Risky Business

Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators


Listen Later

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

  • We roll our eyes over the “16 billion credentials” leak hitting mainstream news
  • Some interesting cyber angles emerge from the conflict in Iran
  • Opensource maintainer of libxml2 is fed up with this hacker crap
  • Shockingly, there are yet more ways to trick people into pasting commands into Windows
  • Veeam “patches” its backup software RCE like it’s 2002 … by breaking the public PoC
  • This week’s episode is sponsored by Internet-wide honeypot reconnaissance platform, Greynoise. Founder Andrew Morris joins to talk about their journey spotting Chinese ORB-builders hacking thousands of ASUS routers, and why they’re destined for the woodchipper.

    This episode is also available on Youtube.

    Show notes
    • " rel="noopener noreferrer">No, the 16 billion credentials leak is not a new data breach
    • " rel="noopener noreferrer">Canadian telecom hacked by suspected China state group - Ars Technica
    • " rel="noopener noreferrer">Telecom giant Viasat breached by China's Salt Typhoon hackers
    • " rel="noopener noreferrer">WarTranslated on X: "Iran’s jamming GPS in the Strait of Hormuz, messing with ~970 ships, per Windward. UKMTO confirms the interference. Faulty AIS coordinates are screwing up navigation in the Persian Gulf. The IRGC threatens to shut the strait down in hours. https://t.co/kdMJvshOGC" / X
    • " rel="noopener noreferrer">Dmitri Alperovitch on X: "Chairman of the Joint Chiefs Gen. Dan Caine says @US_CYBERCOM supported this strike mission" / X
    • " rel="noopener noreferrer">Top Pentagon spy pick rejected by White House - POLITICO
    • " rel="noopener noreferrer">DHS warns of heightened cyber threat as US enters Iran conflict | Cybersecurity Dive
    • " rel="noopener noreferrer">Exclusive: Early US intel assessment suggests strikes on Iran did not destroy nuclear sites, sources say
    • " rel="noopener noreferrer">U.S. braces for Iran's response after overnight strikes on nuclear sites
    • " rel="noopener noreferrer">Assessing the Damage to Iran’s Nuclear Program
    • " rel="noopener noreferrer">Iran Hacks Tirana Municipality in Retaliation Over MEK - Tirana Times
    • " rel="noopener noreferrer">Iran's government says it shut down internet to protect against cyberattacks | TechCrunch
    • " rel="noopener noreferrer">Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry | Cybersecurity Dive
    • " rel="noopener noreferrer">Tonga Ministry of Health hit with cyberattack affecting website, IT systems | The Record from Recorded Future News
    • " rel="noopener noreferrer">Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US | The Record from Recorded Future News
    • " rel="noopener noreferrer">Russia releases REvil members after convictions for payment card fraud | The Record from Recorded Future News
    • " rel="noopener noreferrer">OneLogin, Many Issues: How I Pivoted from a Trial Tenant to Compromising Customer Signing Keys - SpecterOps
    • " rel="noopener noreferrer">Triaging security issues reported by third parties (#913) · Issue · GNOME/libxml2
    • " rel="noopener noreferrer">README: Set expectations straight (35d04a08) · Commits · GNOME / libxml2 · GitLab
    • " rel="noopener noreferrer">What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia | Google Cloud Blog
    • " rel="noopener noreferrer">FileFix - A ClickFix Alternative | mr.d0x
    • " rel="noopener noreferrer">Address bar shows hp.com. Browser displays scammers’ malicious text anyway. - Ars Technica
    • " rel="noopener noreferrer">Researchers urge vigilance as Veeam releases patch to address critical flaw | Cybersecurity Dive
    • " rel="noopener noreferrer">ASUSpicious Flaw - Millions of Users’ Information Exposed Since 2022 | MrBruh's Epic Blog
    • " rel="noopener noreferrer">Perth dad who created ‘evil twin’ Wi-Fi did so to access pictures of women
    • " rel="noopener noreferrer">GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers
      ...more
      View all episodesView all episodes
      Download on the App Store

      Risky BusinessBy Patrick Gray

      • 4.6
      • 4.6
      • 4.6
      • 4.6
      • 4.6

      4.6

      358 ratings


      More shows like Risky Business

      View all
      Security Now (Audio) by TWiT

      Security Now (Audio)

      1,981 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      640 Listeners

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      371 Listeners

      Hacked by Hacked

      Hacked

      181 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,017 Listeners

      Smashing Security by Graham Cluley

      Smashing Security

      316 Listeners

      Click Here by Recorded Future News

      Click Here

      407 Listeners

      Malicious Life by Malicious Life

      Malicious Life

      925 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,921 Listeners

      Cybersecurity Today by Jim Love

      Cybersecurity Today

      163 Listeners

      CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

      CISO Series Podcast

      189 Listeners

      Hacking Humans by N2K Networks

      Hacking Humans

      311 Listeners

      Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

      Defense in Depth

      76 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      128 Listeners

      Risky Bulletin by risky.biz

      Risky Bulletin

      43 Listeners