|
X-He-Spam-Score: -2.1
|
|
Return-Path: <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>
|
|
Delivered-To: dropbox@plan.io
|
|
Received: from m.launch.gmbh ([127.0.0.1])
|
|
by m.launch.gmbh with LMTP
|
|
id eEPcDWuCkGfU9QIAJzdhvw
|
|
(envelope-from <bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io>)
|
|
for <dropbox@plan.io>; Wed, 22 Jan 2025 06:30:19 +0100
|
|
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on m.launch.gmbh
|
|
X-Spam-Level:
|
|
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
|
|
DKIM_VALID,DMARC_PASS,HTML_IMAGE_RATIO_08,HTML_MESSAGE,LOTS_OF_MONEY,
|
|
RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_FAIL,SPF_FAIL_IGNORE,
|
|
SPF_HELO_NONE,T_KAM_HTML_FONT_INVALID autolearn=ham autolearn_force=no
|
|
version=3.4.6
|
|
X-Spam-Report:
|
|
* -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
|
|
* https://www.dnswl.org/, no trust
|
|
* [64.90.62.164 listed in list.dnswl.org]
|
|
* -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
|
|
* [score: 0.0000]
|
|
* -0.1 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
|
|
* [64.90.62.164 listed in wl.mailspike.net]
|
|
* 5.0 SPF_FAIL SPF check failed
|
|
* -0.1 DMARC_PASS DMARC check passed
|
|
* 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
|
|
* 0.0 HTML_MESSAGE BODY: HTML included in message
|
|
* 0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image
|
|
* area
|
|
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
|
|
* valid
|
|
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
|
|
* 0.0 LOTS_OF_MONEY Huge... sums of money
|
|
* 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
|
|
* Colors in HTML
|
|
* -5.0 SPF_FAIL_IGNORE Planio Inbox does not consider SPF FAILS on
|
|
* redirects
|
|
X-Spam-Score: -2.1
|
|
Authentication-Results: m.launch.gmbh; dmarc=pass (p=none dis=none) header.from=ghost.io
|
|
Authentication-Results: m.launch.gmbh; spf=fail smtp.mailfrom=m.ghost.io
|
|
Authentication-Results: m.launch.gmbh;
|
|
dkim=pass (2048-bit key; unprotected) header.d=m.ghost.io header.i=@m.ghost.io header.a=rsa-sha256 header.s=mailgun header.b=AwaRbcZJ;
|
|
dkim-atps=neutral
|
|
Envelope-to: inbox+rlxc+36be+hoax-clearing-center@plan.io
|
|
Received: from pdx1-sub0-mail-mx202.dreamhost.com (fltr-in2.mail.dreamhost.com [64.90.62.164])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by m.launch.gmbh (Postfix) with ESMTPS id 68383160FE3
|
|
for <inbox+rlxc+36be+hoax-clearing-center@plan.io>; Wed, 22 Jan 2025 06:30:18 +0100 (CET)
|
|
Received: from postfix-inbound-v2-4.inbound.mailchannels.net (inbound-egress-7.mailchannels.net [23.83.220.5])
|
|
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
|
|
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
|
|
(No client certificate requested)
|
|
by pdx1-sub0-mail-mx202.dreamhost.com (Postfix) with ESMTPS id 4YdCMW5YyYz9J5t
|
|
for <lapor@turnbackhoax.id>; Tue, 21 Jan 2025 21:30:15 -0800 (PST)
|
|
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1737523814; a=rsa-sha256;
|
|
cv=none;
|
|
b=IfsOG0uraPu2IqSVpnRCmaDvcyxlxUPswczTo/tS1CjmWd8Y/NICddTGCsm9hBKQINEiMs
|
|
b66lhAhmoWmQ2fu4vjE6HlW8wo/FKwQV9yTi7beRScVQzrEaOuDamdk9gd7akrJr5tLnyO
|
|
b7j0Vs9wM+ZUO2Fbx58G2HN1+7yqyK2Ufj8Rx/WF3XZvpuuhnibeA2TLHldWoWZ11gwRFY
|
|
eaWqY4CXcS1moCtqSIzLAF2jGQGtPbiE8KF/4WN7y2+uw2tKgdjOMPs62dOcmtIdwYFaWO
|
|
5nLDbGU3F5+f3Fvb1NlVJJ7iDbL7Cs9KrMM/PsMyjs4XaH0LZWhjLP7E4KG10g==
|
|
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
|
|
d=mailchannels.net;
|
|
s=arc-2022; t=1737523814;
|
|
h=from:from:sender:sender:reply-to:subject:subject:date:date:
|
|
message-id:message-id:to:to:cc:mime-version:mime-version:
|
|
content-type:content-type:list-unsubscribe:list-unsubscribe-post:
|
|
dkim-signature; bh=tddAuYp/63dEIA2mlfpeX5Du+FY/+Egp3eohV/mhmgw=;
|
|
b=tDum12CbSquBLDsFsaSnETwLB7hPWyr3jouPrNzUjfBX5vK3YDR0eC7VR+dz60fJF9dA6+
|
|
cEJjKfYgIpuPgqoxXv2Usqx0m+1F1A8xiniDi9jccI8qL35iAdp8STLaxQrlVsZfNlYdO9
|
|
fzQWPgBqyAe6zW9waeYe19PTaJaUAAWjhhIRpoxqSwsVlF/WhyNS2cW1JPO5GgVR6GjI6/
|
|
RbXiZU39DHkog3w3CxBNQdf4e4QP+yTwAeZquxJyWkLscclLVZLNtytVqcvuHK/mGiwTB+
|
|
R5uMuSOgUCm83bLHUtsSDt2vVj4AUXaYp0pfhFjzrBzzkG+cjTClYB0sOOxupw==
|
|
ARC-Authentication-Results: i=1;
|
|
inbound-rspamd-7d6dbf97d6-n5cwc;
|
|
none
|
|
X-Message-ID: h1Px9zM9RIUTj2tzMjpyjLIX
|
|
Received: from relay16.ghost.io (relay16.ghost.io [198.244.55.109])
|
|
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256)
|
|
by 100.116.67.154 (trex/6.10.3);
|
|
Wed, 22 Jan 2025 05:30:15 +0000
|
|
Authentication-Results: inbound.mailchannels.net;
|
|
spf=pass
|
|
smtp.mailfrom=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
dkim=pass header.d=m.ghost.io;
|
|
dmarc=pass (policy=none; pct=100; status=pass);
|
|
arc=none
|
|
Received-SPF: pass (dmarc-service-5d68fff777-w6v88: domain of m.ghost.io
|
|
designates 198.244.55.109 as permitted sender) client-ip=198.244.55.109;
|
|
envelope-from=bounce+b82545.7bdc18-lapor=turnbackhoax.id@m.ghost.io;
|
|
helo=relay16.ghost.io;
|
|
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=m.ghost.io; q=dns/txt; s=mailgun; t=1737523813; x=1737531013;
|
|
h=Message-Id: List-Unsubscribe-Post: List-Unsubscribe: To: To: From: From: Subject: Subject: Content-Type: Mime-Version: Date: Sender: Sender;
|
|
bh=tddAuYp/63dEIA2mlfpeX5Du+FY/+Egp3eohV/mhmgw=;
|
|
b=AwaRbcZJT9eNQM7iwS8TCWmzru31KIKiwKNpTpdqGl0yy71z3XngTXn66UwLcDRlCEl6L2vxQSc0w5TlsJeTArIOU+HN2uy4Cl+coKTcMnLFbW/4ah2k8rNrqy687sr/u/XI7sfEIWnGIXpBla3bx+rpzxCkg8PCPYqafwqaIUDvRp0hXeb0rIzChSshPGtCJfkALGxKvWfYvEv62qQ2suh0gBHlFP0P6+LnN7NHv+orkCLadnS6ppjYHFxu1MaNv5+ZrMEMOSsKrV4Rc7TvBt1vuh1u5QrOs17s192VdJZDgZJv+scLfGlgrJ5BM00CAXbBYHfuOStHSfXrj9xDDw==
|
|
X-Mailgun-Sending-Ip: 198.244.55.109
|
|
X-Mailgun-Sending-Ip-Pool-Name: Bulk - Standard
|
|
X-Mailgun-Sending-Ip-Pool: 6155d7ba935d084321777411
|
|
X-Mailgun-Sid: WyIzODUwYiIsImxhcG9yQHR1cm5iYWNraG9heC5pZCIsIjdiZGMxOCJd
|
|
Received: by 05b6d0824c04 with HTTP id 67908265883f440b398c8eac; Wed, 22 Jan 2025
|
|
05:30:07 GMT
|
|
X-Mailgun-Batch-Id: 6790825f826523a6af81f0f2
|
|
Sender: risky-biz=ghost.io@m.ghost.io
|
|
Date: Wed, 22 Jan 2025 05:30:07 +0000
|
|
Mime-Version: 1.0
|
|
Content-Type: multipart/alternative;
|
|
boundary="a1b2450c7c69da15f22f678701286b2b9fdf5a64ba695a8bed3f7a8725e7"
|
|
Subject: Risky Bulletin: Threat actor impersonates FSB APT for months to target Russian
|
|
orgs
|
|
From: Risky.Biz <risky-biz@ghost.io>
|
|
To: lapor@turnbackhoax.id
|
|
X-Mailgun-Tag: ghost-email
|
|
X-Mailgun-Tag: blog-1041185
|
|
X-Mailgun-Tag: bulk-email
|
|
X-Mailgun-Track-Opens: true
|
|
X-Mailgun-Deliver-By: Wed, 22 Jan 2025 05:30:03 +0000
|
|
List-Unsubscribe: <https://news.risky.biz/unsubscribe/?uuid=1a80b145-9ce5-407e-b496-c57050db16ff&key=b42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=102a29ad-4bfc-4105-8645-703ba0268482>,
|
|
<mailto:u+mq6toytemmytqjtfnvqws3bnnfsd2nrxheydqmrvme2gkm3ggy2tambqge3demtdmq4cm2b5hfsteyrvmi3wimruhbqwmzddgy3dontfmmytcnbygyyggmbygzssm2j5giydenjqgezdembvgmydanzogjrggzbyhbrtgmrxhaztszlfgmstimdnfztwq33toqxgs3zgoi6wyylqn5zcknbqor2xe3tcmfrww2dpmf4c42leez2d2z3in5zxillfnvqws3bgoq6we3dpm4wtcmbugeytqnjgoq6we5lmnmwwk3lbnfwcm5r5gi@m.ghost.io>
|
|
List-Unsubscribe-Post: List-Unsubscribe=One-Click
|
|
X-Mailgun-Variables: {"email-id": "6790825a4e3f650001622cd8"}
|
|
Message-Id: <20250122053007.2bcd88c327839ee3@m.ghost.io>
|
|
|
|
--a1b2450c7c69da15f22f678701286b2b9fdf5a64ba695a8bed3f7a8725e7
|
|
Content-Type: text/plain; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
https://news.risky.biz/r/c151a9b8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff
|
|
|
|
|
|
Risky Business News [https://news.risky.biz/r/f6622b91?m=3D1a80b145-9ce5-40=
|
|
7e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky Bulletin: Threat actor impersonates FSB APT for months to target Russ=
|
|
ian orgs [https://news.risky.biz/r/6b251602?m=3D1a80b145-9ce5-407e-b496-c57=
|
|
050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
By Catalin Cimpanu =E2=80=A2 22 Jan 2025
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/ae08e97e?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
View in browser [https://news.risky.biz/r/2ac96d1c?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This newsletter is brought to you by=C2=A0Resourcely [https://news.risky.bi=
|
|
z/r/105e8f59?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], the company that ca=
|
|
n help you manage Terraform securely. You can subscribe to an audio version=
|
|
of this newsletter as a podcast by searching for "Risky Business" in your =
|
|
podcatcher or subscribing via this RSS feed [https://news.risky.biz/r/762c9=
|
|
1c5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
|
|
|
|
https://risky.biz/RBNEWS379/ [https://news.risky.biz/r/4f3748e8?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff]
|
|
|
|
A cyber-espionage group has mimicked the tactics of an FSB-linked APT to ta=
|
|
rget Russian organizations for months.
|
|
|
|
Named GamaCopy (or Core Werewolf), the group emulated the tactics of Gamare=
|
|
don (or Armageddon), a cyber-espionage group operated by the Russian FSB in=
|
|
telligence agency from the occupied region of Crimea.
|
|
|
|
The group's false flag attacks have been taking place since June of last ye=
|
|
ar. The campaign has tricked several security vendors who misattributed att=
|
|
acks to Gamaredon, according to a report [https://news.risky.biz/r/b9d8c3ef=
|
|
?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] from Chinese security firm Known=
|
|
sec 404.
|
|
|
|
The spear-phishing campaigns have used military-related lures to target ind=
|
|
ividuals in Russia's defense and critical infrastructure sectors and trick =
|
|
them into extracting malicious 7zip archive files.
|
|
|
|
> "Obviously, this is a successful false flag operation by the organization=
|
|
that has deceived some vendors who have not conducted in-depth analysis."
|
|
|
|
Knownsec 404 has not made a formal attribution for GamaCopy, and neither ha=
|
|
ve the Russian security vendors who previously covered past campaigns, such=
|
|
as BI.ZONE [https://news.risky.biz/r/beba062d?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff], FACCT [https://news.risky.biz/r/0e8d70a7?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff], and Kaspersky [https://news.risky.biz/r/f5199d90?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
While Ukraine would seem an easy source of origin for the attacks, both Chi=
|
|
na and North Korea have been just as active in spying on Russian defense or=
|
|
gs over the past two years as the Ukrainians, so it's not as clear as it ma=
|
|
y look.
