|
X-He-Spam-Score: 2.6
|
|
Return-Path: <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>
|
|
Delivered-To: dropbox@plan.io
|
|
Received: from m.launch.gmbh ([127.0.0.1])
|
|
by m.launch.gmbh with LMTP
|
|
id UIN/OUTvh2edczoAJzdhvw
|
|
(envelope-from <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>)
|
|
for <dropbox@plan.io>; Wed, 15 Jan 2025 18:24:20 +0100
|
|
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on m.launch.gmbh
|
|
X-Spam-Level: **
|
|
X-Spam-Status: No, score=2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
|
|
DKIM_VALID,DMARC_PASS,HTML_IMAGE_RATIO_06,HTML_MESSAGE,LOTS_OF_MONEY,
|
|
PDS_OTHER_BAD_TLD,RCVD_IN_DNSWL_NONE,SPF_FAIL,SPF_FAIL_IGNORE,
|
|
SPF_HELO_NONE,T_KAM_HTML_FONT_INVALID,URIBL_CSS_A,URIBL_DBL_SPAM
|
|
autolearn=no autolearn_force=no version=3.4.6
|
|
X-Spam-Report:
|
|
* -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
|
|
* https://www.dnswl.org/, no trust
|
|
* [64.90.62.163 listed in list.dnswl.org]
|
|
* 2.5 URIBL_DBL_SPAM Contains a spam URL listed in the Spamhaus DBL
|
|
* blocklist
|
|
* [URIs: wp3.xyz]
|
|
* -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
|
|
* [score: 0.0000]
|
|
* 5.0 SPF_FAIL SPF check failed
|
|
* -0.1 DMARC_PASS DMARC check passed
|
|
* 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
|
|
* 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
|
|
* [URI: wp3.xyz (xyz)]
|
|
* 0.0 HTML_MESSAGE BODY: HTML included in message
|
|
* 0.0 HTML_IMAGE_RATIO_06 BODY: HTML has a low ratio of text to image
|
|
* area
|
|
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
|
|
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
|
|
* valid
|
|
* 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS
|
|
* blocklist
|
|
* [URIs: wp3.xyz]
|
|
* 0.0 LOTS_OF_MONEY Huge... sums of money
|
|
* -5.0 SPF_FAIL_IGNORE Planio Inbox does not consider SPF FAILS on
|
|
* redirects
|
|
* 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
|
|
* Colors in HTML
|
|
X-Spam-Score: 2.6
|
|
Authentication-Results: m.launch.gmbh; dmarc=pass (p=none dis=none) header.from=ghost.io
|
|
Authentication-Results: m.launch.gmbh; spf=fail smtp.mailfrom=m.ghost.io
|
|
Authentication-Results: m.launch.gmbh;
|
|
dkim=pass (2048-bit key; unprotected) header.d=m.ghost.io header.i=@m.ghost.io header.a=rsa-sha256 header.s=mailgun header.b=Hgr2Sm1a;
|
|
dkim-atps=neutral
|
|
Envelope-to: inbox+rlxc+36be+hoax-clearing-center@plan.io
|
|
Received: from pdx1-sub0-mail-mx200.dreamhost.com (fltr-in1.mail.dreamhost.com [64.90.62.163])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by m.launch.gmbh (Postfix) with ESMTPS id 2628E16853C
|
|
for <inbox+rlxc+36be+hoax-clearing-center@plan.io>; Wed, 15 Jan 2025 18:24:20 +0100 (CET)
|
|
Received: from postfix-inbound-v2-6.inbound.mailchannels.net (inbound-egress-7.mailchannels.net [23.83.220.5])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by pdx1-sub0-mail-mx200.dreamhost.com (Postfix) with ESMTPS id 4YYCXb6TbrzB612
|
|
for <lapor@turnbackhoax.id>; Wed, 15 Jan 2025 09:24:15 -0800 (PST)
|
|
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1736961855; a=rsa-sha256;
|
|
cv=none;
|
|
b=SyIbYb6CMDHombeBuS1IlweQzqxPuO7ECtMZlLhzWpUN3gLVX7bzyKbyG78XjVSL95e9lz
|
|
rx9/U1zuIQ5IZcTsCQuwHsNfZeuMNxMw57vma15+TBCC/hEyx5rPcB75Tf7ADmqR0f3bLi
|
|
qNNF8A75g0FYe0wz2j7coGKkMiKdrlqHD+W96SS06O4RfZpNwyncYkCV79l+tDO2/LNcKr
|
|
wymcl8Jrbp9ZlXmCjxEbwEbXPaUfo4VBs+QYfX4LIZhQYOZZORAWbEn2hN/+98XwxK1dM0
|
|
gYSedbpUxl9Rhj7vv7itjD1gJc1HXoD0d8GPO0rUujCqpYbqbCEyna4iw5CE+Q==
|
|
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
|
|
d=mailchannels.net;
|
|
s=arc-2022; t=1736961855;
|
|
h=from:from:sender:sender:reply-to:subject:subject:date:date:
|
|
message-id:message-id:to:to:cc:mime-version:mime-version:
|
|
content-type:content-type:list-unsubscribe:list-unsubscribe-post:
|
|
dkim-signature; bh=gNAn4enHf107ibfRfdPSSKa+divekb7K55K7IMo8dRo=;
|
|
b=i1x5IAtOjTmhYk5Q//nWzhtQ108308rM/igR7szKucxPmzWkMIw3yYNf7/HJ5YhihW56fM
|
|
RW3M2BnavGyX+PigJM5kS3KVziygx594UWG1Zaa6D91z0jk9ufo9Md6RTjmNgkJYbgWBFx
|
|
AuhTacqN9lgX4AjXMRSg6AWyeQr/gFuX0oxM4BejiVbfVldHLsYR8/WKMard6C7XFeUgiJ
|
|
WqhypTPmfR9y/EoHPMlxwAtXhagnXZaYh9ULroBTKI8yrqxRF0ma750NGkLQ/4HgQEj7QB
|
|
GzVz3B5R0Gecpp3r+708G6mqo/qsTP5JEMdgiXqAOR31ZWRP/cqeYXeygjuwDQ==
|
|
ARC-Authentication-Results: i=1;
|
|
inbound-rspamd-7d6dbf97d6-h5fj8;
|
|
none
|
|
X-Message-ID: n9M84a9BQO1BMLvLl6u5BlPG
|
|
Received: from relay7.ghost.io (relay7.ghost.io [143.55.227.205])
|
|
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256)
|
|
by 100.109.44.140 (trex/6.10.3);
|
|
Wed, 15 Jan 2025 17:24:15 +0000
|
|
Authentication-Results: inbound.mailchannels.net;
|
|
spf=pass
|
|
smtp.mailfrom=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
dkim=pass header.d=m.ghost.io;
|
|
dmarc=pass (policy=none; pct=100; status=pass);
|
|
arc=none
|
|
Received-SPF: pass (dmarc-service-5d68fff777-4w5cq: domain of m.ghost.io
|
|
designates 143.55.227.205 as permitted sender) client-ip=143.55.227.205;
|
|
envelope-from=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
helo=relay7.ghost.io;
|
|
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=m.ghost.io; q=dns/txt; s=mailgun; t=1736961853; x=1736969053;
|
|
h=Message-Id: List-Unsubscribe-Post: List-Unsubscribe: To: To: From: From: Subject: Subject: Content-Type: Mime-Version: Date: Sender: Sender;
|
|
bh=gNAn4enHf107ibfRfdPSSKa+divekb7K55K7IMo8dRo=;
|
|
b=Hgr2Sm1aK4Um+oDzTLfbizSvSQVZzfi3zHrOi0xY7CVFoaLyikcV79E1xYJu+QI0jC+yhwLU9P1z8YL2pi7vNPhpZIxjvTnDk7mHjBZ9M2YZfMw4+dcLfYrm5awgX8eAKb+/Qe9zLpeBCnug+lsakXSpq//JuBmA1J18q83ZjaNHxkhptg1SvKnicHFvpxSo7qDsuG25BwLlRpZCiSOb283IFO5OJ4GKEbsRca1u+rxz6w2qWeSkvK1RWsOAYS28NPG8gZYeR+40vbM8N2ARapIy2I2uQkpRU6CkUi2V/S7KNPUMGVw3E87UVo2nWG2ZSzD6qAETR+MRrsThXg/IzA==
|
|
X-Mailgun-Sending-Ip: 143.55.227.205
|
|
X-Mailgun-Sending-Ip-Pool-Name: Bulk - Standard
|
|
X-Mailgun-Sending-Ip-Pool: 6155d7ba935d084321777411
|
|
X-Mailgun-Sid: WyIzODUwYiIsImxhcG9yQHR1cm5iYWNraG9heC5pZCIsIjdiZGMxOCJd
|
|
Received: by 8df1164b18ba with HTTP id 6787ef3d50a0ee07d65f2eb3; Wed, 15 Jan 2025
|
|
17:24:13 GMT
|
|
X-Mailgun-Batch-Id: 6787ef3d55c87a93e35557ae
|
|
Sender: risky-biz=ghost.io@m.ghost.io
|
|
Date: Wed, 15 Jan 2025 17:24:13 +0000
|
|
Mime-Version: 1.0
|
|
Content-Type: multipart/alternative;
|
|
boundary="c09e722fb0725cb7c547e41e5021fbcc388157e3f294d9a3c5f4a507e1d5"
|
|
Subject: Risky Bulletin: UK proposes ransomware payment ban for public bodies
|
|
From: Risky.Biz <risky-biz@ghost.io>
|
|
To: lapor@turnbackhoax.id
|
|
X-Mailgun-Tag: blog-1041185
|
|
X-Mailgun-Tag: bulk-email
|
|
X-Mailgun-Tag: ghost-email
|
|
X-Mailgun-Track-Opens: true
|
|
X-Mailgun-Deliver-By: Wed, 15 Jan 2025 17:24:09 +0000
|
|
List-Unsubscribe: <https://news.risky.biz/unsubscribe/?uuid=1a80b145-9ce5-407e-b496-c57050db16ff&key=b42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=102a29ad-4bfc-4105-8645-703ba0268482>,
|
|
<mailto:u+mq6toytemmytqjtfnvqws3bnnfsd2nrxha3wkzrtg44gcnbsgyztambqge4tentemzqsm2b5mi4temtgmi4dcmtfha3tgntemqytamlfme4teylbmy2dgyjzgy3sm2j5giydenjqgeytkmjxgi2dcmzomq2dmolfgq2tmnrzgzqtoyzummstimdnfztwq33toqxgs3zgoi6wyylqn5zcknbqor2xe3tcmfrww2dpmf4c42leez2d2ytmn5ts2mjqgqytcobvez2d2ytvnrvs2zlnmfuwyjtuhvtwq33toqwwk3lbnfwcm5r5gi@m.ghost.io>
|
|
List-Unsubscribe-Post: List-Unsubscribe=One-Click
|
|
X-Mailgun-Variables: {"email-id": "6787ef378a42630001926dfa"}
|
|
Message-Id: <20250115172413.d469e456696a7c4c@m.ghost.io>
|
|
|
|
--c09e722fb0725cb7c547e41e5021fbcc388157e3f294d9a3c5f4a507e1d5
|
|
Content-Type: text/plain; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
https://news.risky.biz/r/9bb5cb45?m=3D1a80b145-9ce5-407e-b496-c57050db16ff
|
|
|
|
|
|
Risky Business News [https://news.risky.biz/r/55514cc1?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky Bulletin: UK proposes ransomware payment ban for public bodies [https=
|
|
://news.risky.biz/r/ae975f3e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
By Catalin Cimpanu =E2=80=A2 15 Jan 2025
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/0dad4e9d?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/f35e4f89?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
You can subscribe to an audio version of this newsletter as a podcast by se=
|
|
arching for "Risky Business" in your podcatcher or subscribing via this RSS=
|
|
feed [https://news.risky.biz/r/e47191a0?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff]. On Apple Podcasts:
|
|
|
|
=E2=9B=B7=EF=B8=8FThe Risky Business team is on a break between December 20=
|
|
and January 20 for the winter holidays! We'll see you next week for a shor=
|
|
t weekly newsletter!
