|
X-He-Spam-Score: -2.0
|
|
Return-Path: <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>
|
|
Delivered-To: dropbox@plan.io
|
|
Received: from m.launch.gmbh ([127.0.0.1])
|
|
by m.launch.gmbh with LMTP
|
|
id 75SoI5ffjWfX4gwAJzdhvw
|
|
(envelope-from <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>)
|
|
for <dropbox@plan.io>; Mon, 20 Jan 2025 06:31:03 +0100
|
|
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on m.launch.gmbh
|
|
X-Spam-Level:
|
|
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
|
|
DKIM_VALID,DMARC_PASS,HTML_IMAGE_RATIO_06,HTML_MESSAGE,LOTS_OF_MONEY,
|
|
RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_FAIL,SPF_FAIL_IGNORE,
|
|
SPF_HELO_NONE,T_KAM_HTML_FONT_INVALID,T_MONEY_PERCENT autolearn=ham
|
|
autolearn_force=no version=3.4.6
|
|
X-Spam-Report:
|
|
* -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
|
|
* https://www.dnswl.org/, no trust
|
|
* [64.90.62.164 listed in list.dnswl.org]
|
|
* -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
|
|
* [score: 0.0000]
|
|
* -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
|
|
* [64.90.62.164 listed in wl.mailspike.net]
|
|
* -0.1 DMARC_PASS DMARC check passed
|
|
* 5.0 SPF_FAIL SPF check failed
|
|
* 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
|
|
* 0.0 HTML_IMAGE_RATIO_06 BODY: HTML has a low ratio of text to image
|
|
* area
|
|
* 0.0 HTML_MESSAGE BODY: HTML included in message
|
|
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
|
|
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
|
|
* valid
|
|
* 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
|
|
* Colors in HTML
|
|
* -5.0 SPF_FAIL_IGNORE Planio Inbox does not consider SPF FAILS on
|
|
* redirects
|
|
* 0.0 LOTS_OF_MONEY Huge... sums of money
|
|
* 0.0 T_MONEY_PERCENT X% of a lot of money for you
|
|
X-Spam-Score: -2.0
|
|
Authentication-Results: m.launch.gmbh; dmarc=pass (p=none dis=none) header.from=ghost.io
|
|
Authentication-Results: m.launch.gmbh; spf=fail smtp.mailfrom=m.ghost.io
|
|
Authentication-Results: m.launch.gmbh;
|
|
dkim=pass (2048-bit key; unprotected) header.d=m.ghost.io header.i=@m.ghost.io header.a=rsa-sha256 header.s=mailgun header.b=Crk0sU61;
|
|
dkim-atps=neutral
|
|
Envelope-to: inbox+rlxc+36be+hoax-clearing-center@plan.io
|
|
Received: from pdx1-sub0-mail-mx202.dreamhost.com (fltr-in2.mail.dreamhost.com [64.90.62.164])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by m.launch.gmbh (Postfix) with ESMTPS id B13001687F6
|
|
for <inbox+rlxc+36be+hoax-clearing-center@plan.io>; Mon, 20 Jan 2025 06:31:02 +0100 (CET)
|
|
Received: from postfix-inbound-v2-4.inbound.mailchannels.net (inbound-egress-5.mailchannels.net [199.10.31.237])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by pdx1-sub0-mail-mx202.dreamhost.com (Postfix) with ESMTPS id 4YbzTJ0jpPz929j
|
|
for <lapor@turnbackhoax.id>; Sun, 19 Jan 2025 21:31:00 -0800 (PST)
|
|
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1737351059; a=rsa-sha256;
|
|
cv=none;
|
|
b=18CcZUfYGpUf8q4O7+rl74/ox7D6tbIXp+3TkNAAtYBi0bBJGomNd3qJlCCu3spBpA3C45
|
|
l0s4jujj4NBP0F+hNXeMZzESvao8ZBJAoAom5fQJpp2myRZkHvLdqu2IKgOAC6yTXgPGqQ
|
|
dE7/Edgvjzl6UyozbY8v+PFG1xbduw+fCmbKPnV7bmuy7oa/BO2yY7YMj6CRyISgHMV7q8
|
|
YACMPpt1gTaRffsDgc4K1MoFe92KWPjfN3nzgZPopX/ikoRLpn6D79BAoeSIalDR//zlSm
|
|
2CSnyeG4BhG56uYA4CgmAOZUO30vgjFVhBLrI4B43jR+x6zCztz6nGdth4PPAw==
|
|
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
|
|
d=mailchannels.net;
|
|
s=arc-2022; t=1737351059;
|
|
h=from:from:sender:sender:reply-to:subject:subject:date:date:
|
|
message-id:message-id:to:to:cc:mime-version:mime-version:
|
|
content-type:content-type:list-unsubscribe:list-unsubscribe-post:
|
|
dkim-signature; bh=6bq9jPE/qlp4rNJBrGsG+Pm1KaPrgVJ2YBpyHr3flnI=;
|
|
b=S59PFAKpRnLSk9ARz+6SKmffjlXZDTe7Hl7lSEs0rFms4H4HNLDM9qywu5t8lJvuwqgmfm
|
|
4948mRlxq9YFx1qP0XndqB7vGWCyFl6O2Md8+COS9haOG/OakWNJT2ChJzoyppdnUbnAcZ
|
|
TF8jUOLuCeGbPYmY2NC9tOfeTP63LhPYTnoh3vw1vgKLN95VGXg7TSXMGn294zxtTF7GaM
|
|
/hGbuNeJWXYBJlmyEs8YEAbO/vCR4wZSNpRhug93BlTSSkgcj9cMLxWG83cLlqUopSN2sO
|
|
c3Ng/OjySCBefx8Ohi0QV93haWdbAs6jVM8txoOSt62SlO323cZTBpFD39P9+g==
|
|
ARC-Authentication-Results: i=1;
|
|
inbound-rspamd-7d6dbf97d6-lnqcf;
|
|
none
|
|
X-Message-ID: F131F7KsPS6oCAiVJfQB9R47
|
|
Received: from relay9.ghost.io (relay9.ghost.io [143.55.233.111])
|
|
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256)
|
|
by 100.116.66.112 (trex/6.10.3);
|
|
Mon, 20 Jan 2025 05:30:59 +0000
|
|
Authentication-Results: inbound.mailchannels.net;
|
|
spf=pass
|
|
smtp.mailfrom=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
dkim=pass header.d=m.ghost.io;
|
|
dmarc=pass (policy=none; pct=100; status=pass);
|
|
arc=none
|
|
Received-SPF: pass (dmarc-service-5d68fff777-w6v88: domain of m.ghost.io
|
|
designates 143.55.233.111 as permitted sender) client-ip=143.55.233.111;
|
|
envelope-from=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
helo=relay9.ghost.io;
|
|
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=m.ghost.io; q=dns/txt; s=mailgun; t=1737351057; x=1737358257;
|
|
h=Message-Id: List-Unsubscribe-Post: List-Unsubscribe: To: To: From: From: Subject: Subject: Content-Type: Mime-Version: Date: Sender: Sender;
|
|
bh=6bq9jPE/qlp4rNJBrGsG+Pm1KaPrgVJ2YBpyHr3flnI=;
|
|
b=Crk0sU61xZU8BUnGNYxGWI+YyziLx5DYxGXqMcQ1NmjcMq+t06U/A5oRfyxfJcb7b1IAgCC/RmmZW6nhOgXsNI2/fzsglkr/Xz5ZrLYDRL46zogEblF5Ls4mi7qIGA6iSHRGwM3qnY9IKZId064NqQlbnNFDrShfw4Co44bBxmQp3FF3613FkxmnN2Xu9VUChfm3bOkJV7R4N6iy9xFacOk3FiqNZ6P3Zz8AhTDTCrNbzrRlUkWsVl2vmqDQvP8e0LJOqY+L+XL0kc8rs4NwsNlOYiFcW52azbAT4V0ISV2ArByVSwn5sdl3DG7ZHLRWuSYySYDqRiv0QeL2Byf8Fg==
|
|
X-Mailgun-Sending-Ip: 143.55.233.111
|
|
X-Mailgun-Sending-Ip-Pool-Name: Bulk - Standard
|
|
X-Mailgun-Sending-Ip-Pool: 6155d7ba935d084321777411
|
|
X-Mailgun-Sid: WyIzODUwYiIsImxhcG9yQHR1cm5iYWNraG9heC5pZCIsIjdiZGMxOCJd
|
|
Received: by d9d0682e3380 with HTTP id 678ddf91883f440b39dfe4b0; Mon, 20 Jan 2025
|
|
05:30:54 GMT
|
|
X-Mailgun-Batch-Id: 678ddf8e883f440b39dfd87b
|
|
Sender: risky-biz=ghost.io@m.ghost.io
|
|
Date: Mon, 20 Jan 2025 05:30:54 +0000
|
|
Mime-Version: 1.0
|
|
Content-Type: multipart/alternative;
|
|
boundary="d48c8fb4d42dae659b8798753acb4538eeff470e8291e7e65b237ab95d5b"
|
|
Subject: Risky Bulletin: Looking at Biden's last cyber executive order
|
|
From: Risky.Biz <risky-biz@ghost.io>
|
|
To: lapor@turnbackhoax.id
|
|
X-Mailgun-Tag: bulk-email
|
|
X-Mailgun-Tag: ghost-email
|
|
X-Mailgun-Tag: blog-1041185
|
|
X-Mailgun-Deliver-By: Mon, 20 Jan 2025 05:30:50 +0000
|
|
X-Mailgun-Track-Opens: true
|
|
List-Unsubscribe: <https://news.risky.biz/unsubscribe/?uuid=1a80b145-9ce5-407e-b496-c57050db16ff&key=b42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=102a29ad-4bfc-4105-8645-703ba0268482>,
|
|
<mailto:u+mq6toytemmytqjtfnvqws3bnnfsd2nrxhbsgizryhe4gcnbsgyztambqge4tezbqga2sm2b5gzsdsojzgy3wimrugntgenzyge3dcnjtgy4dizrxhfqwczjuguzcm2j5giydenjqgezdambvgmydknbogzsgenzuga4dqzjwmq3wcntggqstimdnfztwq33toqxgs3zgoi6wyylqn5zcknbqor2xe3tcmfrww2dpmf4c42leez2d2ytvnrvs2zlnmfuwyjtuhvtwq33toqwwk3lbnfwcm5b5mjwg6zzngeydimjrha2sm5r5gi@m.ghost.io>
|
|
List-Unsubscribe-Post: List-Unsubscribe=One-Click
|
|
X-Mailgun-Variables: {"email-id": "678ddf898a4263000192d005"}
|
|
Message-Id: <20250120053054.6db74088e6d7a6f4@m.ghost.io>
|
|
|
|
--d48c8fb4d42dae659b8798753acb4538eeff470e8291e7e65b237ab95d5b
|
|
Content-Type: text/plain; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
https://news.risky.biz/r/68ec65d9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff
|
|
|
|
|
|
Risky Business News [https://news.risky.biz/r/b9d0db2b?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky Bulletin: Looking at Biden's last cyber executive order [https://news=
|
|
=2Erisky.biz/r/37e8349a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
By Catalin Cimpanu =E2=80=A2 20 Jan 2025
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/6c5fa5d6?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/822eae70?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This newsletter is brought to you by=C2=A0Resourcely [https://news.risky.bi=
|
|
z/r/ca8b2a85?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], the company that ca=
|
|
n help you manage Terraform securely. You can subscribe to an audio version=
|
|
of this newsletter as a podcast by searching for "Risky Business" in your =
|
|
podcatcher or subscribing via this RSS feed [https://news.risky.biz/r/30146=
|
|
0a7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
|
|
|
|
https://risky.biz/RBNEWS378/ [https://news.risky.biz/r/5b22ccc5?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff]
|
|
|
|
In its last days in office last week, the Biden administration signed an ex=
|
|
ecutive order [https://news.risky.biz/r/aff0c7d6?m=3D1a80b145-9ce5-407e-b49=
|
|
6-c57050db16ff] (EO 14144 [https://news.risky.biz/r/a52ec0d8?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]) with new requirements and standards for streng=
|
|
thening the US' cybersecurity defenses and ecosystem.
|
|
|
|
This is the administration's second cyber executive order after EO 14028 [h=
|
|
ttps://news.risky.biz/r/6961883d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
from May 2021.
|
|
|
|
Below, we're gonna go over all the main points included in last week's rele=
|
|
ase. The list is going through the EO from top to bottom. Items are not lis=
|
|
ted based on "importance."
|
|
|
|
* All government contractors must submit their software for attestation fo=
|
|
r use on government systems via the CISA Repository for Software Attestatio=
|
|
n and Artifacts (RSAA [https://news.risky.biz/r/dbd96b4e?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff]) portal. This measure is designed to improve softwa=
|
|
re supply chains for contracted government software and make sure vendors a=
|
|
re using secure development patterns and patching old vulnerabilities in th=
|
|
eir code, including for smaller components.
|
|
* There's one paragraph about open-source software in there too. This one =
|
|
directs the DHS to work with other relevant agencies to publish recommendat=
|
|
ions for federal agencies "on the use of security assessments and patching =
|
|
of open source software and best practices for contributing to open source =
|
|
software projects."
|
|
* Agencies will need to integrate cybersecurity supply chain risk manageme=
|
|
nt programs into enterprise-wide risk management activities.
|
|
* The White House has ordered agencies to start testing and even mass-depl=
|
|
oying "commercial phishing-resistant standards such as WebAuthn."
|
|
* The White House has ordered the DHS and DOD to work together on new thre=
|
|
at intel-sharing procedures. This one provision likely comes after several =
|
|
GAO reports have found that current inter-agency threat-sharing procedures =
|
|
were slow and ineffective, and information coming out of the DOD being extr=
|
|
emely gatekept and hindered because of overzealous classification levels.
|
|
* The new threat intel-sharing program will aggregate data from the EDR an=
|
|
d SOC platforms of all federal agencies so CISA can detect coordinated camp=
|
|
aigns and other threats.
|
|
* New FedRAMP baselines to improve the security of government-contracted c=
|
|
loud systems.
|
|
* New cybersecurity contracting requirements for any government-procured s=
|
|
pace systems. These requirements cover the use of secure software and hardw=
|
|
are, the use of encryption to protect incoming ground commands, command sou=
|
|
rce authorization, and various other ways to ensure satellite commands can'=
|
|
t be hijacked.
