Podcasts about REvil

Všechno, co jsem v únoru přečetla a všechno, co mě zaujalo z vydaných novinek. Pokud mi chcete sdělit vaše tipy na čtení nebo cokoliv jiného, najdete mě na instagramu jako @les.slov :) Přečetla jsem: - Loutkář - Jostein Gaarder - Jediná kniha o jídle, kterou potřebujete - Karolína Fourová - Pačinko - Min Jin Lee - Závod s časem - Lisa Regan - Ja Tituba, černá čarodějnice ze Salemu - Maryse Condé - Časokryt - Georgi Gospodinov - Sněhurečka - Sophie Anderson - Nimbus - Neal Shusterman - Lightfall - Tím Probert Zaujalo mě: - Boj o krásu - Gill Paul - Na kameni kámen - Naďa Reviláková - Milosrdenství- Lídia Jorge

V knihách pro děti nahlíží historii přes současné pátrání, a to ideálně dobrodružné. Napsala knižní sérii Hanka versus historie a za díl Medailon Emilky Horové získala Zlatou stuhu. „Chci děti inspirovat k tomu, aby se svých babiček ptaly, co zažily,“ říká ve Vizitce. „Jsou to příběhy naší paměti.“ Jak vyvažuje poučení a počtení ve svých knihách? A kdo je její první čtenář? Ptá se Karolína Koubová.

L'apnée du sommeil est une maladie chronique lourde de conséquence. Son traitement est le port d'un masque qui envoie de l'air dans les voies respiratoires via une machine que les patients doivent porter toutes les nuits. Un dispositif contraignant qu'ils ont souvent du mal à supporter. Pour mieux les comprendre et les aider, des chercheurs de l'Inserm ont travaillé avec des volontaires et une troupe de théâtre. Résultat : une pièce qui a été jouée à Grenoble devant des scientifiques et des patients et à laquelle le journaliste et docteur en neurosciences Chandrou Koumar a assisté. Lever de rideau sur un spectacle aux vertus libératrices !Transcription de l'épisode-----------------------------------InvitésSébastien Bailly, pharmacien et biostatisticien au laboratoire Hypoxie et physiopathologies (HP2) à La TroncheHéléna Revil, chercheuse en sciences politiques et en sociologie au laboratoire de sciences sociales PACTE (université Grenoble Alpes)François Goy, comédien dans la compagnie La Pagaille-----------------------------------Une série créée par l'Inserm, orchestrée par Chandrou Koumar, journaliste et docteur en neurosciences, et produite par MaisonK Prod. Disponible sur toutes les plateformes d'écoute.L'Inserm est le seul organisme de recherche public français entièrement dédié à la santé humaine. Plus d'infos sur inserm.frN'hésitez pas à vous abonner à la série, à la partager autour de vous et à lui mettre 5 étoiles si vous le pouvez : ça nous aide vraiment !-----------------------------------RemerciementsLes scientifiques tiennent à remercier tous ceux qui ont contribué à l'étude SOCIO-SAS : les chercheurs Séverine Louvel, Bastien Guillermin, Olivier Leroy ; les investigateurs terrain ; Andry Rakotovao, attachée de recherche clinique ; le CHU de Grenoble promoteur de l'étude ; le centre Santé Sommeil de Grenoble ; le laboratoire HP2 (Inserm/Université Grenoble Alpes), le laboratoire PACTE (Université Grenoble Alpes) ; le CNRS ; la maison des sciences humaines Alpes et les principaux financeurs du projet (programme IRGA de l'Idex Université Grenoble Alpes, le fonds Innovadom Agir à Dom association, la fondation Université Grenoble Alpes via la chaire e-Santé, CDP My Way To Health UGA).

Du kan lyssna på alla avsnitt av den här serien utan annonser, via Spotify eller Apple Podcaster. Den 28 november 2021 publicerar brittiska tidningen Daily Mail en rad videor på sin hemsida. I en av dem ser man ett garage till en villa. Det snöar och två personer står vid en bil. I en annan ser man en bil backa ut och köra i väg. Artikeln hävdar att en av männen i filmerna också är en av personerna bakom hackergruppen REvil. Det är en het sommardag och i mataffärerna kryllar det av kunder som handlar grillkol och glass. Men så slutar självskanningen och kassorna att fungera. Det som först verkar vara ett lokalt problem i en matbutik, visar sig snabbt drabba många av Sveriges Coop-butiker. Mataffären har blivit utsatt för en allvarlig hackerattack. Det här är en historia om politisk maktspel mellan två stormakter, om ryska hackers som opererar under skydd av sin regering och om en lösensumma på 7 miljarder kronor. Medverkande: Anna Wennerstrand, kommunikationschef på KF Teet Serotkin, IT-säkerhetsexpert Jan Olsson, kriminalkommissarie på NOA Hörs i programmet: Marcus Morrey, Truesec Victor Gevers, Lock and Code podcast Ola Jörgensen, koncernsäkerhetsexpert på Coop Producent: Jens Nielsen Redaktion: Tomas Rajnai och Jens Nielsen Producerat av Osynliga teatern

En cette fin d'année Tip & Shaft vous propose d'écouter ou de ré-écouter les 2 épisodes de Navigantes les plus suivis en 2024. Votre podcast revient dans son format habituel le 8 janvier, toute l'équipe de Tip & Shaft vous souhaite une très bonne année 2025 !--Lou Mourniac fait partie d'une tribu soudée de régatiers bien connus en France : son père Jean-Christophe, dit “Kiki”, est un spécialiste reconnu du catamaran de sport, un temps associé en Tornado à son oncle Philippe, aujourd'hui directeur de l'équipe de France de voile olympique, tandis que son frère Tim est candidat à la sélection pour les JO de Paris 2024 en Nacra 17 et que son cousin Bruno a notamment remporté le Tour Voile en 2018 !Autant dire que la voile est une histoire d'ADN dans la famille Mourniac et que Lou avait peu de chance d'échapper à cette passion : à 18 ans, elle décroche ainsi le titre de championne du monde 2022 de Nacra 15 avec Clément Martineaux sur le lac de Garde. “Ça a été une consécration, la meilleure façon de mettre un terme à mon parcours en « jeune » et ça m'a appris à gagner”, confie-t-elle, avant d'ajouter, sourire en coin : “Je voulais aussi me faire un prénom dans cette famille.”Au printemps dernier, elle participe aux sélections pour intégrer l'équipe jeune du défi français Orient Express Racing Team pour la prochaine Youth America's Cup à Barcelone. “J'ai été retenue mais je n'étais que dans la « réserve », je crois que ça m'a donné la gnaque pour donner encore plus”. En novembre, elle remporte ainsi à Barcelone la 69F Youth Foiling Gold Cup, avec Enzo Balanger, Théo Revil et Gaultier Tallieu, face au gratin mondial. Une victoire marquante - “On était tous en osmose, c'était magique” - et décisive, puisque dans la foulée, elle est retenue pour faire partie des 6 membres de l'équipage jeune du défi tricolore, qui représentera la France à Barcelone en octobre 2024, seule femme sélectionnée dans ce groupe. “Ça ne me pose aucun problème, c'est très naturel, toute ma carrière, j'ai navigué en mixte”, commente-t-elle.D'ici l'automne 2024, la navigatrice de 20 ans va se plonger à fond dans ce rêve de Coupe et mettre un peu de côté ses études d'architecte à l'ENSA de Nantes, même si elle reconnaît que “ces deux piliers me soutiennent, les études et la compétition, les deux univers sont très complémentaires”.Navigantes est animé par Hélène Cougoule et produit par Tip & Shaft.Rediffusé le 1er janvier 2025Diffusé le 10 janvier 2024Post production :  Grégoire LevillainGénérique : All the summer girlsHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