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
Risky Business is now on YouTube with video versions of our main podcasts. =
|
|
Below is our latest weekly show with Pat and Adam at the helm!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/5ea2aab5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
----------------------------------------
|
|
|
|
|
|
Breaches, hacks, and security incidents
|
|
|
|
Five hacks linked to the DPRK: The US, South Korea, and Japan have linked [=
|
|
https://news.risky.biz/r/53f82dae?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
five 2024 crypto-heists to North Korean hackers. This includes DMM Bitcoin=
|
|
($308mil), WazirX ($235mil), Upbit ($50mil), Radiant Capital ($50mil), and=
|
|
Rain Management ($16mil).
|
|
|
|
Synnovius attack fallout: The UK NHS says that a ransomware attack on lab s=
|
|
ervice provider Synnovis last year has had an impact on the health of sever=
|
|
al patients, including permanent long-term damage in at least two cases. [A=
|
|
dditional coverage in Bloomberg [https://news.risky.biz/r/56dc8ee2?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Fico blames Ukraine for cyberattack: Slovakia's PM Robert Fico has blamed U=
|
|
kraine for a ransomware attack that crippled its cadastre agency earlier th=
|
|
is year. As local media [https://news.risky.biz/r/f2602e70?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff] puts it, Fico, who is a known Putin fanboy and a =
|
|
pro-Kremlin propaganda mouthpiece, has cited no evidence.
|
|
|
|
Luxembourg DDoS attacks: Pro-Kremlin "hacktivists" have launched a series o=
|
|
f DDoS attacks against Luxembourg government websites. [Additional coverage=
|
|
in the Luxembourg Times [https://news.risky.biz/r/d9539e19?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff]]
|
|
|
|
PoE2 hacks: A threat actor has hacked the admin account of the Path of Exil=
|
|
e 2 game, reset user passwords, and stole valuable in-game items from dozen=
|
|
s of user accounts. [Additional coverage in 404 Media [https://news.risky.b=
|
|
iz/r/7cda5a8c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
CFIUS hack: Silk Typhoon, the Chinese hacking group that breached the US Tr=
|
|
easury OFAC bureau, also breached the Committee on Foreign Investment in th=
|
|
e US (CFIUS), the US government office that reviews foreign investments for=
|
|
national security risks. [Additional coverage in CNN [https://news.risky.b=
|
|
iz/r/490b8307?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Roseltorg hack: Pro-Ukrainian hackers have breached Roseltorg, Russia's mai=
|
|
n electronic trading platform for government and corporate procurement. [Ad=
|
|
ditional coverage in The Record [https://news.risky.biz/r/9d0b1873?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Orange Finance crypto-heist: Cryptocurrency platform Orange Finance has los=
|
|
t $830,000 [https://news.risky.biz/r/f97dc080?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff] worth of assets after a leak of one of its private keys.
|
|
|
|
STIIIZY data breach: Cannabis store STIIIZY has disclosed a data breach [ht=
|
|
tps://news.risky.biz/r/dc180bb7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]. =
|
|
The incident took place in November last year via a vendor of point-of-sale=
|
|
processing services.
|
|
|
|
Unacast breach: Location data tracking company Unacast has confirmed a secu=
|
|
rity breach of its Gravy Analytics service [https://news.risky.biz/r/7ecadb=
|
|
41?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]. [Additional coverage in NRK [=
|
|
https://news.risky.biz/r/fce88932?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
]
|
|
|
|
Nominet breach: British domain registrar Nominet has disclosed a security b=
|
|
reach. The incident appears to be linked to a recent wave of attacks agains=
|
|
t Ivanti VPN devices. [Additional coverage in TechCrunch [https://news.risk=
|
|
y.biz/r/184beb1a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Scholastic breach: A threat actor has allegedly hacked and stolen the data =
|
|
of 8 million customers from book publishing company Scholastic. [Additional=
|
|
coverage in The Daily Dot [https://news.risky.biz/r/345642d8?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Telefonica breach: Spanish telco Telefonica has confirmed [https://news.ris=
|
|
ky.biz/r/a8665d9a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] that data from =
|
|
an internal ticketing system was leaked online.
|
|
|
|
|
|
General tech and privacy
|
|
|
|
Microsoft to force-install new Outlook client: Microsoft will force-install=
|
|
[https://news.risky.biz/r/fc6ab38d?m=3D1a80b145-9ce5-407e-b496-c57050db16f=
|
|
f] a new Outlook email client on both Windows 10 and Windows 11 on February=
|
|
11 and January 28, respectively.
|
|
|
|
> "Currently, there isn't a way to block the new Outlook from being install=
|
|
ed - if you prefer not to have new Outlook show up on your organization's d=
|
|
evices, you can remove it after it's installed as part of the update."
|
|
|
|
Texas sues Allstate over privacy: The Texas OAG has sued [https://news.risk=
|
|
y.biz/r/47365765?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] insurance compan=
|
|
y Allstate for "unlawfully collecting, using, and selling data about the lo=
|
|
cation and movement of Texans' cell phones through secretly embedded softwa=
|
|
re in mobile apps."
|
|
|
|
VKontakte passes YouTube: After Russian officials throttled YouTube traffic=
|
|
, VKontakte has finally passed YouTube in Russian traffic rankings for the =
|
|
first time. [Additional coverage in RBC [https://news.risky.biz/r/4ec30dd8?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
DJI gives the middle finger to US: Facing an impeding ban in the US, Chines=
|
|
e drone maker DJI has removed firmware restrictions [https://news.risky.biz=
|
|
/r/b2dd78cb?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] preventing its drones=
|
|
from entering no-fly zones.
|
|
|
|
Meta blocks competitor: After going full-MAGA last week, Meta is now blocki=
|
|
ng links to Pixelfed [https://news.risky.biz/r/097e570d?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff], an Instagram competitor. How very non-anticompetiti=
|
|
ve and non-monopoly.
|
|
|
|
Meta to stop penalizing misinformation: Meta has taken down a system that c=
|
|
an identify viral hoaxes on its platform and has updated its algorithms to =
|
|
stop penalizing misinformation. [Additional coverage in Platformer [https:/=
|
|
/news.risky.biz/r/18743287?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Musk meddles in another election: After Elon Musk showed public support for=
|
|
German far-right party AfD, the visibility of AfD tweets on Twitter explod=
|
|
ed [https://news.risky.biz/r/8dc16925?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff], while all other German parties fell into oblivion. This mirrors simil=
|
|
ar pattern observed [https://news.risky.biz/r/bf9f42f6?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff] ahead of the US presidential election, where tweets f=
|
|
rom Republicans had views stats in the billions while tweets from Democrats=
|
|
were in the low millions.
|
|
|
|
Google still dominates Chromium work: According to a Google blog post [http=
|
|
s://news.risky.biz/r/037f2e80?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], it=
|
|
s engineers still account for roughly 94% of all code commits to the Chromi=
|
|
um open-source web browser project. In the meantime, the Linux Foundation h=
|
|
as announced [https://news.risky.biz/r/de8940ff?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff] an initiative to support open-source projects that adopt the=
|
|
browser.
|
|
|
|
Chrome 132: Google has released version 132 of its Chrome browser. See here=
|
|
for=C2=A0security patches [https://news.risky.biz/r/8e8f9922?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff] and=C2=A0webdev-related changes [https://news.=
|
|
risky.biz/r/06783dd1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]. The biggest=
|
|
changes in this release include a new way to edit the Chrome toolbar, the =
|
|
ability to share Chrome passwords via a QR code, and a security update that=
|
|
sandboxes Chrome's Network Service on Windows.
|
|
|
|
|
|
Government, politics, and policy
|
|
|
|
New RuNet disconnection test: Russian officials have carried out a new test=
|
|
[https://news.risky.biz/r/244c229d?m=3D1a80b145-9ce5-407e-b496-c57050db16f=
|
|
f] to disconnect the Russian RuNet from the main internet.
|
|
|
|
UN spyware meeting: The UN Security Council held its first-ever meeting [ht=
|
|
tps://news.risky.biz/r/5a3fa366?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] o=
|
|
n the proliferation and misuse of commercial spyware.
|
|
|
|
UK proposes ransomware ban: The UK government has put forward a proposal [h=
|
|
ttps://news.risky.biz/r/87ca9ee1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
to ban public government bodies from making ransomware payments. The ban is=
|
|
an expansion of the current ban on payments by government agencies and wil=
|
|
l apply to schools, hospitals, local councils, and critical infrastructure =
|
|
operators.
|
|
|
|
US mulling Salt Typhoon response: The US government is looking into what ki=
|
|
nd of response or sanctions it should take against a private Chinese compan=
|
|
y it believes is behind the Salt Typhoon APT and the attacks against US tel=
|
|
cos. [Additional coverage in WaPo [https://news.risky.biz/r/5ed7aa2a?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
New chip export controls: The White House has introduced new export control=
|
|
rules for AI models and chips as part of its economic war with China. [Add=
|
|
itional coverage in CyberScoop [https://news.risky.biz/r/4c6fe388?m=3D1a80b=
|
|
145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
IMSI catcher at DNC convention: WIRED [https://news.risky.biz/r/1d148fdf?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff] reports that an IMSI catcher devic=
|
|
e was discovered at the 2024 DNC convention in Chicago last year.
|
|
|
|
> "Initial tests conducted during the DNC revealed no conclusive evidence o=
|
|
f cell-site simulator activity. However, months later, EFF technologists re=
|
|
analyzed the raw data using improved detection methods."
|
|
|
|
CISA AI playbook: CISA has published a playbook [https://news.risky.biz/r/6=
|
|
a375fbd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] for how companies should =
|
|
work together to deal with AI-related cybersecurity incidents and vulnerabi=
|
|
lities.
|
|
|
|
CISA performance report: CISA claimed it recorded progress across its effor=
|
|
ts to decrease critical infrastructure organizations' exposure to actively =
|
|
exploited CVEs and cut remediation times, according to its annual performan=
|
|
ce report [https://news.risky.biz/r/7811c127?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff]. [Additional coverage in CybersecurityDive [https://news.risky.=
|
|
biz/r/3c973f02?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
Brian A. Coleman, Senior Director for Insider Risk, Information Security, a=
|
|
nd Digital Forensics at Pfizer, talks to us about how his security team is =
|
|
experimenting with AI to improve their insider risk detection systems. The =
|
|
system Brian and his team put together can detect sensitive information or =
|
|
documents handled by unauthorized accounts, but can also spot documents mov=
|
|
ing around and ending up where they shouldn't be - either by accident, mali=
|
|
ce, or as a result of a security breach.
|
|
|
|
|
|
|
|
https://risky.biz/RBTALKS5/ [https://news.risky.biz/r/80ef8df4?m=3D1a80b145=
|
|
-9ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
Arrests, cybercrime, and threat intel
|
|
|
|
PlugX takedown: The DOJ has confirmed [https://news.risky.biz/r/2391841b?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff] that the FBI used Sekoia's data [h=
|
|
ttps://news.risky.biz/r/9db79fd3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
and control over a PlugX command-and-control server [https://news.risky.biz=
|
|
/r/a7d40baf?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to disinfect systems =
|
|
across the US after a similar operation took place in France with the help =
|
|
of French law enforcement. Sekoia has volunteered to help law enforcement t=
|
|
ake down the botnet and it's nice to see that some people took them on thei=
|
|
r offer.
|
|
|
|
Base station smishers detained in Thailand: Thai officials have detained tw=
|
|
o Chinese nationals for driving around Bangkok, posing as tour guides, and =
|
|
using a base station to blast SMS spam to nearby phones. This is the second=
|
|
group caught doing this after initial arrests this past November. [Additio=
|
|
nal coverage in Khaosod [https://news.risky.biz/r/ddc02b44?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff]]
|
|
|
|
Deepfake group detained: Hong Kong officials have detained a group of 31 su=
|
|
spects for allegedly using deepfake technology to defraud victims across So=
|
|
utheast Asia via romance and investment scams. [Additional coverage in The =
|
|
Star [https://news.risky.biz/r/52b527aa?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff]]
|
|
|
|
Blender/Sinbad admins charged: The US Justice Department has charged three =
|
|
Russian nationals [https://news.risky.biz/r/952867a6?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] for operating the Blender and Sinbad cryptocurrency mix=
|
|
ing services.
|
|
|
|
Barcelona's spyware hub: After a first Haaretz report [https://news.risky.b=
|
|
iz/r/a4319d06?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] last month, TechCru=
|
|
nch [https://news.risky.biz/r/d5fc4d2f?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff] also looks at how Barcelona has become a hub for spyware companies ov=
|
|
er the past year.
|
|
|
|
CrowdStrike alert: Security firm CrowdStrike says it detected a phishing ca=
|
|
mpaign [https://news.risky.biz/r/032b67b8?m=3D1a80b145-9ce5-407e-b496-c5705=
|
|
0db16ff] using its name to lure victims into infecting themselves with a cr=
|
|
yptominer.
|
|
|
|
Chinese malware network: DomainTools' security team has published a report =
|
|
[https://news.risky.biz/r/eeef14d8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
] covering a threat actor involved in the delivery of malware to Chinese-sp=
|
|
eaking audiences.
|
|
|
|
IntelBroker profile: Threat intel company KELA has published a profile on I=
|
|
ntelBroker [https://news.risky.biz/r/7647ed2c?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff], a notorious data broker active on the BreachForums undergroun=
|
|
d data trading hub.
|
|
|
|
BIScience profile: Security researcher Wladimir Palant has published a prof=
|
|
ile on BIScience [https://news.risky.biz/r/effa47fe?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff], a "data broker that owns multiple extensions in the Chr=
|
|
ome Web Store (CWS) that collect clickstream data under false pretenses."
|
|
|
|
Huione Guarantee: Elliptic has published a profile on Huione Guarantee [htt=
|
|
ps://news.risky.biz/r/876bdf52?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a=
|
|
Telegram-based marketplace serving fraudsters and online scam compounds ac=
|
|
ross Southeast Asia.
|
|
|
|
Fasthttp abuse: Security firm SpearTip has detected threat actors abusing t=
|
|
he Fasthttp library [https://news.risky.biz/r/874f607c?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff] to carry out and manage brute-force attacks on Micros=
|
|
oft 365 infrastructure.
|
|
|
|
Codefinger: A threat actor tracked as Codefinger [https://news.risky.biz/r/=
|
|
271ce634?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] is breaking into AWS S3 =
|
|
buckets and encrypting user data as part of a wide-ranging data extortion c=
|
|
ampaign against companies running unsecured infrastructure.
|
|
|
|
FunkSec: Check Point has published a report on FunkSec [https://news.risky.=
|
|
biz/r/b598926d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a ransomware grou=
|
|
p that launched in late 2024 and has already listed over 85 victims on its =
|
|
leak site.
|
|
|
|
|
|
Malware technical reports
|
|
|
|
WP3.XYZ: Security firm c/side has published an analysis of WP3.XYZ [https:/=
|
|
/news.risky.biz/r/1e5fcc01?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a pie=
|
|
ce of JS malware they found deployed on over 5,000 WordPress sites.
|
|
|
|
AIRASHI: QiAnXin has published a report on AIRASHI [https://news.risky.biz/=
|
|
r/fa50524e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a huge DDOS botnet th=
|
|
at was used to attack Steam during the launch of the Black Myth Wukong vide=
|
|
o game last year.
|
|
|
|
Mikro Typo: Infoblox has discovered a botnet named Mikro Typo [https://news=
|
|
=2Erisky.biz/r/fbb6d741?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff] comprised o=
|
|
f over 13,000 compromised MikroTik devices and 20,000 domains involved in s=
|
|
ending spoofed emails.