|
|
* A review and a yearly assessment of the US government's IP space.
|
|
* All agencies and IT service providers must use RPKI ROA and ROV. The Whi=
|
|
te House previously recommended the use of RPKI ROAs last September. See he=
|
|
re [https://news.risky.biz/r/85047668?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff].
|
|
|
|
* All agencies and contractors must use in-transit encrypted DNS.
|
|
* All agencies must "encrypt email messages in transport and, where practi=
|
|
cal, use end-to-end encryption in order to protect messages from compromise=
|
|
=2E"
|
|
* All agencies will have to use "transport encryption" for IM, voice, and =
|
|
video conferencing apps. If clients support it, E2EE must also be enabled b=
|
|
y default.
|
|
* CISA will have to produce a list of software with post-quantum cryptogra=
|
|
phy (PQC) protections, and agencies must start using and contracting softwa=
|
|
re that's protected against future quantum computer attacks.
|
|
* The EO urges agencies to look into using hardware security modules, trus=
|
|
ted execution environments, and other isolation technologies to protect the=
|
|
ir most sensitive encryption keys. FedRAMP, the OMB, and other agencies wil=
|
|
l have to put out new guidelines to encourage the new practice.
|
|
* In a move to address fraud gangs targeting government funds, the White H=
|
|
ouse has directed the OMB to encourage the development of software solution=
|
|
s and government portals that accept "digital identity documents" to access=
|
|
public benefits programs.
|
|
* The EO directs agencies to run pilot programs with the private sector an=
|
|
d test if AI can be used for cyber defense. From the EO, this should cover =
|
|
vulnerability detection and management, intel-sharing, threat detection, an=
|
|
d IR.
|
|
* The White House has ordered a fresh batch of new NIST cybersecurity stan=
|
|
dards and best practices. Yey!
|
|
* Government contractors would have to follow any of NIST's new applicable=
|
|
and minimum cybersecurity practices.
|
|
* All IoT gear acquired by the government must have a US Cyber Trust Mark =
|
|
[https://news.risky.biz/r/a91b0bfd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
].
|
|
|
|
* All agencies will have to inventory all major information systems and pr=
|
|
ovide the inventory to CISA.
|
|
* And, finally, the White House has made it easier for the Treasury to san=
|
|
ction foreign nationals and companies involved in malicious cyber activity =
|
|
targeting the US. Previously, such sanctions could be imposed only for cert=
|
|
ain types of activities.
|
|
|
|
The new Trump administration is being sworn in on the day this newsletter g=
|
|
oes live. The new admin can revoke the executive order, but it is highly un=
|
|
likely to happen since most of the EO deals with technical mumbo jumbo that=
|
|
's usually not at the center of US partisan conversations.
|
|
|
|
However, some are not sure about that [https://news.risky.biz/r/31441cac?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff] and expect the EO to receive some =
|
|
pushback just because Republicans have this thing of undoing everything Dem=
|
|
ocrats do, regardless of how good or bad it is. Kindergarten politics at it=
|
|
s finest!
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
Risky Business is now on YouTube with video versions of our main podcasts. =
|
|
Below is our latest weekly show with Pat and Adam at the helm!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/b752f044?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
----------------------------------------
|
|
|
|
|
|
Breaches, hacks, and security incidents
|
|
|
|
China's Treasury hack: Chinese state-sponsored hackers had direct access to=
|
|
over 400 laptops and desktop computers inside the US Treasury Department i=
|
|
n a hack at the end of last year. The agency says the hackers stole over 3,=
|
|
000 unclassified documents outside of normal working hours to avoid detecti=
|
|
on. The intrusion targeted the agency's sanctions (OFAC) and foreign invest=
|
|
ment (CFIUS) bureaus. US Treasury Secretary Janet Yellen's computer was one=
|
|
of the compromised systems. Intelligence officials attributed the hack to =
|
|
a group tracked as Silk Typhoon. [Additional coverage in Bloomberg [https:/=
|
|
/news.risky.biz/r/f368a2d8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Salt Typhoon hacks impacted govt first, telcos second: CISA Director Jen Ea=
|
|
sterly says [https://news.risky.biz/r/829f522a?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff] the agency detected Salt Typhoon activity on federal networks=
|
|
before the group was spotted targeting American telcos. The early detectio=
|
|
n allowed investigators to seize one of the group's virtual private servers=
|
|
and spot the larger campaign targeting US telcos. Tips from the private se=
|
|
ctor also helped spot the attacks.
|
|
|
|
Otelier breach: Hotel management platform Otelier suffered a security breac=
|
|
h after a threat actor breached the company's Amazon S3 cloud storage envir=
|
|
onment in July of last year. The attacker is believed to have stolen the pe=
|
|
rsonal data of millions of customers. Otelier's platform is used by over 10=
|
|
,000 hotels to manage reservations. It is used by big hotel chains such as =
|
|
Marriott, Hilton, and the Hyatt. The company has confirmed the breach, whic=
|
|
h allegedly took place via an employee's stolen Atlassian server credential=
|
|
s. [Additional coverage in Bleeping Computer [https://news.risky.biz/r/a1d8=
|
|
7668?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
|
|
General tech and privacy
|
|
|
|
FTC settles with GoDaddy over cybersecurity failures: Web hosting company G=
|
|
oDaddy has settled [https://news.risky.biz/r/4fec6e21?m=3D1a80b145-9ce5-407=
|
|
e-b496-c57050db16ff] with the FTC in an investigation related to multiple s=
|
|
ecurity failures the company has suffered since 2018. The company has agree=
|
|
d to set up a robust security program and is prohibited from misleading cus=
|
|
tomers about its security features. GoDaddy will have to roll out multi-fac=
|
|
tor authentication for customers and employees, remove outdated gear from i=
|
|
ts network, and protect its APIs. The agency did not impose a fine.
|
|
|
|
FTC privacy action against GM: The FTC has imposed a five-year ban on Ameri=
|
|
can carmaker General Motors on collecting and selling the private informati=
|
|
on of its customers. The agency's action comes after reports that GM sold g=
|
|
eolocation data and driver behavior to insurance companies. The data was us=
|
|
ed to spike insurance rates for drivers based on their driving styles despi=
|
|
te drivers not causing any accidents.
|
|
|
|
FTC fines Genshin Impact: The FTC has fined game developer Cognosphere $20 =
|
|
million [https://news.risky.biz/r/d1492619?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff] for selling loot boxes to teens under 16 without parental consent=
|
|
in its Genshin Impact title.
|
|
|
|
GDPR complaints against Chinese apps: EU privacy group noyb has filed GDPR =
|
|
complaints against six Chinese apps for illegally transferring the personal=
|
|
data of EU citizens to China. The complaint lists TikTok, AliExpress, SHEI=
|
|
N, Temu, WeChat, and Xiaomi. The same agency has a long history of filing c=
|
|
omplaints against tech giants. Previous complaints [https://news.risky.biz/=
|
|
r/84c80920?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] have targeted Google, =
|
|
Facebook, Amazon, Mozilla, and Microsoft.
|
|
|
|
Google Search now requires JavaScript: Google is now requiring users [https=
|
|
://news.risky.biz/r/7f1df46a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to e=
|
|
nable JavaScript in their browsers to access and use its search engine.
|
|
|
|
|
|
Government, politics, and policy
|
|
|
|
SCOTUS greenlights TikTok ban: The US Supreme Court upheld the US governmen=
|
|
t's TikTok ban in a unanimous decision, ruling that the decision to ban the=
|
|
app on national security grounds does not go against the US Constitution's=
|
|
First Amendment. Incoming President Trump, who set the ban going in the fi=
|
|
rst place, started to play Internet Jesus and promised to postpone the ban =
|
|
three months so TikTok has time to negotiate the sale of over 50% of its US=
|
|
branch to a US business. Good ol' mafia-style shakedown, right here. [Read=
|
|
SCOTUS ruling here/PDF [https://news.risky.biz/r/940b1ba5?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff]] [Additional coverage in CNBC [https://news.risky=
|
|
=2Ebiz/r/a5bc702f?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] and Axios [https:=
|
|
//news.risky.biz/r/55b025cc?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Calls for smaller CISA: In her nomination hearing, DHS secretary nominee Kr=
|
|
isti Noem says she plans to make CISA a smaller and more nimble agency. The=
|
|
plan is to move CISA away from election misinformation and disinformation =
|
|
and refocus it on hunting and securing the country's critical infrastructur=
|
|
e only. [Additional coverage in FNN [https://news.risky.biz/r/caf496b4?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
FCC orders telcos to secure networks: The FCC has ordered telcos [https://n=
|
|
ews.risky.biz/r/ce1ac5c3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to secur=
|
|
e their networks against foreign hacks, citing section 105 of the Communica=
|
|
tions Assistance for Law Enforcement Act (CALEA), which they have to abide =
|
|
by.
|
|
|
|
First FALCON deployment: A ransomware attack that hit Costa Rican oil refin=
|
|
ery RECOPE was the first real-world deployment of a new US government IR te=
|
|
am named the Foreign Assistance Leveraged for Cybersecurity Operational Nee=
|
|
ds, or FALCON. [Additional coverage in The Record [https://news.risky.biz/r=
|
|
/b9cc613c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
EU healthcare cyber plan: The European Commission has unveiled a plan [http=
|
|
s://news.risky.biz/r/521162f0?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to =
|
|
strengthen the cybersecurity of hospitals and healthcare providers. Officia=
|
|
ls plan to build an EU-wide early warning service by 2026 that will deliver=
|
|
near-real-time alerts on potential cyber threats. The EU will also establi=
|
|
sh a rapid response service from trusted private service providers to help =
|
|
hospitals deal with cyber attacks. EU member states will also introduce=C2=
|
|
=A0Cybersecurity Vouchers to provide financial assistance to micro, small, =
|
|
and medium-sized hospitals and healthcare providers. [Full plan here [https=
|
|
://news.risky.biz/r/81b9591c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Spyware proliferation: Almost 100 foreign governments have purchased advanc=
|
|
ed spyware designed to crack into cell phones. The head of the US governmen=
|
|
t's counterintelligence agency says the mobile spyware market has seen a "h=
|
|
uge growth" with "dozens of companies" selling various products. US NCSC he=
|
|
ad Michael Casey says nearly 20 new countries have acquired mobile spyware =
|
|
since April 2023, when the number was around 80 nations. [Additional covera=
|
|
ge in BreakingDefense [https://news.risky.biz/r/6508c941?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff]]
|
|
|
|
|
|
Sponsor section
|
|
|
|
In this Risky Bulletin sponsor interview, Travis McPeak, the CEO and founde=
|
|
r of Resourcely, explains that companies are now realising they have a ton =
|
|
of cloud-related technical debt because of the success of cloud posture man=
|
|
agement products. Travis talks about different approaches he has seen to ta=
|
|
ckle rampant cloud misconfigurations.
|
|
|
|
|
|
|
|
https://risky.biz/RBNEWSSI68/ [https://news.risky.biz/r/883430cd?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
Arrests, cybercrime, and threat intel
|
|
|
|
Threat actor leaks 15k Fortinet firewall configs: A threat actor has leaked=
|
|
config files and login credentials for over 15,000 Fortinet firewalls. Acc=
|
|
ording to security researcher Kevin Beaumont [https://news.risky.biz/r/b03c=
|
|
f1dc?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], the data was collected in O=
|
|
ctober 2022 using what was a zero-day vulnerability (CVE-2022=E2=80=9340684=
|
|
) at the time. Security researchers have extracted the IPs [https://news.ri=
|
|
sky.biz/r/c655ea0d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] of all affecte=
|
|
d devices and are notifying affected organizations. The threat actor behind=
|
|
the leak calls itself the Belsen Group.
|
|
|
|
Ukraine phishing gang detained: Ukrainian police [https://news.risky.biz/r/=
|
|
66747005?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] detained nine individual=
|
|
s [https://news.risky.biz/r/0146a3b6?m=3D1a80b145-9ce5-407e-b496-c57050db16=
|
|
ff] suspected of running phishing campaigns via social media sites.
|
|
|
|
Fake hotel review scheme dismantled in Nigeria: Nigerian police have arrest=
|
|
ed 105 suspects [https://news.risky.biz/r/8b7f2381?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff] who were part of an online scam group that tricked foreig=
|
|
ners into posting fake hotel reviews. Officials say the group was led by fo=
|
|
ur Chinese men who recruited and trained Nigerien men to act as technical r=
|
|
epresentatives in the scheme. The gang tricked victims into posting fake re=
|
|
views in exchange for money and even making bookings in some of the reviewe=
|
|
d hotels, only to stop communications when payment was due.
|
|
|
|
Cyber fraud arrests in China: The Chinese government says it indicted over =
|
|
67,000 on cyber fraud-related charges from January to November 2024, up alm=
|
|
ost 60% from the previous year, per China Daily [https://news.risky.biz/r/5=
|
|
9def051?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]. Officials have also prom=
|
|
ised to continue [https://news.risky.biz/r/2123f239?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff] their crackdown, especially in northern Myanmar.
|
|
|
|
AWS Codefinger response: The AWS security team has published a blog post [h=
|
|
ttps://news.risky.biz/r/b926e5be?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
with advice on how to prevent and deal with Codefinger ransomware attacks [=
|
|
https://news.risky.biz/r/28a87712?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
that have been targeting AWS S3 buckets for the past weeks.
|
|
|
|
CISA cloud logs playbook: CISA has published a playbook [https://news.risky=
|
|
=2Ebiz/r/0f107e6b?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] on how organizati=
|
|
ons can fully employ the newly introduced logging capabilities in Microsoft=
|
|
Purview Audit (Standard) to better detect threats.
|
|
|
|
FBI security bad practices: The FBI has released version 2.0 of its Product=
|
|
Security Bad Practices [PDF [https://news.risky.biz/r/72cb5649?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff]]. The changes are detailed in the image belo=
|
|
w.
|
|
|
|
PyPI malware: Socket Security has discovered new malware [https://news.risk=
|
|
y.biz/r/19dfbe05?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] on the PyPI repo=
|
|
sitory, this one targeting API developers and Discord bot creators.
|
|
|
|
New npm malware: Seventy-six malicious npm packages were discovered and tak=
|
|
en down last week. Check out the GitHub security advisory portal for=C2=A0m=
|
|
ore details [https://news.risky.biz/r/f9a4bccd?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff].
