Risky Business artwork

Risky Business #719 -- FBI vapes 700,000 Qakbot infections

Risky Business

English - August 29, 2023 14:00 - 54 minutes - 49.7 MB - ★★★★★ - 339 ratings
Technology News Tech News Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Risky Business #718 -- Chaos and carnage, business as usual
Next Episode: Risky Business #720 -- How cloud identity provider federation features can get you mega-owned

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

The FBI takes down Qakbot, steals operators’ bitcoins ha ha
Danish hosting provider completely destroyed in ransomware attack
Sophisticated Russian cyber attack on Polish trains. Well. Not really.
Microsoft revokes cert then revokes its revocation
Much, much more!

This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy Ryan Kalember is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.



Show notes


US says it and partners have taken down notorious 'Qakbot' hacking network | Reuters

Danish cloud host says customers ‘lost all data’ after ransomware attack | TechCrunch

VDP Platform 2022 Annual Report Showcases Platform’s Success | CISA

Proposed bill would require vulnerability disclosure policies for all federal contractors

The Cheap Radio Hack That Disrupted Poland's Railway System | WIRED

Two suspects arrested following Poland railway hack

‘Incredible concern and anger’ among Metropolitan Police after hackers breach data

New malware from North Korea’s Lazarus used against healthcare industry

North Korea’s Lazarus hackers behind recent crypto heists: FBI

US arrests Tornado Cash co-founder, sanctions another who remains at large

Kroll Employee SIM-Swapped for Crypto Investor Data – Krebs on Security

(2) Risky Biz News: WinRAR zero-day used to hack stock and crypto traders

Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors | Ars Technica

Renegade certificate removed from Windows. Then it returns. Microsoft stays silent. | Ars Technica

Barracuda ESG zero-day exploit still under way after patches fail | Cybersecurity Dive

Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) | Mandiant

Unpacking the MOVEit Breach: Statistics and Analysis

The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer

Akira Ransomware Targeting VPNs without Multi-Factor Authentication - Cisco Blogs

Ransomware attack dwell times fall, pressuring companies to quickly respond | Cybersecurity Dive

British court convicts two teen Lapsus$ members of hacking tech firms

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. – Krebs on Security

Apple security updates could be banned by British government