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
In this podcast, Tom Uren and Adam Boileau talk about the continued importa=
|
|
nce of hack and leak operations. They didn't really affect the recent US pr=
|
|
esidential election, but they are still a powerful tool for vested interest=
|
|
s to influence public policy.
|
|
|
|
|
|
|
|
https://risky.biz/SRB106/ [https://news.risky.biz/r/74275c8c?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/287d7053?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
APTs, cyber-espionage, and info-ops
|
|
|
|
APT28/UAC-0063: Sekoia looks at an APT campaign [https://news.risky.biz/r/5=
|
|
67358a9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] targeting Central Asia, i=
|
|
ncluding Kazakhstan, and its diplomatic and economic relations with Asian a=
|
|
nd Western countries.
|
|
|
|
> "We assess it is possible that this campaign was conducted by a Russia-ne=
|
|
xus intrusion set, UAC-0063, sharing overlaps with APT28."
|
|
|
|
Sticky Werewolf: Russian security firm FACCT says [https://news.risky.biz/r=
|
|
/c039e70f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] it discovered new Stick=
|
|
y Werewolf campaigns targeting Russian entities. The company previously lin=
|
|
ked the group to Ukraine.
|
|
|
|
NICKEL TAPESTRY: SecureWorks has linked some of the North Korean IT worker =
|
|
groups to known artifacts of an APT it tracks as NICKEL TAPESTRY [https://n=
|
|
ews.risky.biz/r/391b21b8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
RedCurl: Huntress has published new details and IOCs from a RedCurl APT cam=
|
|
paign [https://news.risky.biz/r/45f42d90?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff] that targeted Canada over the past two years.
|
|
|
|
Reward for Flax Typhoon-linked company: The US State Department has put up =
|
|
a $10 million reward [https://news.risky.biz/r/71e0f618?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff] for additional information on Beijing-based cybersec=
|
|
urity company Integrity Technology Group. US officials claim the company is=
|
|
behind the Flax Typhoon APT group.
|
|
|
|
Pro-Kremlin disinformation: Researchers have found pro-Kremlin disinformati=
|
|
on campaigns [https://news.risky.biz/r/218e19d3?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff] targeting Croatia ahead of its presidential election. The pr=
|
|
o-Kremlin candidate won. There's also another Russian disinfo group [https:=
|
|
//news.risky.biz/r/50a53b7e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] targe=
|
|
ting Poland's upcoming election. EU officials believe more elections will l=
|
|
ikely be canceled [https://news.risky.biz/r/80238fa5?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] in the future because of foreign meddling and disinform=
|
|
ation campaigns.
|
|
|
|
Iranian Cyber Units Organizational Structure: Iranian threat intel analyst =
|
|
Nariman Gharib has published [https://news.risky.biz/r/433edb03?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff] a chart detailing the structure of Iran's cy=
|
|
ber and cyber-electronics units.
|
|
|
|
|
|
Vulnerabilities, security research, and bug bounty
|
|
|
|
Patch Tuesday: Yesterday was the January 2025 Patch Tuesday. We had securit=
|
|
y updates from Adobe [https://news.risky.biz/r/44cf5f6b?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff], Microsoft [https://news.risky.biz/r/eed2deff?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff], Chrome [https://news.risky.biz/r/b6d3b=
|
|
0dd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], SAP [https://news.risky.biz/=
|
|
r/d4c9066d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Ivanti [https://news.=
|
|
risky.biz/r/ed9645e7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Fortinet [h=
|
|
ttps://news.risky.biz/r/c03dfe71?m=3D1a80b145-9ce5-407e-b496-c57050db16ff],=
|
|
Cisco [https://news.risky.biz/r/90f33fd6?m=3D1a80b145-9ce5-407e-b496-c5705=
|
|
0db16ff], NVIDIA [https://news.risky.biz/r/d8886b3d?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff], Schneider Electric [https://news.risky.biz/r/79e96dab?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff],=C2=A0Siemens [https://news.risky.=
|
|
biz/r/dd2d6fe5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Moxa [https://new=
|
|
s.risky.biz/r/e1e5c1a3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Zyxel [ht=
|
|
tps://news.risky.biz/r/5276a46b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], =
|
|
Zoom [https://news.risky.biz/r/003e4aad?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff], Rsync [https://news.risky.biz/r/80a0feba?m=3D1a80b145-9ce5-407e-b49=
|
|
6-c57050db16ff], and Veeam [https://news.risky.biz/r/151790ba?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff]. The=C2=A0Android Project [https://news.risky.=
|
|
biz/r/ea43679c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Firefox [https://=
|
|
news.risky.biz/r/e19b5b0f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Kubern=
|
|
etes [https://news.risky.biz/r/952bc5a6?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff], Splunk [https://news.risky.biz/r/20bb00b5?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff], SonicWall [https://news.risky.biz/r/4e0145b4?m=3D1a80b145=
|
|
-9ce5-407e-b496-c57050db16ff], ASUS [https://news.risky.biz/r/2bdced64?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff], SimpleHelp [https://news.risky.biz/r=
|
|
/3dabd9d7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], and GitLab [https://ne=
|
|
ws.risky.biz/r/51ac455d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] released =
|
|
security updates last week as well.
|
|
|
|
Microsoft Patch Tuesday: This month, Microsoft patched 159 vulnerabilities =
|
|
[https://news.risky.biz/r/193535d9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
], including three actively exploited zero-days.
|
|
|
|
* CVE-2025-21333 [https://news.risky.biz/r/04067d16?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff], CVE-2025-21334 [https://news.risky.biz/r/458d67e6?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff], CVE-2025-21335 [https://news.risky.b=
|
|
iz/r/abcdb157?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] - All three are des=
|
|
cribed as a Windows Hyper-V NT Kernel Integration VSP elevation of privileg=
|
|
e vulnerability.
|
|
|
|
Fortinet zero-day: Arctic Wolf says [https://news.risky.biz/r/6d583ca0?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff] threat actors are using a new Fortine=
|
|
t zero-day to mass compromise of Fortinet FortiGate firewalls. Tracked as C=
|
|
VE-2024-55591, the zero-day is an authentication bypass exploited via the f=
|
|
irewall's Node.js websocket module. A patch [https://news.risky.biz/r/d7df9=
|
|
baa?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] is now available.
|
|
|
|
Aviatrix exploitation: Cloud security firm Wiz has detected active exploita=
|
|
tion [https://news.risky.biz/r/2b6ad620?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff] of an Aviatrix Controller unauthenticated RCE vulnerability (CVE-202=
|
|
4-50603 [https://news.risky.biz/r/36974f77?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff]) that was initially disclosed last week. The flaw is being used t=
|
|
o gain access to AWS customer backends.
|
|
|
|
Apple SIP bypass: Microsoft security researcher Jonathan Bar Or has publish=
|
|
ed details about a new SIP bypass [https://news.risky.biz/r/4c841d6d?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff] impacting macOS. It's the third bypass =
|
|
the researcher has found in macOS over the past years.
|
|
|
|
Sign in with Google hijack: TruffleSecurity's Dylan Ayrey has found a way [=
|
|
https://news.risky.biz/r/d954ae8b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
to abuse the "Sign in with Google" feature and access data from failed com=
|
|
panies. The idea is to re-register expired domains for failed companies, st=
|
|
and up a Google Workspace for that domain, and use the domain and the new G=
|
|
oogle mail address to access data from the failed company's leftover online=
|
|
infrastructure. This includes stuff like Zoom, HR systems, Slack channels,=
|
|
and more.
|
|
|
|
Facebook ad platform hack: Two bug hunters have found a vulnerability that =
|
|
allowed them to pivot from Facebook's ad platform to the company's internal=
|
|
server network. Meta awarded the two $100,000 for their work. [Additional =
|
|
coverage in TechCrunch [https://news.risky.biz/r/cd740b84?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff]]
|
|
|
|
BlinkenCity research: Positive Security has published details about Blinken=
|
|
City, a technique that uses rogue radio signals to shut down renewable powe=
|
|
r management devices and streetlights in some European cities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/250b0cee?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
VPN tunneling vulnerabilities: Two KU Leuven academics have discovered that=
|
|
over four million VPN servers and home routers can be abused to re-route m=
|
|
alicious traffic and carry out DoS attacks via modified tunneling packets. =
|
|
[Additional coverage in Top10VPN [https://news.risky.biz/r/65889146?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff]/Full research paper PDF [https://news.ri=
|
|
sky.biz/r/5694e0a9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
> "The discovered hosts also facilitate new Denial-of-service (DoS) attacks=
|
|
=2E Two new DoS attacks amplify traffic=
|
|
: one concentrates traffic in time, an=
|
|
d another loops packets between vulnerable hosts, resulting in an amplifica=
|
|
tion factor of at least 16 and 75, respectively. Additionally, we present a=
|
|
n Economic Denial of Sustainability (EDoS) attack, where the outgoing bandw=
|
|
idth of a host is drained. Finally, we discuss countermeasures and hope our=
|
|
findings will motivate people to better secure tunnelling hosts."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/ceabefef?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
Infosec industry
|
|
|
|
Threat/trend reports: The Cyber Threat Alliance [https://news.risky.biz/r/9=
|
|
a3e61d2?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], IANS Research+Artico Sea=
|
|
rch [https://news.risky.biz/r/e1b834d3?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff], Ukraine's SCPC [https://news.risky.biz/r/a122cb18?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff], and the US NMFTA [https://news.risky.biz/r/a520f00=
|
|
c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] have published reports and summ=
|
|
aries covering various infosec trends and industry threats.
|
|
|
|
Tool update=E2=80=94HIBP: The Have I Been Pwned portal is now indexing [htt=
|
|
ps://news.risky.biz/r/6f6509b8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] le=
|
|
aked or public stealer logs.
|
|
|
|
New tool=E2=80=94raink: Security firm BishopFox has released raink [https:/=
|
|
/news.risky.biz/r/b988205d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a too=
|
|
l to help researchers solve ranking problems that are otherwise difficult f=
|
|
or LLMs to process.
|
|
|
|
New tool=E2=80=94What is this Stealer: The MalBeacon team has released What=
|
|
is this Stealer [https://news.risky.biz/r/f5e77cae?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff], a GitHub repo containing formats used by infostealer ma=
|
|
lware, designed to allow security researchers to easily identify infections=
|
|
=2E
|
|
|
|
New tool=E2=80=94Sunder: Security researcher Cole Houston has released Sund=
|
|
er [https://news.risky.biz/r/1e273eb0?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff], a Windows rootkit modeled after the Lazarus Group's FudModule rootkit=
|
|
=2E
|
|
|
|
New tool=E2=80=94EarlyCascade: Security researcher Abdallah Elsharif has re=
|
|
leased a PoC [https://news.risky.biz/r/d8581643?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff] for the EarlyCascade [https://news.risky.biz/r/40556158?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff] process injection technique.
|
|
|
|
ShmooCon 2025 streams: Live streams from the last ShmooCon security confere=
|
|
nce, which took place last week, are available on YouTube [https://news.ris=
|
|
ky.biz/r/83df127c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
In this edition of Between Two Nerds, Tom Uren and The Grugq talk about the=
|
|
evolution of Russian cyber operations during its invasion of Ukraine.
