Risky Business #755 -- SSH 0day! Polyfill drama! Entrust crushed!
On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Widely used polyfill javascript gets hijacked by its new owners
- MacOS supply chain disaster bullet dodged
- That OpenSSH remote code exec OH MY <3
- Entrust gets its CA business kicked to the kerb by Google
- South Korean telco intentionally viruses 600k customers
- Microsoft continues to deeply underwhelm
- And much, much more.
This week’s episode is sponsored by Greynoise. Founder Andrew Morris joins to talk about ways to track attackers across NAT and VPNs, as well as how you can join in the fun of running an internet-scale honeypot network.
Show notes
- Polyfill, Cloudflare trade barbs after reports of supply chain attack threatening 100k websites
- 3 million iOS and macOS apps were exposed to potent supply-chain attacks
- regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
- Google Online Security Blog: Sustaining Digital Certificate Security - Entrust Certificate Distrust
- TeamViewer: Hackers copied employee directory data and encrypted passwords
- South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs | Tom's Hardware
- CDK eyes service restoration for all car dealers by Fourth of July
- ‘I don’t see it happening’: CISA chief dismisses ban on ransomware payments
- Patelco Credit Union ransomware attack halts banking services for nearly half a million members
- LockBit claims cyberattack on Croatia’s largest hospital
- Inside a Violent Gang's Ruthless Crypto-Stealing Home Invasion Spree
- Suspected Chinese gov’t hackers used ransomware as cover in attacks on Brazil presidency, Indian health org
- Nearly 4,000 arrested in global police crackdown on online scam networks
- USD 257 million seized in global police crackdown against online scams
- Microsoft alerts additional customers of state-linked threat group attacks
- Midnight Blizzard Microsoft Email Data Sharing Request: Legit? : r/Office365
- Polish Parliament strips official of immunity, clearing path for prosecution in spyware scandal
- Stolen credentials could unmask thousands of darknet child abuse website users
- WA man set up fake free wifi at Australian airports and on flights to steal people’s data, police allege
- Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws
- iOS 17 lockdown mode blocking CarPlay? : r/ios