|
|
|
|
Lumma interview: Threat intelligence analyst g0njxa has published an interv=
|
|
iew [https://news.risky.biz/r/4804c703?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff] with the creator of the Lumma infostealer.
|
|
|
|
Truth Social scams: Netcraft looks at the incessant scams [https://news.ris=
|
|
ky.biz/r/32ca3d97?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] that target new=
|
|
ly created Truth Social accounts.
|
|
|
|
CERT-UA AnyDesk alert: Ukraine CERT says an unidentified threat actor is ta=
|
|
rgeting Ukrainian organizations with a social engineering campaign [https:/=
|
|
/news.risky.biz/r/61581d03?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] where =
|
|
they're trying to connect to their networks via AnyDesk, posing as a CERT-U=
|
|
A representative.
|
|
|
|
Toll-themed smishing: Brian Krebs [https://news.risky.biz/r/95e21e17?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff] has a report out on a massive SMS phish=
|
|
ing wave that has hit the US using toll-themed lures.
|
|
|
|
Google Ads inception: According to Malwarebytes [https://news.risky.biz/r/b=
|
|
8e9f8ae?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a threat actor is using =
|
|
malicious Google ads to target Google Ads users and steal their login crede=
|
|
ntials.
|
|
|
|
|
|
Malware technical reports
|
|
|
|
Gootloader: Sophos has published a report on Gootloader [https://news.risky=
|
|
=2Ebiz/r/875ce657?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff], a malware family=
|
|
that uses hijacked Google search results to redirect users to compromised,=
|
|
legitimate WordPress websites.
|
|
|
|
MintsLoader: eSentire has spotted a new campaign [https://news.risky.biz/r/=
|
|
c3d54e5b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] this month distributing =
|
|
MinstLoader and the Stealc infostealer.
|
|
|
|
PNGPlug and ValleyRAT: Intezer looks at a malspam campaign [https://news.ri=
|
|
sky.biz/r/e0b69339?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] targeting Chin=
|
|
ese-speaking companies with the PNGPlug loader. The final payload is a well=
|
|
-known threat known as ValleyRAT.
|
|
|
|
Purrglar: Kandji has published a report on Purrglar [https://news.risky.biz=
|
|
/r/31c0fe6d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a new macOS infostea=
|
|
ler that was uploaded to VirusTotal this year.
|
|
|
|
Sneaky 2FA: French security firm Sekoia says it discovered a new AitM phish=
|
|
ing kit named Sneaky 2FA [https://news.risky.biz/r/3cb9ef2e?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff] that was designed for targeting Microsoft 365 ac=
|
|
counts. The kit is sold via a Phishing-as-a-Service model via a Telegram bo=
|
|
t.
|
|
|
|
RansomHub: GuidePoint looks at the tactics of one of RansomHub's affiliates=
|
|
[https://news.risky.biz/r/5528538c?m=3D1a80b145-9ce5-407e-b496-c57050db16f=
|
|
f].
|
|
|
|
> "Like ReliaQuest, GuidePoint identified evidence linking SocGholish (Fake=
|
|
Update) to the initial access phase of the incident. In the incident GuideP=
|
|
oint investigated, the Python backdoor was dropped roughly 20 minutes after=
|
|
the initial infection. Subsequently, the threat actor dropped Python backd=
|
|
oors on additional systems during lateral movement via RDP sessions."
|
|
|
|
IoT DDoS botnet: Trend Micro has discovered a new IoT botnet [https://news.=
|
|
risky.biz/r/4dfbb468?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] that was use=
|
|
d at the end of 2024 to launch large-scale DDoS attacks. The botnet primari=
|
|
ly consists of wireless routers and IP cameras that didn't receive security=
|
|
updates and used weak passwords. Once compromised, the devices were infect=
|
|
ed with a malware strain that combined code from two known strains known as=
|
|
Mirai and Bashlite.
|
|
|
|
Gambling botnet: Imperva has analyzed a sprawling gambling botnet [https://=
|
|
news.risky.biz/r/1b7a1e86?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] that us=
|
|
es hacked and backdoored PHP websites to redirect and host its scams. The b=
|
|
otnet primarily targets Indonesian users.
|
|
|
|
One of the gambling ads used by the botnet
|
|
|
|
|
|
Sponsor section
|
|
|
|
Travis McPeak demonstrates how to set up controls so that deploying cloud i=
|
|
nfrastructure is secure and repeatable from the get go.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/7bb7575c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
APTs, cyber-espionage, and info-ops
|
|
|
|
US sanctions Salt Typhoon company: The US Treasury has imposed sanctions [h=
|
|
ttps://news.risky.biz/r/b789e3fe?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
on Sichuan Juxinhe Network Technology, a Chinese cybersecurity company link=
|
|
ed to the Salt Typhoon APT group. The US says the company was directly invo=
|
|
lved in hacking multiple US telcos. Officials say the company is one of man=
|
|
y private companies the Chinese Ministry of State Security has used for its=
|
|
hacking operations. The Treasury also imposed additional sanctions on Yin =
|
|
Kecheng, a Shanghai-based individual involved in hacking the Treasury itsel=
|
|
f at the end of last year. Officials say Yin is an MSS affiliate. The Treas=
|
|
ury hack was previously linked to a group tracked as Silk Typhoon.
|
|
|
|
Volt Typhoon infrastructure: According to new Censys research [https://news=
|
|
=2Erisky.biz/r/ac2fa504?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff], the Volt T=
|
|
yphoon Chinese APT group didn't particularly gaf [https://news.risky.biz/r/=
|
|
1eae74e9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] after US law enforcement=
|
|
took down some of their botnets and re-built its infrastructure in the exa=
|
|
ct same way as before, just changing hosting providers.
|
|
|
|
Star Blizzard goes after WhatsApp data: A Russian APT group named Star Bliz=
|
|
zard [https://news.risky.biz/r/72d9f770?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff] has updated its normal tactics and is now targeting victims via What=
|
|
sApp messages. According to Microsoft, the group's campaigns are targeting =
|
|
government officials and organizations providing support to Ukraine. The go=
|
|
al is to compromise accounts and steal past messages. The group has been hi=
|
|
storically linked to Russia's FSB intelligence service. Microsoft claims th=
|
|
e group switched to targeting WhatsApp after the FBI seized [https://news.r=
|
|
isky.biz/r/1f3bd27d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] some of the g=
|
|
roup's server infrastructure in October.
|
|
|
|
SDA bypasses sanctions: Check First [https://news.risky.biz/r/2e312e69?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff] looks at how Meta has failed to detec=
|
|
t and ran politically-themed ads from the Social Design Agency, a Russian d=
|
|
isinformation group sanctioned by US authorities.
|
|
|
|
> "Based on 480 screenshots from Facebook Ads Manager included in the leak,=
|
|
combined with prior detection of over eight thousand advertisements, we es=
|
|
timate that SDA-authored propaganda advertisements generated over 123,000 c=
|
|
licks and a minimum earning for Meta of ~$338,000 in the European Union alo=
|
|
ne, after SDA was sanctioned by the European Union in July 2023."
|
|
|
|
Russian disinfo targets Canada: Canada NYT Bureau Chief has tracked down a =
|
|
Russian disinformation effort [https://news.risky.biz/r/5de24183?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff] targeting Canadians on Twitter.
|
|
|
|
|
|
Vulnerabilities, security research, and bug bounty
|
|
|
|
Asterisk security update: The Asterisk PBX and telephony server has release=
|
|
d security patches to fix a path traversal vulnerability (CVE-2024-53566 [h=
|
|
ttps://news.risky.biz/r/f60e3d67?m=3D1a80b145-9ce5-407e-b496-c57050db16ff])=
|
|
=2E
|
|
|
|
Kubernetes Windows vulnerability: The Kubernetes project has patched [https=
|
|
://news.risky.biz/r/cc5aa7e1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] a vu=
|
|
lnerability in its Windows nodes that could allow threat actors to take ove=
|
|
r hosts. Tracked as CVE-2024-9042, the vulnerability allows a threat actor =
|
|
who can query a node's "/logs" endpoint to execute commands. Only Windows n=
|
|
odes are impacted.
|
|
|
|
Planet industrial switch vulnerabilities: Claroty researchers have found th=
|
|
ree vulnerabilities [https://news.risky.biz/r/2e940b1c?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff] in Planet Technology WGS-804HPT industrial switches, =
|
|
typically used in critical sector organizations. The bugs can be chained an=
|
|
d exploited for remote code execution attacks. The vulnerabilities were pri=
|
|
vately disclosed and fixed by the vendor.
|
|
|
|
Mercedes vulnerabilities: Kaspersky researchers have identified 13 vulnerab=
|
|
ilities [https://news.risky.biz/r/fce67511?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff] in the MBUX infotainment systems of Mercedes cars.
|
|
|
|
New NTLMv1 GPO bypass: Silverfort researchers have found a way to bypass [h=
|
|
ttps://news.risky.biz/r/e608961a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] =
|
|
an Active Directory Group Policy designed to disable the outdated NTLMv1 pr=
|
|
otocol. The technique abuses scenarios in on-prem networks that allow some =
|
|
applications to continue using NTLMv1 tokens for authentication even if the=
|
|
GPO policy to disable the protocol is active.
|
|
|
|
Ivanti zero-day PoC: A proof-of-concept [https://news.risky.biz/r/d3a5172f?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff] is now public [https://news.risky=
|
|
=2Ebiz/r/f898aeb4?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] for a recent Ivan=
|
|
ti zero-day tracked as CVE-2025-0282 [https://news.risky.biz/r/f516c64c?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff], exploited in the wild by a suspec=
|
|
ted Chinese threat actor (UNC5221 [https://news.risky.biz/r/e07afc8c?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff]).
|
|
|
|
Karmada security audit: The Karmada [https://news.risky.biz/r/fff8e94c?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff] k8s orchestration cluster has fixed s=
|
|
ix vulnerabilities found in a recent security audit [https://news.risky.biz=
|
|
/r/5580b2e4?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
Bitpixie exploit still works: The Bitpixie exploit [https://news.risky.biz/=
|
|
r/3be48ae4?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], which can be used to =
|
|
bypass the Windows BitLocker encryption system without any hardware shenani=
|
|
gans, still works [https://news.risky.biz/r/cb2cbf44?m=3D1a80b145-9ce5-407e=
|
|
-b496-c57050db16ff] two years after being discovered.
|
|
|
|
New UEFI Secure Boot bypass: ESET has discovered a new UEFI Secure Boot byp=
|
|
ass [https://news.risky.biz/r/f9d9cab8?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff] in a legitimate UEFI application used by several real-time system rec=
|
|
overy software suites. The issue was patched this month and was assigned CV=
|
|
E-2024-7344 [https://news.risky.biz/r/3f19f7c2?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff].
|
|
|
|
> "The vulnerability can be mitigated by applying the latest UEFI revocatio=
|
|
ns from Microsoft. Windows systems should be updated automatically."
|
|
|
|
Thinned-out CVE stats: WordPress-related bugs accounted for almost a quarte=
|
|
r [https://news.risky.biz/r/2d53f460?m=3D1a80b145-9ce5-407e-b496-c57050db16=
|
|
ff] of all CVEs issued last year. Le sigh! Also, check out Jerry Gamblinb's=
|
|
breakdown [https://news.risky.biz/r/e9933315?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff] of last year's CVEs.
|
|
|
|
|
|
Infosec industry
|
|
|
|
Threat/trend reports: ANY.RUN [https://news.risky.biz/r/54413eb4?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff], GuidePoint Security [https://news.risky.bi=
|
|
z/r/3f4f8d08?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], ReliaQuest [https:/=
|
|
/news.risky.biz/r/cc53f162?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], VMR [=
|
|
https://news.risky.biz/r/bf4860bf?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
, and the World Economic Forum [https://news.risky.biz/r/7f64ad0c?m=3D1a80b=
|
|
145-9ce5-407e-b496-c57050db16ff] have published reports and summaries cover=
|
|
ing various infosec trends and industry threats.
|
|
|
|
New tool=E2=80=94OSV-SCALIBR: Google [https://news.risky.biz/r/f31f34e9?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff] has open-sourced OSV-SCALIBR [http=
|
|
s://news.risky.biz/r/13dd5fc2?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a =
|
|
library to extract software inventory data, scan files, and detect vulnerab=
|
|
ilities.
|
|
|
|
New tool=E2=80=94LabSync: Cellebrite has released LabSync [https://news.ris=
|
|
ky.biz/r/cb08364b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], an IDA plugin =
|
|
that can be used to partially synchronize IDBs between different users work=
|
|
ing on reversing the same binaries.
|
|
|
|
MITRE D3FEND: MITRE has launched [https://news.risky.biz/r/3afcf83a?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff] v1.0 of D3FEND [https://news.risky.biz/r=
|
|
/edba2f18?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a knowledgebase design=
|
|
ed to establish a vocabulary and conceptualization of the cyber domain.
|
|
|
|
OWASP NHI Top 10: The OWASP Project has published its Top 10 ranking [https=
|
|
://news.risky.biz/r/4b29af43?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] of r=
|
|
isks associated with non-human identities (NHIs) for application developers=
|
|
=2E The organization listed Improper Offboarding as the top risk.