|
|
|
|
|
|
|
|
https://risky.biz/BTN105/ [https://news.risky.biz/r/c4d07cfd?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/aa9e49d8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky.Biz =C2=A9 2025 =E2=80=93 Unsubscribe [https://news.risky.biz/unsubsc=
|
|
ribe/?uuid=3D1a80b145-9ce5-407e-b496-c57050db16ff&key=3Db42b9394aa843f18196=
|
|
f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=3D102a29ad-4bfc-41=
|
|
05-8645-703ba0268482]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
--c09e722fb0725cb7c547e41e5021fbcc388157e3f294d9a3c5f4a507e1d5
|
|
Content-Type: text/html; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<meta name=3D"viewport" content=3D"width=3Ddevice-width">
|
|
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DU=
|
|
TF-8">
|
|
<!--[if mso]><xml><o:OfficeDocumentSettings><o:PixelsPerInch>96</o:=
|
|
PixelsPerInch><o:AllowPNG/></o:OfficeDocumentSettings></xml><![endif]-->
|
|
<title>Risky Bulletin: UK proposes ransomware payment ban for publi=
|
|
c bodies</title>
|
|
<style>
|
|
=2Epost-title-link {
|
|
display: block;
|
|
margin-top: 32px;
|
|
color: #15212A;
|
|
text-align: center;
|
|
line-height: 1.1em;
|
|
}
|
|
=2Epost-title-link-left {
|
|
text-align: left;
|
|
}
|
|
=2Eview-online-link {
|
|
word-wrap: none;
|
|
white-space: nowrap;
|
|
color: #738a94;
|
|
text-decoration: underline !important;
|
|
}
|
|
=2Ekg-nft-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 14px;
|
|
line-height: 1.3em;
|
|
padding-top: 4px;
|
|
padding-right: 20px;
|
|
padding-left: 20px;
|
|
padding-bottom: 4px;
|
|
}
|
|
=2Ekg-twitter-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 15px;
|
|
padding: 8px;
|
|
line-height: 1.3em;
|
|
}
|
|
=2Ekg-audio-link {
|
|
color: #738a94 !important;
|
|
}
|
|
@media only screen and (max-width: 620px) {
|
|
table.body {
|
|
width: 100%;
|
|
min-width: 100%;
|
|
}
|
|
|
|
.hide-mobile {
|
|
display: none;
|
|
}
|
|
|
|
.mobile-only {
|
|
display: initial !important;
|
|
}
|
|
|
|
.hide-desktop {
|
|
display: initial !important;
|
|
}
|
|
|
|
.desktop-only {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body p,
|
|
table.body ul,
|
|
table.body ol,
|
|
table.body td {
|
|
font-size: 16px;
|
|
}
|
|
|
|
table.body .post-excerpt {
|
|
font-size: 16px !important;
|
|
}
|
|
|
|
table.body .kg-callout-card {
|
|
padding: 16px 24px !important;
|
|
}
|
|
|
|
table.body .kg-callout-text {
|
|
font-size: 16px !important;
|
|
line-height: 1.5em !important;
|
|
}
|
|
|
|
table.body pre {
|
|
white-space: pre-wrap !important;
|
|
word-break: break-word !important;
|
|
}
|
|
|
|
table.body .content {
|
|
padding: 0 !important;
|
|
}
|
|
|
|
table.body .container {
|
|
padding: 0 !important;
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .main {
|
|
border-spacing: 10px 0 !important;
|
|
border-left-width: 0 !important;
|
|
border-radius: 0 !important;
|
|
border-right-width: 0 !important;
|
|
}
|
|
|
|
table.body .btn table {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .btn a {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .img-responsive {
|
|
height: auto !important;
|
|
max-width: 100% !important;
|
|
width: auto !important;
|
|
}
|
|
|
|
table.body .site-icon {
|
|
padding-top: 0 !important;
|
|
}
|
|
|
|
table.body .site-info {
|
|
padding-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-title-link {
|
|
margin-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-meta-wrapper {
|
|
padding-bottom: 24px !important;
|
|
}
|
|
|
|
table.body .site-icon img {
|
|
width: 36px !important;
|
|
height: 36px !important;
|
|
}
|
|
|
|
table.body .site-url a {
|
|
font-size: 13px !important;
|
|
padding-bottom: 16px !important;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .post-meta-date {
|
|
white-space: normal !important;
|
|
font-size: 13px !important;
|
|
line-height: 1.2em;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .view-online {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .post-meta-left,
|
|
table.body .post-meta-left.view-online {
|
|
width: 100% !important;
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online-mobile {
|
|
display: table-row !important;
|
|
}
|
|
|
|
table.body .post-meta-left.view-online-mobile,
|
|
table.body .post-meta-left.view-online-mobile .view-online {
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online.desktop {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .view-online {
|
|
text-decoration: underline;
|
|
}
|
|
|
|
table.body .footer p,
|
|
table.body .footer p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .view-online-link,
|
|
table.body .footer,
|
|
table.body .footer a {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .post-title a {
|
|
font-size: 26px !important;
|
|
line-height: 1.1em !important;
|
|
}
|
|
|
|
table.feedback-buttons {
|
|
display: table !important;
|
|
width: 100% !important;
|
|
max-width: 390px;
|
|
}
|
|
|
|
table.feedback-buttons img {
|
|
display: inherit !important;
|
|
}
|
|
|
|
table.body .feedback-button-text {
|
|
display: none!important;
|
|
}
|
|
|
|
table.body .latest-posts-header {
|
|
font-size: 12px !important;
|
|
}
|
|
|
|
table.body .latest-post-title {
|
|
padding-right: 8px !important;
|
|
}
|
|
|
|
table.body .latest-post h4,
|
|
table.body .latest-post h4 span {
|
|
padding: 4px 0 6px !important;
|
|
font-size: 15px !important;
|
|
}
|
|
|
|
table.body .latest-post-excerpt,
|
|
table.body .latest-post-excerpt a,
|
|
table.body .latest-post-excerpt span {
|
|
font-size: 13px !important;
|
|
line-height: 1.2 !important;
|
|
}
|
|
|
|
table.body .subscription-box h3 {
|
|
font-size: 14px !important;
|
|
}
|
|
|
|
table.body .subscription-box p,
|
|
table.body .subscription-box p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details,
|
|
table.body .manage-subscription {
|
|
display: inline-block;
|
|
width: 100%;
|
|
text-align: left !important;
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details {
|
|
padding-bottom: 12px;
|
|
}
|
|
|
|
table.body .kg-bookmark-card {
|
|
width: 90vw;
|
|
}
|
|
|
|
table.body .kg-bookmark-thumbnail {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .kg-bookmark-metadata span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .kg-embed-card {
|
|
max-width: 90vw !important;
|
|
}
|
|
|
|
table.body h1 {
|
|
font-size: 32px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h2,
|
|
table.body h2 span {
|
|
font-size: 26px !important;
|
|
line-height: 1.22em !important;
|
|
}
|
|
|
|
table.body h3 {
|
|
font-size: 21px !important;
|
|
line-height: 1.25em !important;
|
|
}
|
|
|
|
table.body h4 {
|
|
font-size: 19px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h5 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body h6 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote {
|
|
font-size: 16px !important;
|
|
line-height: 1.6em;
|
|
margin-bottom: 0;
|
|
}
|
|
|
|
table.body blockquote p {
|
|
margin-right: 15px !important;
|
|
margin-left: 15px !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt {
|
|
border-left: 0 none !important;
|
|
margin: 0 !important;
|
|
font-size: 18px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt p {
|
|
margin-right: 20px !important;
|
|
margin-left: 20px !important;
|
|
}
|
|
|
|
table.body hr {
|
|
margin: 2em 0 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 span {
|
|
font-size: inherit !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-content {
|
|
padding-top: 64px !important;
|
|
padding-bottom: 64px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-image + .kg-header-card-=
|
|
content {
|
|
padding-top: 52px !important;
|
|
padding-bottom: 52px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-heading {
|
|
font-size: 2.2em !important;
|
|
line-height: 1.1 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-subheading {
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
.feature-image-caption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption p,
|
|
=2Ekg-card-figcaption p span {
|
|
font-size: 13px!important;
|
|
}
|
|
}
|
|
@media all {
|
|
.subscription-details p.hidden {
|
|
display: none !important;
|
|
}
|
|
|
|
.ExternalClass {
|
|
width: 100%;
|
|
}
|
|
|
|
.ExternalClass,
|
|
=2EExternalClass p,
|
|
=2EExternalClass span,
|
|
=2EExternalClass font,
|
|
=2EExternalClass td,
|
|
=2EExternalClass div {
|
|
line-height: 100%;
|
|
}
|
|
|
|
.apple-link a {
|
|
color: inherit !important;
|
|
font-family: inherit !important;
|
|
font-size: inherit !important;
|
|
font-weight: inherit !important;
|
|
line-height: inherit !important;
|
|
text-decoration: none !important;
|
|
}
|
|
|
|
#MessageViewBody a {
|
|
color: inherit;
|
|
text-decoration: none;
|
|
font-size: inherit;
|
|
font-family: inherit;
|
|
font-weight: inherit;
|
|
line-height: inherit;
|
|
}
|
|
|
|
.btn-primary table td:hover {
|
|
background-color: #34495e !important;
|
|
}
|
|
|
|
.btn-primary a:hover {
|
|
background-color: #34495e !important;
|
|
border-color: #34495e !important;
|
|
}
|
|
}
|
|
</style>
|
|
</head>
|
|
<body style=3D"background-color: #fff; font-family: -apple-system, Blin=
|
|
kMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, &=
|
|
#39;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol&=
|
|
#39;; -webkit-font-smoothing: antialiased; font-size: 18px; line-height: 1.=
|
|
4; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adj=
|
|
ust: 100%; color: #15212A;"><img width=3D"1" height=3D"1" alt=3D"" src=3D"h=
|
|
ttp://email.m.ghost.io/o/eJwszsFuwyAMgOGnKbdE2IAxBz-MwaRBTceUpdMef1q143f59Z=
|
|
vkag3YdYEcqBBwCq4_dRzLMKHMuW8hs0ak4L2HgmSbul0KametDWBjM0wYqmLvGBhCalrdEPSYP=
|
|
ECCjBHCapFKj4mokOYW2y3653rf59e1julOOfRznrfor9f5UbU99qk_6zB3ST3mfQEfATj98XU8=
|
|
lveju-Qd-Ne34G8AAAD__9TiPYg">
|
|
<span class=3D"preheader" style=3D"color: transparent; display: non=
|
|
e; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; ms=
|
|
o-hide: all; visibility: hidden; width: 0;">In other news: Synnovis ransomw=
|
|
are attack impacted patients' health; Silk Typhoon also hacked the Trea=
|
|
sury CFIUS; new ransomware campaign targets S3 buckets.</span>
|
|
<table role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspa=
|
|
cing=3D"0" class=3D"body" width=3D"100%" style=3D"border-collapse: separate=
|
|
; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #fff; wid=
|
|
th: 100%;" bgcolor=3D"#fff">
|
|
<!-- Outlook doesn't respect max-width so we need an extra cent=
|
|
ered table -->
|
|
<!--[if mso]>
|
|
<tr>
|
|
<td>
|
|
<center>
|
|
<table border=3D"0" cellpadding=3D"0" cellspacing=
|
|
=3D"0" width=3D"600">
|
|
<![endif]-->
|
|
<tr>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
<td class=3D"container" style=3D"font-family: -apple-system=
|
|
, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-se=
|
|
rif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI S=
|
|
ymbol'; font-size: 18px; vertical-align: top; color: #15212A; display: =
|
|
block; max-width: 600px; margin: 0 auto;" valign=3D"top">
|
|
<div class=3D"content" style=3D"box-sizing: border-box;=
|
|
display: block; margin: 0 auto; max-width: 600px;">
|
|
<!-- START CENTERED WHITE CONTAINER -->
|
|
<table role=3D"presentation" border=3D"0" cellpaddi=
|
|
ng=3D"0" cellspacing=3D"0" class=3D"main" width=3D"100%" style=3D"border-co=
|
|
llapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background:=
|
|
#ffffff; border-radius: 3px; border-spacing: 20px 0; width: 100%;">
|
|
|
|
<!-- START MAIN CONTENT AREA -->
|
|
<tr>
|
|
<td class=3D"wrapper" style=3D"font-family:=
|
|
-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, =
|
|
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', &=
|
|
#39;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #152=
|
|
12A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;">
|
|
|
|
<tr class=3D"site-info-row">
|
|
<td class=3D"site-info" wid=
|
|
th=3D"100%" align=3D"center" style=3D"font-family: -apple-system, BlinkMacS=
|
|
ystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'A=
|
|
pple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol';=
|
|
font-size: 18px; vertical-align: top; color: #15212A; padding-top: 32px;" =
|
|
valign=3D"top">
|
|
<table role=3D"presenta=
|
|
tion" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" style=3D"border-coll=
|
|
apse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"=
|
|
width=3D"100%">
|
|
<tr>
|
|
<td class=
|
|
=3D"site-icon" style=3D"font-family: -apple-system, BlinkMacSystemFont, =
|
|
9;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emo=
|
|
ji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18=
|
|
px; vertical-align: top; color: #15212A; padding-bottom: 8px; padding-top: =
|
|
8px; text-align: center; border-radius: 3px;" valign=3D"top" align=3D"cente=
|
|
r"><a href=3D"https://news.risky.biz/r/9bb5cb45?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"color: #727272; text-decoration: none; overflow-wra=
|
|
p: anywhere;" target=3D"_blank"><img src=3D"https://news.risky.biz/content/=
|
|
images/2024/01/rbicon.png" alt=3D"Risky.Biz" border=3D"0" width=3D"44" heig=
|
|
ht=3D"44" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width=
|
|
: 100%; width: 44px; height: 44px; border-radius: 3px;"></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=
|
|
=3D"site-url site-url-bottom-padding" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 16px; letter-spac=
|
|
ing: -0.1px; font-weight: 700; text-transform: uppercase; text-align: cente=
|
|
r; padding-bottom: 12px;" valign=3D"top" align=3D"center"><div style=3D"wid=
|
|
th: 100% !important;"><a href=3D"https://news.risky.biz/r/55514cc1?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" class=3D"site-title" style=3D"text-decora=
|
|
tion: none; color: #15212A; overflow-wrap: anywhere;" target=3D"_blank">Ris=
|
|
ky Business News</a></div></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td class=3D"post-title pos=
|
|
t-title-with-excerpt post-title-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 36px; line-height=
|
|
: 1.1em; font-weight: 700; padding-bottom: 8px; text-align: left;" valign=
|
|
=3D"top" align=3D"left">
|
|
<a href=3D"https://news=
|
|
=2Erisky.biz/r/ae975f3e?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" class=3D"po=
|
|
st-title-link post-title-link-left" style=3D"text-decoration: none; display=
|
|
: block; margin-top: 32px; color: #15212A; line-height: 1.1em; text-align: =
|
|
left; overflow-wrap: anywhere;" target=3D"_blank">Risky Bulletin: UK propos=
|
|
es ransomware payment ban for public bodies</a>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td style=3D"font-family: -=
|
|
apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Ar=
|
|
ial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', =
|
|
9;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #15212=
|
|
A; width: 100%;" width=3D"100%" valign=3D"top">
|
|
<table class=3D"post-me=
|
|
ta-wrapper" role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspacin=
|
|
g=3D"0" width=3D"100%" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; padding-bottom: 32px;">
