Risky Business #775 -- Cl0p is back, SEC hack disclosures disappoint
Risky Business · Risky.biz
December 18, 20241h 1m
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
- The SEC’s cyber incident reporting isn’t very exciting after all
- China Telecom on the way to being thrown out of the US
- The NSA/Cybercom might get two separate hats
- The Cl0p ransomware crew are back and taking responsibility for the Cleo hacks
- (Yet another) File upload bug in Struts makes Java admins weep
- And much, much more.
This episode is sponsored by SpecterOps, who run a pretty top notch offsec/pentest team when they’re not busy making the Bloodhound Enterprise identity attack path enumeration software. SpecterOps’ Robby Winchester joins to talk about how pentest has changed, and how their customers get value from their testing.
This episode is also available Youtube.
Show notes
- SEC cyber incident reporting rule generates 71 filings in 11 months | Cybersecurity Dive
- US senators, green groups call for accountability over hacking of Exxon critics | Reuters
- Biden Administration Takes First Step to Retaliate Against China Over Hack - The New York Times
- Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' | The Record from Recorded Future News
- EU opens investigation into TikTok and the Romanian election – POLITICO
- Clop ransomware claims responsibility for Cleo data theft attacks
- CISA warns of ransomware gangs exploiting Cleo, CyberPanel bugs | The Record from Recorded Future News
- CVE-2024-55956 | AttackerKB
- Apache issues patches for critical Struts 2 RCE bug • The Register
- Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers | The Record from Recorded Future News
- Israeli spyware firm Paragon acquired by US investment group, report says | Reuters
- How Cryptocurrency Turns to Cash in Russian Banks – Krebs on Security
- Arizona man arrested for alleged involvement in violent online terror networks | CyberScoop
- Russia bans Viber, claiming app facilitates terrorism and drug trafficking | The Record from Recorded Future News