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
In this podcast, Tom Uren and Adam Boileau talk about the continued importa=
|
|
nce of hack and leak operations. They didn't really affect the recent US pr=
|
|
esidential election, but they are still a powerful tool for vested interest=
|
|
s to influence public policy.
|
|
|
|
|
|
|
|
https://risky.biz/SRB106/ [https://news.risky.biz/r/e685c61a?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/b802e550?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
In this edition of Between Two Nerds, Tom Uren and The Grugq talk about the=
|
|
evolution of Russian cyber operations during its invasion of Ukraine.
|
|
|
|
|
|
|
|
https://risky.biz/BTN105/ [https://news.risky.biz/r/56a8faaf?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/06415e46?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky.Biz =C2=A9 2025 =E2=80=93 Unsubscribe [https://news.risky.biz/unsubsc=
|
|
ribe/?uuid=3D1a80b145-9ce5-407e-b496-c57050db16ff&key=3Db42b9394aa843f18196=
|
|
f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=3D102a29ad-4bfc-41=
|
|
05-8645-703ba0268482]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
--d48c8fb4d42dae659b8798753acb4538eeff470e8291e7e65b237ab95d5b
|
|
Content-Type: text/html; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<meta name=3D"viewport" content=3D"width=3Ddevice-width">
|
|
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DU=
|
|
TF-8">
|
|
<!--[if mso]><xml><o:OfficeDocumentSettings><o:PixelsPerInch>96</o:=
|
|
PixelsPerInch><o:AllowPNG/></o:OfficeDocumentSettings></xml><![endif]-->
|
|
<title>Risky Bulletin: Looking at Biden's last cyber executive =
|
|
order</title>
|
|
<style>
|
|
=2Epost-title-link {
|
|
display: block;
|
|
margin-top: 32px;
|
|
color: #15212A;
|
|
text-align: center;
|
|
line-height: 1.1em;
|
|
}
|
|
=2Epost-title-link-left {
|
|
text-align: left;
|
|
}
|
|
=2Eview-online-link {
|
|
word-wrap: none;
|
|
white-space: nowrap;
|
|
color: #738a94;
|
|
text-decoration: underline !important;
|
|
}
|
|
=2Ekg-nft-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 14px;
|
|
line-height: 1.3em;
|
|
padding-top: 4px;
|
|
padding-right: 20px;
|
|
padding-left: 20px;
|
|
padding-bottom: 4px;
|
|
}
|
|
=2Ekg-twitter-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 15px;
|
|
padding: 8px;
|
|
line-height: 1.3em;
|
|
}
|
|
=2Ekg-audio-link {
|
|
color: #738a94 !important;
|
|
}
|
|
@media only screen and (max-width: 620px) {
|
|
table.body {
|
|
width: 100%;
|
|
min-width: 100%;
|
|
}
|
|
|
|
.hide-mobile {
|
|
display: none;
|
|
}
|
|
|
|
.mobile-only {
|
|
display: initial !important;
|
|
}
|
|
|
|
.hide-desktop {
|
|
display: initial !important;
|
|
}
|
|
|
|
.desktop-only {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body p,
|
|
table.body ul,
|
|
table.body ol,
|
|
table.body td {
|
|
font-size: 16px;
|
|
}
|
|
|
|
table.body .post-excerpt {
|
|
font-size: 16px !important;
|
|
}
|
|
|
|
table.body .kg-callout-card {
|
|
padding: 16px 24px !important;
|
|
}
|
|
|
|
table.body .kg-callout-text {
|
|
font-size: 16px !important;
|
|
line-height: 1.5em !important;
|
|
}
|
|
|
|
table.body pre {
|
|
white-space: pre-wrap !important;
|
|
word-break: break-word !important;
|
|
}
|
|
|
|
table.body .content {
|
|
padding: 0 !important;
|
|
}
|
|
|
|
table.body .container {
|
|
padding: 0 !important;
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .main {
|
|
border-spacing: 10px 0 !important;
|
|
border-left-width: 0 !important;
|
|
border-radius: 0 !important;
|
|
border-right-width: 0 !important;
|
|
}
|
|
|
|
table.body .btn table {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .btn a {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .img-responsive {
|
|
height: auto !important;
|
|
max-width: 100% !important;
|
|
width: auto !important;
|
|
}
|
|
|
|
table.body .site-icon {
|
|
padding-top: 0 !important;
|
|
}
|
|
|
|
table.body .site-info {
|
|
padding-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-title-link {
|
|
margin-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-meta-wrapper {
|
|
padding-bottom: 24px !important;
|
|
}
|
|
|
|
table.body .site-icon img {
|
|
width: 36px !important;
|
|
height: 36px !important;
|
|
}
|
|
|
|
table.body .site-url a {
|
|
font-size: 13px !important;
|
|
padding-bottom: 16px !important;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .post-meta-date {
|
|
white-space: normal !important;
|
|
font-size: 13px !important;
|
|
line-height: 1.2em;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .view-online {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .post-meta-left,
|
|
table.body .post-meta-left.view-online {
|
|
width: 100% !important;
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online-mobile {
|
|
display: table-row !important;
|
|
}
|
|
|
|
table.body .post-meta-left.view-online-mobile,
|
|
table.body .post-meta-left.view-online-mobile .view-online {
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online.desktop {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .view-online {
|
|
text-decoration: underline;
|
|
}
|
|
|
|
table.body .footer p,
|
|
table.body .footer p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .view-online-link,
|
|
table.body .footer,
|
|
table.body .footer a {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .post-title a {
|
|
font-size: 26px !important;
|
|
line-height: 1.1em !important;
|
|
}
|
|
|
|
table.feedback-buttons {
|
|
display: table !important;
|
|
width: 100% !important;
|
|
max-width: 390px;
|
|
}
|
|
|
|
table.feedback-buttons img {
|
|
display: inherit !important;
|
|
}
|
|
|
|
table.body .feedback-button-text {
|
|
display: none!important;
|
|
}
|
|
|
|
table.body .latest-posts-header {
|
|
font-size: 12px !important;
|
|
}
|
|
|
|
table.body .latest-post-title {
|
|
padding-right: 8px !important;
|
|
}
|
|
|
|
table.body .latest-post h4,
|
|
table.body .latest-post h4 span {
|
|
padding: 4px 0 6px !important;
|
|
font-size: 15px !important;
|
|
}
|
|
|
|
table.body .latest-post-excerpt,
|
|
table.body .latest-post-excerpt a,
|
|
table.body .latest-post-excerpt span {
|
|
font-size: 13px !important;
|
|
line-height: 1.2 !important;
|
|
}
|
|
|
|
table.body .subscription-box h3 {
|
|
font-size: 14px !important;
|
|
}
|
|
|
|
table.body .subscription-box p,
|
|
table.body .subscription-box p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details,
|
|
table.body .manage-subscription {
|
|
display: inline-block;
|
|
width: 100%;
|
|
text-align: left !important;
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details {
|
|
padding-bottom: 12px;
|
|
}
|
|
|
|
table.body .kg-bookmark-card {
|
|
width: 90vw;
|
|
}
|
|
|
|
table.body .kg-bookmark-thumbnail {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .kg-bookmark-metadata span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .kg-embed-card {
|
|
max-width: 90vw !important;
|
|
}
|
|
|
|
table.body h1 {
|
|
font-size: 32px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h2,
|
|
table.body h2 span {
|
|
font-size: 26px !important;
|
|
line-height: 1.22em !important;
|
|
}
|
|
|
|
table.body h3 {
|
|
font-size: 21px !important;
|
|
line-height: 1.25em !important;
|
|
}
|
|
|
|
table.body h4 {
|
|
font-size: 19px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h5 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body h6 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote {
|
|
font-size: 16px !important;
|
|
line-height: 1.6em;
|
|
margin-bottom: 0;
|
|
}
|
|
|
|
table.body blockquote p {
|
|
margin-right: 15px !important;
|
|
margin-left: 15px !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt {
|
|
border-left: 0 none !important;
|
|
margin: 0 !important;
|
|
font-size: 18px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt p {
|
|
margin-right: 20px !important;
|
|
margin-left: 20px !important;
|
|
}
|
|
|
|
table.body hr {
|
|
margin: 2em 0 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 span {
|
|
font-size: inherit !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-content {
|
|
padding-top: 64px !important;
|
|
padding-bottom: 64px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-image + .kg-header-card-=
|
|
content {
|
|
padding-top: 52px !important;
|
|
padding-bottom: 52px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-heading {
|
|
font-size: 2.2em !important;
|
|
line-height: 1.1 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-subheading {
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
.feature-image-caption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption p,
|
|
=2Ekg-card-figcaption p span {
|
|
font-size: 13px!important;
|
|
}
|
|
}
|
|
@media all {
|
|
.subscription-details p.hidden {
|
|
display: none !important;
|
|
}
|
|
|
|
.ExternalClass {
|
|
width: 100%;
|
|
}
|
|
|
|
.ExternalClass,
|
|
=2EExternalClass p,
|
|
=2EExternalClass span,
|
|
=2EExternalClass font,
|
|
=2EExternalClass td,
|
|
=2EExternalClass div {
|
|
line-height: 100%;
|
|
}
|
|
|
|
.apple-link a {
|
|
color: inherit !important;
|
|
font-family: inherit !important;
|
|
font-size: inherit !important;
|
|
font-weight: inherit !important;
|
|
line-height: inherit !important;
|
|
text-decoration: none !important;
|
|
}
|
|
|
|
#MessageViewBody a {
|
|
color: inherit;
|
|
text-decoration: none;
|
|
font-size: inherit;
|
|
font-family: inherit;
|
|
font-weight: inherit;
|
|
line-height: inherit;
|
|
}
|
|
|
|
.btn-primary table td:hover {
|
|
background-color: #34495e !important;
|
|
}
|
|
|
|
.btn-primary a:hover {
|
|
background-color: #34495e !important;
|
|
border-color: #34495e !important;
|
|
}
|
|
}
|
|
</style>
|
|
</head>
|
|
<body style=3D"background-color: #fff; font-family: -apple-system, Blin=
|
|
kMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, &=
|
|
#39;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol&=
|
|
#39;; -webkit-font-smoothing: antialiased; font-size: 18px; line-height: 1.=
|
|
4; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adj=
|
|
ust: 100%; color: #15212A;"><img width=3D"1" height=3D"1" alt=3D"" src=3D"h=
|
|
ttp://email.m.ghost.io/o/eJw8zk1uwyAQR_HThJ2t__A1ZDGHAQZiFKdUrlP1-JW8yPItnv=
|
|
RT4aKVkmlC7NgFQmDTXnnsy1CJnFR7uqfsbXQA6G4VCGaT5BJAriNz66HEaqm6Xsgyx9piNEMsb=
|
|
ABZIDgEv0Yt7JFSi8o5dn_zeK2Pbf6c65jmkD1_z-Pmcb6Pr5Lrc5v5bx1qTinv_blcKHPKdXyq=
|
|
7POxEDxRCuZX7H8AAAD__4O0PL4">
|
|
<span class=3D"preheader" style=3D"color: transparent; display: non=
|
|
e; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; ms=
|
|
o-hide: all; visibility: hidden; width: 0;">In other news: Threat actor lea=
|
|
ks 15k Fortinet firewall configs; US Treasury sanctions company behind Salt=
|
|
Typhoon; FTC settles with GoDaddy over cybersecurity failures.</span>
|
|
<table role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspa=
|
|
cing=3D"0" class=3D"body" width=3D"100%" style=3D"border-collapse: separate=
|
|
; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #fff; wid=
|
|
th: 100%;" bgcolor=3D"#fff">
|
|
<!-- Outlook doesn't respect max-width so we need an extra cent=
|
|
ered table -->
|
|
<!--[if mso]>
|
|
<tr>
|
|
<td>
|
|
<center>
|
|
<table border=3D"0" cellpadding=3D"0" cellspacing=
|
|
=3D"0" width=3D"600">
|
|
<![endif]-->
|
|
<tr>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
<td class=3D"container" style=3D"font-family: -apple-system=
|
|
, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-se=
|
|
rif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI S=
|
|
ymbol'; font-size: 18px; vertical-align: top; color: #15212A; display: =
|
|
block; max-width: 600px; margin: 0 auto;" valign=3D"top">
|
|
<div class=3D"content" style=3D"box-sizing: border-box;=
|
|
display: block; margin: 0 auto; max-width: 600px;">
|
|
<!-- START CENTERED WHITE CONTAINER -->
|
|
<table role=3D"presentation" border=3D"0" cellpaddi=
|
|
ng=3D"0" cellspacing=3D"0" class=3D"main" width=3D"100%" style=3D"border-co=
|
|
llapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background:=
|
|
#ffffff; border-radius: 3px; border-spacing: 20px 0; width: 100%;">
|
|
|
|
<!-- START MAIN CONTENT AREA -->
|
|
<tr>
|
|
<td class=3D"wrapper" style=3D"font-family:=
|
|
-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, =
|
|
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', &=
|
|
#39;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #152=
|
|
12A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;">
|
|
|
|
<tr class=3D"site-info-row">
|
|
<td class=3D"site-info" wid=
|
|
th=3D"100%" align=3D"center" style=3D"font-family: -apple-system, BlinkMacS=
|
|
ystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'A=
|
|
pple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol';=
|
|
font-size: 18px; vertical-align: top; color: #15212A; padding-top: 32px;" =
|
|
valign=3D"top">
|
|
<table role=3D"presenta=
|
|
tion" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" style=3D"border-coll=
|
|
apse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"=
|
|
width=3D"100%">
|
|
<tr>
|
|
<td class=
|
|
=3D"site-icon" style=3D"font-family: -apple-system, BlinkMacSystemFont, =
|
|
9;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emo=
|
|
ji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18=
|
|
px; vertical-align: top; color: #15212A; padding-bottom: 8px; padding-top: =
|
|
8px; text-align: center; border-radius: 3px;" valign=3D"top" align=3D"cente=
|
|
r"><a href=3D"https://news.risky.biz/r/68ec65d9?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"color: #727272; text-decoration: none; overflow-wra=
|
|
p: anywhere;" target=3D"_blank"><img src=3D"https://news.risky.biz/content/=
|
|
images/2024/01/rbicon.png" alt=3D"Risky.Biz" border=3D"0" width=3D"44" heig=
|
|
ht=3D"44" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width=
|
|
: 100%; width: 44px; height: 44px; border-radius: 3px;"></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=
|
|
=3D"site-url site-url-bottom-padding" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 16px; letter-spac=
|
|
ing: -0.1px; font-weight: 700; text-transform: uppercase; text-align: cente=
|
|
r; padding-bottom: 12px;" valign=3D"top" align=3D"center"><div style=3D"wid=
|
|
th: 100% !important;"><a href=3D"https://news.risky.biz/r/b9d0db2b?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" class=3D"site-title" style=3D"text-decora=
|
|
tion: none; color: #15212A; overflow-wrap: anywhere;" target=3D"_blank">Ris=
|
|
ky Business News</a></div></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td class=3D"post-title pos=
|
|
t-title-with-excerpt post-title-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 36px; line-height=
|
|
: 1.1em; font-weight: 700; padding-bottom: 8px; text-align: left;" valign=
|
|
=3D"top" align=3D"left">
|
|
<a href=3D"https://news=
|
|
=2Erisky.biz/r/37e8349a?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" class=3D"po=
|
|
st-title-link post-title-link-left" style=3D"text-decoration: none; display=
|
|
: block; margin-top: 32px; color: #15212A; line-height: 1.1em; text-align: =
|
|
left; overflow-wrap: anywhere;" target=3D"_blank">Risky Bulletin: Looking a=
|
|
t Biden's last cyber executive order</a>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td style=3D"font-family: -=
|
|
apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Ar=
|
|
ial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', =
|
|
9;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #15212=
|
|
A; width: 100%;" width=3D"100%" valign=3D"top">
|
|
<table class=3D"post-me=
|
|
ta-wrapper" role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspacin=
|
|
g=3D"0" width=3D"100%" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; padding-bottom: 32px;">