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
Risky Business is now on YouTube with video versions of our main podcasts. =
|
|
Below is our latest weekly show with Pat and Adam at the helm!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/6eaca967?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
----------------------------------------
|
|
|
|
|
|
Breaches, hacks, and security incidents
|
|
|
|
Rostelecom attack: The Russian government says [https://news.risky.biz/r/28=
|
|
6c5822?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] that a threat actor has ha=
|
|
cked one of Rostelecom's contractors but that the incident did not impact t=
|
|
he activity of the government's Gosuslugi e-portal. A hacking group named S=
|
|
ilent Crow has breached and leaked data from several of Rostelecom's online=
|
|
portals. The Russian company [https://news.risky.biz/r/e96dc4b3?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff] and the Russian government [https://news.ri=
|
|
sky.biz/r/cff3edef?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] have confirmed=
|
|
the hack and blamed the breach on one of Rostelecom's contractors. Rostele=
|
|
com manages Russia's e-government portal known as the Gosuslugi. Rostelecom=
|
|
says the leaked data is not sensitive in nature and did not impact Gosuslu=
|
|
gi in any way. This is Silent Crow's second major hack this year after it a=
|
|
lso breached [https://news.risky.biz/r/614e9ba6?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff] Russia's State Registration, Cadastre, and Cartography agenc=
|
|
y, the Rosreestr.
|
|
|
|
HPE investigates breach: American tech giant HPE is investigating a possibl=
|
|
e security breach after a threat actor started advertising a batch of data =
|
|
allegedly stolen from its servers. The hacker claims to have stolen old use=
|
|
r data and source code for the Zerto & iLO products. The threat actor is na=
|
|
med IntelBroker, the same individual who breached Cisco's DevHub portal at =
|
|
the end of last year. [Additional coverage in SecurityWeek [https://news.ri=
|
|
sky.biz/r/26240805?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
Carrefour leak: On the same note, a threat actor is also claiming to have b=
|
|
reached French retail giant Carrefour. This one's unconfirmed at the time o=
|
|
f writing.
|
|
|
|
|
|
General tech and privacy
|
|
|
|
Douyin takes down restrictions: Douyin, the name of the Chinese version of =
|
|
TikTok, has removed restrictions on the use of foreign phone numbers to reg=
|
|
ister accounts. This means that international users can now apply and brows=
|
|
e the Chinese version of TikTok. [Additional coverage in Tech In Asia [http=
|
|
s://news.risky.biz/r/b1cbf461?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
CoDCW anti-cheat: A reverse engineer known as ssno has reverse-engineered [=
|
|
https://news.risky.biz/r/b847a54d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff]=
|
|
the anti-cheat system used by the Call of Duty: Cold War game.
|
|
|
|
RPKI ROA coverage: According to RIPE Labs [https://news.risky.biz/r/7fac400=
|
|
1?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], more than half of both the IPv=
|
|
4 and IPv6 routes in the global routing system are covered by RPKI ROAs [ht=
|
|
tps://news.risky.biz/r/ce095039?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] (=
|
|
~ 54%).
|
|
|
|
|
|
Government, politics, and policy
|
|
|
|
Trump revokes Biden's AI executive order: Hours after being sworn in, US Pr=
|
|
esident Donald Trump has revoked a 2023 executive order signed by his prede=
|
|
cessor that required AI companies to limit the risks that artificial intell=
|
|
igence poses to consumers, workers, and national security. [Additional cove=
|
|
rage in Reuters [https://news.risky.biz/r/089137c1?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff] and Lawfare Media [https://news.risky.biz/r/0854e4b5?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff]]
|
|
|
|
> "Large AI labs, such as Google and OpenAI, faced reporting requirements u=
|
|
nder the EO. The Biden administration intended for the US AI Safety Institu=
|
|
te=E2=80=94also a product of the EO=E2=80=94to ensure that leading AI model=
|
|
s did not pose excessive societal risks. [...] In line with the GOP platfor=
|
|
m, which called for accelerating AI research and deployment, any forthcomin=
|
|
g AI EO by the Trump Administration will likely omit safeguards related to =
|
|
privacy, misinformation, and bias."
|
|
|
|
Trump ousts CSRB members: The Trump administration has removed all non-gove=
|
|
rnment members from all DHS committees, including the Cyber Safety Review B=
|
|
oard. Six CSRB members representing private sector entities were removed, s=
|
|
uch as Heather Adkins, Dmitri Alperovitch, Rob Joyce, and Chris Krebs. The =
|
|
CSRB was founded in February 2022 and had a 14-member panel. [Additional co=
|
|
verage in Politico [https://news.risky.biz/r/c60a3d88?m=3D1a80b145-9ce5-407=
|
|
e-b496-c57050db16ff]]
|
|
|
|
|
|
Sponsor section
|
|
|
|
In this Risky Bulletin sponsor interview, Travis McPeak, the CEO and founde=
|
|
r of Resourcely, explains that companies are now realising they have a ton =
|
|
of cloud-related technical debt because of the success of cloud posture man=
|
|
agement products. Travis talks about different approaches he has seen to ta=
|
|
ckle rampant cloud misconfigurations.
|
|
|
|
|
|
|
|
https://risky.biz/RBNEWSSI68/ [https://news.risky.biz/r/1685010c?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
Arrests, cybercrime, and threat intel
|
|
|
|
Fraudster pleads guilty: A Washington man has pleaded guilty [https://news.=
|
|
risky.biz/r/20d98d26?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to his role =
|
|
in running multiple smishing campaigns that resulted in losses of almost $6=
|
|
00,000 to victims.
|
|
|
|
DrugHub leaks real IP addresses: The DrugHub has leaked the real-world IP a=
|
|
ddress on which it hosts its dark web drugs marketplace. The IP address is =
|
|
186.2.171.6 [https://news.risky.biz/r/b02faef2?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff], owned by UAE ISP IQWeb FZ-LLC.
|
|
|
|
Fake Fortinet leak installs malware: Last week, a threat actor leaked the c=
|
|
onfiguration files and login credentials of over 15,000 Fortinet firewalls.=
|
|
Now, a threat actor is using the said leak to distribute a malware-laced Z=
|
|
IP file [https://news.risky.biz/r/249d8e8a?m=3D1a80b145-9ce5-407e-b496-c570=
|
|
50db16ff] via GitHub.
|
|
|
|
Malicious Chrome extensions: Security researcher Wladimir Palant has discov=
|
|
ered 35 Chrome extensions [https://news.risky.biz/r/4258c11b?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff] that circumvent a Google ban and retrieve and e=
|
|
xecute code from remote servers. The extensions pose as VPN and ad-block-re=
|
|
lated tools but spy on users and engage in affiliate link fraud. All the ex=
|
|
tensions are still available through the official Chrome Web Store.
|
|
|
|
> "As noted last week I consider it highly problematic that Google for a lo=
|
|
ng time allowed extensions to run code they downloaded from some web server=
|
|
, an approach that Mozilla prohibited long before Google even introduced ex=
|
|
tensions to their browser."
|
|
|
|
Zendesk abuse: CloudSEK has spotted a threat actor abusing Zendesk SaaS inf=
|
|
rastructure [https://news.risky.biz/r/342112bf?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff] to mimic popular brands for phishing and online fraud operati=
|
|
ons.
|
|
|
|
Spam bomb campaigns: Threat actors are adopting spam bombs [https://news.ri=
|
|
sky.biz/r/7c28f08f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] to overwhelm w=
|
|
orkers at large corporations and then contact the target posing as their IT=
|
|
help desk. Attackers usually contact workers via Microsoft Teams by exploi=
|
|
ting a misconfiguration in the Teams platform that allows remote parties to=
|
|
call and text individuals inside private workspaces. The technique was fir=
|
|
st used last year by a Black Basta ransomware affiliate [Rapid7 [https://ne=
|
|
ws.risky.biz/r/9c9acf1a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Red Cana=
|
|
ry [https://news.risky.biz/r/23f2ab98?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff], Microsoft [https://news.risky.biz/r/e6494722?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff]] and has now spread to other groups.
|
|
|
|
|
|
Malware technical reports
|
|
|
|
Infostealer hunting guide: Israel's National Cyber Directorate has publishe=
|
|
d a guide [PDF [https://news.risky.biz/r/878df967?m=3D1a80b145-9ce5-407e-b4=
|
|
96-c57050db16ff]] for hunting infostealer malware.
|
|
|
|
ApateWeb: Validin has published new IOCs [https://news.risky.biz/r/f13a2cb0=
|
|
?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] on ApateWeb [https://news.risky.=
|
|
biz/r/095faaf8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], a botnet of hacke=
|
|
d websites that redirects users to PUP and scareware.
|
|
|
|
Qbot: Walmart's security team is raising the alarm that the Qbot (Qakbot, P=
|
|
inkslipbot) botnet is slowly rebuilding [https://news.risky.biz/r/4013ecb6?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff] its infrastructure and mounting n=
|
|
ew operations following a law enforcement takedown [https://news.risky.biz/=
|
|
r/2059e189?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] in May 2024.
|
|
|
|
Murdoc botnet: Qualys researchers have discovered a new IoT botnet used to =
|
|
carry out large-scale DDoS attacks. Named Murdoc [https://news.risky.biz/r/=
|
|
4fbbb359?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], the botnet began operat=
|
|
ing in July of last year. Qualys says the botnet was assembled by exploitin=
|
|
g unpatched vulnerabilities in AVTECH cameras and Huawei routers. Based on =
|
|
open-source intelligence, the botnet is currently running on around 1,300 d=
|
|
evices.
|
|
|
|
|
|
Sponsor section
|
|
|
|
Resourcely is releasing Campaigns, a tool for identifying and remediating v=
|
|
ulnerabilities in your existing infrastructure. Want to burn down your CSPM=
|
|
findings? Try out Campaigns [https://news.risky.biz/r/6849bffd?m=3D1a80b14=
|
|
5-9ce5-407e-b496-c57050db16ff] today!
|
|
|
|
https://news.risky.biz/r/b4f28665?m=3D1a80b145-9ce5-407e-b496-c57050db16ff
|
|
|
|
|
|
APTs, cyber-espionage, and info-ops
|
|
|
|
Lazarus' InvisibleFerret: ANY.RUN has published a report on InvisibleFerret=
|
|
[https://news.risky.biz/r/6b25766b?m=3D1a80b145-9ce5-407e-b496-c57050db16f=
|
|
f], a Python-based backdoor distributed as an npm package. The malware was =
|
|
linked to the Lazarus Group last year by Hauri [https://news.risky.biz/r/29=
|
|
e1ca4f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], PAN [https://news.risky.b=
|
|
iz/r/c020254e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], and Group-IB [http=
|
|
s://news.risky.biz/r/c8388e03?m=3D1a80b145-9ce5-407e-b496-c57050db16ff].
|
|
|
|
Operation 99: SecurityScorecard has spotted a new "fake interview" campaign=
|
|
linked to North Korean hackers. This one [https://news.risky.biz/r/a05c04b=
|
|
c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] targeted freelance Web3 and cry=
|
|
ptocurrency developers.
|
|
|
|
Donot Android malware: Security firm CyFirma has published a report on a pi=
|
|
ece of Android malware [https://news.risky.biz/r/467729dc?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff] it found in the Tanzeem Android app. The company s=
|
|
ays the malware appears to be the work of the Donot APT group.
|
|
|
|
FakeTicketer: A new cyber-espionage group named FakeTicketer [https://news.=
|
|
risky.biz/r/a39cdae9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] has targeted=
|
|
Russian government officials in a clever campaign that used fake tickets f=
|
|
or sporting events. The campaign has been going on since June of last year =
|
|
and used tickets for Russian football matches and rowing competitions to tr=
|
|
ick victims into infecting themselves with malware. The final payload was a=
|
|
new malware family named Zagrebator, consisting of a loader, RAT, and info=
|
|
stealer.
|
|
|
|
OceanLotus comeback: Chinese security firm QiAnXin reports seeing new attac=
|
|
ks [https://news.risky.biz/r/c6355e45?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff] from Vietnamese APT group OceanLotus after a period of inactivity. The=
|
|
new attacks targeted China's military, energy, and aerospace sectors.
|
|
|
|
More on the US-hacks-China report: Back in December, the Chinese CERT accus=
|
|
ed [https://news.risky.biz/r/7fe5be1a?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff] the US government of hacking two Chinese organizations. CERTCN has now=
|
|
published a tad more details [https://news.risky.biz/r/af68e2db?m=3D1a80b1=
|
|
45-9ce5-407e-b496-c57050db16ff] and IOCs, including some of the attacking I=
|
|
Ps=E2=80=94if you can call entire /16 subnets that. The organization claims=
|
|
the attacks took place during a 10:00 to 20:00 time window, from Monday to=
|
|
Friday on an Eastern US timezone. They also claim no attacks took place du=
|
|
ring US holidays.
|
|
|
|
|
|
Vulnerabilities, security research, and bug bounty
|
|
|
|
7zip patches: The 7zip team has patched [https://news.risky.biz/r/f9dcb584?=
|
|
m=3D1a80b145-9ce5-407e-b496-c57050db16ff] a bug that allowed threat actors =
|
|
to bypass the Mark-of-the-Web protection mechanism and drop "safe-looking" =
|
|
files from malicious archives.