|
|
<tr>
|
|
<td height=3D"2=
|
|
0" class=3D"post-meta post-meta-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #738a94; font-size: 13px; font-weight=
|
|
: 400; text-align: left; padding: 0;" valign=3D"top" align=3D"left">
|
|
By Catalin =
|
|
Cimpanu • <span class=3D"post-meta-date" style=3D"white-space: nowra=
|
|
p;">15 Jan 2025 </span>
|
|
</td>
|
|
<td class=3D"po=
|
|
st-meta post-meta-left view-online desktop" style=3D"font-family: -apple-sy=
|
|
stem, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, san=
|
|
s-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe =
|
|
UI Symbol'; vertical-align: top; color: #738a94; font-size: 13px; font-=
|
|
weight: 400; text-align: right;" valign=3D"top" align=3D"right">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/0dad4e9d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
<tr class=3D"post-m=
|
|
eta post-meta-left view-online-mobile" style=3D"color: #738a94; font-size: =
|
|
13px; font-weight: 400; text-align: left; display: none;" align=3D"left">
|
|
<td height=3D"2=
|
|
0" class=3D"view-online" style=3D"font-family: -apple-system, BlinkMacSyste=
|
|
mFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple=
|
|
Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; ver=
|
|
tical-align: top; color: #738a94; font-size: 13px; font-weight: 400; text-a=
|
|
lign: center;" valign=3D"top" align=3D"center">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/f35e4f89?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr class=3D"post-content-row">
|
|
<td class=3D"post-content-sans-=
|
|
serif" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe =
|
|
UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji',=
|
|
'Segoe UI Emoji', 'Segoe UI Symbol'; vertical-align: top; =
|
|
font-size: 17px; line-height: 1.5em; color: #15212A; padding-bottom: 20px; =
|
|
border-bottom: 1px solid #e5eff5; max-width: 600px;" valign=3D"top">
|
|
<!-- POST CONTENT START -->
|
|
<p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;"><em>You can =
|
|
subscribe to an audio version of this newsletter as a podcast by searching =
|
|
for "Risky Business" in your podcatcher or subscribing via </em><=
|
|
/strong><a href=3D"https://news.risky.biz/r/e47191a0?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-=
|
|
decoration: underline;" target=3D"_blank"><strong style=3D"font-weight: 700=
|
|
;"><em>this RSS feed</em></strong></a><strong style=3D"font-weight: 700;"><=
|
|
em>. On Apple Podcasts:</em></strong></p><div class=3D"kg-card kg-callout-c=
|
|
ard kg-callout-card-blue" style=3D"display: flex; margin: 0 0 1.5em 0; padd=
|
|
ing: 20px 28px; border-radius: 3px; background: #E9F6FB;"><div class=3D"kg-=
|
|
callout-emoji" style=3D"padding-right: 12px; font-size: 20px;">⛷=
|
|
E0F;</div><div class=3D"kg-callout-text"><i><em class=3D"italic" style=3D"w=
|
|
hite-space: pre-wrap;">The Risky Business team is on a break between Decemb=
|
|
er 20 and January 20 for the winter holidays! We'll see you next week f=
|
|
or a short weekly newsletter!</em></i></div></div><h3 id=3D"risky-business-=
|
|
podcasts" style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSyste=
|
|
mFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple=
|
|
Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; lin=
|
|
e-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibility; mar=
|
|
gin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;"=
|
|
><em>Risky Business Podcasts</em></strong></h3><p style=3D"margin: 0 0 1.5e=
|
|
m 0; line-height: 1.6em;"><em>Risky Business is now on YouTube with video v=
|
|
ersions of our main podcasts. Below is our latest weekly show with Pat and =
|
|
Adam at the helm!</em></p><div class=3D"kg-card kg-embed-card" style=3D"mar=
|
|
gin: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
5ea2aab5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/RquLQQyrP-I/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/RquLQQyrP-I/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DRquLQQyrP-I" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/RquLQQyrP-I/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><hr style=3D"position: relative; display: blo=
|
|
ck; width: 100%; margin: 3em 0; padding: 0; height: 1px; border: 0; border-=
|
|
top: 1px solid #e5eff5;"><h3 id=3D"breaches-hacks-and-security-incidents" s=
|
|
tyle=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, '=
|
|
;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
|
|
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1=
|
|
=2E11em; font-weight: 700; text-renderi=
|
|
ng: optimizeLegibility; margin: 1.5em=20=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Breaches, =
|
|
hacks, and security incidents</strong></h3><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D"font-weight: 700;">Five hacks linked=
|
|
to the DPRK:</strong> The US, South Korea, and Japan <a href=3D"https://ne=
|
|
ws.risky.biz/r/53f82dae?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">have linked</a> five 2024 crypto-heists to North Korean hacker=
|
|
s. This includes DMM Bitcoin ($308mil), WazirX ($235mil), Upbit ($50mil), R=
|
|
adiant Capital ($50mil), and Rain Management ($16mil).</p><p style=3D"margi=
|
|
n: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Sy=
|
|
nnovius attack fallout:</strong> The UK NHS says that a ransomware attack o=
|
|
n lab service provider Synnovis last year has had an impact on the health o=
|
|
f several patients, including permanent long-term damage in at least two ca=
|
|
ses. [<em>Additional coverage in </em><a href=3D"https://news.risky.biz/r/5=
|
|
6dc8ee2?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: a=
|
|
nywhere; color: #727272; text-decoration: underline;" target=3D"_blank"><em=
|
|
>Bloomberg</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em=
|
|
;"><strong style=3D"font-weight: 700;">Fico blames Ukraine for cyberattack:=
|
|
</strong> Slovakia's PM Robert Fico has blamed Ukraine for a ransomware=
|
|
attack that crippled its cadastre agency earlier this year. As <a href=3D"=
|
|
https://news.risky.biz/r/f2602e70?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underli=
|
|
ne;" target=3D"_blank">local media</a> puts it, Fico, who is a known Putin =
|
|
fanboy and a pro-Kremlin propaganda mouthpiece, has cited no evidence.</p><=
|
|
p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-=
|
|
weight: 700;">Luxembourg DDoS attacks:</strong> Pro-Kremlin "hacktivis=
|
|
ts" have launched a series of DDoS attacks against Luxembourg governme=
|
|
nt websites. [<em>Additional coverage in the </em><a href=3D"https://news.r=
|
|
isky.biz/r/d9539e19?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"over=
|
|
flow-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D=
|
|
"_blank"><em>Luxembourg Times</em></a>]</p><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D"font-weight: 700;">PoE2 hacks:</stro=
|
|
ng> A threat actor has hacked the admin account of the Path of Exile 2 game=
|
|
, reset user passwords, and stole valuable in-game items from dozens of use=
|
|
r accounts. [<em>Additional coverage in </em><a href=3D"https://news.risky.=
|
|
biz/r/7cda5a8c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-=
|
|
wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_bla=
|
|
nk"><em>404 Media</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height=
|
|
: 1.6em;"><strong style=3D"font-weight: 700;">CFIUS hack:</strong> Silk Typ=
|
|
hoon, the Chinese hacking group that breached the US Treasury OFAC bureau, =
|
|
also breached the Committee on Foreign Investment in the US (CFIUS), the US=
|
|
government office that reviews foreign investments for national security r=
|
|
isks. [<em>Additional coverage in </em><a href=3D"https://news.risky.biz/r/=
|
|
490b8307?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: =
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"><e=
|
|
m>CNN</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><s=
|
|
trong style=3D"font-weight: 700;">Roseltorg hack:</strong> Pro-Ukrainian ha=
|
|
ckers have breached Roseltorg, Russia's main electronic trading platfor=
|
|
m for government and corporate procurement. [<em>Additional coverage in </e=
|
|
m><a href=3D"https://news.risky.biz/r/9d0b1873?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decora=
|
|
tion: underline;" target=3D"_blank"><em>The Record</em></a>]</p><p style=3D=
|
|
"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 70=
|
|
0;">Orange Finance crypto-heist:</strong> Cryptocurrency platform Orange Fi=
|
|
nance has <a href=3D"https://news.risky.biz/r/f97dc080?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; tex=
|
|
t-decoration: underline;" target=3D"_blank">lost $830,000</a> worth of asse=
|
|
ts after a leak of one of its private keys.</p><p style=3D"margin: 0 0 1.5e=
|
|
m 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">STIIIZY data =
|
|
breach:</strong> Cannabis store STIIIZY has disclosed a <a href=3D"https://=
|
|
news.risky.biz/r/dc180bb7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">data breach</a>. The incident took place in November last =
|
|
year via a vendor of point-of-sale processing services.</p><p style=3D"marg=
|
|
in: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">U=
|
|
nacast breach:</strong> Location data tracking company Unacast has confirme=
|
|
d a security breach of its <a href=3D"https://news.risky.biz/r/7ecadb41?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">Gravy Analyt=
|
|
ics service</a>. [<em>Additional coverage in </em><a href=3D"https://news.r=
|
|
isky.biz/r/fce88932?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"over=
|
|
flow-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D=
|
|
"_blank"><em>NRK</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">Nominet breach:</strong> Briti=
|
|
sh domain registrar Nominet has disclosed a security breach. The incident a=
|
|
ppears to be linked to a recent wave of attacks against Ivanti VPN devices.=
|
|
[<em>Additional coverage in </em><a href=3D"https://news.risky.biz/r/184be=
|
|
b1a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywh=
|
|
ere; color: #727272; text-decoration: underline;" target=3D"_blank"><em>Tec=
|
|
hCrunch</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;">=
|
|
<strong style=3D"font-weight: 700;">Scholastic breach:</strong> A threat ac=
|
|
tor has allegedly hacked and stolen the data of 8 million customers from bo=
|
|
ok publishing company Scholastic. [<em>Additional coverage in </em><a href=
|
|
=3D"https://news.risky.biz/r/345642d8?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank"><em>The Daily Dot</em></a>]</p><p style=3D"margi=
|
|
n: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Te=
|
|
lefonica breach:</strong> Spanish telco Telefonica has <a href=3D"https://n=
|
|
ews.risky.biz/r/a8665d9a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D=
|
|
"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targ=
|
|
et=3D"_blank">confirmed</a> that data from an internal ticketing system was=
|
|
leaked online.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 =
|
|
0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/images/202=
|
|
5/01/Telefonica.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" =
|
|
height=3D"313" style=3D"border: none; -ms-interpolation-mode: bicubic; max-=
|
|
width: 100%; display: block; margin: 0 auto; height: auto; width: auto;"></=
|
|
div><h3 id=3D"general-tech-and-privacy" style=3D"margin-top: 0; font-family=
|
|
: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica,=
|
|
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', =
|
|
'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-rend=
|
|
ering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><stro=
|
|
ng style=3D"font-weight: 800;">General tech and privacy</strong></h3><p sty=
|
|
le=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weigh=
|
|
t: 700;">Microsoft to force-install new Outlook client:</strong> Microsoft =
|
|
will <a href=3D"https://news.risky.biz/r/fc6ab38d?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-dec=
|
|
oration: underline;" target=3D"_blank">force-install</a> a new Outlook emai=
|
|
l client on both Windows 10 and Windows 11 on February 11 and January 28, r=
|
|
espectively.</p><blockquote style=3D"margin: 0; padding: 0; border-left: #7=
|
|
27272 2px solid; font-size: 17px; font-weight: 500; line-height: 1.6em; let=
|
|
ter-spacing: -0.2px;"><p style=3D"line-height: 1.6em; margin: 2em 25px; fon=
|
|
t-size: 1em; padding: 0;"><em>"Currently, there isn't a way to blo=
|
|
ck the new Outlook from being installed - if you prefer not to have new Out=
|
|
look show up on your organization's devices, you can remove it after it=
|
|
's installed as part of the update."</em></p></blockquote><p style=
|
|
=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight:=
|
|
700;">Texas sues Allstate over privacy:</strong> The Texas OAG has <a href=
|
|
=3D"https://news.risky.biz/r/47365765?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">sued</a> insurance company Allstate for "<e=
|
|
m>unlawfully collecting, using, and selling data about the location and mov=
|
|
ement of Texans' cell phones through secretly embedded software in mobi=
|
|
le apps</em>."</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;=
|
|
"><strong style=3D"font-weight: 700;">VKontakte passes YouTube:</strong> Af=
|
|
ter Russian officials throttled YouTube traffic, VKontakte has finally pass=
|
|
ed YouTube in Russian traffic rankings for the first time. [<em>Additional =
|
|
coverage in </em><a href=3D"https://news.risky.biz/r/4ec30dd8?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #7272=
|
|
72; text-decoration: underline;" target=3D"_blank"><em>RBC</em></a>]</p><di=
|
|
v class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;">=
|
|
<img src=3D"https://news.risky.biz/content/images/2025/01/Kevin.png" class=
|
|
=3D"kg-image" alt loading=3D"lazy" width=3D"594" height=3D"284" style=3D"bo=
|
|
rder: none; -ms-interpolation-mode: bicubic; max-width: 100%; display: bloc=
|
|
k; margin: 0 auto; height: auto; width: auto;"></div><p style=3D"margin: 0 =
|
|
0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">DJI giv=
|
|
es the middle finger to US:</strong> Facing an impeding ban in the US, Chin=
|
|
ese drone maker DJI has <a href=3D"https://news.risky.biz/r/b2dd78cb?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color=
|
|
: #727272; text-decoration: underline;" target=3D"_blank">removed firmware =
|
|
restrictions</a> preventing its drones from entering no-fly zones.</p><div =
|
|
class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><i=
|
|
mg src=3D"https://news.risky.biz/content/images/2025/01/Matt.png" class=3D"=
|
|
kg-image" alt loading=3D"lazy" width=3D"596" height=3D"215" style=3D"border=
|
|
: none; -ms-interpolation-mode: bicubic; max-width: 100%; display: block; m=
|
|