Arrested members of the REvil ransomware operation tried and charged in Russian court.Operation Magnus collaborative effort brings down Redline and Meta infostealer malware.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: CSRB to investigate China's telco-wiretapping hacks Euro law enforcement takes down the Redline infostealer Someone steals Fed crypto… and then tries to quietly sneak it back in Russia sentences REvil guys to … jail? Really? Apple private cloud compute gets a proper bug bounty program And much, much more. This week's episode is sponsored by Material Security, who help navigate the mess of cloud productivity data security. Daniel Ayala - Chief Security and Trust Officer at Dotmatics - is a Material customer, and joins Pat and Material Security's Rajan Kapoor to talk about how to wrangle securing data that ends up in corporate cloud email and file stores. This episode is also available on Youtube. Show notes Apple 10 day certificates Chinese hackers said to have collected audio of American calls U.S. Panel to Probe Cyber Failures in Massive Chinese Hack of Telecoms How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware Operation Magnus Hacker Returns $19.3 Million to Drained US Government Crypto Wallet Meet ZachXBT, the Masked Vigilante Tracking Down Billions in Crypto Scams and Thefts | WIRED Radar systems in Iran breached prior to Israel's Saturday counter-strike - report Delta sues CrowdStrike after widespread IT outage that caused thousands of cancellations Tens of thousands of taxpayer accounts hacked as CRA repeatedly paid out millions in bogus refunds Microsoft CEO asked board to cut pay in connection with security overhaul | Cybersecurity Dive Four REvil members sentenced to more than four years in prison Russia says it might build its own Linux community after removal of several kernel maintainers Nigerian court drops charges against detained Binance executive Tigran Gambaryan Apple will pay security researchers up to $1 million to hack its private AI cloud | TechCrunch SonicWall firewalls the common access point in spreading ransomware campaign | Cybersecurity Dive Fortinet zero-day attack spree hits at least 50 customers | Cybersecurity Dive Cisco warns actively exploited CVE can lead to DoS attacks against VPN services | Cybersecurity Dive Chinese influence operation targets US down-ballot races, Microsoft says | Reuters Exclusive: Accused Iranian hackers successfully peddle stolen Trump emails | Reuters Viral video of ripped-up Pennsylvania ballots is fake and Russian-made, intelligence agencies say Product Demo: Securing M365 and Google Workspace with Material Security

In today's podcast we cover four crucial cyber and technology topics, including: 1.        OnePoint Patient Care victim of INC Ransomware Group  2.        Researchers find ransomware group using TEAMS in new attacks 3.        Ireland fines LinkedIn 310 million Euros 4.        Russia sentences 2 cyber criminals to 4.5, 5 years in prison I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here. Show notes Risky Biz News: Russia sentences REvil members to prison. Yes! Really!

An alleged Australian scammer wanted by the FBI gets nabbed in Italy. The Internet Archive has been breached again. Researchers discover vulnerabilities in encrypted cloud storage platforms. Cisco confirms stolen files but insists it's not a data breach.  A Chinese disinformation group targets Senator Marco Rubio. Malicious chatbot prompts can hide inside harmless ones. The DoD wants to offer senior cyber executives part-time roles as military reservists. Six years out, the specter of Spectre remains. Russian prosecutors seek prison for REvil operators. Guest Pete Newell, Founder and CEO of BMNT, talks with N2K's Brandon Karpf about challenges associated with technology adoption and change in the DoD. Microsoft uses clever deception to reel in phishers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Pete Newell, Founder and CEO of BMNT, talks with N2K's Brandon Karpf about challenges associated with technology adoption and change in the DoD. Selected Reading Australian wanted by FBI over alleged $46 million scam arrested in Italy (The Sydney Morning Herald) Internet Archive breached again through stolen access tokens (Bleeping Computer) Severe flaws in E2EE cloud storage platforms used by millions (Bleeping Computer) Cisco Confirms Security Incident After Hacker Offers to Sell Data (SecurityWeek) Report: China's Spamouflage disinformation campaign testing techniques on Sen. Marco Rubio (The Record) This Prompt Can Make an AI Chatbot Identify and Extract Personal Details From Your Chats (WIRED) Wanted: Weekend Warriors in Tech (Wall Street Journal) Spectre flaws continue to haunt Intel and AMD (The Register) Russia's case against REvil hackers proceeds as government recommends 6.5-year sentences (The Record) Microsoft creates fake Azure tenants to pull phishers into honeypots (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Po tom pátrala Naďa Reviláková.

É hora de abordar o controverso Resident Evil: Vendetta, conhecido no Brasil como Resident Evil: A Vingança. Este filme é amplamente considerado como o pior dentre todas as animações da franquia devido à sua ação exageradamente frenética e uma trama que, apesar de promissora, deixa a desejar em vários pontos. Mas será que essa reputação negativa é realmente merecida? Felipe Turesso lidera a operação para enfrentar o caos viral que assola Nova York ao lado de Fred Hiro, Accel e João Alves. Descubra com o REVIL se Resident Evil: Vendetta traz à tona uma nova forma de dirigir motos, manusear armas à la John Wick e testes de qualidade de vidros duvidosos. Dica: ouça com fone de ouvido! APRESENTAÇÃO: Felipe Turesso PARTICIPANTES: Accel Fred Hiro João Alves EDIÇÃO: Fer Vinhas

Chaque mercredi, du 24 juillet au 14 août, Tip & Shaft vous propose de ré-écouter 4 épisodes de Navigantes, le podcast des femmes en course et des femmes de la course. A l'approche de 37e édition de la Coupe de l'America, nous avons choisi 4 navigatrices impliquées dans le défi français Orient Express Racing Team. Troisième invitée : Lou Mourniac. Écoutez-la dans Navigantes #31, enregistré le 10 janvier 2024.-- Lou Mourniac fait partie d'une tribu soudée de régatiers bien connus en France : son père Jean-Christophe, dit “Kiki”, est un spécialiste reconnu du catamaran de sport, un temps associé en Tornado à son oncle Philippe, aujourd'hui directeur de l'équipe de France de voile olympique, tandis que son frère Tim est candidat à la sélection pour les JO de Paris 2024 en Nacra 17 et que son cousin Bruno a notamment remporté le Tour Voile en 2018 !Autant dire que la voile est une histoire d'ADN dans la famille Mourniac et que Lou avait peu de chance d'échapper à cette passion : à 18 ans, elle décroche ainsi le titre de championne du monde 2022 de Nacra 15 avec Clément Martineaux sur le lac de Garde. “Ça a été une consécration, la meilleure façon de mettre un terme à mon parcours en « jeune » et ça m'a appris à gagner”, confie-t-elle, avant d'ajouter, sourire en coin : “Je voulais aussi me faire un prénom dans cette famille.”Au printemps dernier, elle participe aux sélections pour intégrer l'équipe jeune du défi français Orient Express Racing Team pour la prochaine Youth America's Cup à Barcelone. “J'ai été retenue mais je n'étais que dans la « réserve », je crois que ça m'a donné la gnaque pour donner encore plus”. En novembre, elle remporte ainsi à Barcelone la 69F Youth Foiling Gold Cup, avec Enzo Balanger, Théo Revil et Gaultier Tallieu, face au gratin mondial. Une victoire marquante - “On était tous en osmose, c'était magique” - et décisive, puisque dans la foulée, elle est retenue pour faire partie des 6 membres de l'équipage jeune du défi tricolore, qui représentera la France à Barcelone en octobre 2024, seule femme sélectionnée dans ce groupe. “Ça ne me pose aucun problème, c'est très naturel, toute ma carrière, j'ai navigué en mixte”, commente-t-elle.D'ici l'automne 2024, la navigatrice de 20 ans va se plonger à fond dans ce rêve de Coupe et mettre un peu de côté ses études d'architecte à l'ENSA de Nantes, même si elle reconnaît que “ces deux piliers me soutiennent, les études et la compétition, les deux univers sont très complémentaires”.Navigantes est animé par Hélène Cougoule et produit par Tip & Shaft.Diffusé le 10 janvier 2024Rediffusé le 7 août 2024Post production :  Grégoire LevillainGénérique : All the summer girlsHébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