|
|
|
|
Elastic security updates: Elastic has released security updates [https://ne=
|
|
ws.risky.biz/r/6b79eb2b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] for the E=
|
|
lasticsearch database, the Defend security system, and the Kibana UI.
|
|
|
|
Intel TDX vulnerabilities: A team of academics from the Indian Institute of=
|
|
Technology Kharagpur has discovered [https://news.risky.biz/r/6c766f53?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff] several vulnerabilities in the Int=
|
|
el Trust Domain Extensions (TDX) trusted execution environment (TEE) techno=
|
|
logy. The vulnerabilities can be used to breach the isolation between the V=
|
|
irtual Machine Manager (VMM) and Trust Domains (TDs).
|
|
|
|
> "In this work for the first time, we show through a series of experiments=
|
|
that these performance counters can also be exploited by the VMM to differ=
|
|
entiate between activities of an idle and active TD. The root cause of this=
|
|
leakage is core contention. This occurs when the VMM itself, or a process =
|
|
executed by the VMM, runs on the same core as the TD. Due to resource conte=
|
|
ntion on the core, the effects of the TD's computations become observable i=
|
|
n the performance monitors collected by the VMM. This finding underscore th=
|
|
e critical need for enhanced protections to bridge these gaps within these =
|
|
advanced virtualized environments."
|
|
|
|
|
|
Infosec industry
|
|
|
|
Threat/trend reports: Cloudflare [https://news.risky.biz/r/04a01e7e?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff], CyberInt [https://news.risky.biz/r/1c53=
|
|
b604?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Omdia [https://news.risky.b=
|
|
iz/r/d4228f61?m=3D1a80b145-9ce5-407e-b496-c57050db16ff], Recorded Future [h=
|
|
ttps://news.risky.biz/r/1e8ff73f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff],=
|
|
RIPE Labs [https://news.risky.biz/r/91434940?m=3D1a80b145-9ce5-407e-b496-c=
|
|
57050db16ff], SentinelOne [https://news.risky.biz/r/096d4aad?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff], and Trustwave [https://news.risky.biz/r/83c01c=
|
|
0e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff] have published reports and sum=
|
|
maries covering various infosec trends and industry threats.
|
|
|
|
New infosec book: VirusTotal founder Bernardo Quintero has published a book=
|
|
[https://news.risky.biz/r/849a40ac?m=3D1a80b145-9ce5-407e-b496-c57050db16f=
|
|
f] on the company's launch, growth, and up until its Google acquisition.
|
|
|
|
New tool=E2=80=94BaitRoute: Security researcher Utku Sen has released BaitR=
|
|
oute [https://news.risky.biz/r/f5e1e0e9?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff], a web honeypot library to create vulnerable-looking endpoints to de=
|
|
tect and mislead attackers.
|
|
|
|
New tool=E2=80=94Cyberbro: Cybersecurity engineer Stanislas M. has released=
|
|
Cyberbro [https://news.risky.biz/r/fa5f9105?m=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff], a tool to extract IoCs from garbage input and check their repu=
|
|
tation using multiple CTI services.
|
|
|
|
|
|
Risky Business Podcasts
|
|
|
|
In this podcast, Tom Uren and Adam Boileau talk about the continued importa=
|
|
nce of hack and leak operations. They didn't really affect the recent US pr=
|
|
esidential election, but they are still a powerful tool for vested interest=
|
|
s to influence public policy.
|
|
|
|
|
|
|
|
https://risky.biz/SRB106/ [https://news.risky.biz/r/b3d590f9?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/530c7565?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
In this edition of Between Two Nerds, Tom Uren and The Grugq talk about the=
|
|
evolution of Russian cyber operations during its invasion of Ukraine.
|
|
|
|
|
|
|
|
https://risky.biz/BTN105/ [https://news.risky.biz/r/997e0d54?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
[https://news.risky.biz/r/23026441?m=3D1a80b145-9ce5-407e-b496-c57050db16ff=
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Risky.Biz =C2=A9 2025 =E2=80=93 Unsubscribe [https://news.risky.biz/unsubsc=
|
|
ribe/?uuid=3D1a80b145-9ce5-407e-b496-c57050db16ff&key=3Db42b9394aa843f18196=
|
|
f4ef71cbb26d29e72298989fd79444a9147b6e32ee87b&newsletter=3D102a29ad-4bfc-41=
|
|
05-8645-703ba0268482]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
=C2=A0
|
|
|
|
|
|
|
|
|
|
|
|
--a1b2450c7c69da15f22f678701286b2b9fdf5a64ba695a8bed3f7a8725e7
|
|
Content-Type: text/html; charset="utf-8"
|
|
Content-Transfer-Encoding: quoted-printable
|
|
|
|
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<meta name=3D"viewport" content=3D"width=3Ddevice-width">
|
|
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DU=
|
|
TF-8">
|
|
<!--[if mso]><xml><o:OfficeDocumentSettings><o:PixelsPerInch>96</o:=
|
|
PixelsPerInch><o:AllowPNG/></o:OfficeDocumentSettings></xml><![endif]-->
|
|
<title>Risky Bulletin: Threat actor impersonates FSB APT for months=
|
|
to target Russian orgs</title>
|
|
<style>
|
|
=2Epost-title-link {
|
|
display: block;
|
|
margin-top: 32px;
|
|
color: #15212A;
|
|
text-align: center;
|
|
line-height: 1.1em;
|
|
}
|
|
=2Epost-title-link-left {
|
|
text-align: left;
|
|
}
|
|
=2Eview-online-link {
|
|
word-wrap: none;
|
|
white-space: nowrap;
|
|
color: #738a94;
|
|
text-decoration: underline !important;
|
|
}
|
|
=2Ekg-nft-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 14px;
|
|
line-height: 1.3em;
|
|
padding-top: 4px;
|
|
padding-right: 20px;
|
|
padding-left: 20px;
|
|
padding-bottom: 4px;
|
|
}
|
|
=2Ekg-twitter-link {
|
|
display: block;
|
|
text-decoration: none !important;
|
|
color: #15212A !important;
|
|
font-family: inherit !important;
|
|
font-size: 15px;
|
|
padding: 8px;
|
|
line-height: 1.3em;
|
|
}
|
|
=2Ekg-audio-link {
|
|
color: #738a94 !important;
|
|
}
|
|
@media only screen and (max-width: 620px) {
|
|
table.body {
|
|
width: 100%;
|
|
min-width: 100%;
|
|
}
|
|
|
|
.hide-mobile {
|
|
display: none;
|
|
}
|
|
|
|
.mobile-only {
|
|
display: initial !important;
|
|
}
|
|
|
|
.hide-desktop {
|
|
display: initial !important;
|
|
}
|
|
|
|
.desktop-only {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body p,
|
|
table.body ul,
|
|
table.body ol,
|
|
table.body td {
|
|
font-size: 16px;
|
|
}
|
|
|
|
table.body .post-excerpt {
|
|
font-size: 16px !important;
|
|
}
|
|
|
|
table.body .kg-callout-card {
|
|
padding: 16px 24px !important;
|
|
}
|
|
|
|
table.body .kg-callout-text {
|
|
font-size: 16px !important;
|
|
line-height: 1.5em !important;
|
|
}
|
|
|
|
table.body pre {
|
|
white-space: pre-wrap !important;
|
|
word-break: break-word !important;
|
|
}
|
|
|
|
table.body .content {
|
|
padding: 0 !important;
|
|
}
|
|
|
|
table.body .container {
|
|
padding: 0 !important;
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .main {
|
|
border-spacing: 10px 0 !important;
|
|
border-left-width: 0 !important;
|
|
border-radius: 0 !important;
|
|
border-right-width: 0 !important;
|
|
}
|
|
|
|
table.body .btn table {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .btn a {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .img-responsive {
|
|
height: auto !important;
|
|
max-width: 100% !important;
|
|
width: auto !important;
|
|
}
|
|
|
|
table.body .site-icon {
|
|
padding-top: 0 !important;
|
|
}
|
|
|
|
table.body .site-info {
|
|
padding-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-title-link {
|
|
margin-top: 24px !important;
|
|
}
|
|
|
|
table.body .post-meta-wrapper {
|
|
padding-bottom: 24px !important;
|
|
}
|
|
|
|
table.body .site-icon img {
|
|
width: 36px !important;
|
|
height: 36px !important;
|
|
}
|
|
|
|
table.body .site-url a {
|
|
font-size: 13px !important;
|
|
padding-bottom: 16px !important;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .post-meta-date {
|
|
white-space: normal !important;
|
|
font-size: 13px !important;
|
|
line-height: 1.2em;
|
|
}
|
|
|
|
table.body .post-meta,
|
|
table.body .view-online {
|
|
width: 100% !important;
|
|
}
|
|
|
|
table.body .post-meta-left,
|
|
table.body .post-meta-left.view-online {
|
|
width: 100% !important;
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online-mobile {
|
|
display: table-row !important;
|
|
}
|
|
|
|
table.body .post-meta-left.view-online-mobile,
|
|
table.body .post-meta-left.view-online-mobile .view-online {
|
|
text-align: left !important;
|
|
}
|
|
|
|
table.body .post-meta.view-online.desktop {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .view-online {
|
|
text-decoration: underline;
|
|
}
|
|
|
|
table.body .footer p,
|
|
table.body .footer p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .view-online-link,
|
|
table.body .footer,
|
|
table.body .footer a {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .post-title a {
|
|
font-size: 26px !important;
|
|
line-height: 1.1em !important;
|
|
}
|
|
|
|
table.feedback-buttons {
|
|
display: table !important;
|
|
width: 100% !important;
|
|
max-width: 390px;
|
|
}
|
|
|
|
table.feedback-buttons img {
|
|
display: inherit !important;
|
|
}
|
|
|
|
table.body .feedback-button-text {
|
|
display: none!important;
|
|
}
|
|
|
|
table.body .latest-posts-header {
|
|
font-size: 12px !important;
|
|
}
|
|
|
|
table.body .latest-post-title {
|
|
padding-right: 8px !important;
|
|
}
|
|
|
|
table.body .latest-post h4,
|
|
table.body .latest-post h4 span {
|
|
padding: 4px 0 6px !important;
|
|
font-size: 15px !important;
|
|
}
|
|
|
|
table.body .latest-post-excerpt,
|
|
table.body .latest-post-excerpt a,
|
|
table.body .latest-post-excerpt span {
|
|
font-size: 13px !important;
|
|
line-height: 1.2 !important;
|
|
}
|
|
|
|
table.body .subscription-box h3 {
|
|
font-size: 14px !important;
|
|
}
|
|
|
|
table.body .subscription-box p,
|
|
table.body .subscription-box p span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details,
|
|
table.body .manage-subscription {
|
|
display: inline-block;
|
|
width: 100%;
|
|
text-align: left !important;
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .subscription-details {
|
|
padding-bottom: 12px;
|
|
}
|
|
|
|
table.body .kg-bookmark-card {
|
|
width: 90vw;
|
|
}
|
|
|
|
table.body .kg-bookmark-thumbnail {
|
|
display: none !important;
|
|
}
|
|
|
|
table.body .kg-bookmark-metadata span {
|
|
font-size: 13px !important;
|
|
}
|
|
|
|
table.body .kg-embed-card {
|
|
max-width: 90vw !important;
|
|
}
|
|
|
|
table.body h1 {
|
|
font-size: 32px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h2,
|
|
table.body h2 span {
|
|
font-size: 26px !important;
|
|
line-height: 1.22em !important;
|
|
}
|
|
|
|
table.body h3 {
|
|
font-size: 21px !important;
|
|
line-height: 1.25em !important;
|
|
}
|
|
|
|
table.body h4 {
|
|
font-size: 19px !important;
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
table.body h5 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body h6 {
|
|
font-size: 16px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote {
|
|
font-size: 16px !important;
|
|
line-height: 1.6em;
|
|
margin-bottom: 0;
|
|
}
|
|
|
|
table.body blockquote p {
|
|
margin-right: 15px !important;
|
|
margin-left: 15px !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt {
|
|
border-left: 0 none !important;
|
|
margin: 0 !important;
|
|
font-size: 18px !important;
|
|
line-height: 1.4em !important;
|
|
}
|
|
|
|
table.body blockquote.kg-blockquote-alt p {
|
|
margin-right: 20px !important;
|
|
margin-left: 20px !important;
|
|
}
|
|
|
|
table.body hr {
|
|
margin: 2em 0 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 span {
|
|
font-size: inherit !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-content {
|
|
padding-top: 64px !important;
|
|
padding-bottom: 64px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-image + .kg-header-card-=
|
|
content {
|
|
padding-top: 52px !important;
|
|
padding-bottom: 52px !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-heading {
|
|
font-size: 2.2em !important;
|
|
line-height: 1.1 !important;
|
|
}
|
|
|
|
table.body .kg-header-card.kg-v2 .kg-header-card-subheading {
|
|
line-height: 1.3em !important;
|
|
}
|
|
|
|
.feature-image-caption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption {
|
|
font-size: 13px!important;
|
|
}
|
|
|
|
.kg-card-figcaption p,
|
|
=2Ekg-card-figcaption p span {
|
|
font-size: 13px!important;
|
|
}
|
|
}
|
|
@media all {
|
|
.subscription-details p.hidden {
|
|
display: none !important;
|
|
}
|
|
|
|
.ExternalClass {
|
|
width: 100%;
|
|
}
|
|
|
|
.ExternalClass,
|
|
=2EExternalClass p,
|
|
=2EExternalClass span,
|
|
