Hacktivists steal government files from Texas city Fort Worth | TechCrunch

Belarusian hacktivists сlaim to breach country’s leading state university

British prosecutors say teen Lapsus$ member was behind hacks on Uber, Rockstar

Silk Road’s Second-in-Command, Variety Jones, Gets 20 Years in Prison | WIRED

Russian cyber expert arrested in Kazakhstan, triggering a showdown between US and Moscow

More than 6,500 arrested since French and Dutch police’s EncroChat hack

BreachForums seized by FBI three months after arrest of alleged admin

BreachForums replacement emerges as robust forum for criminal hackers to trade their spoils | CyberScoop

Genesis Market gang tries to sell platform after FBI disruption

Hackers using TrueBot malware for phishing attacks in US, Canada, officials warn | Cybersecurity Dive

CSI_BlackLotus_Mitigation_Guide.PDF

Hacks targeting British exam boards raise fears of students cheating

More than $125 million taken from crypto platform Multichain

Twitter’s chaotic weekend of outages and rate limits leaves more questions than answers

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking | Ars Technica

...more

View all episodes

By Patrick Gray

4.6

354354 ratings