Patrick dials in from RSA in San Francisco to discuss the week's security news with Adam, including: The west doxxes LockbitSupp, who must now hide his hundred million dollars Revil hacker behind Kasaya breach gets 14 years Microsoft makes some positive sounding* noises on security A fun flaw in nearly all VPN clients Gitlab admins continue their never-ending incident response And much, much more. This week's sponsor is Stairwell. Long time infosec researcher Silas Cutler joins us to talk through his adventures in attacker C2 systems, and how this feeds into Stairwell's data. * we're still sceptical they'll get it right, but they do at least seem to realise how deep the doo-doo they're in is… Pat speculates they have … tentacles, and a regulatory-threat-gland. Show notes 'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks | WIRED Andy Greenberg: "@metlstorm @riskybusiness no w…" - Infosec Exchange U.S. Charges Russian Man as Boss of LockBit Ransomware Group – Krebs on Security Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware Microsoft ties security goals to exec compensation China suspected of hacking British military payment system, reports say Germany recalls ambassador to Russia over cyberattacks Blinken unveils State Dept. strategy for ‘vibrant, open and secure technological future' Microsoft plans to lock down Windows DNS like never before. Here's how. | Ars Technica Novel attack against virtually all VPN apps neuters their entire purpose | Ars Technica The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics | WIRED Dropbox says hacker accessed passwords, authentication info during breach Maximum-severity GitLab flaw allowing account hijacking under active exploitation | Ars Technica Our new research: Enhancing blockchain analytics through AI Reconstructing the Mind's Eye: fMRI-to-Image with Contrastive Learning and Diffusion Priors Kevin Collier on X: "Oh my God. @riskybusiness is already the name of what is by a longshot the most established cyber podcast. There are a million possible names out there and Mr Decision Making over here went with one that's been in use for more than 15 years."

In today's podcast we cover four crucial cyber and technology topics, including: REVIL operator sentenced to 13 years in prison Sweden facing high volume of attacks after joining NATOSpanish police arrest over 100 individuals in cybercrime ring North Korean actors abusing email policies to spy I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Dropbox's secure signature service suffers a breach. CISA is set to announce a voluntary pledge toward enhanced security. Five Eyes partners issue security recommendations for critical infrastructure. Microsoft acknowledges VPN issues after recent security updates. LockBit releases data from a hospital in France. One of REvil's leaders gets 14 years in prison. An Phishing-as-a-Service provider gets taken down by international law enforcement. China limits Teslas over security concerns. In our Threat Vector segment, David Moulton from Unit 42 explores Adversarial AI and Deepfakes with two expert guests, Billy Hewlett, and Tony Huynh. NightDragon founder and CEO Dave Dewalt joins us with a preview of next week's NightDragon Innovation Summit 2024 at RSAC. And celebrating the 60th  anniversary of the BASIC programming language. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, explores Adversarial AI and Deepfakes as part of the ongoing series “AI's Impact in Cybersecurity'' with two expert guests, Billy Hewlett, Senior Director of AI Research at Palo Alto Networks, and Tony Huynh, a Security Engineer specializing in AI and deepfakes. They unpack the escalating risks posed by adversarial AI in cybersecurity. You can catch Threat Vector every other Thursday on the N2K CyberWire network and where you get all of your favorite podcasts. Listen to David's full discussion with Billy and Tony here. Plus, NightDragon Founder and CEO Dave Dewalt joins us with a preview of next week's NightDragon Innovation Summit 2024 at RSAC including a look into his “State of the Cyber Union” keynote. Selected Reading Security Breach Exposes Dropbox Sign Users (Infosecurity Magazine) The US Government Is Asking Big Tech to Promise Better Cybersecurity (WIRED) CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) Russian Hackers Target Industrial Systems in North America, Europe (SecurityWeek) Microsoft says April Windows updates break VPN connections (Bleeping Computer) LockBit publishes confidential data stolen from Cannes hospital in France (The Record) Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware (The Record) LabHost Crackdown: 37 Arrested In Global Cybercrime Bust (Security Boulevard) Tesla cars to be banned from Chinese government buildings amid security fears — report (Drive) The BASIC programming language turns 60 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