|
|
<tr>
|
|
<td height=3D"2=
|
|
0" class=3D"post-meta post-meta-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #738a94; font-size: 13px; font-weight=
|
|
: 400; text-align: left; padding: 0;" valign=3D"top" align=3D"left">
|
|
By Catalin =
|
|
Cimpanu • <span class=3D"post-meta-date" style=3D"white-space: nowra=
|
|
p;">20 Jan 2025 </span>
|
|
</td>
|
|
<td class=3D"po=
|
|
st-meta post-meta-left view-online desktop" style=3D"font-family: -apple-sy=
|
|
stem, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, san=
|
|
s-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe =
|
|
UI Symbol'; vertical-align: top; color: #738a94; font-size: 13px; font-=
|
|
weight: 400; text-align: right;" valign=3D"top" align=3D"right">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/6c5fa5d6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
<tr class=3D"post-m=
|
|
eta post-meta-left view-online-mobile" style=3D"color: #738a94; font-size: =
|
|
13px; font-weight: 400; text-align: left; display: none;" align=3D"left">
|
|
<td height=3D"2=
|
|
0" class=3D"view-online" style=3D"font-family: -apple-system, BlinkMacSyste=
|
|
mFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple=
|
|
Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; ver=
|
|
tical-align: top; color: #738a94; font-size: 13px; font-weight: 400; text-a=
|
|
lign: center;" valign=3D"top" align=3D"center">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/822eae70?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr class=3D"post-content-row">
|
|
<td class=3D"post-content-sans-=
|
|
serif" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe =
|
|
UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji',=
|
|
'Segoe UI Emoji', 'Segoe UI Symbol'; vertical-align: top; =
|
|
font-size: 17px; line-height: 1.5em; color: #15212A; padding-bottom: 20px; =
|
|
border-bottom: 1px solid #e5eff5; max-width: 600px;" valign=3D"top">
|
|
<!-- POST CONTENT START -->
|
|
<p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;"><em>This new=
|
|
sletter is brought to you by </em></strong><a href=3D"https://news.ris=
|
|
ky.biz/r/ca8b2a85?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overfl=
|
|
ow-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_=
|
|
blank"><strong style=3D"font-weight: 700;"><em>Resourcely</em></strong></a>=
|
|
<strong style=3D"font-weight: 700;"><em>, the company that can help you man=
|
|
age Terraform securely. You can subscribe to an audio version of this newsl=
|
|
etter as a podcast by searching for "Risky Business" in your podc=
|
|
atcher or subscribing via </em></strong><a href=3D"https://news.risky.biz/r=
|
|
/301460a7?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap:=
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"><=
|
|
strong style=3D"font-weight: 700;"><em>this RSS feed</em></strong></a><stro=
|
|
ng style=3D"font-weight: 700;"><em>. </em></strong></p><div class=3D"kg-car=
|
|
d kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/RBNEWS378.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/RBNEWS378/">R=
|
|
isky Bulletin: Biden's last cyber executive order</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Risky Bulletin: Bide=
|
|
n's last cyber executive order",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/5b22ccc5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/RBNEWS378/</span></a></p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6=
|
|
em;">In its last days in office last week, the Biden administration signed =
|
|
an <a href=3D"https://news.risky.biz/r/aff0c7d6?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank">executive order</a> (<a href=3D"https:=
|
|
//news.risky.biz/r/a52ec0d8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">EO 14144</a>) with new requirements and standards for stre=
|
|
ngthening the US' cybersecurity defenses and ecosystem.</p><p style=3D"=
|
|
margin: 0 0 1.5em 0; line-height: 1.6em;">This is the administration's =
|
|
second cyber executive order after <a href=3D"https://news.risky.biz/r/6961=
|
|
883d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anyw=
|
|
here; color: #727272; text-decoration: underline;" target=3D"_blank">EO 140=
|
|
28</a> from May 2021.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6e=
|
|
m;">Below, we're gonna go over all the main points included in last wee=
|
|
k's release. The list is going through the EO from top to bottom. Items=
|
|
are not listed based on "<em>importance</em>."</p><ul style=3D"m=
|
|
argin: 0 0 1.5em 0; line-height: 1.6em; padding-left: 1.3em; padding-right:=
|
|
1.5em; list-style: disc; max-width: 100%;"><li style=3D"margin: 0.5em 0; p=
|
|
adding-left: 0.3em; line-height: 1.6em;">All government contractors must su=
|
|
bmit their software for attestation for use on government systems via the C=
|
|
ISA Repository for Software Attestation and Artifacts (<a href=3D"https://n=
|
|
ews.risky.biz/r/dbd96b4e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D=
|
|
"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targ=
|
|
et=3D"_blank">RSAA</a>) portal. This measure is designed to improve softwar=
|
|
e supply chains for contracted government software and make sure vendors ar=
|
|
e using secure development patterns and patching old vulnerabilities in the=
|
|
ir code, including for smaller components.</li><li style=3D"margin: 0.5em 0=
|
|
; padding-left: 0.3em; line-height: 1.6em;">There's one paragraph about=
|
|
open-source software in there too. This one directs the DHS to work with o=
|
|
ther relevant agencies to publish recommendations for federal agencies &quo=
|
|
t;<em>on the use of security assessments and patching of open source softwa=
|
|
re and best practices for contributing to open source software projects</em=
|
|
>."</li><li style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height=
|
|
: 1.6em;">Agencies will need to integrate cybersecurity supply chain risk m=
|
|
anagement programs into enterprise-wide risk management activities.</li><li=
|
|
style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">The Wh=
|
|
ite House has ordered agencies to start testing and even mass-deploying &qu=
|
|
ot;<em>commercial phishing-resistant standards such as WebAuthn</em>."=
|
|
</li><li style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;=
|
|
">The White House has ordered the DHS and DOD to work together on new threa=
|
|
t intel-sharing procedures. This one provision likely comes after several G=
|
|
AO reports have found that current inter-agency threat-sharing procedures w=
|
|
ere slow and ineffective, and information coming out of the DOD being extre=
|
|
mely gatekept and hindered because of overzealous classification levels.</l=
|
|
i><li style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">T=
|
|
he new threat intel-sharing program will aggregate data from the EDR and SO=
|
|
C platforms of all federal agencies so CISA can detect coordinated campaign=
|
|
s and other threats.</li><li style=3D"margin: 0.5em 0; padding-left: 0.3em;=
|
|
line-height: 1.6em;">New FedRAMP baselines to improve the security of gove=
|
|
rnment-contracted cloud systems.</li><li style=3D"margin: 0.5em 0; padding-=
|
|
left: 0.3em; line-height: 1.6em;">New cybersecurity contracting requirement=
|
|
s for any government-procured space systems. These requirements cover the u=
|
|
se of secure software and hardware, the use of encryption to protect incomi=
|
|
ng ground commands, command source authorization, and various other ways to=
|
|
ensure satellite commands can't be hijacked.</li><li style=3D"margin: =
|
|
0.5em 0; padding-left: 0.3em; line-height: 1.6em;">A review and a yearly as=
|
|
sessment of the US government's IP space.</li><li style=3D"margin: 0.5e=
|
|
m 0; padding-left: 0.3em; line-height: 1.6em;">All agencies and IT service =
|
|
providers must use RPKI ROA and ROV. The White House previously recommended=
|
|
the use of RPKI ROAs last September. See <a href=3D"https://news.risky.biz=
|
|
/r/85047668?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wra=
|
|
p: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"=
|
|
>here</a>.</li></ul><div class=3D"kg-card kg-image-card" style=3D"margin: 0=
|
|
0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/images/20=
|
|
25/01/Madory.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"590" hei=
|
|
ght=3D"374" style=3D"border: none; -ms-interpolation-mode: bicubic; max-wid=
|
|
th: 100%; display: block; margin: 0 auto; height: auto; width: auto;"></div=
|
|
><ul style=3D"margin: 0 0 1.5em 0; line-height: 1.6em; padding-left: 1.3em;=
|
|
padding-right: 1.5em; list-style: disc; max-width: 100%;"><li style=3D"mar=
|
|
gin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">All agencies and co=
|
|
ntractors must use in-transit encrypted DNS.</li><li style=3D"margin: 0.5em=
|
|
0; padding-left: 0.3em; line-height: 1.6em;">All agencies must "<em>e=
|
|
ncrypt email messages in transport and, where practical, use end-to-end enc=
|
|
ryption in order to protect messages from compromise</em>."</li><li st=
|
|
yle=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">All agenc=
|
|
ies will have to use "<em>transport encryption</em>" for IM, voic=
|
|
e, and video conferencing apps. If clients support it, E2EE must also be en=
|
|
abled by default.</li><li style=3D"margin: 0.5em 0; padding-left: 0.3em; li=
|
|
ne-height: 1.6em;">CISA will have to produce a list of software with post-q=
|
|
uantum cryptography (PQC) protections, and agencies must start using and co=
|
|
ntracting software that's protected against future quantum computer att=
|
|
acks.</li><li style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1=
|
|
=2E6em;">The EO urges agencies to look=20=
|
|
into using hardware security modules,=20=
|
|
trusted execution environments, and other isolation technologies to protect=
|
|
their most sensitive encryption keys. FedRAMP, the OMB, and other agencies=
|
|
will have to put out new guidelines to encourage the new practice.</li><li=
|
|
style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">In a m=
|
|
ove to address fraud gangs targeting government funds, the White House has =
|
|
directed the OMB to encourage the development of software solutions and gov=
|
|
ernment portals that accept "digital identity documents" to acces=
|
|
s public benefits programs.</li><li style=3D"margin: 0.5em 0; padding-left:=
|
|
0.3em; line-height: 1.6em;">The EO directs agencies to run pilot programs =
|
|
with the private sector and test if AI can be used for cyber defense. From =
|
|
the EO, this should cover vulnerability detection and management, intel-sha=
|
|
ring, threat detection, and IR.</li><li style=3D"margin: 0.5em 0; padding-l=
|
|
eft: 0.3em; line-height: 1.6em;">The White House has ordered a fresh batch =
|
|
of new NIST cybersecurity standards and best practices. Yey!</li><li style=
|
|
=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">Government c=
|
|
ontractors would have to follow any of NIST's new applicable and minimu=
|
|
m cybersecurity practices.</li><li style=3D"margin: 0.5em 0; padding-left: =
|
|
0.3em; line-height: 1.6em;">All IoT gear acquired by the government must ha=
|
|
ve a <a href=3D"https://news.risky.biz/r/a91b0bfd?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-dec=
|
|
oration: underline;" target=3D"_blank">US Cyber Trust Mark</a>.</li></ul><d=
|
|
iv class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"=
|
|
><img src=3D"https://news.risky.biz/content/images/2025/01/CyberTrustMark.p=
|
|
ng" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"325" st=
|
|
yle=3D"border: none; -ms-interpolation-mode: bicubic; max-width: 100%; disp=
|
|
lay: block; margin: 0 auto; height: auto; width: auto;"></div><ul style=3D"=
|
|
margin: 0 0 1.5em 0; line-height: 1.6em; padding-left: 1.3em; padding-right=
|
|
: 1.5em; list-style: disc; max-width: 100%;"><li style=3D"margin: 0.5em 0; =
|
|
padding-left: 0.3em; line-height: 1.6em;">All agencies will have to invento=
|
|
ry all major information systems and provide the inventory to CISA.</li><li=
|
|
style=3D"margin: 0.5em 0; padding-left: 0.3em; line-height: 1.6em;">And, f=
|
|
inally, the White House has made it easier for the Treasury to sanction for=
|
|
eign nationals and companies involved in malicious cyber activity targeting=
|
|
the US. Previously, such sanctions could be imposed only for certain types=
|
|
of activities.</li></ul><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6e=
|
|
m;">The new Trump administration is being sworn in on the day this newslett=
|
|
er goes live. The new admin can revoke the executive order, but it is highl=
|
|
y unlikely to happen since most of the EO deals with technical mumbo jumbo =
|
|
that's usually not at the center of US partisan conversations.</p><p st=
|
|
yle=3D"margin: 0 0 1.5em 0; line-height: 1.6em;">However, some are <a href=
|
|
=3D"https://news.risky.biz/r/31441cac?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">not sure about that</a> and expect the EO to rec=
|
|
eive some pushback just because Republicans have this thing of undoing ever=
|
|
ything Democrats do, regardless of how good or bad it is. Kindergarten poli=
|
|
tics at its finest!</p><h3 id=3D"risky-business-podcasts" style=3D"margin-t=
|
|
op: 0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', =
|
|
Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Seg=
|
|
oe UI Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-weig=
|
|
ht: 700; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-=
|
|
size: 26px;"><strong style=3D"font-weight: 800;"><em>Risky Business Podcast=
|
|
s</em></strong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><=
|
|
em>Risky Business is now on YouTube with video versions of our main podcast=
|
|
s. Below is our latest weekly show with Pat and Adam at the helm!</em></p><=
|
|
div class=3D"kg-card kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;=
|
|
"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
b752f044?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/RquLQQyrP-I/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/RquLQQyrP-I/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DRquLQQyrP-I" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/RquLQQyrP-I/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><hr style=3D"position: relative; display: blo=
|
|
ck; width: 100%; margin: 3em 0; padding: 0; height: 1px; border: 0; border-=
|
|
top: 1px solid #e5eff5;"><h3 id=3D"breaches-hacks-and-security-incidents" s=
|
|
tyle=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, '=
|
|
;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
|
|
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1=
|
|
=2E11em; font-weight: 700; text-renderi=
|
|
ng: optimizeLegibility; margin: 1.5em=20=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Breaches, =
|
|
hacks, and security incidents</strong></h3><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D"font-weight: 700;">China's Treas=
|
|
ury hack:</strong> Chinese state-sponsored hackers had direct access to ove=
|
|
r 400 laptops and desktop computers inside the US Treasury Department in a =
|
|
hack at the end of last year. The agency says the hackers stole over 3,000 =
|
|
unclassified documents outside of normal working hours to avoid detection. =
|
|
The intrusion targeted the agency's sanctions (OFAC) and foreign invest=
|
|
ment (CFIUS) bureaus. US Treasury Secretary Janet Yellen's computer was=
|
|
one of the compromised systems. Intelligence officials attributed the hack=
|
|
