Risky Business #719 -- FBI vapes 700,000 Qakbot infections

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• The FBI takes down Qakbot, steals operators’ bitcoins ha ha

• Danish hosting provider completely destroyed in ransomware attack

• Sophisticated Russian cyber attack on Polish trains. Well. Not really.

• Microsoft revokes cert then revokes its revocation

• Much, much more!

This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy Ryan Kalember is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes US says it and partners have taken down notorious 'Qakbot' hacking network | Reuters Danish cloud host says customers ‘lost all data’ after ransomware attack | TechCrunch VDP Platform 2022 Annual Report Showcases Platform’s Success | CISA Proposed bill would require vulnerability disclosure policies for all federal contractors The Cheap Radio Hack That Disrupted Poland's Railway System | WIRED Two suspects arrested following Poland railway hack ‘Incredible concern and anger’ among Metropolitan Police after hackers breach data New malware from North Korea’s Lazarus used against healthcare industry North Korea’s Lazarus hackers behind recent crypto heists: FBI US arrests Tornado Cash co-founder, sanctions another who remains at large Kroll Employee SIM-Swapped for Crypto Investor Data – Krebs on Security (2) Risky Biz News: WinRAR zero-day used to hack stock and crypto traders Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors | Ars Technica Renegade certificate removed from Windows. Then it returns. Microsoft stays silent. | Ars Technica Barracuda ESG zero-day exploit still under way after patches fail | Cybersecurity Dive Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) | Mandiant Unpacking the MOVEit Breach: Statistics and Analysis The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer Akira Ransomware Targeting VPNs without Multi-Factor Authentication - Cisco Blogs Ransomware attack dwell times fall, pressuring companies to quickly respond | Cybersecurity Dive British court convicts two teen Lapsus$ members of hacking tech firms Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. – Krebs on Security Apple security updates could be banned by British government

Release date

Lydbog: 29. august 2023