This week we talk about virtual reality, the Meta Quest, and the Apple Vision Pro.We also discuss augmented reality, Magic Leap, and the iPhone.Recommended Book: Daemon by Daniel SuarezTranscriptRansomware is a sub-type of malware, which is malicious software that prevents its victim from accessing their data.So that might mean keeping them from logging into their cloud storage, but it might also mean encrypting their data so that there's no way to access it, ever again, unless they have the necessary decryptor, which is a piece of software or sometimes just a key that allows for the decryption of that encrypted, that locked-down data.The specifics of all this, though, are often less important than the practical reality of it.If you're attacked by a ransomware gang or hacker, your stuff, maybe your personal files, maybe your business files, all your customer information, your valuable trade secrets, anything that's stored digitally, might be completely inaccessible to you, and possibly even prone to deletion, though that might not even be necessary since strong encryption is essentially the same thing as deletion, for most intents and purposes; but all that data is gone, held hostage until and unless you pay some kind of ransom to the person or group that encrypted it, and which holds the key to its decryption.Most ransomware software is transmitted to its victims' computers via a trojan, which is a kind of malware that seems like real-deal software that you actually want or need to install, and folks are generally tricked into downloading and installing it because of that presumed legitimacy.So maybe you receive what looks like a software update for a tool you use at work, and it turns out the update was faked and what you installed was actually a trojan that installed malware on your computer, and consequently on your network, instead.Or maybe you pirated some software, and alongside the fake copy of Photoshop you installed, a trojan also carried another snippet of code that then, in the background, when your computer was hooked up to the internet, downloaded malware that looked for private data and encrypted it.At some point after ransomware is delivered and installed, your data successfully encrypted and inaccessible, you'll receive the ransom demand.For a while this was kind of an ad hoc thing, in some cases targeting people randomly on early internet usenet groups, in others big companies and other wealthy entities being specifically targeted and then ransomware teams calling or emailing or texting them directly, because they knew who they were hitting.In recent years, this has become a more distributed and mainstream effort, akin to an, organized business, and that mainstreamification was partially enabled by the dawn of crypto-currencies like Bitcoin, which allow for relatively anonymous transactions with strangers, and the development of ransomware that is self-contained, in that it can install itself, find the right, valuable files, and then demand a ransom from its victim, providing that victim with the proper bitcoin wallet or other crypto-banking system into which they need to deposit a fixed amount of money in that less-trackable digital currency.The software can then, still autonomously, either decrypt the files once the ransom is paid, or delete the files, killing them off forever, if the ransom isn't paid by an established deadline.Other variations on this theme exist, and some ransomware doesn't use encryption as a motivator to pay, but instead locks down users' machines, displays some kind of demand for money, purporting to be a government agency (or lying about having encrypted or stolen something of value), or it threatens to install illegal pornographic images of minors on the victims' machine if they don't pay the ransom.By far the most popular approach to ransomware, today, though, is encryption-based, and recent evolutions in the business model backing ransomware has escalated its use, especially what's become known as ransomware-as-a-service, which was popularized by a Russian hacker group calling itself REvil that started using it against a variety of targets, globally, to devastating and profitable effect.What I'd like to talk about today is another group that has made successful use of this business model, and a recent investigation into and operation against that group.—First observed by cybersecurity entities in 2019, LockBit quickly became one of the most prolific and effective ransomware-as-a-service providers in the world, their offering, a product called LockBit 2.0, representing the most-used ransomware variant globally in 2022, accounting for something like 23% of all ransomware attacks in the US in 2023, and around 44% of all such attacks globally.According to the FBI, LockBit has been used to launch around 1,700 ransomware attacks in the US since 2020, and according to the US Cybersecurity and Infrastructure Security Agency, about $91 million worth of ransoms were paid in the US alone over the past three years, and it's estimated that number is in the hundreds of millions when we include targets around the world.LockBit's offerings work like many other ransomware-as-a-service offerings, in that they provide what amounts to a dashboard filled with tools that allow users, those who wish to deploy ransomware attacks, those users being their customers, everything they need to do so, and most of their offerings allow even folks with little or no technical knowledge to launch a successful ransomware campaign; it's that user-friendly and intuitive.Hackers using LockBit announced the 2.0 version of the service by attacking professional services giant Accenture in 2021, using what's called a double-extortion approach, which involves encrypting their victim's data, and then threatening to release it if their victim doesn't pay up.They then hit French electrical systems and administrative and management services companies, alongside a French hospital, a group of British automotive retailers, a French office equipment company, the California Finance Administration, the port of Lisbon, and Toronto's Hospital for Sick Children in 2022—in that latter case backtracking after realizing a children's hospital was hit, the group formally apologizing for what they called a violation of its rules by a member of its group, who it claimed was no longer a part of its affiliate program; it provided a free decryptor for the hospital so it could regain access to its data.And that response gestures at the larger opportunities and problems associated with this kind of business model.LockBit is run by a group of people who develop the software tools and provide the services backing up those tools to help anyone who wants to use their product successfully launch ransomware attacks against whomever they want.There are apparently rules about who they can attack, but that's kind of like being a gun store operator who tells their customers they're not allowed to shoot anyone, and if they do, they'll have their gun taken away: they can certainly have those rules in place, but by the time they take back the gun they sold to someone who ends up shooting someone else with it, some damage has already been done.The business models of ransomware-as-a-service schemes vary, and some groups allow their customers to just pay a set licensing fee, once or reccuringly, others have profit-sharing schemes, while others have affiliate programs of some flavor.LockBit seems to have landed on a scheme in which they take something like 20% of whatever their customers, those using their LockBit service, are able to get as a ransom.And just like other software-as-a-service companies, LockBit is thus incentivized to continue providing better and better services, lest their customers leave and use one of their competitor's offerings, instead.Thus, in mid-2022, they release LockBit 3.0, and among other innovations it offered a bug bounty program, which provides payouts to security researchers who find errors in their code—something that companies like Microsoft and Google do, but not something other ransomware gangs have done in the past.The attacks kept coming through 2022 and 2023, and though the US Department of Justice announced criminal charges against one Russian national for his alleged connection to LockBit as an affiliate, and the arrest of another for his participation in a LockBit-oriented campaign, the hits just kept coming, LockBit affiliates attacking a French luxury goods company, a Germany car equipment manufacturer, a chain of Canadian bookstores, the Hong Kong branch of the China Daily newspaper, the Taiwanese TSMC semiconductor company, the Port of Nagoya in Japan, US aerospace and defense company Boeing, the Chicago Trading Company, and Alphadyne Asset Management, and it kicked off 2024 by encrypting the computer system of Fulton County, Georgia.On February 19, 2024, the UK's National Crime Agency, working with Europol and agencies from 9 other countries seized LockBit's online assets, including more than 200 crypto wallets, 34 servers located in eight countries, and about 11,000 domains used by LockBit and its affiliates as part of its ransomware-installation and payout process.They discovered that some of the data supposedly deleted by the group when their victims paid their ransoms wasn't deleted as promised, and they released decryptors to free the data of victims who hadn't paid ransoms, and who had thus been going without access to their data, in some cases for a long time.They also issued three international arrest warrants and five indictments that target other people related to LockBit's operations, and they've issued a reward of up to $15 million for information about LockBit associates.This operation, called Operation Cronos, took years to set up and months to complete, once it was ready to go, and though the agencies behind the operation say they've still got plenty left to do—as those in charge of LockBit are still in the wind, some ransomware tools are still functioning, at least partially, and thousands of accounts associated with LockBit affiliates have been identified, but not yet shut down—it's also being seen as a pretty solid success, allowing them to develop a universal decryptor for LockBit 3.0, and taking out much of the online infrastructure LockBit relied upon to function, not to mention, no doubt, a fair bit of its reputation, as it's likely many of its potential customers will now flee to other offerings for their ransomware-as-a-service needs.All that said, ransomware continues to be a significant threat, for individuals, but especially for business entities, agencies, and organizations of any size, and there are plenty of other options out there for such tools, and only so many cybercrime agencies capable of tackling them; and it seems to take a lot longer to do the tackling than it does to set up a successful, large-scale ransomware-as-a-service business.So the combination of potent encryption tools, automated services, and a potent means of earning fairly consistent income seems likely to keep ransomware tools of this kind in the money for the foreseeable future, and that means, even with these periodic takedowns of people involved with the larger-scale entities in this space, this approach to siphoning money from wealthy entities from a distance will probably continue to grow, until the next, more profitable and effective version of the same comes along.Show Noteshttps://www.bleepingcomputer.com/news/security/police-arrest-lockbit-ransomware-members-release-decryptor-in-global-crackdown/https://www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupted-by-global-police-operation/https://www.bleepingcomputer.com/news/security/ransomware-gang-apologizes-gives-sickkids-hospital-free-decryptor/https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-lockbithttps://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165ahttps://www.bbc.com/news/world-us-canada-63590481https://www.justice.gov/usao-nj/pr/russian-and-canadian-national-charged-participation-lockbit-global-ransomware-campaignhttps://krebsonsecurity.com/2024/02/feds-seize-lockbit-ransomware-websites-offer-decryption-tools-troll-affiliates/https://www.washingtonpost.com/business/2024/02/20/lockbit-ransomware-cronos-nca-fbi/https://www.axios.com/2024/02/19/lockbit-ransomware-takedown-operation?utm_source=substack&utm_medium=emailhttps://www.washingtonpost.com/business/2024/02/20/lockbit-ransomware-cronos-nca-fbi/https://www.bleepingcomputer.com/news/security/police-arrest-lockbit-ransomware-members-release-decryptor-in-global-crackdown/https://www.reuters.com/technology/cybersecurity/us-offers-up-15-mln-information-lockbit-leaders-state-dept-says-2024-02-21/https://arstechnica.com/security/2024/02/after-years-of-losing-its-finally-feds-turn-to-troll-ransomware-group/https://arstechnica.com/information-technology/2024/02/lockbit-ransomware-group-taken-down-in-multinational-operation/https://www.bloomberg.com/news/articles/2024-02-21/russia-s-lockbit-disrupted-but-not-dead-hacking-experts-warnhttps://en.wikipedia.org/wiki/Lockbithttps://en.wikipedia.org/wiki/Ransomwarehttps://en.wikipedia.org/wiki/Ransomware_as_a_service This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