to a group tracked as Silk Typhoon. [<em>Additional coverage in </em><a hr=
|
|
ef=3D"https://news.risky.biz/r/f368a2d8?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: u=
|
|
nderline;" target=3D"_blank"><em>Bloomberg</em></a>]</p><p style=3D"margin:=
|
|
0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Salt=
|
|
Typhoon hacks impacted govt first, telcos second:</strong> CISA Director <=
|
|
a href=3D"https://news.risky.biz/r/829f522a?m=3D1a80b145-9ce5-407e-b496-c57=
|
|
050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoratio=
|
|
n: underline;" target=3D"_blank">Jen Easterly says</a> the agency detected =
|
|
Salt Typhoon activity on federal networks before the group was spotted targ=
|
|
eting American telcos. The early detection allowed investigators to seize o=
|
|
ne of the group's virtual private servers and spot the larger campaign =
|
|
targeting US telcos. Tips from the private sector also helped spot the atta=
|
|
cks.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=
|
|
=3D"font-weight: 700;">Otelier breach:</strong> Hotel management platform O=
|
|
telier suffered a security breach after a threat actor breached the company=
|
|
's Amazon S3 cloud storage environment in July of last year. The attack=
|
|
er is believed to have stolen the personal data of millions of customers. O=
|
|
telier's platform is used by over 10,000 hotels to manage reservations.=
|
|
It is used by big hotel chains such as Marriott, Hilton, and the Hyatt. Th=
|
|
e company has confirmed the breach, which allegedly took place via an emplo=
|
|
yee's stolen Atlassian server credentials. [<em>Additional coverage in =
|
|
</em><a href=3D"https://news.risky.biz/r/a1d87668?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-dec=
|
|
oration: underline;" target=3D"_blank"><em>Bleeping Computer</em></a>]</p><=
|
|
h3 id=3D"general-tech-and-privacy" style=3D"margin-top: 0; font-family: -ap=
|
|
ple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Aria=
|
|
l, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', '=
|
|
Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-rendering=
|
|
: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong st=
|
|
yle=3D"font-weight: 800;">General tech and privacy</strong></h3><p style=3D=
|
|
"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 70=
|
|
0;">FTC settles with GoDaddy over cybersecurity failures:</strong> Web host=
|
|
ing company GoDaddy has <a href=3D"https://news.risky.biz/r/4fec6e21?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color=
|
|
: #727272; text-decoration: underline;" target=3D"_blank">settled</a> with =
|
|
the FTC in an investigation related to multiple security failures the compa=
|
|
ny has suffered since 2018. The company has agreed to set up a robust secur=
|
|
ity program and is prohibited from misleading customers about its security =
|
|
features. GoDaddy will have to roll out multi-factor authentication for cus=
|
|
tomers and employees, remove outdated gear from its network, and protect it=
|
|
s APIs. The agency did not impose a fine.</p><p style=3D"margin: 0 0 1.5em =
|
|
0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">FTC privacy act=
|
|
ion against GM:</strong> The FTC has imposed a five-year ban on American ca=
|
|
rmaker General Motors on collecting and selling the private information of =
|
|
its customers. The agency's action comes after reports that GM sold geo=
|
|
location data and driver behavior to insurance companies. The data was used=
|
|
to spike insurance rates for drivers based on their driving styles despite=
|
|
drivers not causing any accidents.</p><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">FTC fines Genshin Imp=
|
|
act:</strong> The FTC has fined game developer Cognosphere <a href=3D"https=
|
|
://news.risky.biz/r/d1492619?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">$20 million</a> for selling loot boxes to teens under 16 =
|
|
without parental consent in its Genshin Impact title.</p><p style=3D"margin=
|
|
: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">GDP=
|
|
R complaints against Chinese apps:</strong> EU privacy group noyb has filed=
|
|
GDPR complaints against six Chinese apps for illegally transferring the pe=
|
|
rsonal data of EU citizens to China. The complaint lists TikTok, AliExpress=
|
|
, SHEIN, Temu, WeChat, and Xiaomi. The same agency has a long history of fi=
|
|
ling complaints against tech giants. <a href=3D"https://news.risky.biz/r/84=
|
|
c80920?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: an=
|
|
ywhere; color: #727272; text-decoration: underline;" target=3D"_blank">Prev=
|
|
ious complaints</a> have targeted Google, Facebook, Amazon, Mozilla, and Mi=
|
|
crosoft.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong s=
|
|
tyle=3D"font-weight: 700;">Google Search now requires JavaScript:</strong> =
|
|
Google is <a href=3D"https://news.risky.biz/r/7f1df46a?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; tex=
|
|
t-decoration: underline;" target=3D"_blank">now requiring users</a> to enab=
|
|
le JavaScript in their browsers to access and use its search engine.</p><h3=
|
|
id=3D"government-politics-and-policy" style=3D"margin-top: 0; font-family:=
|
|
-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, =
|
|
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', &=
|
|
#39;Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-rende=
|
|
ring: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><stron=
|
|
g style=3D"font-weight: 800;">Government, politics, and policy</strong></h3=
|
|
><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"fon=
|
|
t-weight: 700;">SCOTUS greenlights TikTok ban:</strong> The US Supreme Cour=
|
|
t upheld the US government's TikTok ban in a unanimous decision, ruling=
|
|
that the decision to ban the app on national security grounds does not go =
|
|
against the US Constitution's First Amendment. Incoming President Trump=
|
|
, who set the ban going in the first place, started to play Internet Jesus =
|
|
and promised to postpone the ban three months so TikTok has time to negotia=
|
|
te the sale of over 50% of its US branch to a US business. Good ol' maf=
|
|
ia-style shakedown, right here. [<em>Read SCOTUS ruling here/</em><a href=
|
|
=3D"https://news.risky.biz/r/940b1ba5?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank"><em>PDF</em></a>] [<em>Additional coverage in </=
|
|
em><a href=3D"https://news.risky.biz/r/a5bc702f?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank"><em>CNBC</em></a> <em>and </em><a href=
|
|
=3D"https://news.risky.biz/r/55b025cc?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank"><em>Axios</em></a>]</p><p style=3D"margin: 0 0 1=
|
|
=2E5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">Calls for=20=
|
|
smaller CISA:</strong> In her nomination hearing, DHS secretary nominee Kri=
|
|
sti Noem says she plans to make CISA a smaller and more nimble agency. The =
|
|
plan is to move CISA away from election misinformation and disinformation a=
|
|
nd refocus it on hunting and securing the country's critical infrastruc=
|
|
ture only. [<em>Additional coverage in </em><a href=3D"https://news.risky.b=
|
|
iz/r/caf496b4?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-w=
|
|
rap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blan=
|
|
k"><em>FNN</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em=
|
|
;"><strong style=3D"font-weight: 700;">FCC orders telcos to secure networks=
|
|
:</strong> The FCC has <a href=3D"https://news.risky.biz/r/ce1ac5c3?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">ordered telcos</a>=
|
|
to secure their networks against foreign hacks, citing section 105 of the =
|
|
Communications Assistance for Law Enforcement Act (CALEA), which they have =
|
|
to abide by.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">First FALCON deployment:</strong> A ransomwa=
|
|
re attack that hit Costa Rican oil refinery RECOPE was the first real-world=
|
|
deployment of a new US government IR team named the Foreign Assistance Lev=
|
|
eraged for Cybersecurity Operational Needs, or FALCON. [<em>Additional cove=
|
|
rage in </em><a href=3D"https://news.risky.biz/r/b9cc613c?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; =
|
|
text-decoration: underline;" target=3D"_blank"><em>The Record</em></a>]</p>=
|
|
<p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font=
|
|
-weight: 700;">EU healthcare cyber plan:</strong> The European Commission h=
|
|
as <a href=3D"https://news.risky.biz/r/521162f0?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank">unveiled a plan</a> to strengthen the =
|
|
cybersecurity of hospitals and healthcare providers. Officials plan to buil=
|
|
d an EU-wide early warning service by 2026 that will deliver near-real-time=
|
|
alerts on potential cyber threats. The EU will also establish a rapid resp=
|
|
onse service from trusted private service providers to help hospitals deal =
|
|
with cyber attacks. EU member states will also introduce Cybersecurity=
|
|
Vouchers to provide financial assistance to micro, small, and medium-sized=
|
|
hospitals and healthcare providers. [<em>Full plan </em><a href=3D"https:/=
|
|
/news.risky.biz/r/81b9591c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank"><em>here</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">Spyware proliferation=
|
|
:</strong> Almost 100 foreign governments have purchased advanced spyware d=
|
|
esigned to crack into cell phones. The head of the US government's coun=
|
|
terintelligence agency says the mobile spyware market has seen a "huge=
|
|
growth" with "dozens of companies" selling various products=
|
|
=2E US NCSC head Michael Casey says nea=
|
|
rly 20 new countries have acquired mob=
|
|
ile spyware since April 2023, when the number was around 80 nations. [<em>A=
|
|
dditional coverage in </em><a href=3D"https://news.risky.biz/r/6508c941?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank"><em>Breaking=
|
|
Defense</em></a>]</p><h3 id=3D"sponsor-section" style=3D"margin-top: 0; fon=
|
|
t-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, He=
|
|
lvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoj=
|
|
i', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; t=
|
|
ext-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px=
|
|
;"><strong style=3D"font-weight: 800;"><em>Sponsor section</em></strong></h=
|
|
3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>In this Risky B=
|
|
ulletin sponsor interview, Travis McPeak, the CEO and founder of Resourcely=
|
|
, explains that companies are now realising they have a ton of cloud-relate=
|
|
d technical debt because of the success of cloud posture management product=
|
|
s. Travis talks about different approaches he has seen to tackle rampant cl=
|
|
oud misconfigurations.</em></p><div class=3D"kg-card kg-embed-card" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/RBNEWSSI68.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/RBNEWSSI68/">=
|
|
Sponsored: The tidal wave of cloud technical debt</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Sponsored: The tidal=
|
|
wave of cloud technical debt",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/883430cd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/RBNEWSSI68/</span></a></p><h3 id=3D"arrests-cybercrime-and-threat-intel" s=
|
|
tyle=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, '=
|
|
;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
|
|
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1=
|
|
=2E11em; font-weight: 700; text-renderi=
|
|
ng: optimizeLegibility; margin: 1.5em=20=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Arrests, c=
|
|
ybercrime, and threat intel</strong></h3><p style=3D"margin: 0 0 1.5em 0; l=
|
|
ine-height: 1.6em;"><strong style=3D"font-weight: 700;">Threat actor leaks =
|
|
15k Fortinet firewall configs:</strong> A threat actor has leaked config fi=
|
|
les and login credentials for over 15,000 Fortinet firewalls. According to =
|
|
security researcher <a href=3D"https://news.risky.biz/r/b03cf1dc?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #7=
|
|
27272; text-decoration: underline;" target=3D"_blank">Kevin Beaumont</a>, t=
|
|
he data was collected in October 2022 using what was a zero-day vulnerabili=
|
|
ty (CVE-2022–40684) at the time. Security researchers have <a href=
|
|
=3D"https://news.risky.biz/r/c655ea0d?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">extracted the IPs</a> of all affected devices an=
|
|
d are notifying affected organizations. The threat actor behind the leak ca=
|
|
lls itself the Belsen Group.</p><div class=3D"kg-card kg-image-card" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/cont=
|
|
ent/images/2025/01/Belsen.png" class=3D"kg-image" alt loading=3D"lazy" widt=
|
|
h=3D"600" height=3D"314" style=3D"border: none; -ms-interpolation-mode: bic=
|
|
ubic; max-width: 100%; display: block; margin: 0 auto; height: auto; width:=
|
|
auto;"></div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">Ukraine phishing gang detained:</strong> <a hr=
|
|
ef=3D"https://news.risky.biz/r/66747005?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: u=
|
|
nderline;" target=3D"_blank">Ukrainian police</a> detained <a href=3D"https=
|
|
://news.risky.biz/r/0146a3b6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">nine individuals</a> suspected of running phishing campai=
|
|
gns via social media sites.</p><p style=3D"margin: 0 0 1.5em 0; line-height=
|
|
: 1.6em;"><strong style=3D"font-weight: 700;">Fake hotel review scheme dism=
|
|
antled in Nigeria:</strong> Nigerian police have <a href=3D"https://news.ri=
|
|
sky.biz/r/8b7f2381?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overf=
|
|
low-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"=
|
|
_blank">arrested 105 suspects</a> who were part of an online scam group tha=
|
|
t tricked foreigners into posting fake hotel reviews. Officials say the gro=
|
|
up was led by four Chinese men who recruited and trained Nigerien men to ac=
|
|
t as technical representatives in the scheme. The gang tricked victims into=
|
|
posting fake reviews in exchange for money and even making bookings in som=
|
|
e of the reviewed hotels, only to stop communications when payment was due.=
|
|
</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"=
|
|
font-weight: 700;">Cyber fraud arrests in China:</strong> The Chinese gover=
|
|
nment says it indicted over 67,000 on cyber fraud-related charges from Janu=
|
|
ary to November 2024, up almost 60% from the previous year, per <a href=3D"=
|
|
https://news.risky.biz/r/59def051?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underli=
|
|
ne;" target=3D"_blank"><em>China Daily</em></a>. Officials have also <a hre=
|
|
f=3D"https://news.risky.biz/r/2123f239?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: un=
|
|
derline;" target=3D"_blank">promised to continue</a> their crackdown, espec=
|
|
ially in northern Myanmar.</p><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">AWS Codefinger response:</stro=
|
|
ng> The AWS security team has published a <a href=3D"https://news.risky.biz=
|
|
/r/b926e5be?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wra=
|
|
p: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"=
|
|
>blog post</a> with advice on how to prevent and deal with <a href=3D"https=
|
|
://news.risky.biz/r/28a87712?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">Codefinger ransomware attacks</a> that have been targetin=
|
|
g AWS S3 buckets for the past weeks.</p><p style=3D"margin: 0 0 1.5em 0; li=
|
|
ne-height: 1.6em;"><strong style=3D"font-weight: 700;">CISA cloud logs play=