=2EExternalClass font,
|
|
=2EExternalClass td,
|
|
=2EExternalClass div {
|
|
line-height: 100%;
|
|
}
|
|
|
|
.apple-link a {
|
|
color: inherit !important;
|
|
font-family: inherit !important;
|
|
font-size: inherit !important;
|
|
font-weight: inherit !important;
|
|
line-height: inherit !important;
|
|
text-decoration: none !important;
|
|
}
|
|
|
|
#MessageViewBody a {
|
|
color: inherit;
|
|
text-decoration: none;
|
|
font-size: inherit;
|
|
font-family: inherit;
|
|
font-weight: inherit;
|
|
line-height: inherit;
|
|
}
|
|
|
|
.btn-primary table td:hover {
|
|
background-color: #34495e !important;
|
|
}
|
|
|
|
.btn-primary a:hover {
|
|
background-color: #34495e !important;
|
|
border-color: #34495e !important;
|
|
}
|
|
}
|
|
</style>
|
|
</head>
|
|
<body style=3D"background-color: #fff; font-family: -apple-system, Blin=
|
|
kMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, &=
|
|
#39;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol&=
|
|
#39;; -webkit-font-smoothing: antialiased; font-size: 18px; line-height: 1.=
|
|
4; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adj=
|
|
ust: 100%; color: #15212A;"><img width=3D"1" height=3D"1" alt=3D"" src=3D"h=
|
|
ttp://email.m.ghost.io/o/eJwsjstuwyAQAL8m3Gztg8dy2I8BFscoTqlcp-rnV416HM0cxj=
|
|
RVayiuKyZOgViQXX-WcSzDNKYMQqH4zlsMAICRqJm4XXErEK2Qt-zNb9lH3qLEbjlmTrW4oQQUA=
|
|
IkgMEBaqTYTaUxJOPfONw_P9b7Pr2sd0516lM953jxcr_OjlvbYZ_lZh7lL39HyvnKX1mPeFwSP=
|
|
KOEPX8fj330r_QYAAP__lxQ9Ag">
|
|
<span class=3D"preheader" style=3D"color: transparent; display: non=
|
|
e; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; ms=
|
|
o-hide: all; visibility: hidden; width: 0;">In other news: HPE investigates=
|
|
breach; Trump guts the CSRB; malicious Chrome extensions found on the Web =
|
|
Store.</span>
|
|
<table role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspa=
|
|
cing=3D"0" class=3D"body" width=3D"100%" style=3D"border-collapse: separate=
|
|
; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #fff; wid=
|
|
th: 100%;" bgcolor=3D"#fff">
|
|
<!-- Outlook doesn't respect max-width so we need an extra cent=
|
|
ered table -->
|
|
<!--[if mso]>
|
|
<tr>
|
|
<td>
|
|
<center>
|
|
<table border=3D"0" cellpadding=3D"0" cellspacing=
|
|
=3D"0" width=3D"600">
|
|
<![endif]-->
|
|
<tr>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
<td class=3D"container" style=3D"font-family: -apple-system=
|
|
, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-se=
|
|
rif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI S=
|
|
ymbol'; font-size: 18px; vertical-align: top; color: #15212A; display: =
|
|
block; max-width: 600px; margin: 0 auto;" valign=3D"top">
|
|
<div class=3D"content" style=3D"box-sizing: border-box;=
|
|
display: block; margin: 0 auto; max-width: 600px;">
|
|
<!-- START CENTERED WHITE CONTAINER -->
|
|
<table role=3D"presentation" border=3D"0" cellpaddi=
|
|
ng=3D"0" cellspacing=3D"0" class=3D"main" width=3D"100%" style=3D"border-co=
|
|
llapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background:=
|
|
#ffffff; border-radius: 3px; border-spacing: 20px 0; width: 100%;">
|
|
|
|
<!-- START MAIN CONTENT AREA -->
|
|
<tr>
|
|
<td class=3D"wrapper" style=3D"font-family:=
|
|
-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, =
|
|
Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', &=
|
|
#39;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #152=
|
|
12A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;">
|
|
|
|
<tr class=3D"site-info-row">
|
|
<td class=3D"site-info" wid=
|
|
th=3D"100%" align=3D"center" style=3D"font-family: -apple-system, BlinkMacS=
|
|
ystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'A=
|
|
pple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol';=
|
|
font-size: 18px; vertical-align: top; color: #15212A; padding-top: 32px;" =
|
|
valign=3D"top">
|
|
<table role=3D"presenta=
|
|
tion" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" style=3D"border-coll=
|
|
apse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"=
|
|
width=3D"100%">
|
|
<tr>
|
|
<td class=
|
|
=3D"site-icon" style=3D"font-family: -apple-system, BlinkMacSystemFont, =
|
|
9;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emo=
|
|
ji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18=
|
|
px; vertical-align: top; color: #15212A; padding-bottom: 8px; padding-top: =
|
|
8px; text-align: center; border-radius: 3px;" valign=3D"top" align=3D"cente=
|
|
r"><a href=3D"https://news.risky.biz/r/c151a9b8?m=3D1a80b145-9ce5-407e-b496=
|
|
-c57050db16ff" style=3D"color: #727272; text-decoration: none; overflow-wra=
|
|
p: anywhere;" target=3D"_blank"><img src=3D"https://news.risky.biz/content/=
|
|
images/2024/01/rbicon.png" alt=3D"Risky.Biz" border=3D"0" width=3D"44" heig=
|
|
ht=3D"44" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width=
|
|
: 100%; width: 44px; height: 44px; border-radius: 3px;"></a></td>
|
|
</tr>
|
|
<tr>
|
|
<td class=
|
|
=3D"site-url site-url-bottom-padding" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 16px; letter-spac=
|
|
ing: -0.1px; font-weight: 700; text-transform: uppercase; text-align: cente=
|
|
r; padding-bottom: 12px;" valign=3D"top" align=3D"center"><div style=3D"wid=
|
|
th: 100% !important;"><a href=3D"https://news.risky.biz/r/f6622b91?m=3D1a80=
|
|
b145-9ce5-407e-b496-c57050db16ff" class=3D"site-title" style=3D"text-decora=
|
|
tion: none; color: #15212A; overflow-wrap: anywhere;" target=3D"_blank">Ris=
|
|
ky Business News</a></div></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td class=3D"post-title pos=
|
|
t-title-with-excerpt post-title-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #15212A; font-size: 36px; line-height=
|
|
: 1.1em; font-weight: 700; padding-bottom: 8px; text-align: left;" valign=
|
|
=3D"top" align=3D"left">
|
|
<a href=3D"https://news=
|
|
=2Erisky.biz/r/6b251602?m=3D1a80b145-9c=
|
|
e5-407e-b496-c57050db16ff" class=3D"po=
|
|
st-title-link post-title-link-left" style=3D"text-decoration: none; display=
|
|
: block; margin-top: 32px; color: #15212A; line-height: 1.1em; text-align: =
|
|
left; overflow-wrap: anywhere;" target=3D"_blank">Risky Bulletin: Threat ac=
|
|
tor impersonates FSB APT for months to target Russian orgs</a>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td style=3D"font-family: -=
|
|
apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Ar=
|
|
ial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', =
|
|
9;Segoe UI Symbol'; font-size: 18px; vertical-align: top; color: #15212=
|
|
A; width: 100%;" width=3D"100%" valign=3D"top">
|
|
<table class=3D"post-me=
|
|
ta-wrapper" role=3D"presentation" border=3D"0" cellpadding=3D"0" cellspacin=
|
|
g=3D"0" width=3D"100%" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; padding-bottom: 32px;">
|
|
<tr>
|
|
<td height=3D"2=
|
|
0" class=3D"post-meta post-meta-left" style=3D"font-family: -apple-system, =
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-seri=
|
|
f, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sym=
|
|
bol'; vertical-align: top; color: #738a94; font-size: 13px; font-weight=
|
|
: 400; text-align: left; padding: 0;" valign=3D"top" align=3D"left">
|
|
By Catalin =
|
|
Cimpanu • <span class=3D"post-meta-date" style=3D"white-space: nowra=
|
|
p;">22 Jan 2025 </span>
|
|
</td>
|
|
<td class=3D"po=
|
|
st-meta post-meta-left view-online desktop" style=3D"font-family: -apple-sy=
|
|
stem, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, san=
|
|
s-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe =
|
|
UI Symbol'; vertical-align: top; color: #738a94; font-size: 13px; font-=
|
|
weight: 400; text-align: right;" valign=3D"top" align=3D"right">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/ae08e97e?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
<tr class=3D"post-m=
|
|
eta post-meta-left view-online-mobile" style=3D"color: #738a94; font-size: =
|
|
13px; font-weight: 400; text-align: left; display: none;" align=3D"left">
|
|
<td height=3D"2=
|
|
0" class=3D"view-online" style=3D"font-family: -apple-system, BlinkMacSyste=
|
|
mFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple=
|
|
Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; ver=
|
|
tical-align: top; color: #738a94; font-size: 13px; font-weight: 400; text-a=
|
|
lign: center;" valign=3D"top" align=3D"center">
|
|
<a href=3D"=
|
|
https://news.risky.biz/r/2ac96d1c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff"=
|
|
class=3D"view-online-link" style=3D"word-wrap: none; white-space: nowrap; =
|
|
color: #738a94; overflow-wrap: anywhere; text-decoration: underline;" targe=
|
|
t=3D"_blank">View in browser</a>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<tr class=3D"post-content-row">
|
|
<td class=3D"post-content-sans-=
|
|
serif" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe =
|
|
UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji',=
|
|
'Segoe UI Emoji', 'Segoe UI Symbol'; vertical-align: top; =
|
|
font-size: 17px; line-height: 1.5em; color: #15212A; padding-bottom: 20px; =
|
|
border-bottom: 1px solid #e5eff5; max-width: 600px;" valign=3D"top">
|
|
<!-- POST CONTENT START -->
|
|
<p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;"><em>This new=
|
|
sletter is brought to you by </em></strong><a href=3D"https://news.ris=
|
|
ky.biz/r/105e8f59?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overfl=
|
|
ow-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_=
|
|
blank"><strong style=3D"font-weight: 700;"><em>Resourcely</em></strong></a>=
|
|
<strong style=3D"font-weight: 700;"><em>, the company that can help you man=
|
|
age Terraform securely. You can subscribe to an audio version of this newsl=
|
|
etter as a podcast by searching for "Risky Business" in your podc=
|
|
atcher or subscribing via </em></strong><a href=3D"https://news.risky.biz/r=
|
|
/762c91c5?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap:=
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"><=
|
|
strong style=3D"font-weight: 700;"><em>this RSS feed</em></strong></a><stro=
|
|
ng style=3D"font-weight: 700;"><em>. </em></strong></p><div class=3D"kg-car=
|
|
d kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/RBNEWS379.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/RBNEWS379/">R=
|
|
isky Bulletin: Trump guts the Cyber Safety Review Board</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Risky Bulletin: Trum=
|
|
p guts the Cyber Safety Review Board",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/4f3748e8?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/RBNEWS379/</span></a></p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6=
|
|
em;">A cyber-espionage group has mimicked the tactics of an FSB-linked APT =
|
|
to target Russian organizations for months.</p><p style=3D"margin: 0 0 1.5e=
|
|
m 0; line-height: 1.6em;">Named <strong style=3D"font-weight: 700;">GamaCop=
|
|
y</strong> (or <em>Core Werewolf</em>), the group emulated the tactics of G=
|
|
amaredon (or <em>Armageddon</em>), a cyber-espionage group operated by the =
|
|
Russian FSB intelligence agency from the occupied region of Crimea.</p><p s=
|
|
tyle=3D"margin: 0 0 1.5em 0; line-height: 1.6em;">The group's false fla=
|
|
g attacks have been taking place since June of last year. The campaign has =
|
|
tricked several security vendors who misattributed attacks to Gamaredon, ac=
|
|
cording to a <a href=3D"https://news.risky.biz/r/b9d8c3ef?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; =
|
|
text-decoration: underline;" target=3D"_blank">report</a> from Chinese secu=
|
|
rity firm <em>Knownsec 404</em>.</p><p style=3D"margin: 0 0 1.5em 0; line-h=
|
|
eight: 1.6em;">The spear-phishing campaigns have used military-related lure=
|
|
s to target individuals in Russia's defense and critical infrastructure=
|
|
sectors and trick them into extracting malicious 7zip archive files.</p><b=
|
|
lockquote style=3D"margin: 0; padding: 0; border-left: #727272 2px solid; f=
|
|
ont-size: 17px; font-weight: 500; line-height: 1.6em; letter-spacing: -0.2p=
|
|
x;"><p style=3D"line-height: 1.6em; margin: 2em 25px; font-size: 1em; paddi=
|
|
ng: 0;"><em>"Obviously, this is a successful false flag operation by t=
|
|
he organization that has deceived some vendors who have not conducted in-de=
|
|
pth analysis."</em></p></blockquote><p style=3D"margin: 0 0 1.5em 0; l=
|
|
ine-height: 1.6em;">Knownsec 404 has not made a formal attribution for Gama=
|
|
Copy, and neither have the Russian security vendors who previously covered =
|
|