Continuando nossa saga pelas animações, desta vez é a hora de falarmos sobre Resident Evil: Damnation - ou Resident Evil: Condenação, título em português. O filme é considerado por alguns como a melhor animação da franquia, por conta de sua estrutura e trama política, mas será que é tudo isso mesmo? Felipe Turesso lidera a operação de infiltração enquanto Fred Hiro, João Alves e Marcelo Rocha organizam a resistência. Descubra com o REVIL se Resident Evil é o novo Simpsons e é capaz de prever o futuro, embarque em teorias da conspiração, as consequências da dissolução da União Soviética e o retorno de um Ark Thompson (oi?). Pegue sua foice e seu martelo e vamos lá! ATENÇÃO: Este podcast apresenta spoilers de Resident Evil: Damnation Dica: ouça com fone de ouvido! APRESENTAÇÃO: Felipe Turesso PARTICIPANTES: Fred Hiro João Alves Marcelo Rocha EDIÇÃO: Fer Vinhas

CISA boss targeted in “harrowing” swatting attack Subway puts a LockBit investigation on the menu Australia sanctions REvil hacker behind Medibank data breach Thanks to today's episode sponsor, Conveyor Ever wish AI could auto-generate answers to security questionnaires for you just based on your SOC 2 or other documents? Spoiler alert - it can and you can now try it for free with Conveyor's AI security questionnaire automation software. Set up takes a few seconds. Get a free Conveyor account and simply upload your security documents. Then, upload a new questionnaire to see AI generate answers in seconds based on your documents. Try a free proof of concept today at www.conveyor.com. For the stories behind the headlines, visit CISOseries.com.

Lou Mourniac fait partie d'une tribu soudée de régatiers bien connus en France : son père Jean-Christophe, dit “Kiki”, est un spécialiste reconnu du catamaran de sport, un temps associé en Tornado à son oncle Philippe, aujourd'hui directeur de l'équipe de France de voile olympique, tandis que son frère Tim est candidat à la sélection pour les JO de Paris 2024 en Nacra 17 et que son cousin Bruno a notamment remporté le Tour Voile en 2018 !Autant dire que la voile est une histoire d'ADN dans la famille Mourniac et que Lou avait peu de chance d'échapper à cette passion : à 18 ans, elle décroche ainsi le titre de championne du monde 2022 de Nacra 15 avec Clément Martineaux sur le lac de Garde. “Ça a été une consécration, la meilleure façon de mettre un terme à mon parcours en « jeune » et ça m'a appris à gagner”, confie-t-elle, avant d'ajouter, sourire en coin : “Je voulais aussi me faire un prénom dans cette famille.”Au printemps dernier, elle participe aux sélections pour intégrer l'équipe jeune du défi français Orient Express Racing Team pour la prochaine Youth America's Cup à Barcelone. “J'ai été retenue mais je n'étais que dans la « réserve », je crois que ça m'a donné la gnaque pour donner encore plus”. En novembre, elle remporte ainsi à Barcelone la 69F Youth Foiling Gold Cup, avec Enzo Balanger, Théo Revil et Gaultier Tallieu, face au gratin mondial. Une victoire marquante - “On était tous en osmose, c'était magique” - et décisive, puisque dans la foulée, elle est retenue pour faire partie des 6 membres de l'équipage jeune du défi tricolore, qui représentera la France à Barcelone en octobre 2024, seule femme sélectionnée dans ce groupe. “Ça ne me pose aucun problème, c'est très naturel, toute ma carrière, j'ai navigué en mixte”, commente-t-elle.D'ici l'automne 2024, la navigatrice de 20 ans va se plonger à fond dans ce rêve de Coupe et mettre un peu de côté ses études d'architecte à l'ENSA de Nantes, même si elle reconnaît que “ces deux piliers me soutiennent, les études et la compétition, les deux univers sont très complémentaires”.Navigantes est animé par Hélène Cougoule et produit par Tip & Shaft.Diffusé le 10 janvier 2024Post production :  Grégoire LevillainGénérique : All the summer girls

In this Throw Back Thursday episode, Ryan, Shannon, and LeVon discuss how the US government and an international team finally turned the tide on the infamous ransomware gang REvil. Please LISTEN

On this episode of The Cybersecurity Defenders Podcast we take a look into the cybercriminal underworld with Jon DiMaggio, Chief Security Strategist at Analyst1.Jon DiMaggio is the chief security strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, such as”Ransom Mafia:Analysis of the World's first Ransomware Cartel”,“Nation State Ransomware” and a “History of REvil”. He has exposed the criminal cartels behind major ransomware attacks, aided law enforcement agencies in federal indictments of nation-state attacks, and discussed his work with The New York Times, Bloomberg, Fox, CNN, Reuters, and Wired. You can find Jon speaking about his research at conferences such as RSA. Additionally, in 2022, Jon authored the book “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” published by No Starch Press.You can buy “The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime” here.The Ransomware Diaries: Volume1 & Volume2Jon DiMaggio on LinkedInJon DiMaggio on Twitter