argin: 0 auto; height: auto; width: auto;"></div><p style=3D"margin: 0 0 1.=
|
|
5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Meta blocks=
|
|
competitor:</strong> After going full-MAGA last week, Meta is now <a href=
|
|
=3D"https://news.risky.biz/r/097e570d?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">blocking links to Pixelfed</a>, an Instagram com=
|
|
petitor. How very non-anticompetitive and non-monopoly.</p><p style=3D"marg=
|
|
in: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">M=
|
|
eta to stop penalizing misinformation:</strong> Meta has taken down a syste=
|
|
m that can identify viral hoaxes on its platform and has updated its algori=
|
|
thms to stop penalizing misinformation. [<em>Additional coverage in </em><a=
|
|
href=3D"https://news.risky.biz/r/18743287?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration=
|
|
: underline;" target=3D"_blank"><em>Platformer</em></a>]</p><p style=3D"mar=
|
|
gin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">=
|
|
Musk meddles in another election:</strong> After Elon Musk showed public su=
|
|
pport for German far-right party AfD, the visibility of AfD tweets on Twitt=
|
|
er <a href=3D"https://news.risky.biz/r/8dc16925?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank">exploded</a>, while all other German p=
|
|
arties fell into oblivion. This mirrors <a href=3D"https://news.risky.biz/r=
|
|
/bf9f42f6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" rel=3D"noreferrer" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">similar pattern observed</a> ahead of the US presidential=
|
|
election, where tweets from Republicans had views stats in the billions wh=
|
|
ile tweets from Democrats were in the low millions.</p><div class=3D"kg-car=
|
|
d kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https=
|
|
://news.risky.biz/content/images/2025/01/Curd.png" class=3D"kg-image" alt l=
|
|
oading=3D"lazy" width=3D"595" height=3D"478" style=3D"border: none; -ms-int=
|
|
erpolation-mode: bicubic; max-width: 100%; display: block; margin: 0 auto; =
|
|
height: auto; width: auto;"></div><p style=3D"margin: 0 0 1.5em 0; line-hei=
|
|
ght: 1.6em;"><strong style=3D"font-weight: 700;">Google still dominates Chr=
|
|
omium work:</strong> According to a <a href=3D"https://news.risky.biz/r/037=
|
|
f2e80?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: any=
|
|
where; color: #727272; text-decoration: underline;" target=3D"_blank">Googl=
|
|
e blog post</a>, its engineers still account for roughly 94% of all code co=
|
|
mmits to the Chromium open-source web browser project. In the meantime, the=
|
|
Linux Foundation has <a href=3D"https://news.risky.biz/r/de8940ff?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: =
|
|
#727272; text-decoration: underline;" target=3D"_blank">announced</a> an in=
|
|
itiative to support open-source projects that adopt the browser.</p><div cl=
|
|
ass=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img=
|
|
src=3D"https://news.risky.biz/content/images/2025/01/Chromium.png" class=
|
|
=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"369" style=3D"bo=
|
|
rder: none; -ms-interpolation-mode: bicubic; max-width: 100%; display: bloc=
|
|
k; margin: 0 auto; height: auto; width: auto;"></div><p style=3D"margin: 0 =
|
|
0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Chrome =
|
|
132:</strong> Google has released version 132 of its Chrome browser. See he=
|
|
re for <a href=3D"https://news.risky.biz/r/8e8f9922?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; t=
|
|
ext-decoration: underline;" target=3D"_blank">security patches</a> and =
|
|
;<a href=3D"https://news.risky.biz/r/06783dd1?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorat=
|
|
ion: underline;" target=3D"_blank">webdev-related changes</a>. The biggest =
|
|
changes in this release include a new way to edit the Chrome toolbar, the a=
|
|
bility to share Chrome passwords via a QR code, and a security update that =
|
|
sandboxes Chrome's Network Service on Windows.</p><div class=3D"kg-card=
|
|
kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https:=
|
|
//news.risky.biz/content/images/2025/01/Chrome.webp" class=3D"kg-image" alt=
|
|
loading=3D"lazy" width=3D"600" height=3D"338" style=3D"border: none; -ms-i=
|
|
nterpolation-mode: bicubic; max-width: 100%; display: block; margin: 0 auto=
|
|
; height: auto; width: auto;"></div><h3 id=3D"government-politics-and-polic=
|
|
y" style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, =
|
|
'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color =
|
|
Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-heigh=
|
|
t: 1.11em; font-weight: 700; text-rendering: optimizeLegibility; margin: 1.=
|
|
5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Govern=
|
|
ment, politics, and policy</strong></h3><p style=3D"margin: 0 0 1.5em 0; li=
|
|
ne-height: 1.6em;"><strong style=3D"font-weight: 700;">New RuNet disconnect=
|
|
ion test:</strong> Russian officials have carried out a <a href=3D"https://=
|
|
news.risky.biz/r/244c229d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">new test</a> to disconnect the Russian RuNet from the main=
|
|
internet.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">UN spyware meeting:</strong> The UN Security C=
|
|
ouncil held its <a href=3D"https://news.risky.biz/r/5a3fa366?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">first-ever meeting</a> on=
|
|
the proliferation and misuse of commercial spyware.</p><p style=3D"margin:=
|
|
0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">UK p=
|
|
roposes ransomware ban:</strong> The UK government has <a href=3D"https://n=
|
|
ews.risky.biz/r/87ca9ee1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D=
|
|
"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targ=
|
|
et=3D"_blank">put forward a proposal</a> to ban public government bodies fr=
|
|
om making ransomware payments. The ban is an expansion of the current ban o=
|
|
n payments by government agencies and will apply to schools, hospitals, loc=
|
|
al councils, and critical infrastructure operators.</p><p style=3D"margin: =
|
|
0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">US mu=
|
|
lling Salt Typhoon response:</strong> The US government is looking into wha=
|
|
t kind of response or sanctions it should take against a private Chinese co=
|
|
mpany it believes is behind the Salt Typhoon APT and the attacks against US=
|
|
telcos. [<em>Additional coverage in </em><a href=3D"https://news.risky.biz=
|
|
/r/5ed7aa2a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wra=
|
|
p: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"=
|
|
><em>WaPo</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;=
|
|
"><strong style=3D"font-weight: 700;">New chip export controls:</strong> Th=
|
|
e White House has introduced new export control rules for AI models and chi=
|
|
ps as part of its economic war with China. [<em>Additional coverage in </em=
|
|
><a href=3D"https://news.risky.biz/r/4c6fe388?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorat=
|
|
ion: underline;" target=3D"_blank"><em>CyberScoop</em></a>]</p><p style=3D"=
|
|
margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700=
|
|
;">IMSI catcher at DNC convention:</strong> <a href=3D"https://news.risky.b=
|
|
iz/r/1d148fdf?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-w=
|
|
rap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blan=
|
|
k"><em>WIRED</em></a> reports that an IMSI catcher device was discovered at=
|
|
the 2024 DNC convention in Chicago last year.</p><blockquote style=3D"marg=
|
|
in: 0; padding: 0; border-left: #727272 2px solid; font-size: 17px; font-we=
|
|
ight: 500; line-height: 1.6em; letter-spacing: -0.2px;"><p style=3D"line-he=
|
|
ight: 1.6em; margin: 2em 25px; font-size: 1em; padding: 0;"><em>"Initi=
|
|
al tests conducted during the DNC revealed no conclusive evidence of cell-s=
|
|
ite simulator activity. However, months later, EFF technologists reanalyzed=
|
|
the raw data using improved detection methods."</em></p></blockquote>=
|
|
<p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font=
|
|
-weight: 700;">CISA AI playbook:</strong> CISA has <a href=3D"https://news.=
|
|
risky.biz/r/6a375fbd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">published a playbook</a> for how companies should work together=
|
|
to deal with AI-related cybersecurity incidents and vulnerabilities.</p><p=
|
|
style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-w=
|
|
eight: 700;">CISA performance report:</strong> CISA claimed it recorded pro=
|
|
gress across its efforts to decrease critical infrastructure organizations&=
|
|
#39; exposure to actively exploited CVEs and cut remediation times, accordi=
|
|
ng to its <a href=3D"https://news.risky.biz/r/7811c127?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; tex=
|
|
t-decoration: underline;" target=3D"_blank">annual performance report</a>. =
|
|
[<em>Additional coverage in </em><a href=3D"https://news.risky.biz/r/3c973f=
|
|
02?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhe=
|
|
re; color: #727272; text-decoration: underline;" target=3D"_blank"><em>Cybe=
|
|
rsecurityDive</em></a>]</p><div class=3D"kg-card kg-image-card" style=3D"ma=
|
|
rgin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/im=
|
|
ages/2025/01/CISA.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600=
|
|
" height=3D"402" style=3D"border: none; -ms-interpolation-mode: bicubic; ma=
|
|
x-width: 100%; display: block; margin: 0 auto; height: auto; width: auto;">=
|
|
</div><h3 id=3D"risky-business-podcasts-1" style=3D"margin-top: 0; font-fam=
|
|
ily: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helveti=
|
|
ca, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji'=
|
|
;, 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-r=
|
|
endering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><s=
|
|
trong style=3D"font-weight: 800;"><em>Risky Business Podcasts</em></strong>=
|
|
</h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>Brian A. Col=
|
|
eman, Senior Director for Insider Risk, Information Security, and Digital F=
|
|
orensics at Pfizer, talks to us about how his security team is experimentin=
|
|
g with AI to improve their insider risk detection systems. The system Brian=
|
|
and his team put together can detect sensitive information or documents ha=
|
|
ndled by unauthorized accounts, but can also spot documents moving around a=
|
|
nd ending up where they shouldn't be - either by accident, malice, or a=
|
|
s a result of a security breach.</em></p><div class=3D"kg-card kg-embed-car=
|
|
d" style=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/RBTALKS5.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/RBTALKS5/">RB=
|
|
TALKS5: How Pfizer uses AI to detect insider risk</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "RBTALKS5: How Pfizer=
|
|
uses AI to detect insider risk",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/80ef8df4?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/RBTALKS5/</span></a></p><h3 id=3D"arrests-cybercrime-and-threat-intel" sty=
|
|
le=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, 'S=
|
|
egoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji&=
|
|
#39;, 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1.1=
|
|
1em; font-weight: 700; text-rendering: optimizeLegibility; margin: 1.5em 0 =
|
|
0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Arrests, cyb=
|
|
ercrime, and threat intel</strong></h3><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">PlugX takedown:</stro=
|
|
ng> The DOJ has <a href=3D"https://news.risky.biz/r/2391841b?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">confirmed</a> that the FB=
|
|
I used <a href=3D"https://news.risky.biz/r/9db79fd3?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-d=
|
|
ecoration: underline;" target=3D"_blank">Sekoia's data</a> and <a href=
|
|
=3D"https://news.risky.biz/r/a7d40baf?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">control over a PlugX command-and-control server<=
|
|
/a> to disinfect systems across the US after a similar operation took place=
|
|
in France with the help of French law enforcement. Sekoia has volunteered =
|
|
to help law enforcement take down the botnet and it's nice to see that =
|
|
some people took them on their offer.</p><p style=3D"margin: 0 0 1.5em 0; l=
|
|
ine-height: 1.6em;"><strong style=3D"font-weight: 700;">Base station smishe=
|
|
rs detained in Thailand:</strong> Thai officials have detained two Chinese =
|
|
nationals for driving around Bangkok, posing as tour guides, and using a ba=
|
|
se station to blast SMS spam to nearby phones. This is the second group cau=
|
|
ght doing this after initial arrests this past November. [<em>Additional co=
|
|
verage in </em><a href=3D"https://news.risky.biz/r/ddc02b44?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank"><em>Khaosod</em></a>]</p><=
|
|
p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-=
|
|
weight: 700;">Deepfake group detained:</strong> Hong Kong officials have de=
|
|
tained a group of 31 suspects for allegedly using deepfake technology to de=
|
|
fraud victims across Southeast Asia via romance and investment scams. [<em>=
|
|
Additional coverage in </em><a href=3D"https://news.risky.biz/r/52b527aa?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank"><em>The Star=
|
|
</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">Blender/Sinbad admins charged:</strong> The US=
|
|
Justice Department has <a href=3D"https://news.risky.biz/r/952867a6?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color=
|
|
: #727272; text-decoration: underline;" target=3D"_blank">charged three Rus=
|
|
sian nationals</a> for operating the Blender and Sinbad cryptocurrency mixi=
|
|
ng services.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">Barcelona's spyware hub:</strong> After =
|
|
a first <a href=3D"https://news.risky.biz/r/a4319d06?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-=
|
|
decoration: underline;" target=3D"_blank">Haaretz report</a> last month, <a=
|
|
href=3D"https://news.risky.biz/r/d5fc4d2f?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration=
|
|
: underline;" target=3D"_blank">TechCrunch</a> also looks at how Barcelona =
|
|
has become a hub for spyware companies over the past year.</p><p style=3D"m=
|
|
argin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;=
|
|
">CrowdStrike alert:</strong> Security firm CrowdStrike says it detected a =
|
|
<a href=3D"https://news.risky.biz/r/032b67b8?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorati=
|
|
on: underline;" target=3D"_blank">phishing campaign</a> using its name to l=
|
|
ure victims into infecting themselves with a cryptominer.</p><p style=3D"ma=
|
|
rgin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;"=
|
|
>Chinese malware network: </strong>DomainTools' security team has publi=
|
|