past campaigns, such as <a href=3D"https://news.risky.biz/r/beba062d?m=3D1a=
|
|
80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color=
|
|
: #727272; text-decoration: underline;" target=3D"_blank">BI.ZONE</a>, <a h=
|
|
ref=3D"https://news.risky.biz/r/0e8d70a7?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: =
|
|
underline;" target=3D"_blank">FACCT</a>, and <a href=3D"https://news.risky.=
|
|
biz/r/f5199d90?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-=
|
|
wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_bla=
|
|
nk">Kaspersky</a>.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"=
|
|
>While Ukraine would seem an easy source of origin for the attacks, both Ch=
|
|
ina and North Korea have been just as active in spying on Russian defense o=
|
|
rgs over the past two years as the Ukrainians, so it's not as clear as =
|
|
it may look.</p><h3 id=3D"risky-business-podcasts" style=3D"margin-top: 0; =
|
|
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto,=
|
|
Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI E=
|
|
moji', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700=
|
|
; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 2=
|
|
6px;"><strong style=3D"font-weight: 800;"><em>Risky Business Podcasts</em><=
|
|
/strong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>Risk=
|
|
y Business is now on YouTube with video versions of our main podcasts. Belo=
|
|
w is our latest weekly show with Pat and Adam at the helm!</em></p><div cla=
|
|
ss=3D"kg-card kg-embed-card" style=3D"margin: 0 0 1.5em; padding: 0;"><!--[=
|
|
if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
6eaca967?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/pJr2K9mCW-s/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/pJr2K9mCW-s/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DpJr2K9mCW-s" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/pJr2K9mCW-s/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><hr style=3D"position: relative; display: blo=
|
|
ck; width: 100%; margin: 3em 0; padding: 0; height: 1px; border: 0; border-=
|
|
top: 1px solid #e5eff5;"><h3 id=3D"breaches-hacks-and-security-incidents" s=
|
|
tyle=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, '=
|
|
;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
|
|
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1=
|
|
=2E11em; font-weight: 700; text-renderi=
|
|
ng: optimizeLegibility; margin: 1.5em=20=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Breaches, =
|
|
hacks, and security incidents</strong></h3><p style=3D"margin: 0 0 1.5em 0;=
|
|
line-height: 1.6em;"><strong style=3D"font-weight: 700;">Rostelecom attack=
|
|
:</strong> The Russian government <a href=3D"https://news.risky.biz/r/286c5=
|
|
822?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywh=
|
|
ere; color: #727272; text-decoration: underline;" target=3D"_blank">says</a=
|
|
> that a threat actor has hacked one of Rostelecom's contractors but th=
|
|
at the incident did not impact the activity of the government's Gosuslu=
|
|
gi e-portal. A hacking group named Silent Crow has breached and leaked data=
|
|
from several of Rostelecom's online portals. The <a href=3D"https://ne=
|
|
ws.risky.biz/r/e96dc4b3?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"=
|
|
overflow-wrap: anywhere; color: #727272; text-decoration: underline;" targe=
|
|
t=3D"_blank">Russian company</a> and the <a href=3D"https://news.risky.biz/=
|
|
r/cff3edef?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap=
|
|
: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">=
|
|
Russian government</a> have confirmed the hack and blamed the breach on one=
|
|
of Rostelecom's contractors. Rostelecom manages Russia's e-governm=
|
|
ent portal known as the Gosuslugi. Rostelecom says the leaked data is not s=
|
|
ensitive in nature and did not impact Gosuslugi in any way. This is Silent =
|
|
Crow's second major hack this year after it <a href=3D"https://news.ris=
|
|
ky.biz/r/614e9ba6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overfl=
|
|
ow-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_=
|
|
blank">also breached</a> Russia's State Registration, Cadastre, and Car=
|
|
tography agency, the Rosreestr.</p><p style=3D"margin: 0 0 1.5em 0; line-he=
|
|
ight: 1.6em;"><strong style=3D"font-weight: 700;">HPE investigates breach:<=
|
|
/strong> American tech giant HPE is investigating a possible security breac=
|
|
h after a threat actor started advertising a batch of data allegedly stolen=
|
|
from its servers. The hacker claims to have stolen old user data and sourc=
|
|
e code for the Zerto & iLO products. The threat actor is named IntelBro=
|
|
ker, the same individual who breached Cisco's DevHub portal at the end =
|
|
of last year. [<em>Additional coverage in </em><a href=3D"https://news.risk=
|
|
y.biz/r/26240805?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflo=
|
|
w-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_b=
|
|
lank"><em>SecurityWeek</em></a>]</p><div class=3D"kg-card kg-image-card" st=
|
|
yle=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/c=
|
|
ontent/images/2025/01/HPE.png" class=3D"kg-image" alt loading=3D"lazy" widt=
|
|
h=3D"600" height=3D"380" style=3D"border: none; -ms-interpolation-mode: bic=
|
|
ubic; max-width: 100%; display: block; margin: 0 auto; height: auto; width:=
|
|
auto;"></div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">Carrefour leak:</strong> On the same note, a t=
|
|
hreat actor is also claiming to have breached French retail giant Carrefour=
|
|
=2E This one's unconfirmed at the=20=
|
|
time of writing.</p><div class=3D"kg-ca=
|
|
rd kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"http=
|
|
s://news.risky.biz/content/images/2025/01/CArrefour.png" class=3D"kg-image"=
|
|
alt loading=3D"lazy" width=3D"600" height=3D"284" style=3D"border: none; -=
|
|
ms-interpolation-mode: bicubic; max-width: 100%; display: block; margin: 0 =
|
|
auto; height: auto; width: auto;"></div><h3 id=3D"general-tech-and-privacy"=
|
|
style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, &#=
|
|
39;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Em=
|
|
oji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height:=
|
|
1.11em; font-weight: 700; text-rendering: optimizeLegibility; margin: 1.5e=
|
|
m 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">General =
|
|
tech and privacy</strong></h3><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><strong style=3D"font-weight: 700;">Douyin takes down restrictions=
|
|
:</strong> Douyin, the name of the Chinese version of TikTok, has removed r=
|
|
estrictions on the use of foreign phone numbers to register accounts. This =
|
|
means that international users can now apply and browse the Chinese version=
|
|
of TikTok. [<em>Additional coverage in </em><a href=3D"https://news.risky.=
|
|
biz/r/b1cbf461?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-=
|
|
wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_bla=
|
|
nk"><em>Tech In Asia</em></a>]</p><p style=3D"margin: 0 0 1.5em 0; line-hei=
|
|
ght: 1.6em;"><strong style=3D"font-weight: 700;">CoDCW anti-cheat:</strong>=
|
|
A reverse engineer known as ssno has <a href=3D"https://news.risky.biz/r/b=
|
|
847a54d?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: a=
|
|
nywhere; color: #727272; text-decoration: underline;" target=3D"_blank">rev=
|
|
erse-engineered</a> the anti-cheat system used by the Call of Duty: Cold Wa=
|
|
r game.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong st=
|
|
yle=3D"font-weight: 700;">RPKI ROA coverage:</strong> According to <a href=
|
|
=3D"https://news.risky.biz/r/7fac4001?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">RIPE Labs</a>, more than half of both the IPv4 a=
|
|
nd IPv6 routes in the global routing system are covered by <a href=3D"https=
|
|
://news.risky.biz/r/ce095039?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">RPKI ROAs</a> (~ 54%).</p><h3 id=3D"government-politics-a=
|
|
nd-policy" style=3D"margin-top: 0; font-family: -apple-system, BlinkMacSyst=
|
|
emFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Appl=
|
|
e Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; li=
|
|
ne-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibility; ma=
|
|
rgin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;=
|
|
">Government, politics, and policy</strong></h3><p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">Trump revoke=
|
|
s Biden's AI executive order:</strong> Hours after being sworn in, US P=
|
|
resident Donald Trump has revoked a 2023 executive order signed by his pred=
|
|
ecessor that required AI companies to limit the risks that artificial intel=
|
|
ligence poses to consumers, workers, and national security. [<em>Additional=
|
|
coverage in </em><a href=3D"https://news.risky.biz/r/089137c1?m=3D1a80b145=
|
|
-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727=
|
|
272; text-decoration: underline;" target=3D"_blank"><em>Reuters</em></a><em=
|
|
> and </em><a href=3D"https://news.risky.biz/r/0854e4b5?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; te=
|
|
xt-decoration: underline;" target=3D"_blank"><em>Lawfare Media</em></a>]</p=
|
|
><blockquote style=3D"margin: 0; padding: 0; border-left: #727272 2px solid=
|
|
; font-size: 17px; font-weight: 500; line-height: 1.6em; letter-spacing: -0=
|
|
=2E2px;"><p style=3D"line-height: 1.6em;=
|
|
margin: 2em 25px; font-size: 1em; pa=
|
|
dding: 0;"><em>"Large AI labs, such as Google and OpenAI, faced report=
|
|
ing requirements under the EO. The Biden administration intended for the US=
|
|
AI Safety Institute—also a product of the EO—to ensure that =
|
|
leading AI models did not pose excessive societal risks. [...] In line with=
|
|
the GOP platform, which called for accelerating AI research and deployment=
|
|
, any forthcoming AI EO by the Trump Administration will likely omit safegu=
|
|
ards related to privacy, misinformation, and bias."</em></p></blockquo=
|
|
te><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"f=
|
|
ont-weight: 700;">Trump ousts CSRB members:</strong> The Trump administrati=
|
|
on has removed all non-government members from all DHS committees, includin=
|
|
g the Cyber Safety Review Board. Six CSRB members representing private sect=
|
|
or entities were removed, such as Heather Adkins, Dmitri Alperovitch, Rob J=
|
|
oyce, and Chris Krebs. The CSRB was founded in February 2022 and had a 14-m=
|
|
ember panel. [<em>Additional coverage in </em><a href=3D"https://news.risky=
|
|
=2Ebiz/r/c60a3d88?m=3D1a80b145-9ce5-407=
|
|
e-b496-c57050db16ff" style=3D"overflow=
|
|
-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_bl=
|
|
ank"><em>Politico</em></a>]</p><div class=3D"kg-card kg-image-card" style=
|
|
=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D"https://news.risky.biz/cont=
|
|
ent/images/2025/01/Dustin.png" class=3D"kg-image" alt loading=3D"lazy" widt=
|
|
h=3D"592" height=3D"244" style=3D"border: none; -ms-interpolation-mode: bic=
|
|
ubic; max-width: 100%; display: block; margin: 0 auto; height: auto; width:=
|
|
auto;"></div><h3 id=3D"sponsor-section" style=3D"margin-top: 0; font-famil=
|
|
y: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica=
|
|
, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji',=
|
|
'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-ren=
|
|
dering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><str=
|
|
ong style=3D"font-weight: 800;"><em>Sponsor section</em></strong></h3><p st=
|
|
yle=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>In this Risky Bulletin=
|
|
sponsor interview, Travis McPeak, the CEO and founder of Resourcely, expla=
|
|
ins that companies are now realising they have a ton of cloud-related techn=
|
|
ical debt because of the success of cloud posture management products. Trav=
|
|
is talks about different approaches he has seen to tackle rampant cloud mis=
|
|
configurations.</em></p><div class=3D"kg-card kg-embed-card" style=3D"margi=
|
|
n: 0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/RBNEWSSI68.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/RBNEWSSI68/">=
|
|
Sponsored: The tidal wave of cloud technical debt</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Sponsored: The tidal=
|
|
wave of cloud technical debt",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/1685010c?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/RBNEWSSI68/</span></a></p><h3 id=3D"arrests-cybercrime-and-threat-intel" s=