In this week's Security Sprint, Dave and Andy talked about the following Topics. Hurricane season thoughts. ISIS Calls for Jewish Attacks Around the World. “Terrorist group ISIS has called for violent targeting of Jewish people worldwide in response to the ongoing conflict between Israel and Hamas… Published on Friday in Arabic in Al-Naba, a weekly magazine by ISIS, it advocates for violence and murder against Jewish people worldwide.   Ransomware New Portman Report Demonstrates Threat Ransomware Presents to the United States. “This report details the attacks by Russia-based ransomware group REvil on three American companies, and the experiences of those companies during the incident response." CISA, NSA, FBI, MS-ISAC Publish Updated #StopRansomware Guide UK NCSC: Principles for ransomware-resistant cloud backups; Helping to make cloud backups resistant to the effects of destructive ransomware. Our new principles to help make cloud backups more resilient; Introducing a new set of NCSC principles to strengthen the resilience of organisations' cloud backups from ransomware attackers. Canadian Centre for Cyber Security - Social engineering – ITSAP.00.166, Social engineering – ITSAP.00.166 (PDF, 267 KB) Phishing Guidance: Stopping the Attack Cycle at Phase One   FBI Releases 2022 Crime in the Nation Statistics. The FBI released detailed data on over 11 million criminal offenses reported to the Uniform Crime Reporting (UCR) Program… The FBI's crime statistics estimates for 2022 show that national violent crime decreased an estimated 1.7% in 2022 compared to 2021 estimates.  Statement from President Joe Biden on Hate Crime Statistics FBI report: Violent crime decreases to pre-pandemic levels, but property crime is on the rise Violent crime down, carjackings up, according to FBI crime statistics FBI: Violent Crime Down To Pre-Pandemic Levels, But Property Crimes Rising ADL: FBI Data Reflects Deeply Alarming Record-High Number of Reported Hate Crime Incidents in the U.S. in 2022 UCR's Crime Data Explorer   Quick Hits: Russia, shifting tactics, fans doubt in election integrity, U.S. says; A new intelligence assessment indicates the Kremlin appears to be expanding its long-running efforts to weaken the world's democracies CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities "The Phantom Hacker:" FBI Phoenix Warns Public of New Financial Scam CISA: Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks FBI IC3 PSA: Additional Guidance on the Democratic People's Republic of Korea Information Technology Workers      

Today's episode is hosted by James Maude. He is joined by John Fokker, Head of Threat Intelligence at Trellix. John is an internationally recognized cybercrime expert with leadership experience across law enforcement, military, and industry. Tune-in as John discusses his journey from the Dutch Marines to leading cybercrime investigations for the Dutch Police. John provides an inside look at high-profile cybercrime takedowns, including hunting down the notorious REvil ransomware group. He also shares perspectives on the evolution of cyber threats, the ransomware economy, and building global public-private partnerships to combat cybercrime. 

Hour 1 * Guest: Dr. Scott Bradley, Founder and Chairman of the Constitution Commemoration Foundation and the author of the book and DVD/CD lecture series “To Preserve the Nation.” In the Tradition of the Founding Fathers – FreedomsRisingSun.com * Russian hackers promise takedown of European banking system – ‘Within 48 hours … nothing will save you' – WND.com The Russian activist groups are known by the names KillNet, Anonymous Sudan and REvil. * Halderman Report on Voting Machine Vulnerabilities Finally Released, Validates Mike Lindell's Warnings – Brannon Howse, FrankSpeech.com * Dozens of Ottawa High School Students Stage Walkout to Protest Gender Ideology – EpochTimes.com * US government agencies hit in global hacking spree – Reuters. Hour 2 * Rep. Jim Jordan Threatens White House With Subpoenas Over Social Media Censorship! * They Will Never Impeach Joe, Will They? * White Starbucks manager fired over racist claims wins $25 million! * Lawmaker Tells Californians to Flee State Over Bill Favoring ‘Gender-Affirming' Parents. * An AI Program Is Pretending to Be Jesus and Thousands of Lost Young People Are Flocking to It – The Western Journal. * Taiwan prepares for war with China. * Nearly 1 in 5 adults say they've been diagnosed with depression – CDC. * A recently released report from a Planned Parenthood watchdog group revealed that the abortion chain's CEOs are among the highest-paid in the country's nonprofit sector. * Catholic pro-life organization American Life League's STOPP International is dedicated to exposing the “true nature of Planned Parenthood” by documenting “its anti-life, anti-family programs,” according to its website. * Governor Newsom Proposes 28th Amendment to the US Constitution. * Pledge of GAY-legiance: White House under fire for replacing Old Glory with Pride flag during LGBT event. --- Support this podcast: https://podcasters.spotify.com/pod/show/loving-liberty/support

Spis o počátcích křesťanství na Velké Moravě a v Čechách a o prvních českých světcích - svatém Václavu a svaté Ludmile - se běžně nazývá Kristiánova legenda. A váže se k ní také nejdéle trvající spor českých historiků. Provede vás jím Naďa Reviláková.

The BlackCat gang crosses Reddit's path, threatening to leak stolen data. Mystic Stealer malware evades and creates a feedback loop in the C2C market. RDStealer is a new cyberespionage tool, seen in the wild. The United States offers a reward for information on the Cl0p ransomware gang. KillNet, REvil, and Anonymous Sudan form a "DARKNET Parliament" and “sanction” the European banking system. The British Government commits £25 million in cybersecurity aid to Ukraine. Ben Yelin explains cyber disclosure rules proposed by the SEC. Rick Howard speaks with Nancy Wang of AWS about the importance of backups and restores. And what researchers are turning up in cloud honeypots. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/117 Selected reading. Reddit: Hackers demand $4.5 million and API policy changes (Computing) Mystic Stealer – Evolving “stealth” Malware (Cyfirma) Mystic Stealer: The New Kid on the Block (Zscaler) Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads (Bitdefender) MOVEit Transfer and MOVEit Cloud Vulnerability (Progress Software) CVE-2023-35708 Detail (NIST) U.S. Energy Dept gets two ransom notices as MOVEit hack claims more victims (Reuters) US govt offers $10 million bounty for info on Clop ransomware (BleepingComputer) Ransomware Group Starts Naming Victims of MOVEit Zero-Day Attacks (SecurityWeek) A bear in wolf's clothing: Insights into the infrastructure used by Anonymous Sudan to attack Australian organisations (CyberCX) Anonymous Sudan: Religious Hacktivists or Russian Front Group? (Trustwave) UK to give Ukraine major boost to mount counteroffensive (UK Government) 2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes (Orca Security)

* Guest: Dr. Scott Bradley, Founder and Chairman of the Constitution Commemoration Foundation and the author of the book and DVD/CD lecture series “To Preserve the Nation.” In the Tradition of the Founding Fathers - FreedomsRisingSun.com * Russian hackers promise takedown of European banking system - 'Within 48 hours … nothing will save you' - WND.com The Russian activist groups are known by the names KillNet, Anonymous Sudan and REvil. * Halderman Report on Voting Machine Vulnerabilities Finally Released, Validates Mike Lindell's Warnings - Brannon Howse, FrankSpeech.com * Dozens of Ottawa High School Students Stage Walkout to Protest Gender Ideology - EpochTimes.com * US government agencies hit in global hacking spree - Reuters.

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021. The Record has published several interviews with cybercriminals, courtesy The Record's Russian-speaking analyst, Dmitry Smilyanets (https://therecord.media/author/dmitry-smilyanets). These interviews have included representatives from REvil, BlackMatter, and Marketo. The interviews have uncovered the gangs' motivations, targets, and tactics, and have been cited by officials, including White House Deputy National Security Advisor Anne Neuberger. We talk with Adam Janofsky, founder and Editorial Director of The Record about what it's like to start a vendor-sponsored media outlet (The Record is funded by Recorded Future), and what they've learned by interviewing the bad guys. This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/vault-esw-1 

Today we're bringing back Haseeb Awan, the founder of Efani Secure Mobile - a bespoke cybersecurity-focused phone service, protecting high-risk individuals against mobile hacks. Haseeb will delve into the technicalities of SIM swapping, explaining the various techniques that hackers use to carry out this fraudulent activity. He will also provide insights into what telecommunication companies can do to prevent SIM swapping and what steps individuals can take to protect themselves from falling victim to this crime. Nate Nelson, our Sr. producer, spoke with Rich Murray, who leads the FBI's North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with another attack by REvil - this time against the Texas government - and how they managed to figure out who was behind it.