shed a <a href=3D"https://news.risky.biz/r/eeef14d8?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-d=
|
|
ecoration: underline;" target=3D"_blank">report</a> covering a threat actor=
|
|
involved in the delivery of malware to Chinese-speaking audiences.</p><p s=
|
|
tyle=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-wei=
|
|
ght: 700;">IntelBroker profile:</strong> Threat intel company KELA has publ=
|
|
ished a profile on <a href=3D"https://news.risky.biz/r/7647ed2c?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72=
|
|
7272; text-decoration: underline;" target=3D"_blank">IntelBroker</a>, a not=
|
|
orious data broker active on the BreachForums underground data trading hub.=
|
|
</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"=
|
|
font-weight: 700;">BIScience profile:</strong> Security researcher Wladimir=
|
|
Palant has published a profile on <a href=3D"https://news.risky.biz/r/effa=
|
|
47fe?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anyw=
|
|
here; color: #727272; text-decoration: underline;" target=3D"_blank">BIScie=
|
|
nce</a>, a "<em>data broker that owns multiple extensions in the Chrom=
|
|
e Web Store (CWS) that collect clickstream data under false pretenses</em>.=
|
|
"</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong sty=
|
|
le=3D"font-weight: 700;">Huione Guarantee:</strong> Elliptic has published =
|
|
a profile on <a href=3D"https://news.risky.biz/r/876bdf52?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; =
|
|
text-decoration: underline;" target=3D"_blank">Huione Guarantee</a>, a Tele=
|
|
gram-based marketplace serving fraudsters and online scam compounds across =
|
|
Southeast Asia.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 =
|
|
0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/images/202=
|
|
5/01/Huione.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" heig=
|
|
ht=3D"404" style=3D"border: none; -ms-interpolation-mode: bicubic; max-widt=
|
|
h: 100%; display: block; margin: 0 auto; height: auto; width: auto;"></div>=
|
|
<p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font=
|
|
-weight: 700;">Fasthttp abuse:</strong> Security firm SpearTip has detected=
|
|
threat actors <a href=3D"https://news.risky.biz/r/874f607c?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank">abusing the Fasthttp libra=
|
|
ry</a> to carry out and manage brute-force attacks on Microsoft 365 infrast=
|
|
ructure.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong s=
|
|
tyle=3D"font-weight: 700;">Codefinger:</strong> A threat actor tracked as <=
|
|
a href=3D"https://news.risky.biz/r/271ce634?m=3D1a80b145-9ce5-407e-b496-c57=
|
|
050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoratio=
|
|
n: underline;" target=3D"_blank">Codefinger</a> is breaking into AWS S3 buc=
|
|
kets and encrypting user data as part of a wide-ranging data extortion camp=
|
|
aign against companies running unsecured infrastructure.</p><p style=3D"mar=
|
|
gin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">=
|
|
FunkSec:</strong> Check Point has published a report on <a href=3D"https://=
|
|
news.risky.biz/r/b598926d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">FunkSec</a>, a ransomware group that launched in late 2024=
|
|
and has already listed over 85 victims on its leak site.</p><div class=3D"=
|
|
kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D=
|
|
"https://news.risky.biz/content/images/2025/01/FunkSec.png" class=3D"kg-ima=
|
|
ge" alt loading=3D"lazy" width=3D"600" height=3D"394" style=3D"border: none=
|
|
; -ms-interpolation-mode: bicubic; max-width: 100%; display: block; margin:=
|
|
0 auto; height: auto; width: auto;"></div><h3 id=3D"malware-technical-repo=
|
|
rts" style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-hei=
|
|
ght: 1.11em; font-weight: 700; text-rendering: optimizeLegibility; margin: =
|
|
1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Malw=
|
|
are technical reports</strong></h3><p style=3D"margin: 0 0 1.5em 0; line-he=
|
|
ight: 1.6em;"><strong style=3D"font-weight: 700;">WP3.XYZ:</strong> Securit=
|
|
y firm c/side has published an analysis of <a href=3D"https://news.risky.bi=
|
|
z/r/1e5fcc01?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">WP3.XYZ</a>, a piece of JS malware they found deployed on over 5,000 Word=
|
|
Press sites.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">AIRASHI:</strong> QiAnXin has published a re=
|
|
port on <a href=3D"https://news.risky.biz/r/fa50524e?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-=
|
|
decoration: underline;" target=3D"_blank">AIRASHI</a>, a huge DDOS botnet t=
|
|
hat was used to attack Steam during the launch of the Black Myth Wukong vid=
|
|
eo game last year.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"=
|
|
><strong style=3D"font-weight: 700;">Mikro Typo:</strong> Infoblox has disc=
|
|
overed a botnet named <a href=3D"https://news.risky.biz/r/fbb6d741?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: =
|
|
#727272; text-decoration: underline;" target=3D"_blank">Mikro Typo</a> comp=
|
|
rised of over 13,000 compromised MikroTik devices and 20,000 domains involv=
|
|
ed in sending spoofed emails.</p><div class=3D"kg-card kg-image-card" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/cont=
|
|
ent/images/2025/01/MikroTypo.png" class=3D"kg-image" alt loading=3D"lazy" w=
|
|
idth=3D"600" height=3D"335" style=3D"border: none; -ms-interpolation-mode: =
|
|
bicubic; max-width: 100%; display: block; margin: 0 auto; height: auto; wid=
|
|
th: auto;"></div><h3 id=3D"risky-business-podcasts-2" style=3D"margin-top: =
|
|
0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Robo=
|
|
to, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe U=
|
|
I Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: =
|
|
700; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size=
|
|
: 26px;"><strong style=3D"font-weight: 800;"><em>Risky Business Podcasts</e=
|
|
m></strong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>I=
|
|
n this podcast, Tom Uren and Adam Boileau talk about the continued importan=
|
|
ce of hack and leak operations. They didn't really affect the recent US=
|
|
presidential election, but they are still a powerful tool for vested inter=
|
|
ests to influence public policy.</em></p><div class=3D"kg-card kg-embed-car=
|
|
d" style=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/SRB106.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/SRB106/">Srsl=
|
|
y Risky Biz: Why two hats are better than two heads</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Srsly Risky Biz: Why=
|
|
two hats are better than two heads",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/74275c8c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/SRB106/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
287d7053?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DRNw5NCYSeG8" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><h3 id=3D"apts-cyber-espionage-and-info-ops" =
|
|
style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, =
|
|
9;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emo=
|
|
ji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: =
|
|
1.11em; font-weight: 700; text-rendering: optimizeLegibility; margin: 1.5em=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">APTs, cyb=
|
|
er-espionage, and info-ops</strong></h3><p style=3D"margin: 0 0 1.5em 0; li=
|
|
ne-height: 1.6em;"><strong style=3D"font-weight: 700;">APT28/UAC-0063:</str=
|
|
ong> Sekoia looks at an <a href=3D"https://news.risky.biz/r/567358a9?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color=
|
|
: #727272; text-decoration: underline;" target=3D"_blank">APT campaign</a> =
|
|
targeting Central Asia, including Kazakhstan, and its diplomatic and econom=
|
|
ic relations with Asian and Western countries.</p><blockquote style=3D"marg=
|
|
in: 0; padding: 0; border-left: #727272 2px solid; font-size: 17px; font-we=
|
|
ight: 500; line-height: 1.6em; letter-spacing: -0.2px;"><p style=3D"line-he=
|
|
ight: 1.6em; margin: 2em 25px; font-size: 1em; padding: 0;"><em>"We as=
|
|
sess it is possible that this campaign was conducted by a Russia-nexus intr=
|
|
usion set, UAC-0063, sharing overlaps with APT28."</em></p></blockquot=
|
|
e><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"fo=
|
|
nt-weight: 700;">Sticky Werewolf:</strong> Russian security firm <a href=3D=
|
|
"https://news.risky.biz/r/c039e70f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underl=
|
|
ine;" target=3D"_blank">FACCT says</a> it discovered new Sticky Werewolf ca=
|
|
mpaigns targeting Russian entities. The company previously linked the group=
|
|
to Ukraine.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">NICKEL TAPESTRY:</strong> SecureWorks has li=
|
|
nked some of the North Korean IT worker groups to known artifacts of an APT=
|
|
it tracks as <a href=3D"https://news.risky.biz/r/391b21b8?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272;=
|
|
text-decoration: underline;" target=3D"_blank">NICKEL TAPESTRY</a>.</p><p =
|
|
style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-we=
|
|
ight: 700;">RedCurl:</strong> Huntress has published new details and IOCs f=
|
|
rom a <a href=3D"https://news.risky.biz/r/45f42d90?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-de=
|
|
coration: underline;" target=3D"_blank">RedCurl APT campaign</a> that targe=
|
|
ted Canada over the past two years.</p><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">Reward for Flax Typho=
|
|
on-linked company: </strong>The US State Department has put up a <a href=3D=
|
|
"https://news.risky.biz/r/71e0f618?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underl=
|
|
ine;" target=3D"_blank">$10 million reward</a> for additional information o=
|
|
n Beijing-based cybersecurity company Integrity Technology Group. US offici=
|
|
als claim the company is behind the Flax Typhoon APT group.</p><p style=3D"=
|
|
margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700=
|
|
;">Pro-Kremlin disinformation: </strong>Researchers have found <a href=3D"h=
|
|
ttps://news.risky.biz/r/218e19d3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" =
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underlin=
|
|
e;" target=3D"_blank">pro-Kremlin disinformation campaigns</a> targeting Cr=
|
|
oatia ahead of its presidential election. The pro-Kremlin candidate won. Th=
|
|
ere's also <a href=3D"https://news.risky.biz/r/50a53b7e?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank">another Russian disinfo gr=
|
|
oup</a> targeting Poland's upcoming election. EU officials believe more=
|
|
elections <a href=3D"https://news.risky.biz/r/80238fa5?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; te=
|
|
xt-decoration: underline;" target=3D"_blank">will likely be canceled</a> in=
|
|
the future because of foreign meddling and disinformation campaigns.</p><p=
|
|
style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-w=
|
|
eight: 700;">Iranian Cyber Units Organizational Structure:</strong> Iranian=
|
|
threat intel analyst Nariman Gharib has <a href=3D"https://news.risky.biz/=
|
|
r/433edb03?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap=
|
|
: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">=
|
|
published</a> a chart detailing the structure of Iran's cyber and cyber=
|
|
-electronics units.</p><div class=3D"kg-card kg-image-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/images=
|
|
/2025/01/Iran.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" he=
|
|
ight=3D"478" style=3D"border: none; -ms-interpolation-mode: bicubic; max-wi=
|
|
dth: 100%; display: block; margin: 0 auto; height: auto; width: auto;"></di=
|
|
v><h3 id=3D"vulnerabilities-security-research-and-bug-bounty" style=3D"marg=
|
|
in-top: 0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-=
|
|
weight: 700; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; f=
|
|
ont-size: 26px;"><strong style=3D"font-weight: 800;">Vulnerabilities, secur=
|
|
ity research, and bug bounty</strong></h3><p style=3D"margin: 0 0 1.5em 0; =
|
|
line-height: 1.6em;"><strong style=3D"font-weight: 700;">Patch Tuesday:</st=
|
|
rong> Yesterday was the January 2025 Patch Tuesday. We had security updates=
|
|
from <a href=3D"https://news.risky.biz/r/44cf5f6b?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-de=
|
|
coration: underline;" target=3D"_blank">Adobe</a>, <a href=3D"https://news.=
|
|
risky.biz/r/eed2deff?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">Microsoft</a>, <a href=3D"https://news.risky.biz/r/b6d3b0dd?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">Chrome</a>, =
|
|
<a href=3D"https://news.risky.biz/r/d4c9066d?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorati=
|
|
on: underline;" target=3D"_blank">SAP</a>, <a href=3D"https://news.risky.bi=
|
|
z/r/ed9645e7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">Ivanti</a>, <a href=3D"https://news.risky.biz/r/c03dfe71?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272;=
|
|
text-decoration: underline;" target=3D"_blank">Fortinet</a>, <a href=3D"ht=
|
|
tps://news.risky.biz/r/90f33fd6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" s=
|
|
tyle=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline=
|
|
;" target=3D"_blank">Cisco</a>, <a href=3D"https://news.risky.biz/r/d8886b3=
|
|
d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywher=
|
|
e; color: #727272; text-decoration: underline;" target=3D"_blank">NVIDIA</a=
|
|
>, <a href=3D"https://news.risky.biz/r/79e96dab?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank">Schneider Electric</a>, <a href=
|
|
=3D"https://news.risky.biz/r/dd2d6fe5?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">Siemens</a>, <a href=3D"https://news.risky.biz/r=
|
|
/e1e5c1a3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap:=
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">M=
|
|
oxa</a>, <a href=3D"https://news.risky.biz/r/5276a46b?m=3D1a80b145-9ce5-407=
|
|
e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text=
|
|
-decoration: underline;" target=3D"_blank">Zyxel</a>, <a href=3D"https://ne=
|
|
ws.risky.biz/r/003e4aad?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">Zoom</a>, <a href=3D"https://news.risky.biz/r/80a0feba?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">Rsync</a>, and <a =
|
|
href=3D"https://news.risky.biz/r/151790ba?m=3D1a80b145-9ce5-407e-b496-c5705=
|
|
0db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration:=
|
|
underline;" target=3D"_blank">Veeam</a>. The <a href=3D"https://news.=
|
|
risky.biz/r/ea43679c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">Android Project</a>, <a href=3D"https://news.risky.biz/r/e19b5b=
|
|
0f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhe=
|
|
re; color: #727272; text-decoration: underline;" target=3D"_blank">Firefox<=
|
|
/a>, <a href=3D"https://news.risky.biz/r/952bc5a6?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-dec=
|
|