|
|
tyle=3D"margin-top: 0; font-family: -apple-system, BlinkMacSystemFont, '=
|
|
;Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoj=
|
|
i', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 1=
|
|
=2E11em; font-weight: 700; text-renderi=
|
|
ng: optimizeLegibility; margin: 1.5em=20=
|
|
0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight: 800;">Arrests, c=
|
|
ybercrime, and threat intel</strong></h3><p style=3D"margin: 0 0 1.5em 0; l=
|
|
ine-height: 1.6em;"><strong style=3D"font-weight: 700;">Fraudster pleads gu=
|
|
ilty:</strong> A Washington man has <a href=3D"https://news.risky.biz/r/20d=
|
|
98d26?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: any=
|
|
where; color: #727272; text-decoration: underline;" target=3D"_blank">plead=
|
|
ed guilty</a> to his role in running multiple smishing campaigns that resul=
|
|
ted in losses of almost $600,000 to victims.</p><p style=3D"margin: 0 0 1.5=
|
|
em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">DrugHub leak=
|
|
s real IP addresses:</strong> The DrugHub has leaked the real-world IP addr=
|
|
ess on which it hosts its dark web drugs marketplace. The IP address is <a =
|
|
href=3D"https://news.risky.biz/r/b02faef2?m=3D1a80b145-9ce5-407e-b496-c5705=
|
|
0db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration:=
|
|
underline;" target=3D"_blank">186.2.171.6</a>, owned by UAE ISP IQWeb FZ-L=
|
|
LC.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=
|
|
=3D"font-weight: 700;">Fake Fortinet leak installs malware:</strong> Last w=
|
|
eek, a threat actor leaked the configuration files and login credentials of=
|
|
over 15,000 Fortinet firewalls. Now, a threat actor is using the said leak=
|
|
to distribute a <a href=3D"https://news.risky.biz/r/249d8e8a?m=3D1a80b145-=
|
|
9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #7272=
|
|
72; text-decoration: underline;" target=3D"_blank">malware-laced ZIP file</=
|
|
a> via GitHub.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><st=
|
|
rong style=3D"font-weight: 700;">Malicious Chrome extensions: </strong>Secu=
|
|
rity researcher Wladimir Palant has discovered <a href=3D"https://news.risk=
|
|
y.biz/r/4258c11b?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflo=
|
|
w-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_b=
|
|
lank">35 Chrome extensions</a> that circumvent a Google ban and retrieve an=
|
|
d execute code from remote servers. The extensions pose as VPN and ad-block=
|
|
-related tools but spy on users and engage in affiliate link fraud. All the=
|
|
extensions are still available through the official Chrome Web Store.</p><=
|
|
blockquote style=3D"margin: 0; padding: 0; border-left: #727272 2px solid; =
|
|
font-size: 17px; font-weight: 500; line-height: 1.6em; letter-spacing: -0.2=
|
|
px;"><p style=3D"line-height: 1.6em; margin: 2em 25px; font-size: 1em; padd=
|
|
ing: 0;"><em>"As noted last week I consider it highly problematic that=
|
|
Google for a long time allowed extensions to run code they downloaded from=
|
|
some web server, an approach that Mozilla prohibited long before Google ev=
|
|
en introduced extensions to their browser."</em></p></blockquote><p st=
|
|
yle=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weig=
|
|
ht: 700;">Zendesk abuse:</strong> CloudSEK has spotted a threat actor <a hr=
|
|
ef=3D"https://news.risky.biz/r/342112bf?m=3D1a80b145-9ce5-407e-b496-c57050d=
|
|
b16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: u=
|
|
nderline;" target=3D"_blank">abusing Zendesk SaaS infrastructure</a> to mim=
|
|
ic popular brands for phishing and online fraud operations.</p><p style=3D"=
|
|
margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700=
|
|
;">Spam bomb campaigns:</strong> Threat actors are <a href=3D"https://news.=
|
|
risky.biz/r/7c28f08f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"ove=
|
|
rflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank">adopting spam bombs</a> to overwhelm workers at large corporati=
|
|
ons and then contact the target posing as their IT help desk. Attackers usu=
|
|
ally contact workers via Microsoft Teams by exploiting a misconfiguration i=
|
|
n the Teams platform that allows remote parties to call and text individual=
|
|
s inside private workspaces. The technique was first used last year by a Bl=
|
|
ack Basta ransomware affiliate [<a href=3D"https://news.risky.biz/r/9c9acf1=
|
|
a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywher=
|
|
e; color: #727272; text-decoration: underline;" target=3D"_blank"><em>Rapid=
|
|
7</em></a>, <a href=3D"https://news.risky.biz/r/23f2ab98?m=3D1a80b145-9ce5-=
|
|
407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; t=
|
|
ext-decoration: underline;" target=3D"_blank"><em>Red Canary</em></a>, <a h=
|
|
ref=3D"https://news.risky.biz/r/e6494722?m=3D1a80b145-9ce5-407e-b496-c57050=
|
|
db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: =
|
|
underline;" target=3D"_blank"><em>Microsoft</em></a>] and has now spread to=
|
|
other groups.</p><h3 id=3D"malware-technical-reports" style=3D"margin-top:=
|
|
0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Rob=
|
|
oto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe =
|
|
UI Emoji', 'Segoe UI Symbol'; line-height: 1.11em; font-weight:=
|
|
700; text-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-siz=
|
|
e: 26px;"><strong style=3D"font-weight: 800;">Malware technical reports</st=
|
|
rong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong sty=
|
|
le=3D"font-weight: 700;">Infostealer hunting guide:</strong> Israel's N=
|
|
ational Cyber Directorate has published a guide [<a href=3D"https://news.ri=
|
|
sky.biz/r/878df967?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overf=
|
|
low-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"=
|
|
_blank"><em>PDF</em></a>] for hunting infostealer malware.</p><p style=3D"m=
|
|
argin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;=
|
|
">ApateWeb:</strong> Validin has published <a href=3D"https://news.risky.bi=
|
|
z/r/f13a2cb0?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">new IOCs</a> on <a href=3D"https://news.risky.biz/r/095faaf8?m=3D1a80b145=
|
|
-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727=
|
|
272; text-decoration: underline;" target=3D"_blank">ApateWeb</a>, a botnet =
|
|
of hacked websites that redirects users to PUP and scareware.</p><p style=
|
|
=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight:=
|
|
700;">Qbot:</strong> Walmart's security team is raising the alarm that=
|
|
the Qbot (Qakbot, Pinkslipbot) botnet is <a href=3D"https://news.risky.biz=
|
|
/r/4013ecb6?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wra=
|
|
p: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank"=
|
|
>slowly rebuilding</a> its infrastructure and mounting new operations follo=
|
|
wing a law enforcement <a href=3D"https://news.risky.biz/r/2059e189?m=3D1a8=
|
|
0b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color:=
|
|
#727272; text-decoration: underline;" target=3D"_blank">takedown</a> in Ma=
|
|
y 2024.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong st=
|
|
yle=3D"font-weight: 700;">Murdoc botnet:</strong> Qualys researchers have d=
|
|
iscovered a new IoT botnet used to carry out large-scale DDoS attacks. Name=
|
|
d <a href=3D"https://news.risky.biz/r/4fbbb359?m=3D1a80b145-9ce5-407e-b496-=
|
|
c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decora=
|
|
tion: underline;" target=3D"_blank">Murdoc</a>, the botnet began operating =
|
|
in July of last year. Qualys says the botnet was assembled by exploiting un=
|
|
patched vulnerabilities in AVTECH cameras and Huawei routers. Based on open=
|
|
-source intelligence, the botnet is currently running on around 1,300 devic=
|
|
es.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.5em; pad=
|
|
ding: 0;"><img src=3D"https://news.risky.biz/content/images/2025/01/murdoc.=
|
|
jpg" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"171" s=
|
|
tyle=3D"border: none; -ms-interpolation-mode: bicubic; max-width: 100%; dis=
|
|
play: block; margin: 0 auto; height: auto; width: auto;"></div><h3 id=3D"sp=
|
|
onsor-section-1" style=3D"margin-top: 0; font-family: -apple-system, BlinkM=
|
|
acSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, =
|
|
9;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol=
|
|
9;; line-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibili=
|
|
ty; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weight=
|
|
: 800;"><em>Sponsor section</em></strong></h3><p style=3D"margin: 0 0 1.5em=
|
|
0; line-height: 1.6em;"><em>Resourcely is releasing Campaigns, a tool for =
|
|
identifying and remediating vulnerabilities in your existing infrastructure=
|
|
=2E Want to burn down your CSPM findin=
|
|
gs? Try out </em><a href=3D"https://new=
|
|
s.risky.biz/r/6849bffd?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"o=
|
|
verflow-wrap: anywhere; color: #727272; text-decoration: underline;" target=
|
|
=3D"_blank"><em>Campaigns</em></a><em> today!</em></p><div class=3D"kg-card=
|
|
kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><a href=3D"https:/=
|
|
/news.risky.biz/r/b4f28665?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=
|
|
=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" t=
|
|
arget=3D"_blank"><img src=3D"https://news.risky.biz/content/images/2025/01/=
|
|
Resourcely.jpg" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" heigh=
|
|
t=3D"315" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width=
|
|
: 100%; display: block; margin: 0 auto; height: auto; width: auto;"></a></d=
|
|
iv><h3 id=3D"apts-cyber-espionage-and-info-ops" style=3D"margin-top: 0; fon=
|
|
t-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, He=
|
|
lvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoj=
|
|
i', 'Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; t=
|
|
ext-rendering: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px=
|
|
;"><strong style=3D"font-weight: 800;">APTs, cyber-espionage, and info-ops<=
|
|
/strong></h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong =
|
|
style=3D"font-weight: 700;">Lazarus' InvisibleFerret:</strong> ANY.RUN =
|
|
has published a report on <a href=3D"https://news.risky.biz/r/6b25766b?m=3D=
|
|
1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; col=
|
|
or: #727272; text-decoration: underline;" target=3D"_blank">InvisibleFerret=
|
|
</a>, a Python-based backdoor distributed as an npm package. The malware wa=
|
|
s linked to the Lazarus Group last year by <a href=3D"https://news.risky.bi=
|
|
z/r/29e1ca4f?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wr=
|
|
ap: anywhere; color: #727272; text-decoration: underline;" target=3D"_blank=
|
|
">Hauri</a>, <a href=3D"https://news.risky.biz/r/c020254e?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; =
|
|
text-decoration: underline;" target=3D"_blank">PAN</a>, and <a href=3D"http=
|
|
s://news.risky.biz/r/c8388e03?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank">Group-IB</a>.</p><p style=3D"margin: 0 0 1.5em 0; line-h=
|
|
eight: 1.6em;"><strong style=3D"font-weight: 700;">Operation 99:</strong> S=
|
|
ecurityScorecard has spotted a new "fake interview" campaign link=
|
|
ed to North Korean hackers. <a href=3D"https://news.risky.biz/r/a05c04bc?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">This one</a>=
|
|
targeted freelance Web3 and cryptocurrency developers.</p><p style=3D"marg=
|
|
in: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">D=
|
|
onot Android malware:</strong> Security firm CyFirma has published a report=
|
|
on a <a href=3D"https://news.risky.biz/r/467729dc?m=3D1a80b145-9ce5-407e-b=
|
|
496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-de=
|
|
coration: underline;" target=3D"_blank">piece of Android malware</a> it fou=
|
|
nd in the Tanzeem Android app. The company says the malware appears to be t=
|
|
he work of the Donot APT group.</p><p style=3D"margin: 0 0 1.5em 0; line-he=
|
|
ight: 1.6em;"><strong style=3D"font-weight: 700;">FakeTicketer:</strong> A =
|
|
new cyber-espionage group named <a href=3D"https://news.risky.biz/r/a39cdae=
|
|
9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywher=
|
|
e; color: #727272; text-decoration: underline;" target=3D"_blank">FakeTicke=
|
|
ter</a> has targeted Russian government officials in a clever campaign that=
|
|
used fake tickets for sporting events. The campaign has been going on sinc=
|
|
