20 min listen
Risky Business #737 -- LockBit gets absolutely rekt
FromRisky Business
ratings:
Length:
20 minutes
Released:
Feb 21, 2024
Format:
Podcast episode
Description
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:
LockBit has been taken down by law enforcement
Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON
GRU gets its Moobot network shutdown
Signal adding usernames is… complicated
Much, much more
In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Windows policies are set and forget, but sadly, this is not so.
Show notes
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates – Krebs on Security
Law enforcement disrupt world’s biggest ransomware operation
Shanghai Anxun’s information is unreliable and is a trap for national government agencies.
China spy agency renews foreign cyber intelligence warning after data breaches
US Justice Department says it disrupted Russian intelligence hacking network | Reuters
Several Ukrainian media outlets attacked by Russian hackers
Polish PM says previous ruling party used Pegasus spyware against ‘very long’ list of victims
Hackers are targeting Asian bank accounts using stolen facial recognition data
Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private | WIRED
Code injection or backdoor: A new look at Ivanti’s CVE-2021-44529
“the "AB" trigger has similar vibes to the Unreal IRCd and ProFTPD backdoors of the same timeframe.”
FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING
CVSS 10 RCE in Screen Connect
National Security Agency Announces Retirement of Cybersecurity Director
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
LockBit has been taken down by law enforcement
Some mega-juicy leaks out of Chinese offsec/APT contractor I-SOON
GRU gets its Moobot network shutdown
Signal adding usernames is… complicated
Much, much more
In this week’s sponsor interview Devicie’s Tom Plant joins the show to talk about problems orgs run into when it comes to Windows policies. There’s an expectation out there that Windows policies are set and forget, but sadly, this is not so.
Show notes
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates – Krebs on Security
Law enforcement disrupt world’s biggest ransomware operation
Shanghai Anxun’s information is unreliable and is a trap for national government agencies.
China spy agency renews foreign cyber intelligence warning after data breaches
US Justice Department says it disrupted Russian intelligence hacking network | Reuters
Several Ukrainian media outlets attacked by Russian hackers
Polish PM says previous ruling party used Pegasus spyware against ‘very long’ list of victims
Hackers are targeting Asian bank accounts using stolen facial recognition data
Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private | WIRED
Code injection or backdoor: A new look at Ivanti’s CVE-2021-44529
“the "AB" trigger has similar vibes to the Unreal IRCd and ProFTPD backdoors of the same timeframe.”
FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING
CVSS 10 RCE in Screen Connect
National Security Agency Announces Retirement of Cybersecurity Director
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
Released:
Feb 21, 2024
Format:
Podcast episode
Titles in the series (46)
Feature interview: Australia's Cyber Security Minister Clare O'Neil: Clare O'Neil and Ciaran Martin talk to Patrick Gray about cyber strategy and releasing the hounds… by Risky Business