oration: underline;" target=3D"_blank">Kubernetes</a>, <a href=3D"https://n=
|
|
ews.risky.biz/r/20bb00b5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D=
|
|
"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targ=
|
|
et=3D"_blank">Splunk</a>, <a href=3D"https://news.risky.biz/r/4e0145b4?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; col=
|
|
or: #727272; text-decoration: underline;" target=3D"_blank">SonicWall</a>, =
|
|
<a href=3D"https://news.risky.biz/r/2bdced64?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorati=
|
|
on: underline;" target=3D"_blank">ASUS</a>, <a href=3D"https://news.risky.b=
|
|
iz/r/3dabd9d7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-w=
|
|
rap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blan=
|
|
k">SimpleHelp</a>, and <a href=3D"https://news.risky.biz/r/51ac455d?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">GitLab</a> release=
|
|
d security updates last week as well.</p><p style=3D"margin: 0 0 1.5em 0; l=
|
|
ine-height: 1.6em;"><strong style=3D"font-weight: 700;">Microsoft Patch Tue=
|
|
sday:</strong> This month, Microsoft patched <a href=3D"https://news.risky.=
|
|
biz/r/193535d9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-=
|
|
wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_bla=
|
|
nk">159 vulnerabilities</a>, including three actively exploited zero-days.<=
|
|
/p><ul style=3D"margin: 0 0 1.5em 0; line-height: 1.6em; padding-left: 1.3e=
|
|
m; padding-right: 1.5em; list-style: disc; max-width: 100%;"><li style=3D"m=
|
|
argin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;"><a href=3D"https:=
|
|
//news.risky.biz/r/04067d16?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">CVE-2025-21333</a>, <a href=3D"https://news.risky.biz/r/45=
|
|
8d67e6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: an=
|
|
ywhere; color: #727272; text-decoration: underline;" target=3D"_blank">CVE-=
|
|
2025-21334</a>, <a href=3D"https://news.risky.biz/r/abcdb157?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">CVE-2025-21335</a> - All =
|
|
three are described as a Windows Hyper-V NT Kernel Integration VSP elevatio=
|
|
n of privilege vulnerability.</li></ul><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">Fortinet zero-day:</s=
|
|
trong> <a href=3D"https://news.risky.biz/r/6d583ca0?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-d=
|
|
ecoration: underline;" target=3D"_blank">Arctic Wolf says</a> threat actors=
|
|
are using a new Fortinet zero-day to mass compromise of Fortinet FortiGate=
|
|
firewalls. Tracked as CVE-2024-55591, the zero-day is an authentication by=
|
|
pass exploited via the firewall's Node.js websocket module. A <a href=
|
|
=3D"https://news.risky.biz/r/d7df9baa?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">patch</a> is now available.</p><p style=3D"margi=
|
|
n: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Av=
|
|
iatrix exploitation:</strong> Cloud security firm Wiz has detected <a href=
|
|
=3D"https://news.risky.biz/r/2b6ad620?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">active exploitation</a> of an Aviatrix Controlle=
|
|
r unauthenticated RCE vulnerability (<a href=3D"https://news.risky.biz/r/36=
|
|
974f77?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: an=
|
|
ywhere; color: #727272; text-decoration: underline;" target=3D"_blank">CVE-=
|
|
2024-50603</a>) that was initially disclosed last week. The flaw is being u=
|
|
sed to gain access to AWS customer backends.</p><p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Apple SIP by=
|
|
pass:</strong> Microsoft security researcher Jonathan Bar Or has published =
|
|
details about a <a href=3D"https://news.risky.biz/r/4c841d6d?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">new SIP bypass</a> impact=
|
|
ing macOS. It's the third bypass the researcher has found in macOS over=
|
|
the past years.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><=
|
|
strong style=3D"font-weight: 700;">Sign in with Google hijack:</strong> Tru=
|
|
ffleSecurity's Dylan Ayrey has <a href=3D"https://news.risky.biz/r/d954=
|
|
ae8b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anyw=
|
|
here; color: #727272; text-decoration: underline;" target=3D"_blank">found =
|
|
a way</a> to abuse the "Sign in with Google" feature and access d=
|
|
ata from failed companies. The idea is to re-register expired domains for f=
|
|
ailed companies, stand up a Google Workspace for that domain, and use the d=
|
|
omain and the new Google mail address to access data from the failed compan=
|
|
y's leftover online infrastructure. This includes stuff like Zoom, HR s=
|
|
ystems, Slack channels, and more.</p><p style=3D"margin: 0 0 1.5em 0; line-=
|
|
height: 1.6em;"><strong style=3D"font-weight: 700;">Facebook ad platform ha=
|
|
ck:</strong> Two bug hunters have found a vulnerability that allowed them t=
|
|
o pivot from Facebook's ad platform to the company's internal serve=
|
|
r network. Meta awarded the two $100,000 for their work. [<em>Additional co=
|
|
verage in </em><a href=3D"https://news.risky.biz/r/cd740b84?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank"><em>TechCrunch</em></a>]</=
|
|
p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"fo=
|
|
nt-weight: 700;">BlinkenCity research:</strong> Positive Security has publi=
|
|
shed details about BlinkenCity, a technique that uses rogue radio signals t=
|
|
o shut down renewable power management devices and streetlights in some Eur=
|
|
opean cities.</p><div class=3D"kg-card kg-embed-card" style=3D"margin: 0 0 =
|
|
1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
250b0cee?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/DAf-T3bFJFs/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/DAf-T3bFJFs/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DDAf-T3bFJFs" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/DAf-T3bFJFs/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">VPN tunneling vulnerabilities:=
|
|
</strong> Two KU Leuven academics have discovered that over four million VP=
|
|
N servers and home routers can be abused to re-route malicious traffic and =
|
|
carry out DoS attacks via modified tunneling packets. [<em>Additional cover=
|
|
age in </em><a href=3D"https://news.risky.biz/r/65889146?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; t=
|
|
ext-decoration: underline;" target=3D"_blank"><em>Top10VPN</em></a>/<em>Ful=
|
|
l research paper </em><a href=3D"https://news.risky.biz/r/5694e0a9?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: =
|
|
#727272; text-decoration: underline;" target=3D"_blank"><em>PDF</em></a>]</=
|
|
p><blockquote style=3D"margin: 0; padding: 0; border-left: #727272 2px soli=
|
|
d; font-size: 17px; font-weight: 500; line-height: 1.6em; letter-spacing: -=
|
|
0.2px;"><p style=3D"line-height: 1.6em; margin: 2em 25px; font-size: 1em; p=
|
|
adding: 0;"><em>"The discovered hosts also facilitate new Denial-of-se=
|
|
rvice (DoS) attacks. Two new DoS attacks amplify traffic: one concentrates =
|
|
traffic in time, and another loops packets between vulnerable hosts, result=
|
|
ing in an amplification factor of at least 16 and 75, respectively. Additio=
|
|
nally, we present an Economic Denial of Sustainability (EDoS) attack, where=
|
|
the outgoing bandwidth of a host is drained. Finally, we discuss counterme=
|
|
asures and hope our findings will motivate people to better secure tunnelli=
|
|
ng hosts."</em></p></blockquote><div class=3D"kg-card kg-embed-card" s=
|
|
tyle=3D"margin: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
ceabefef?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/eFZsM3khrSk/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/eFZsM3khrSk/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DeFZsM3khrSk" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/eFZsM3khrSk/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><h3 id=3D"infosec-industry" style=3D"margin-t=
|
|
op: 0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', =
|
|
Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Seg=
|
|
oe UI Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-weig=
|
|
ht: 700; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-=
|
|
size: 26px;"><strong style=3D"font-weight: 800;">Infosec industry</strong><=
|
|
/h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"=
|
|
font-weight: 700;">Threat/trend reports:</strong> The <a href=3D"https://ne=
|
|
ws.risky.biz/r/9a3e61d2?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">Cyber Threat Alliance</a>, <a href=3D"https://news.risky.biz/r=
|
|
/e1b834d3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap:=
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">I=
|
|
ANS Research+Artico Search</a>, <a href=3D"https://news.risky.biz/r/a122cb1=
|
|
8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywher=
|
|
e; color: #727272; text-decoration: underline;" target=3D"_blank">Ukraine&#=
|
|
39;s SCPC</a>, and the <a href=3D"https://news.risky.biz/r/a520f00c?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">US NMFTA</a> have =
|
|
published reports and summaries covering various infosec trends and industr=
|
|
y threats.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">Tool update—HIBP:</strong> The Have I B=
|
|
een Pwned portal is <a href=3D"https://news.risky.biz/r/6f6509b8?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #7=
|
|
27272; text-decoration: underline;" target=3D"_blank">now indexing</a> leak=
|
|
ed or public stealer logs.</p><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">New tool—raink:</strong=
|
|
> Security firm BishopFox has released <a href=3D"https://news.risky.biz/r/=
|
|
b988205d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: =
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">ra=
|
|
ink</a>, a tool to help researchers solve ranking problems that are otherwi=
|
|
se difficult for LLMs to process.</p><p style=3D"margin: 0 0 1.5em 0; line-=
|
|
height: 1.6em;"><strong style=3D"font-weight: 700;">New tool—What is=
|
|
this Stealer:</strong> The MalBeacon team has released <a href=3D"https://=
|
|
news.risky.biz/r/f5e77cae?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">What is this Stealer</a>, a GitHub repo containing formats=
|
|
used by infostealer malware, designed to allow security researchers to eas=
|
|
ily identify infections.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1=
|
|
=2E6em;"><strong style=3D"font-weight: 7=
|
|
00;">New tool—Sunder:</strong>=
|
|
Security researcher Cole Houston has released <a href=3D"https://news.risk=
|
|
y.biz/r/1e273eb0?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflo=
|
|
w-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_b=
|
|
lank">Sunder</a>, a Windows rootkit modeled after the Lazarus Group's F=
|
|
udModule rootkit.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;">=
|
|
<strong style=3D"font-weight: 700;">New tool—EarlyCascade:</strong> =
|
|
Security researcher Abdallah Elsharif has released a <a href=3D"https://new=
|
|
s.risky.biz/r/d8581643?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"o=
|
|
verflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">PoC</a> for the <a href=3D"https://news.risky.biz/r/40556158?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">EarlyCascade=
|
|
</a> process injection technique.</p><p style=3D"margin: 0 0 1.5em 0; line-=
|
|
height: 1.6em;"><strong style=3D"font-weight: 700;">ShmooCon 2025 streams:<=
|
|
/strong> Live streams from the last ShmooCon security conference, which too=
|
|
k place last week, are <a href=3D"https://news.risky.biz/r/83df127c?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">available on YouTu=
|
|
be</a>.</p><h3 id=3D"risky-business-podcasts-3" style=3D"margin-top: 0; fon=
|
|
t-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, He=
|
|
lvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoj=
|
|
i', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; t=
|
|
ext-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px=
|
|
;"><strong style=3D"font-weight: 800;"><em>Risky Business Podcasts</em></st=
|
|
rong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>In this=
|
|
edition of Between Two Nerds, Tom Uren and The Grugq talk about the evolut=
|
|
ion of Russian cyber operations during its invasion of Ukraine.</em></p><di=
|
|
v class=3D"kg-card kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/BTN105.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/BTN105/">Betw=
|
|
een Two Nerds: The evolution of Russia's cyber operations in Ukraine<=
|
|
;/a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Between Two Nerds: T=
|
|
he evolution of Russia's cyber operations in Ukraine",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/c4d07cfd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/BTN105/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
aa9e49d8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/e49QGvfSWoU/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/e49QGvfSWoU/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3De49QGvfSWoU" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/e49QGvfSWoU/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div>
|
|
<!-- POST CONTENT END -->
|
|
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<!-- END MAIN CONTENT AREA -->
|
|
|
|
|
|
|
|
|
|
<tr>
|
|
<td class=3D"wrapper" align=3D"center" styl=
|
|
e=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Ro=
|
|
boto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe=
|
|
UI Emoji', 'Segoe UI Symbol'; font-size: 18px; vertical-align:=
|
|
top; color: #15212A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; p=
|
|
adding-top: 40px; padding-bottom: 30px;">
|
|
<tr>
|
|
<td class=3D"footer" style=3D"f=
|
|
ont-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, =
|
|
Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Em=
|
|
oji', 'Segoe UI Symbol'; vertical-align: top; color: #738a94; m=
|
|
argin-top: 20px; text-align: center; padding-bottom: 10px; padding-top: 10p=
|
|
x; padding-left: 30px; padding-right: 30px; line-height: 1.5em; font-size: =
|
|
13px;" valign=3D"top" align=3D"center">Risky.Biz © 2025 – <a hr=
|
|
ef=3D"https://news.risky.biz/unsubscribe/?uuid=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff&key=3Db42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e3=
|
|
2ee87b&newsletter=3D102a29ad-4bfc-4105-8645-703ba0268482" style=3D"overflow=
|
|
-wrap: anywhere; color: #738a94; text-decoration: underline; font-size: 13p=
|
|
x;" target=3D"_blank">Unsubscribe</a></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
</table>
|
|
<!-- END CENTERED WHITE CONTAINER -->
|
|
</div>
|
|
</td>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
</tr>
|
|
|
|
<!--[if mso]>
|
|
</table>
|
|
</center>
|
|
</td>
|
|
</tr>
|
|
<![endif]-->
|
|
</table>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
--c09e722fb0725cb7c547e41e5021fbcc388157e3f294d9a3c5f4a507e1d5--
|
.