e June of last year and used tickets for Russian football matches and rowin=
|
|
g competitions to trick victims into infecting themselves with malware. The=
|
|
final payload was a new malware family named Zagrebator, consisting of a l=
|
|
oader, RAT, and infostealer.</p><p style=3D"margin: 0 0 1.5em 0; line-heigh=
|
|
t: 1.6em;"><strong style=3D"font-weight: 700;">OceanLotus comeback:</strong=
|
|
> Chinese security firm QiAnXin reports seeing <a href=3D"https://news.risk=
|
|
y.biz/r/c6355e45?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflo=
|
|
w-wrap: anywhere; color: #727272; text-decoration: underline;" target=3D"_b=
|
|
lank">new attacks</a> from Vietnamese APT group OceanLotus after a period o=
|
|
f inactivity. The new attacks targeted China's military, energy, and ae=
|
|
rospace sectors.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><=
|
|
strong style=3D"font-weight: 700;">More on the US-hacks-China report:</stro=
|
|
ng> Back in December, the Chinese CERT <a href=3D"https://news.risky.biz/r/=
|
|
7fe5be1a?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: =
|
|
anywhere; color: #727272; text-decoration: underline;" target=3D"_blank">ac=
|
|
cused</a> the US government of hacking two Chinese organizations. CERTCN ha=
|
|
s now published a <a href=3D"https://news.risky.biz/r/af68e2db?m=3D1a80b145=
|
|
-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727=
|
|
272; text-decoration: underline;" target=3D"_blank">tad more details</a> an=
|
|
d IOCs, including some of the attacking IPs—if you can call entire /=
|
|
16 subnets that. The organization claims the attacks took place during a 10=
|
|
:00 to 20:00 time window, from Monday to Friday on an Eastern US timezone. =
|
|
They also claim no attacks took place during US holidays.</p><div class=3D"=
|
|
kg-card kg-image-card" style=3D"margin: 0 0 1.5em; padding: 0;"><img src=3D=
|
|
"https://news.risky.biz/content/images/2025/01/IPs.jpg" class=3D"kg-image" =
|
|
alt loading=3D"lazy" width=3D"600" height=3D"246" style=3D"border: none; -m=
|
|
s-interpolation-mode: bicubic; max-width: 100%; display: block; margin: 0 a=
|
|
uto; height: auto; width: auto;"></div><h3 id=3D"vulnerabilities-security-r=
|
|
esearch-and-bug-bounty" style=3D"margin-top: 0; font-family: -apple-system,=
|
|
BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-ser=
|
|
if, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Sy=
|
|
mbol'; line-height: 1.11em; font-weight: 700; text-rendering: optimizeL=
|
|
egibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font=
|
|
-weight: 800;">Vulnerabilities, security research, and bug bounty</strong><=
|
|
/h3><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"=
|
|
font-weight: 700;">7zip patches:</strong> The 7zip team has <a href=3D"http=
|
|
s://news.risky.biz/r/f9dcb584?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank">patched</a> a bug that allowed threat actors to bypass t=
|
|
he Mark-of-the-Web protection mechanism and drop "safe-looking" f=
|
|
iles from malicious archives.</p><p style=3D"margin: 0 0 1.5em 0; line-heig=
|
|
ht: 1.6em;"><strong style=3D"font-weight: 700;">Elastic security updates:</=
|
|
strong> Elastic has released <a href=3D"https://news.risky.biz/r/6b79eb2b?m=
|
|
=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; =
|
|
color: #727272; text-decoration: underline;" target=3D"_blank">security upd=
|
|
ates</a> for the Elasticsearch database, the Defend security system, and th=
|
|
e Kibana UI.</p><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><stro=
|
|
ng style=3D"font-weight: 700;">Intel TDX vulnerabilities:</strong> A team o=
|
|
f academics from the Indian Institute of Technology Kharagpur has <a href=
|
|
=3D"https://news.risky.biz/r/6c766f53?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">discovered</a> several vulnerabilities in the In=
|
|
tel Trust Domain Extensions (TDX) trusted execution environment (TEE) techn=
|
|
ology. The vulnerabilities can be used to breach the isolation between the =
|
|
Virtual Machine Manager (VMM) and Trust Domains (TDs).</p><blockquote style=
|
|
=3D"margin: 0; padding: 0; border-left: #727272 2px solid; font-size: 17px;=
|
|
font-weight: 500; line-height: 1.6em; letter-spacing: -0.2px;"><p style=3D=
|
|
"line-height: 1.6em; margin: 2em 25px; font-size: 1em; padding: 0;"><em>&qu=
|
|
ot;In this work for the first time, we show through a series of experiments=
|
|
that these performance counters can also be exploited by the VMM to differ=
|
|
entiate between activities of an idle and active TD. The root cause of this=
|
|
leakage is core contention. This occurs when the VMM itself, or a process =
|
|
executed by the VMM, runs on the same core as the TD. Due to resource conte=
|
|
ntion on the core, the effects of the TD's computations become observab=
|
|
le in the performance monitors collected by the VMM. This finding underscor=
|
|
e the critical need for enhanced protections to bridge these gaps within th=
|
|
ese advanced virtualized environments."</em></p></blockquote><h3 id=3D=
|
|
"infosec-industry" style=3D"margin-top: 0; font-family: -apple-system, Blin=
|
|
kMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, &=
|
|
#39;Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol&=
|
|
#39;; line-height: 1.11em; font-weight: 700; text-rendering: optimizeLegibi=
|
|
lity; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong style=3D"font-weig=
|
|
ht: 800;">Infosec industry</strong></h3><p style=3D"margin: 0 0 1.5em 0; li=
|
|
ne-height: 1.6em;"><strong style=3D"font-weight: 700;">Threat/trend reports=
|
|
:</strong> <a href=3D"https://news.risky.biz/r/04a01e7e?m=3D1a80b145-9ce5-4=
|
|
07e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; te=
|
|
xt-decoration: underline;" target=3D"_blank">Cloudflare</a>, <a href=3D"htt=
|
|
ps://news.risky.biz/r/1c53b604?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" st=
|
|
yle=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;=
|
|
" target=3D"_blank">CyberInt</a>, <a href=3D"https://news.risky.biz/r/d4228=
|
|
f61?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywh=
|
|
ere; color: #727272; text-decoration: underline;" target=3D"_blank">Omdia</=
|
|
a>, <a href=3D"https://news.risky.biz/r/1e8ff73f?m=3D1a80b145-9ce5-407e-b49=
|
|
6-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; text-deco=
|
|
ration: underline;" target=3D"_blank">Recorded Future</a>, <a href=3D"https=
|
|
://news.risky.biz/r/91434940?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" styl=
|
|
e=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;" =
|
|
target=3D"_blank">RIPE Labs</a>, <a href=3D"https://news.risky.biz/r/096d4a=
|
|
ad?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhe=
|
|
re; color: #727272; text-decoration: underline;" target=3D"_blank">Sentinel=
|
|
One</a>, and <a href=3D"https://news.risky.biz/r/83c01c0e?m=3D1a80b145-9ce5=
|
|
-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #727272; =
|
|
text-decoration: underline;" target=3D"_blank">Trustwave</a> have published=
|
|
reports and summaries covering various infosec trends and industry threats=
|
|
=2E</p><div class=3D"kg-card kg-image-c=
|
|
ard" style=3D"margin: 0 0 1.5em; paddi=
|
|
ng: 0;"><img src=3D"https://news.risky.biz/content/images/2025/01/DDoS.png"=
|
|
class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=3D"268" style=
|
|
=3D"border: none; -ms-interpolation-mode: bicubic; max-width: 100%; display=
|
|
: block; margin: 0 auto; height: auto; width: auto;"></div><p style=3D"marg=
|
|
in: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight: 700;">N=
|
|
ew infosec book:</strong> VirusTotal founder Bernardo Quintero has <a href=
|
|
=3D"https://news.risky.biz/r/849a40ac?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">published a book</a> on the company's launch=
|
|
, growth, and up until its Google acquisition.</p><p style=3D"margin: 0 0 1=
|
|
=2E5em 0; line-height: 1.6em;"><strong=
|
|
style=3D"font-weight: 700;">New tool&#=
|
|
x2014;BaitRoute:</strong> Security researcher Utku Sen has released <a href=
|
|
=3D"https://news.risky.biz/r/f5e1e0e9?m=3D1a80b145-9ce5-407e-b496-c57050db1=
|
|
6ff" style=3D"overflow-wrap: anywhere; color: #727272; text-decoration: und=
|
|
erline;" target=3D"_blank">BaitRoute</a>, a web honeypot library to create =
|
|
vulnerable-looking endpoints to detect and mislead attackers.</p><p style=
|
|
=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><strong style=3D"font-weight:=
|
|
700;">New tool—Cyberbro:</strong> Cybersecurity engineer Stanislas =
|
|
M. has released <a href=3D"https://news.risky.biz/r/fa5f9105?m=3D1a80b145-9=
|
|
ce5-407e-b496-c57050db16ff" style=3D"overflow-wrap: anywhere; color: #72727=
|
|
2; text-decoration: underline;" target=3D"_blank">Cyberbro</a>, a tool to e=
|
|
xtract IoCs from garbage input and check their reputation using multiple CT=
|
|
I services.</p><div class=3D"kg-card kg-image-card" style=3D"margin: 0 0 1.=
|
|
5em; padding: 0;"><img src=3D"https://news.risky.biz/content/images/2025/01=
|
|
/Cyberbro.png" class=3D"kg-image" alt loading=3D"lazy" width=3D"600" height=
|
|
=3D"311" style=3D"border: none; -ms-interpolation-mode: bicubic; max-width:=
|
|
100%; display: block; margin: 0 auto; height: auto; width: auto;"></div><h=
|
|
3 id=3D"risky-business-podcasts-1" style=3D"margin-top: 0; font-family: -ap=
|
|
ple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Aria=
|
|
l, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', '=
|
|
Segoe UI Symbol'; line-height: 1.11em; font-weight: 700; text-rendering=
|
|
: optimizeLegibility; margin: 1.5em 0 0.5em 0; font-size: 26px;"><strong st=
|
|
yle=3D"font-weight: 800;"><em>Risky Business Podcasts</em></strong></h3><p =
|
|
style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><em>In this podcast, Tom=
|
|
Uren and Adam Boileau talk about the continued importance of hack and leak=
|
|
operations. They didn't really affect the recent US presidential elect=
|
|
ion, but they are still a powerful tool for vested interests to influence p=
|
|
ublic policy.</em></p><div class=3D"kg-card kg-embed-card" style=3D"margin:=
|
|
0 0 1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/SRB106.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/SRB106/">Srsl=
|
|
y Risky Biz: Why two hats are better than two heads</a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Srsly Risky Biz: Why=
|
|
two hats are better than two heads",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/b3d590f9?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/SRB106/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
530c7565?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/RNw5NCYSeG8/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3DRNw5NCYSeG8" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/RNw5NCYSeG8/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div><p style=3D"margin: 0 0 1.5em 0; line-height:=
|
|
1.6em;"><em>In this edition of Between Two Nerds, Tom Uren and The Grugq t=
|
|
alk about the evolution of Russian cyber operations during its invasion of =
|
|
Ukraine.</em></p><div class=3D"kg-card kg-embed-card" style=3D"margin: 0 0 =
|
|
1.5em; padding: 0;">
|
|
<iframe frameborder=3D"0" style=3D"width: 100%; height: 156px;" srcdoc=
|
|
=3D"
|
|
=20
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Risky Business Player</title>
|
|
</head>
|
|
<body>
|
|
|
|
<!-- Include the Google Font Inter -->
|
|
<style>
|
|
@import url("https://fonts.googleapis.com/css2?family=3DInter:wght@400=
|
|
;700&display=3Dswap");
|
|
|
|
body {
|
|
margin: 0px;
|
|
}
|
|
|
|
=2Eaudio-player {
|
|
font-family: "Inter", sans-serif;
|
|
}
|
|
|
|
=2Eicon {
|
|
background-image: url("https://risky.biz/static/img/icons/subscrib=
|
|
e-icons.svg");
|
|
display: block;
|
|
width: 33px;
|
|
height: 33px;
|
|
background-size: 528px 111px;
|
|
}
|
|
|
|
}
|
|
</style>
|
|
|
|
<!-- Audio player -->
|
|
<div class=3D"audio-player" style=3D"display: flex; flex-=
|
|
direction: column; gap: 5px; padding-top: 0px; padding-bottom: 20px; backgr=
|
|
ound: rgb(244, 244, 239); background: linear-gradient(0deg, rgba(244, 244, =
|
|
239, 1) 0%, rgba(244, 244, 239, 0) 100%); border-radius: 8px; border: 1px s=
|
|
olid #d7d7d7; width: calc(100% - 1px) min-width: 350px;">
|
|
<audio class=3D"audioElement" preload=3D"metadata&quo=
|
|
t;>
|
|
<source src=3D"https://dts.podtrac.com/redirect.mp3/media3.=
|
|
risky.biz/BTN105.mp3" type=3D"audio/mpeg">
|
|
Your browser does not support the audio element.