|
|
book:</strong> CISA has published a <a href=3D"https://news.risky.biz/r/0f1=
|
|
07e6b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: any=
|
|
where; color: #727272; text-decoration: underline;" target=3D"_blank">playb=
|
|
ook</a> on how organizations can fully employ the newly introduced logging =
|
|
capabilities in Microsoft Purview Audit (Standard) to better detect threats=
|
|
=2E</p><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D=
|
|
"font-weight: 700;">FBI security bad practices:</strong> The FBI has releas=
|
|
ed version 2.0 of its Product Security Bad Practices [<a href=3D"https://ne=
|
|
ws.risky.biz/r/72cb5649?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">PDF</a>]. The changes are detailed in the image below.</p><div=
|
|
class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><=
|
|
img src=3D"https://news.risky.biz/content/images/2025/01/FBI.png" class=3D"=
|
|
kg-image" alt loading=3D"lazy" width=3D"600" height=3D"539" style=3D"border=
|
|
: none; -ms-interpolation-mode: bicubic; max-width: 100%; display: block; m=
|
|
argin: 0 auto; height: auto; width: auto;"></div><p style=3D"margin: 0 0 1.=
|
|
5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">PyPI malwar=
|
|
e:</strong> Socket Security has discovered <a href=3D"https://news.risky.bi=
|
|
z/r/19dfbe05?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">new malware</a> on the PyPI repository, this one targeting API developers=
|
|
and Discord bot creators.</p><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">New npm malware:</strong> Seve=
|
|
nty-six malicious npm packages were discovered and taken down last week. Ch=
|
|
eck out the GitHub security advisory portal for <a href=3D"https://new=
|
|
s.risky.biz/r/f9a4bccd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"o=
|
|
verflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">more details</a>.</p><p style=3D"margin: 0 0 1.5em 0; line-heig=
|
|
ht: 1.6em;"><strong style=3D"font-weight: 700;">Lumma interview:</strong> T=
|
|
hreat intelligence analyst g0njxa has published an <a href=3D"https://news.=
|
|
risky.biz/r/4804c703?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">interview</a> with the creator of the Lumma infostealer.</p><p =
|
|
style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-we=
|
|
ight: 700;">Truth Social scams:</strong> Netcraft looks at the <a href=3D"h=
|
|
ttps://news.risky.biz/r/32ca3d97?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" =
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underlin=
|
|
e;" target=3D"_blank">incessant scams</a> that target newly created Truth S=
|
|
ocial accounts.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><s=
|
|
trong style=3D"font-weight: 700;">CERT-UA AnyDesk alert:</strong> Ukraine C=
|
|
ERT says an unidentified threat actor is targeting Ukrainian organizations =
|
|
with a <a href=3D"https://news.risky.biz/r/61581d03?m=3D1a80b145-9ce5-407e-=
|
|
b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-d=
|
|
ecoration: underline;" target=3D"_blank">social engineering campaign</a> wh=
|
|
ere they're trying to connect to their networks via AnyDesk, posing as =
|
|
a CERT-UA representative.</p><p style=3D"margin: 0 0 1.5em 0; line-height: =
|
|
1.6em;"><strong style=3D"font-weight: 700;">Toll-themed smishing:</strong> =
|
|
<a href=3D"https://news.risky.biz/r/95e21e17?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decorati=
|
|
on: underline;" target=3D"_blank"><em>Brian Krebs</em></a> has a report out=
|
|
on a massive SMS phishing wave that has hit the US using toll-themed lures=
|
|
=2E</p><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D=
|
|
"font-weight: 700;">Google Ads inception:</strong> According to <a href=3D"=
|
|
https://news.risky.biz/r/b8e9f8ae?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underli=
|
|
ne;" target=3D"_blank"><em>Malwarebytes</em></a>, a threat actor is using m=
|
|
alicious Google ads to target Google Ads users and steal their login creden=
|
|
tials.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; =
|
|
padding: 0;"><img src=3D"https://news.risky.biz/content/images/2025/01/Goog=
|
|
leAds.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"=
|
|
323" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width: 100=
|
|
%; display: block; margin: 0 auto; height: auto; width: auto;"></div><h3 id=
|
|
=3D"malware-technical-reports" style=3D"margin-top: 0; font-family: -apple-=
|
|
system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, s=
|
|
ans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Sego=
|
|
e UI Symbol'; line-height: 1.11em; font-weight: 700; text-rendering: op=
|
|
timizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=
|
|
=3D"font-weight: 800;">Malware technical reports</strong></h3><p style=3D"m=
|
|
argin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;=
|
|
">Gootloader:</strong> Sophos has published a report on <a href=3D"https://=
|
|
news.risky.biz/r/875ce657?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">Gootloader</a>, a malware family that uses hijacked Google=
|
|
search results to redirect users to compromised, legitimate WordPress webs=
|
|
ites.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong styl=
|
|
e=3D"font-weight: 700;">MintsLoader:</strong> eSentire has spotted a <a hre=
|
|
f=3D"https://news.risky.biz/r/c3d54e5b?m=3D1a80b145-9ce5-407e-b496-c57050db=
|
|
16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: un=
|
|
derline;" target=3D"_blank">new campaign</a> this month distributing MinstL=
|
|
oader and the Stealc infostealer.</p><p style=3D"margin: 0 0 1.5em 0; line-=
|
|
height: 1.6em;"><strong style=3D"font-weight: 700;">PNGPlug and ValleyRAT:<=
|
|
/strong> Intezer looks at a <a href=3D"https://news.risky.biz/r/e0b69339?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">malspam camp=
|
|
aign</a> targeting Chinese-speaking companies with the PNGPlug loader. The =
|
|
final payload is a well-known threat known as ValleyRAT.</p><p style=3D"mar=
|
|
gin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">=
|
|
Purrglar:</strong> Kandji has published a report on <a href=3D"https://news=
|
|
=2Erisky.biz/r/31c0fe6d?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"ov=
|
|
erflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">Purrglar</a>, a new macOS infostealer that was uploaded to Viru=
|
|
sTotal this year.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;">=
|
|
<strong style=3D"font-weight: 700;">Sneaky 2FA:</strong> French security fi=
|
|
rm Sekoia says it discovered a new AitM phishing kit named <a href=3D"https=
|
|
://news.risky.biz/r/3cb9ef2e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">Sneaky 2FA</a> that was designed for targeting Microsoft =
|
|
365 accounts. The kit is sold via a Phishing-as-a-Service model via a Teleg=
|
|
ram bot.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong s=
|
|
tyle=3D"font-weight: 700;">RansomHub:</strong> GuidePoint looks at the tact=
|
|
ics of one of <a href=3D"https://news.risky.biz/r/5528538c?m=3D1a80b145-9ce=
|
|
5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272;=
|
|
text-decoration: underline;" target=3D"_blank">RansomHub's affiliates<=
|
|
/a>.</p><blockquote style=3D"margin: 0; padding: 0; border-left: #727272 2p=
|
|
x solid; font-size: 17px; font-weight: 500; line-height: 1.6em; letter-spac=
|
|
ing: -0.2px;"><p style=3D"line-height: 1.6em; margin: 2em 25px; font-size: =
|
|
1em; padding: 0;"><em>"Like ReliaQuest, GuidePoint identified evidence=
|
|
linking SocGholish (FakeUpdate) to the initial access phase of the inciden=
|
|
t. In the incident GuidePoint investigated, the Python backdoor was dropped=
|
|
roughly 20 minutes after the initial infection. Subsequently, the threat a=
|
|
ctor dropped Python backdoors on additional systems during lateral movement=
|
|
via RDP sessions."</em></p></blockquote><p style=3D"margin: 0 0 1.5em=
|
|
0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">IoT DDoS botne=
|
|
t:</strong> Trend Micro has discovered a <a href=3D"https://news.risky.biz/=
|
|
r/4dfbb468?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap=
|
|
: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">=
|
|
new IoT botnet</a> that was used at the end of 2024 to launch large-scale D=
|
|
DoS attacks. The botnet primarily consists of wireless routers and IP camer=
|
|
as that didn't receive security updates and used weak passwords. Once c=
|
|
ompromised, the devices were infected with a malware strain that combined c=
|
|
ode from two known strains known as Mirai and Bashlite.</p><p style=3D"marg=
|
|
in: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">G=
|
|
ambling botnet:</strong> Imperva has analyzed a sprawling <a href=3D"https:=
|
|
//news.risky.biz/r/1b7a1e86?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">gambling botnet</a> that uses hacked and backdoored PHP we=
|
|
bsites to redirect and host its scams. The botnet primarily targets Indones=
|
|
ian users.</p><div class=3D"kg-card kg-image-card kg-card-hascaption" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/cont=
|
|
ent/images/2025/01/Indo.png" class=3D"kg-image" alt loading=3D"lazy" width=
|
|
=3D"520" height=3D"513" style=3D"border: none; -ms-interpolation-mode: bicu=
|
|
bic; max-width: 100%; display: block; margin: 0 auto; height: auto; width: =
|
|
auto;"><div class=3D"kg-card-figcaption" style=3D"text-align: center; font-=
|
|
family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helv=
|
|
etica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji&=
|
|
#39;, 'Segoe UI Symbol'; padding-top: 10px; padding-bottom: 10px; l=
|
|
ine-height: 1.5em; color: #738a94; font-size: 13px;"><span style=3D"text-al=
|
|
ign: center; white-space: pre-wrap;">One of the gambling ads used by the bo=
|
|
tnet</span></div></div><h3 id=3D"sponsor-section-1" style=3D"margin-top: 0;=
|
|
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto=
|
|
, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI =
|
|
Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 70=
|
|
0; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: =
|
|
26px;"><strong style=3D"font-weight: 800;"><em>Sponsor section</em></strong=
|
|
></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>Travis McPe=
|
|
ak demonstrates how to set up controls so that deploying cloud infrastructu=
|
|
re is secure and repeatable from the get go.</em></p><div class=3D"kg-card =
|
|
kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-=
|
|
->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
7bb7575c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/VDgLa8MM-SU/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/VDgLa8MM-SU/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DVDgLa8MM-SU" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/VDgLa8MM-SU/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><h3 id=3D"apts-cyber-espionage-and-info-ops" =
|
|
style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, =
|
|
9;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emo=
|
|
ji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: =
|
|
1.11em; font-weight: 700; text-rendering: optimizeLegibility; margin: 1.5em=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">APTs, cyb=
|
|
er-espionage, and info-ops</strong></h3><p style=3D"margin: 0 0 1.5em 0; li=
|
|
ne-height: 1.6em;"><strong style=3D"font-weight: 700;">US sanctions Salt Ty=
|
|
phoon company:</strong> The US Treasury has <a href=3D"https://news.risky.b=
|
|
iz/r/b789e3fe?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-w=
|
|
rap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blan=
|
|
k">imposed sanctions</a> on Sichuan Juxinhe Network Technology, a Chinese c=
|
|
ybersecurity company linked to the Salt Typhoon APT group. The US says the =
|
|
company was directly involved in hacking multiple US telcos. Officials say =
|
|
the company is one of many private companies the Chinese Ministry of State =
|
|
Security has used for its hacking operations. The Treasury also imposed add=
|
|
itional sanctions on Yin Kecheng, a Shanghai-based individual involved in h=
|
|
acking the Treasury itself at the end of last year. Officials say Yin is an=
|
|
MSS affiliate. The Treasury hack was previously linked to a group tracked =
|
|
as Silk Typhoon.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><=
|
|
strong style=3D"font-weight: 700;">Volt Typhoon infrastructure:</strong> Ac=
|
|
cording to <a href=3D"https://news.risky.biz/r/ac2fa504?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; te=
|
|
xt-decoration: underline;" target=3D"_blank">new Censys research</a>, the V=
|
|
olt Typhoon Chinese APT group didn't particularly <a href=3D"https://ne=
|
|
ws.risky.biz/r/1eae74e9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">gaf</a> after US law enforcement took down some of their botne=
|
|
ts and re-built its infrastructure in the exact same way as before, just ch=
|
|
anging hosting providers.</p><p style=3D"margin: 0 0 1.5em 0; line-height: =
|
|
1.6em;"><strong style=3D"font-weight: 700;">Star Blizzard goes after WhatsA=
|
|
pp data:</strong> A Russian APT group named <a href=3D"https://news.risky.b=
|
|
iz/r/72d9f770?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-w=
|
|
rap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blan=
|
|
k">Star Blizzard</a> has updated its normal tactics and is now targeting vi=
|
|
ctims via WhatsApp messages. According to Microsoft, the group's campai=
|
|
gns are targeting government officials and organizations providing support =
|
|
to Ukraine. The goal is to compromise accounts and steal past messages. The=
|
|
group has been historically linked to Russia's FSB intelligence servic=
|
|
e. Microsoft claims the group switched to targeting WhatsApp after the <a h=
|
|
ref=3D"https://news.risky.biz/r/1f3bd27d?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff" rel=3D"noreferrer" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank">FBI seized</a> some of the=
|
|
group's server infrastructure in October.</p><p style=3D"margin: 0 0 1=
|
|
=2E5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">SDA bypass=
|
|
es sanctions:</strong> <a href=3D"https://news.risky.biz/r/2e312e69?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">Check First</a> lo=
|
|
oks at how Meta has failed to detect and ran politically-themed ads from th=
|
|
e Social Design Agency, a Russian disinformation group sanctioned by US aut=
|
|
horities.</p><blockquote style=3D"margin: 0; padding: 0; border-left: #7272=
|
|
72 2px solid; font-size: 17px; font-weight: 500; line-height: 1.6em; letter=
|
|
-spacing: -0.2px;"><p style=3D"line-height: 1.6em; margin: 2em 25px; font-s=
|
|
ize: 1em; padding: 0;"><em>"Based on 480 screenshots from Facebook Ads=
|
|
Manager included in the leak, combined with prior detection of over eight =
|
|
thousand advertisements, we estimate that SDA-authored propaganda advertise=
|
|
ments generated over 123,000 clicks and a minimum earning for Meta of ~$338=
|
|
,000 in the European Union alone, after SDA was sanctioned by the European =
|
|
Union in July 2023."</em></p></blockquote><p style=3D"margin: 0 0 1.5e=
|
|
m 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Russian disin=
|
|
fo targets Canada:</strong> Canada NYT Bureau Chief has tracked down a <a h=
|
|
ref=3D"https://news.risky.biz/r/5de24183?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: =
|
|
underline;" target=3D"_blank">Russian disinformation effort</a> targeting C=
|
|
anadians on Twitter.</p><h3 id=3D"vulnerabilities-security-research-and-bug=
|
|