A year ago we told you the story of Kaseya: an IT solutions company that was breached on July 2021, and its servers were used to spread ransomware to an estimated 800 to 1500 small to medium-sized businesses. Nate Nelson, our Sr. producer, spoke with Rich Murray, who leads the FBI's North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with the Kaseya incident and how they managed to figure out who was behind the attack.

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: UK, USA ban Chinese security cameras What is the Boa webserver and why is it everywhere? Vanuatu, Guadeloupe smashed by ransomware REvil back with more dumps despite ASD attention Much, much more This week's sponsor guest is Jake King from Elastic Security, who joins us to talk through the company's most recent threat report. There's a link to the report in our show notes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes British government bans Chinese surveillance cameras from sensitive locations - The Record by Recorded Future US government bans Huawei, ZTE and Hikvision tech over ‘unacceptable' spying fears | TechCrunch What if Russian commercial aviation cuts too many safety corners? — Meduza Microsoft attributes alleged Chinese attack on Indian power grid to ‘Boa' IoT vulnerability - The Record by Recorded Future U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer – Krebs on Security Guadeloupe kickstarts continuity plan after wide-ranging cyberattack - The Record by Recorded Future Vanuatu hospital staff using pen and paper after cyber attack that crippled public sector - ABC News Extortion site used in Medibank attack goes offline after Australian gov pledges ‘offensive' actions - The Record by Recorded Future ThreatMon Ransomware Monitoring on Twitter: Risky Biz News: Australia passes new privacy bill with huge data breach fines Sandworm hacking group linked to new ransomware deployed in Ukraine - The Record by Recorded Future UK Parliament launches inquiry into national security strategy around ransomware - The Record by Recorded Future Canadian food giant refuses to pay ransom after gang threatens data leak - The Record by Recorded Future Almost 1,000 suspects arrested in Interpol operation which seized over $129 million - The Record by Recorded Future Risky Biz News: Authorities seize iSpoof in major blow to fraudsters and cybercrime groups Espionage group using USB devices to hack targets in Southeast Asia - The Record by Recorded Future WikiLeaks' Website Is Slowly Falling Apart European Parliament declares Russia a terrorism sponsor, then its site goes down | Ars Technica Hackers are spreading malware via trending TikTok challenge: report - The Record by Recorded Future Samantha Borrego iS iNfeCtEd noT pArAnOID on Twitter: elastic-global-threat-report-vol-1-2022.pdf

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: UK, USA ban Chinese security cameras What is the Boa webserver and why is it everywhere? Vanuatu, Guadeloupe smashed by ransomware REvil back with more dumps despite ASD attention Much, much more This week's sponsor guest is Jake King from Elastic Security, who joins us to talk through the company's most recent threat report. There's a link to the report in our show notes. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes British government bans Chinese surveillance cameras from sensitive locations - The Record by Recorded Future US government bans Huawei, ZTE and Hikvision tech over ‘unacceptable' spying fears | TechCrunch What if Russian commercial aviation cuts too many safety corners? — Meduza Microsoft attributes alleged Chinese attack on Indian power grid to ‘Boa' IoT vulnerability - The Record by Recorded Future U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer – Krebs on Security Guadeloupe kickstarts continuity plan after wide-ranging cyberattack - The Record by Recorded Future Vanuatu hospital staff using pen and paper after cyber attack that crippled public sector - ABC News Extortion site used in Medibank attack goes offline after Australian gov pledges ‘offensive' actions - The Record by Recorded Future ThreatMon Ransomware Monitoring on Twitter: Risky Biz News: Australia passes new privacy bill with huge data breach fines Sandworm hacking group linked to new ransomware deployed in Ukraine - The Record by Recorded Future UK Parliament launches inquiry into national security strategy around ransomware - The Record by Recorded Future Canadian food giant refuses to pay ransom after gang threatens data leak - The Record by Recorded Future Almost 1,000 suspects arrested in Interpol operation which seized over $129 million - The Record by Recorded Future Risky Biz News: Authorities seize iSpoof in major blow to fraudsters and cybercrime groups Espionage group using USB devices to hack targets in Southeast Asia - The Record by Recorded Future WikiLeaks' Website Is Slowly Falling Apart European Parliament declares Russia a terrorism sponsor, then its site goes down | Ars Technica Hackers are spreading malware via trending TikTok challenge: report - The Record by Recorded Future Samantha Borrego iS iNfeCtEd noT pArAnOID on Twitter: elastic-global-threat-report-vol-1-2022.pdf

REvil is the name of a ransomware service as well as a group of criminals inflicting ransomware onto the world. Hear how this ransomware shook the world. A special thanks to our guest Will, a CTI researcher with Equinix. Sponsors Support for this show comes from Zscalar. Zscalar zero trust exchange will scrutinize the traffic and permit or deny traffic based on a set of rules. This is so much more secure than letting data flow freely internally. And it really does mitigate ransomware outbreaks. The Zscaler Zero Trust Exchange gives YOU confidence in your security to feel empowered to focus on other parts of your business, like digital transformation, growth, and innovation. Check out the product at zscaler.com. Support for this show comes from Arctic Wolf. Arctic Wolf is the industry leader in security operations solutions, delivering 24x7 monitoring, assessment, and response through our patented Concierge Security model. They work with your existing tools and become an extension of your existing IT team. Visit arcticwolf.com/darknet to learn more.

There's been a Cyberattack against Tata Power. The FBI warns US state political parties of Chinese scanning. Russian influence ops play defense; China's are on the offense. Ransom Cartel and a possible connection to REvil. "Prestige" ransomware is sighted in attacks on Polish and Ukrainian targets. Distributed denial-of-service attacks interfere with Bulgarian websites. Grayson Milbourne of OpenText Security Solutions on SBOMS. Our own Rick Howard checks in with Bryan Willett of Lexmark on implementation of Zero Trust. And Mr. Musk tweets his intention to continue to subsidize Starlink for Ukraine (probably). For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/199 Selected reading. Hackers Attack Tata Power IT Systems: All You Need To Know (IndiaTimes) Chinese hackers are scanning state political party headquarters, FBI says (Washington Post) The Defender's Advantage Cyber Snapshot Issue 2 — More Insights From the Frontlines (Mandiant)  Ransom Cartel Ransomware: A Possible Connection With REvil (Unit 42) New “Prestige” ransomware impacts organizations in Ukraine and Poland (Microsoft Security Threat Intelligence) Bulgarian Government Hit By Cyberattack Blamed On Russian Hacking Group (RadioFreeEurope/RadioLiberty) 'The hell with it': Elon Musk tweets SpaceX will 'keep funding Ukraine govt for free' amid Starlink controversy (CNBC) Starlink isn't a charity, but the Ukraine war isn't a business opportunity (TechCrunch)