|
|
</audio>
|
|
|
|
<!-- Title -->
|
|
<div style=3D"background: #666666; color: #FEFEFE; font-size: 1=
|
|
4px; padding-left: 5%; padding-right: 5%; padding-top: 10px; padding-bottom=
|
|
: 10px; border-top-left-radius: 8px; border-top-right-radius: 8px; white-sp=
|
|
ace: nowrap; overflow: hidden; text-overflow: ellipsis; margin-bottom: 10px=
|
|
;">
|
|
<a style=3D"color:#FEFEFE; text-decoration: none;" tar=
|
|
get=3D"_new" href=3D"https://risky.biz/BTN105/">Betw=
|
|
een Two Nerds: The evolution of Russia's cyber operations in Ukraine<=
|
|
;/a>
|
|
</div>
|
|
|
|
<!-- Player Controls and Progress Bar -->
|
|
<div style=3D"display: flex; align-items: center; justify-conte=
|
|
nt: center; gap: 10px; width: 90%; margin: 0 auto;">
|
|
<button type=3D"button" class=3D"playPauseBtn&quo=
|
|
t; style=3D"color: #1e1e1e; background-color: #FAFAFA; font-size: 18px=
|
|
; border: none; padding: 10px; border-radius: 8px; cursor: pointer; height:=
|
|
42px; width: 42px; text-align: center; display: flex; align-items: center;=
|
|
justify-content: center;">&#9654;</button>
|
|
<input type=3D"range" style=3D"flex-grow: 1; -web=
|
|
kit-appearance: none; height: 5px; background: #ddd; border-radius: 8px; ou=
|
|
tline: none; cursor: pointer;" class=3D"progressBar" value=
|
|
=3D"0" min=3D"0" max=3D"100" />
|
|
<span style=3D"font-size: 12px; font-weight: 200;" cla=
|
|
ss=3D"currentTime">0:00</span> / <span style=3D"=
|
|
font-size: 12px; font-weight: 200;" class=3D"duration">0:=
|
|
00</span>
|
|
</div>
|
|
|
|
<!-- Subscribe Buttons -->
|
|
<div style=3D"width: 90%; display: flex; justify-content: space=
|
|
-between; align-items: center; padding-left: 5%;">
|
|
<div style=3D"padding-right:20px;" class=3D"subTe=
|
|
xt">
|
|
<strong>Subscribe &nbsp;</strong>
|
|
</div>
|
|
=20
|
|
<div style=3D"display: flex; align-items: center; gap: 6px;=
|
|
margin: 0; flex-grow: 1;" class=3D"subContainer">
|
|
<!-- Apple Podcast Icon -->
|
|
<a href=3D"https://podcasts.apple.com/au/podcast/risky-=
|
|
business-news/id1621305970"
|
|
style=3D"background-position: 48px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon apple-podcast"></a>
|
|
<!-- Overcast Icon -->
|
|
<a href=3D"https://overcast.fm/itunes1621305970"
|
|
style=3D"background-position: 141px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon overcast-podcast"></a>
|
|
|
|
<!-- Pocket Casts Icon -->
|
|
<a href=3D"https://pca.st/yicebxgl"
|
|
style=3D"background-position: 234px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon pocketcast-podcast"></a>
|
|
<!-- Spotify Icon -->
|
|
<a href=3D"https://open.spotify.com/show/0BdExoUZqbGsBY=
|
|
jt6QZl4Q"
|
|
style=3D"background-position: 420px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon spotify-podcast"></a>
|
|
<!-- RSS Icon -->
|
|
<a href=3D"https://risky.biz/feeds/risky-business-news&=
|
|
quot;
|
|
style=3D"background-position: 327px 96px;"
|
|
target=3D"_new"
|
|
class=3D"icon rss-podcast"></a>
|
|
</div>
|
|
=20
|
|
|
|
=20
|
|
<a href=3D"https://risky.biz">
|
|
<img src=3D"https://risky.biz/static/img/RB_Site_Logo.svg&=
|
|
quot; alt=3D"Logo"
|
|
style=3D"margin-left: 0; height: 32px; display: block; pa=
|
|
dding-right: 5%;"
|
|
id=3D"logo" class=3D"logo playerLogo">
|
|
</a>
|
|
<script>
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player&quo=
|
|
t;);
|
|
|
|
function resizeElements(player) {
|
|
const logo =3D player.querySelector(".logo");
|
|
const subscribeIcons =3D player.querySelectorAll(".icon&qu=
|
|
ot;);
|
|
const subscribeContainer =3D player.querySelector(".subCon=
|
|
tainer"); // Select subContainer by class
|
|
const subText =3D player.querySelector(".subText"); /=
|
|
/ Select subText by class
|
|
|
|
if (player.offsetWidth <=3D 425) {
|
|
// Hide logo
|
|
if (logo) {
|
|
logo.style.display =3D "none";
|
|
}
|
|
} else if (player.offsetWidth <=3D 500) {
|
|
// Show logo and scale logo and icons to 70%
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(0.7)";
|
|
logo.style.transformOrigin =3D "center";
|
|
logo.style.verticalAlign =3D "middle";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(0.7)";
|
|
icon.style.transformOrigin =3D "center";
|
|
icon.style.verticalAlign =3D "middle";
|
|
});
|
|
|
|
// Remove padding from subText and set font-size to 12px
|
|
if (subText) {
|
|
subText.style.padding =3D "0";
|
|
subText.style.fontSize =3D "12px";
|
|
}
|
|
|
|
// Set gap in subContainer to 0px
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "0px";
|
|
}
|
|
} else {
|
|
// Reset scaling, alignment, and visibility
|
|
if (logo) {
|
|
logo.style.display =3D "block";
|
|
logo.style.transform =3D "scale(1)";
|
|
logo.style.verticalAlign =3D "baseline";
|
|
}
|
|
subscribeIcons.forEach(icon =3D> {
|
|
icon.style.transform =3D "scale(1)";
|
|
icon.style.verticalAlign =3D "baseline";
|
|
});
|
|
|
|
// Reset padding and font-size in subText
|
|
if (subText) {
|
|
subText.style.padding =3D "0 20px"; // Defaul=
|
|
t padding
|
|
subText.style.fontSize =3D "inherit"; // Defa=
|
|
ult font-size
|
|
}
|
|
|
|
// Reset gap in subContainer
|
|
if (subscribeContainer) {
|
|
subscribeContainer.style.gap =3D "6px"; // De=
|
|
fault gap
|
|
}
|
|
}
|
|
}
|
|
|
|
function handleResize() {
|
|
players.forEach(player =3D> {
|
|
resizeElements(player);
|
|
});
|
|
}
|
|
|
|
// Run on initial load and resize
|
|
handleResize();
|
|
window.addEventListener("resize", handleResize);
|
|
});
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script>
|
|
// Custom Audio Player
|
|
document.addEventListener("DOMContentLoaded", function () {
|
|
const players =3D document.querySelectorAll(".audio-player");
|
|
|
|
players.forEach(function (player) {
|
|
// Skip if already initialized
|
|
if (player.dataset.initialized =3D=3D=3D "true") return;
|
|
|
|
// Mark player as initialized
|
|
player.dataset.initialized =3D "true";
|
|
=20
|
|
const audio =3D player.querySelector(".audioElement");
|
|
const playPauseBtn =3D player.querySelector(".playPauseBtn&quo=
|
|
t;);
|
|
const progressBar =3D player.querySelector(".progressBar"=
|
|
);
|
|
const currentTimeEl =3D player.querySelector(".currentTime&quo=
|
|
t;);
|
|
const durationEl =3D player.querySelector(".duration");
|
|
|
|
if (!audio || !playPauseBtn || !progressBar || !currentTimeEl || !d=
|
|
urationEl) {
|
|
console.error("One or more player elements not found:"=
|
|
;, { audio, playPauseBtn, progressBar, currentTimeEl, durationEl });
|
|
return;=20
|
|
}
|
|
|
|
playPauseBtn.addEventListener("click", () =3D> {
|
|
if (audio.paused) {
|
|
audio.play();
|
|
playPauseBtn.textContent =3D "⏸";=20
|
|
|
|
// GA4 event for starting audio
|
|
gtag("event", "audio_play", {
|
|
"content_title": "Between Two Nerds: T=
|
|
he evolution of Russia's cyber operations in Ukraine",
|
|
"content_type": "audio"
|
|
});
|
|
} else {
|
|
audio.pause();
|
|
playPauseBtn.textContent =3D "▶";
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("timeupdate", () =3D> {
|
|
if (audio.duration) {
|
|
progressBar.value =3D (audio.currentTime / audio.duration) =
|
|
* 100;
|
|
currentTimeEl.textContent =3D formatTime(audio.currentTime)=
|
|
;
|
|
}
|
|
});
|
|
|
|
audio.addEventListener("loadedmetadata", () =3D> {
|
|
durationEl.textContent =3D formatTime(audio.duration);
|
|
});
|
|
|
|
progressBar.addEventListener("input", () =3D> {
|
|
if (audio.duration) {
|
|
audio.currentTime =3D (progressBar.value / 100) * audio.dur=
|
|
ation;
|
|
}
|
|
});
|
|
|
|
function formatTime(seconds) {
|
|
const minutes =3D Math.floor(seconds / 60);
|
|
const secs =3D Math.floor(seconds % 60);
|
|
return `${minutes}:${secs < 10 ? "0" : ""=
|
|
;}${secs}`;
|
|
}
|
|
});
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|
|
|
|
|
|
"></iframe>
|
|
</div><p style=3D"margin: 0 0 1.5em 0; line-height: 1.6em;"><a href=3D"http=
|
|
s://news.risky.biz/r/997e0d54?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" sty=
|
|
le=3D"overflow-wrap: anywhere; color: #727272; text-decoration: underline;"=
|
|
target=3D"_blank"><span style=3D"white-space: pre-wrap;">https://risky.biz=
|
|
/BTN105/</span></a></p><div class=3D"kg-card kg-embed-card" style=3D"margin=
|
|
: 0 0 1.5em; padding: 0;"><!--[if !mso !vml]-->
|
|
<a class=3D"kg-video-preview" href=3D"https://news.risky.biz/r/=
|
|
23026441?m=3D1a80b145-9ce5-407e-b496-c57050db16ff" aria-label=3D"Play video=
|
|
" style=3D"background-color: #1d1f21; background-image: radial-gradient(cir=
|
|
cle at center, #5b5f66, #1d1f21); display: block; overflow-wrap: anywhere; =
|
|
color: #727272; mso-hide: all; text-decoration: none;" target=3D"_blank">
|
|
<table cellpadding=3D"0" cellspacing=3D"0" border=3D"0" wid=
|
|
th=3D"100%" background=3D"https://i.ytimg.com/vi/e49QGvfSWoU/hqdefault.jpg"=
|
|
role=3D"presentation" style=3D"border-collapse: separate; mso-table-lspace=
|
|
: 0pt; mso-table-rspace: 0pt; width: 100%; background-size: cover; min-heig=
|
|
ht: 200px; background: url('https://i.ytimg.com/vi/e49QGvfSWoU/hqdefaul=
|
|
t.jpg') left top / cover; mso-hide: all;">
|
|
<tbody><tr style=3D"mso-hide: all">
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; visibil=
|
|
ity: hidden; mso-hide: all;" valign=3D"top">
|
|
<img src=3D"https://img.spacergif.org/v1/150x45=
|
|
0/0a/spacer.png" alt width=3D"100%" border=3D"0" style=3D"border: none; -ms=
|
|
-interpolation-mode: bicubic; max-width: 100%; display: block; height: auto=
|
|
; opacity: 0; visibility: hidden; mso-hide: all;" height=3D"auto">
|
|
</td>
|
|
<td width=3D"50%" align=3D"center" valign=3D"middle=
|
|
" style=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI=
|
|
9;, Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', '=
|
|
;Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; color: #1=
|
|
5212A; vertical-align: middle; mso-hide: all;">
|
|
<div class=3D"kg-video-play-button" style=3D"he=
|
|
ight: 2em; width: 3em; margin: 0 auto; border-radius: 10px; padding: 1em 0.=
|
|
8em 0.6em 1em; font-size: 1em; background-color: rgba(0,0,0,0.85); mso-hide=
|
|
: all;"><div style=3D"display: block; width: 0; height: 0; margin: 0 auto; =
|
|
line-height: 0px; border-color: transparent transparent transparent white; =
|
|
border-style: solid; border-width: 0.8em 0 0.8em 1.5em; mso-hide: all;"></d=
|
|
iv></div>
|
|
</td>
|
|
<td width=3D"25%" style=3D"font-family: -apple-syst=
|
|
em, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-=
|
|
serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI=
|
|
Symbol'; font-size: 18px; vertical-align: top; color: #15212A; mso-hid=
|
|
e: all;" valign=3D"top"> </td>
|
|
</tr>
|
|
</tbody></table>
|
|
</a>
|
|
<!--[endif]-->
|
|
|
|
<!--[if vml]>
|
|
<v:group xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:w=3D"u=
|
|
rn:schemas-microsoft-com:office:word" coordsize=3D"600,450" coordorigin=3D"=
|
|
0,0" href=3D"https://www.youtube.com/watch?v=3De49QGvfSWoU" style=3D"width:=
|
|
600px;height:450px;">
|
|
<v:rect fill=3D"t" stroked=3D"f" style=3D"position:absolute=
|
|
;width:600;height:450;"><v:fill src=3D"https://i.ytimg.com/vi/e49QGvfSWoU/h=
|
|
qdefault.jpg" type=3D"frame"/></v:rect>
|
|
<v:oval fill=3D"t" strokecolor=3D"white" strokeweight=3D"4p=
|
|
x" style=3D"position:absolute;left:261;top:186;width:78;height:78"><v:fill =
|
|
color=3D"black" opacity=3D"30%" /></v:oval>
|
|
<v:shape coordsize=3D"24,32" path=3D"m,l,32,24,16,xe" fillc=
|
|
olor=3D"white" stroked=3D"f" style=3D"position:absolute;left:289;top:208;wi=
|
|
dth:30;height:34;" />
|
|
</v:group>
|
|
<![endif]--></div>
|
|
<!-- POST CONTENT END -->
|
|
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
<!-- END MAIN CONTENT AREA -->
|
|
|
|
|
|
|
|
|
|
<tr>
|
|
<td class=3D"wrapper" align=3D"center" styl=
|
|
e=3D"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Ro=
|
|
boto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe=
|
|
UI Emoji', 'Segoe UI Symbol'; font-size: 18px; vertical-align:=
|
|
top; color: #15212A; box-sizing: border-box;" valign=3D"top">
|
|
<table role=3D"presentation" border=3D"=
|
|
0" cellpadding=3D"0" cellspacing=3D"0" width=3D"100%" style=3D"border-colla=
|
|
pse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; p=
|
|
adding-top: 40px; padding-bottom: 30px;">
|
|
<tr>
|
|
<td class=3D"footer" style=3D"f=
|
|
ont-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, =
|
|
Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Em=
|
|
oji', 'Segoe UI Symbol'; vertical-align: top; color: #738a94; m=
|
|
argin-top: 20px; text-align: center; padding-bottom: 10px; padding-top: 10p=
|
|
x; padding-left: 30px; padding-right: 30px; line-height: 1.5em; font-size: =
|
|
13px;" valign=3D"top" align=3D"center">Risky.Biz © 2025 – <a hr=
|
|
ef=3D"https://news.risky.biz/unsubscribe/?uuid=3D1a80b145-9ce5-407e-b496-c5=
|
|
7050db16ff&key=3Db42b9394aa843f18196f4ef71cbb26d29e72298989fd79444a9147b6e3=
|
|
2ee87b&newsletter=3D102a29ad-4bfc-4105-8645-703ba0268482" style=3D"overflow=
|
|
-wrap: anywhere; color: #738a94; text-decoration: underline; font-size: 13p=
|
|
x;" target=3D"_blank">Unsubscribe</a></td>
|
|
</tr>
|
|
|
|
</table>
|
|
</td>
|
|
</tr>
|
|
|
|
</table>
|
|
<!-- END CENTERED WHITE CONTAINER -->
|
|
</div>
|
|
</td>
|
|
<td style=3D"font-family: -apple-system, BlinkMacSystemFont=
|
|
, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Colo=
|
|
r Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-siz=
|
|
e: 18px; vertical-align: top; color: #15212A;" valign=3D"top"> </td>
|
|
</tr>
|
|
|
|
<!--[if mso]>
|
|
</table>
|
|
</center>
|
|
</td>
|
|
</tr>
|
|
<![endif]-->
|
|
</table>
|
|
</body>
|
|
</html>
|
|
|
|
--a1b2450c7c69da15f22f678701286b2b9fdf5a64ba695a8bed3f7a8725e7--
|
.