-bounty" style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystem=
|
|
Font, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple =
|
|
Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line=
|
|
-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibility; marg=
|
|
in: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">=
|
|
Vulnerabilities, security research, and bug bounty</strong></h3><p style=3D=
|
|
"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 70=
|
|
0;">Asterisk security update:</strong> The Asterisk PBX and telephony serve=
|
|
r has released security patches to fix a path traversal vulnerability (<a h=
|
|
ref=3D"https://news.risky.biz/r/f60e3d67?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: =
|
|
underline;" target=3D"_blank">CVE-2024-53566</a>).</p><p style=3D"margin: 0=
|
|
0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Kubern=
|
|
etes Windows vulnerability:</strong> The Kubernetes project has <a href=3D"=
|
|
https://news.risky.biz/r/cc5aa7e1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underli=
|
|
ne;" target=3D"_blank">patched</a> a vulnerability in its Windows nodes tha=
|
|
t could allow threat actors to take over hosts. Tracked as CVE-2024-9042, t=
|
|
he vulnerability allows a threat actor who can query a node's "/lo=
|
|
gs" endpoint to execute commands. Only Windows nodes are impacted.</p>=
|
|
<p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font=
|
|
-weight: 700;">Planet industrial switch vulnerabilities:</strong> Claroty r=
|
|
esearchers have found <a href=3D"https://news.risky.biz/r/2e940b1c?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: =
|
|
#727272; text-decoration: underline;" target=3D"_blank">three vulnerabiliti=
|
|
es</a> in Planet Technology WGS-804HPT industrial switches, typically used =
|
|
in critical sector organizations. The bugs can be chained and exploited for=
|
|
remote code execution attacks. The vulnerabilities were privately disclose=
|
|
d and fixed by the vendor.</p><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">Mercedes vulnerabilities:</str=
|
|
ong> Kaspersky researchers have identified <a href=3D"https://news.risky.bi=
|
|
z/r/fce67511?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">13 vulnerabilities</a> in the MBUX infotainment systems of Mercedes cars.=
|
|
</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"=
|
|
font-weight: 700;">New NTLMv1 GPO bypass:</strong> Silverfort researchers h=
|
|
ave found <a href=3D"https://news.risky.biz/r/e608961a?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; tex=
|
|
t-decoration: underline;" target=3D"_blank">a way to bypass</a> an Active D=
|
|
irectory Group Policy designed to disable the outdated NTLMv1 protocol. The=
|
|
technique abuses scenarios in on-prem networks that allow some application=
|
|
s to continue using NTLMv1 tokens for authentication even if the GPO policy=
|
|
to disable the protocol is active.</p><div class=3D"kg-card kg-image-card"=
|
|
style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.bi=
|
|
z/content/images/2025/01/Bypass.png" class=3D"kg-image" alt loading=3D"lazy=
|
|
" width=3D"600" height=3D"255" style=3D"border: none; -ms-interpolation-mod=
|
|
e: bicubic; max-width: 100%; display: block; margin: 0 auto; height: auto; =
|
|
width: auto;"></div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><=
|
|
strong style=3D"font-weight: 700;">Ivanti zero-day PoC:</strong> A <a href=
|
|
=3D"https://news.risky.biz/r/d3a5172f?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">proof-of-concept</a> is <a href=3D"https://news.=
|
|
risky.biz/r/f898aeb4?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">now public</a> for a recent Ivanti zero-day tracked as <a href=
|
|
=3D"https://news.risky.biz/r/f516c64c?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">CVE-2025-0282</a>, exploited in the wild by a su=
|
|
spected Chinese threat actor (<a href=3D"https://news.risky.biz/r/e07afc8c?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere;=
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">UNC5221</a>=
|
|
).</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=
|
|
=3D"font-weight: 700;">Karmada security audit:</strong> The <a href=3D"http=
|
|
s://news.risky.biz/r/fff8e94c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank">Karmada</a> k8s orchestration cluster has fixed six vuln=
|
|
erabilities found in a recent <a href=3D"https://news.risky.biz/r/5580b2e4?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere;=
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">security au=
|
|
dit</a>.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong s=
|
|
tyle=3D"font-weight: 700;">Bitpixie exploit still works:</strong> The <a hr=
|
|
ef=3D"https://news.risky.biz/r/3be48ae4?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: u=
|
|
nderline;" target=3D"_blank">Bitpixie exploit</a>, which can be used to byp=
|
|
ass the Windows BitLocker encryption system without any hardware shenanigan=
|
|
s, <a href=3D"https://news.risky.biz/r/cb2cbf44?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decor=
|
|
ation: underline;" target=3D"_blank">still works</a> two years after being =
|
|
discovered.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stron=
|
|
g style=3D"font-weight: 700;">New UEFI Secure Boot bypass:</strong> ESET ha=
|
|
s discovered a <a href=3D"https://news.risky.biz/r/f9d9cab8?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272=
|
|
; text-decoration: underline;" target=3D"_blank">new UEFI Secure Boot bypas=
|
|
s</a> in a legitimate UEFI application used by several real-time system rec=
|
|
overy software suites. The issue was patched this month and was assigned <a=
|
|
href=3D"https://news.risky.biz/r/3f19f7c2?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration=
|
|
: underline;" target=3D"_blank">CVE-2024-7344</a>.</p><blockquote style=3D"=
|
|
margin: 0; padding: 0; border-left: #727272 2px solid; font-size: 17px; fon=
|
|
t-weight: 500; line-height: 1.6em; letter-spacing: -0.2px;"><p style=3D"lin=
|
|
e-height: 1.6em; margin: 2em 25px; font-size: 1em; padding: 0;"><em>"T=
|
|
he vulnerability can be mitigated by applying the latest UEFI revocations f=
|
|
rom Microsoft. Windows systems should be updated automatically."</em><=
|
|
/p></blockquote><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">Thinned-out CVE stats:</strong> WordPress-re=
|
|
lated bugs accounted for <a href=3D"https://news.risky.biz/r/2d53f460?m=3D1=
|
|
a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; colo=
|
|
r: #727272; text-decoration: underline;" target=3D"_blank">almost a quarter=
|
|
</a> of all CVEs issued last year. Le sigh! Also, check out <a href=3D"http=
|
|
s://news.risky.biz/r/e9933315?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank">Jerry Gamblinb's breakdown</a> of last year's CV=
|
|
Es.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; pad=
|
|
ding: 0;"><img src=3D"https://news.risky.biz/content/images/2025/01/CVE-mat=
|
|
h.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"338"=
|
|
style=3D"border: none; -ms-interpolation-mode: bicubic; max-width: 100%; d=
|
|
isplay: block; margin: 0 auto; height: auto; width: auto;"></div><h3 id=3D"=
|
|
infosec-industry" style=3D"margin-top: 0; font-family: -apple-system, Blink=
|
|
MacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, &#=
|
|
39;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol&#=
|
|
39;; line-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibil=
|
|
ity; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weigh=
|
|
t: 800;">Infosec industry</strong></h3><p style=3D"margin: 0 0 1.5em 0; lin=
|
|
e-height: 1.6em;"><strong style=3D"font-weight: 700;">Threat/trend reports:=
|
|
</strong> <a href=3D"https://news.risky.biz/r/54413eb4?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; tex=
|
|
t-decoration: underline;" target=3D"_blank">ANY.RUN</a>, <a href=3D"https:/=
|
|
/news.risky.biz/r/3f4f8d08?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank">GuidePoint Security</a>, <a href=3D"https://news.risky.biz=
|
|
/r/cc53f162?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wra=
|
|
p: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"=
|
|
>ReliaQuest</a>, <a href=3D"https://news.risky.biz/r/bf4860bf?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #7272=
|
|
72; text-decoration: underline;" target=3D"_blank">VMR</a>, and the <a href=
|
|
=3D"https://news.risky.biz/r/7f64ad0c?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">World Economic Forum</a> have published reports =
|
|
and summaries covering various infosec trends and industry threats.</p><div=
|
|
class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><=
|
|
img src=3D"https://news.risky.biz/content/images/2025/01/WEF.png" class=3D"=
|
|
kg-image" alt loading=3D"lazy" width=3D"600" height=3D"308" style=3D"border=
|
|
: none; -ms-interpolation-mode: bicubic; max-width: 100%; display: block; m=
|
|
argin: 0 auto; height: auto; width: auto;"></div><p style=3D"margin: 0 0 1.=
|
|
5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">New tool&#x=
|
|
2014;OSV-SCALIBR:</strong> <a href=3D"https://news.risky.biz/r/f31f34e9?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">Google</a> h=
|
|
as open-sourced <a href=3D"https://news.risky.biz/r/13dd5fc2?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">OSV-SCALIBR</a>, a librar=
|
|
y to extract software inventory data, scan files, and detect vulnerabilitie=
|
|
s.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=
|
|
=3D"font-weight: 700;">New tool—LabSync:</strong> Cellebrite has rel=
|
|
eased <a href=3D"https://news.risky.biz/r/cb08364b?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-de=
|
|
coration: underline;" target=3D"_blank">LabSync</a>, an IDA plugin that can=
|
|
be used to partially synchronize IDBs between different users working on r=
|
|
eversing the same binaries.</p><p style=3D"margin: 0 0 1.5em 0; line-height=
|
|
: 1.6em;"><strong style=3D"font-weight: 700;">MITRE D3FEND:</strong> MITRE =
|
|
has <a href=3D"https://news.risky.biz/r/3afcf83a?m=3D1a80b145-9ce5-407e-b49=
|
|
6-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-deco=
|
|
ration: underline;" target=3D"_blank">launched</a> v1.0 of <a href=3D"https=
|
|
://news.risky.biz/r/edba2f18?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">D3FEND</a>, a knowledgebase designed to establish a vocab=
|
|
ulary and conceptualization of the cyber domain.</p><p style=3D"margin: 0 0=
|
|
1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">OWASP NH=
|
|
I Top 10:</strong> The OWASP Project has published its <a href=3D"https://n=
|
|
ews.risky.biz/r/4b29af43?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D=
|
|
"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targ=
|
|
et=3D"_blank">Top 10 ranking</a> of risks associated with non-human identit=
|
|
ies (NHIs) for application developers. The organization listed Improper Off=
|
|
boarding as the top risk.</p><div class=3D"kg-card kg-image-card" style=3D"=
|
|
margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/content/=
|
|
images/2025/01/NHI.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"60=
|
|
0" height=3D"1311" style=3D"border: none; -ms-interpolation-mode: bicubic; =
|
|
max-width: 100%; display: block; margin: 0 auto; height: auto; width: auto;=
|
|
"></div><h3 id=3D"risky-business-podcasts-1" style=3D"margin-top: 0; font-f=
|
|
amily: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helve=
|
|
tica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji&#=
|
|
39;, 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text=
|
|
-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;">=
|
|
<strong style=3D"font-weight: 800;"><em>Risky Business Podcasts</em></stron=
|
|
g></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>In this po=
|
|
dcast, Tom Uren and Adam Boileau talk about the continued importance of hac=
|
|
k and leak operations. They didn't really affect the recent US presiden=
|
|
tial election, but they are still a powerful tool for vested interests to i=
|
|
nfluence public policy.</em></p><div class=3D"kg-card kg-embed-card" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/SRB106.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/SRB106/">Srsl=
|
|
y Risky Biz: Why two hats are better than two heads</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Srsly Risky Biz: Why=
|
|
two hats are better than two heads",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/e685c61a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/SRB106/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
b802e550?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DRNw5NCYSeG8" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><em>In this edition of Between Two Nerds, Tom Uren and The Grugq t=
|
|
alk about the evolution of Russian cyber operations during its invasion of =
|
|
Ukraine.</em></p><div class=3D"kg-card kg-embed-card" style=3D"margin: 0 0 =
|
|
1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/BTN105.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/BTN105/">Betw=
|
|
een Two Nerds: The evolution of Russia's cyber operations in Ukraine<=
|
|
;/a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Between Two Nerds: T=
|
|
he evolution of Russia's cyber operations in Ukraine",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/56a8faaf?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/BTN105/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
06415e46?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/e49QGvfSWoU/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/e49QGvfSWoU/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3De49QGvfSWoU" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/e49QGvfSWoU/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div>
|
|
<!-- POST CONTENT END -->
|
|
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<!-- END MAIN CONTENT AREA -->
|
|
|
|
|
|
|
|
|
|
<tr>
|
|
<td class=3D"wrapper" align=3D"center" styl=
|
|
e=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Ro=
|
|
boto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe=
|
|
UI Emoji', 'Segoe UI Symbol'; font-size: 18px; vertical-align:=
|
|
top; color: #15212A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; p=
|
|
adding-top: 40px; padding-bottom: 30px;">
|
|
<tr>
|
|
<td class=3D"footer" style=3D"f=
|
|
ont-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, =
|
|
Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Em=
|
|
oji', 'Segoe UI Symbol'; vertical-align: top; color: #738a94; m=
|
|
argin-top: 20px; text-align: center; padding-bottom: 10px; padding-top: 10p=
|
|
x; padding-left: 30px; padding-right: 30px; line-height: 1.5em; font-size: =
|
|
13px;" valign=3D"top" align=3D"center">Risky.Biz © 2025 – <a hr=
|
|
ef=3D"https://news.risky.biz/unsubscribe/?uuid=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff&key=3Db42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e3=
|
|
2ee87b&newsletter=3D102a29ad-4bfc-4105-8645-703ba0268482" style=3D"overflow=
|
|
-wrap: anywhere; color: #738a94; text-decoration: underline; font-size: 13p=
|
|
x;" target=3D"_blank">Unsubscribe</a></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
</table>
|
|
<!-- END CENTERED WHITE CONTAINER -->
|
|
</div>
|
|
</td>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
</tr>
|
|
|
|
<!--[if mso]>
|
|
</table>
|
|
</center>
|
|
</td>
|
|
</tr>
|
|
<![endif]-->
|
|
</table>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
--d48c8fb4d42dae659b8798753acb4538eeff470e8291e7e65b237ab95d5b--
|
.