REvil (or an impostor, or successor) may be back. A Paris-area medical center continues to work to recover from cyber extortion. An assessment of Russian failure (or disinclination) to mount effective cyber campaigns. Cyber criminals find wartime to be a tough time. Josh Ray from Accenture looks at cyber threats to the rail industry. Our guest is Dan Murphy of Invicti making the case that not all vulnerabilities are created equal. And Yandex Taxi's app was hacked in a nuisance attack. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/170 Selected reading. REvil says they breached electronics giant Midea Group (Cybernews) Paralysed French hospital fights cyber attack as hackers lower ransom demand (RFI) French hospital hit by $10M ransomware attack, sends patients elsewhere (BleepingComputer) Hacks tied to Russia and Ukraine war have had minor impact, researchers say (The Record by Recorded Future)  Getting Bored of Cyberwar: Exploring the Role of the Cybercrime Underground in the Russia-Ukraine Conflict (arXiv:2208.10629v2)  Why Russia's cyber war in Ukraine hasn't played out as predicted (New Atlas) Cyber key in Ukraine war, says spy chief (The Canberra Times)  Montenegro Sent Back to Analog by Unprecedented Cyber Attacks (Balkan Insight) Montenegro blames criminal gang for cyber attacks on government (EU Reporter) Ransomware Attack Sends Montenegro Reaching Out to NATO Partners (Bloomberg)  “I'm tired of living in poverty” – Russian-Speaking Cyber Criminals Feeling the Economic Pinch (Digital Shadows) Yandex Taxi hack creates huge traffic jam in Moscow (Cybernews) Anonymous hacked Russia's largest taxi firm and caused a massive traffic jam (Daily Star)

Rob Pantazopoulos from Secureworks, joins Dave to discuss their work on "REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence." Secureworks researchers published a new analysis on what can be considered the ‘first' set of ransomware samples associated with the reemergence. These updated samples indicate that GOLD SOUTHFIELD has resumed operations. The research states "The identification of multiple samples containing different modifications and the lack of an official new version indicate that REvil is under active development." Researchers identified two samples, one in October of 2021, and the other in March of 2022. The March sample has modifications that lead researchers to distinguish the two samples from one another. The research can be found here: REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence

Larry Cashdollar from Akamai, joins Dave to discuss their research on a DDoS campaign claiming to be REvil. The research shares that Akamai's team was notified last week of an attack on one of their hospitality customers that they called "Layer 7" by a group claiming to be associated with REvil. In the research, they dive into the attack, as well as comparing it to other similar attacks that have been made by the group. The research states "The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website." It also stated that this is a smaller attack than they have seen by the group before, and notes that there seems to be more of a political agenda behind the attack, whereas in the past, REvil has been less political. The research can be found here: REvil Resurgence? Or a Copycat?

Sanctions, blockades, and their effects on the world economy. Western nations remain on alert for Russian cyber attacks. REvil prosecution has reached a dead end. Microsoft issues mitigations for a recent zero-day. John Pescatore's Mr. Security Answer Person is back, looking at authentication. Joe Carrigan looks at new browser vulnerabilities. Notes from the underworld. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/104 Selected reading. In big bid to punish Moscow, EU bans most Russia oil imports (AP NEWS)  EU, resolving a deadlock, in deal to cut most Russia oil imports (Reuters The E.U.'s embargo will bruise Russia's oil industry, but for now it is doing fine. (New York Times)  Russia's Black Sea Blockade Will Turbocharge the Global Food Crisis (Foreign Policy)  Russia's Invasion Unleashes ‘Perfect Storm' in Global Agriculture (Foreign Policy)  ‘War in Ukraine Means Hunger in Africa' (Foreign Policy) Afghanistan's Hungry Will Pay the Price for Putin's War (Foreign Policy) Remote bricking of Ukrainian tractors raises agriculture security concerns (CSO Online) Major supermarkets 'uniquely vulnerable' as Russian cyber attacks rise (ABC) Italy warns organizations to brace for incoming DDoS attacks (BleepingComputer) Whitepaper - PIPEDREAM: CHERNOVITE's Emerging Malware Targeting Industrial Environments (Dragos). Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks (IT Security News)  Putin horror warning over 'own goal' attack on UK coming back to haunt Kremlin (Express.co.uk)  Putin plot: UK hospitals at risk of chilling ‘sleeper cell' attack by Russia (Express)  Will Russia Launch a New Cyber Attack on America? (The National Interest)  Hackers wage war on Russia's largest bank (The Telegraph)  REvil prosecutions reach a 'dead end,' Russian media reports (CyberScoop)  Microsoft Office zero-day "Follina"—it's not a bug, it's a feature! (It's a bug) (Malwarebytes Labs). Microsoft Word struck by zero-day vulnerability (Register)  Clop ransomware gang is back, hits 21 victims in a single month (BleepingComputer) Conti ransomware explained: What you need to know about this aggressive criminal group (CSO Online) 

A quick introductory note on Russia's hybrid war against Ukraine. Russian television schedules hacked to display anti-war message. Phishing campaign distributes Jester Stealer in Ukraine. European Council formally attributes cyberattack on Viasat to Russia. Costa Rica declares a state of emergency as Conti ransomware cripples government sites. DCRat and the C2C markets. The gang behind REvil does indeed seem to be back. More Joker-infested apps found in Google Play. Guest Nick Adams from Differential Ventures discusses what will drive continued growth of cybersecurity beyond attack surfaces and governance from a VC's perspective. Partner Ben Yelin from UMD CHHS on digital privacy concerns in the aftermath of the potential overturn of Roe vs Wade. And Spain's spyware scandal takes down an intelligence chief. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/90 Selected reading. Ukraine morning briefing: Five developments as Joe Biden warns Vladimir Putin has 'no way out' (The Telegraph) Viewpoint: Putin now faces only different kinds of defeat (BBC News)  Putin's Victory Day speech gives no clue on Ukraine escalation (Reuters)  On Victory Day, Putin defends war on Ukraine as fight against ‘Nazis' (Washington Post)  In Speech, Putin Shows Reluctance in Demanding Too Much of Russians (New York Times)  Putin's parade shows he "is going to continue at whatever cost" in Ukraine (Newsweek) Russia's display of military might sent the West a strong message – just not the one Putin intended (The Telegraph) Russian TV Schedules Hacked on Victory Day to Show Anti-War Messages (HackRead)  Russian TV hacked to say ‘blood of Ukrainians is on your hands' (The Telegraph)  Mass Distribution of Self-Destructing Malware in Ukraine (BankInfoSecurity)  Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union (European Council)

Cable sabotage in France remains under investigation. Spearphishing by Cozy Bear. Widespread and damaging Russian cyberattacks have yet to appear, but criminals find a new field of activity. Hacktivism and privateering. The legal and prudential limits to hacktivism. Applying lessons learned from an earlier cyberwar. Romanian authorities say last week's DDoS incident was retaliation for Bucharest's support of Kyiv. Rick Howard is dropping some SBOMS. Carole Theriault reports on virtual kidnappings. REvil seems to be back after all. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/84 Selected reading. How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities (CyberScoop)  Russian hackers compromise embassy emails to target governments (BleepingComputer)  Ukraine's defense applies lessons from a 15-year-old cyberattack on Estonia (NPR)  Feared Russian cyberattacks against US have yet to materialize (C4ISRNet) Hacking Russia was off-limits. The Ukraine war made it a free-for-all. (Washington Post)  A YouTuber is promoting DDoS attacks on Russia — how legal is this? (BleepingComputer) Ukraine's Digital Fight Goes Global (Foreign Affairs) Romanian government says websites attacked by pro-Russian group (The Record by Recorded Future)  REvil ransomware returns: New malware sample confirms gang is back (BleepingComputer)