On this week’s show Patrick Gray and Dmitri Alperovitch discuss the week’s security news. They cover:

• How western youths are working with Russian ransomware crews
• Russia has changed its targeting in Ukraine
• A massive breach of historical Russian flight information is god’s gift to OSINT orgs
• Cisco buys Splunk for $28bn
• Much, much more

This week’s show is brought to you by Panther. Its field CISO Ken Westin is this week’s sponsor guest.

Links to everything that we discussed are below.

Show notes

• MGM Resorts says hotel, casino operations back up and running | Cybersecurity Dive
• MGM Resorts warns customers of fraud as it faces class action lawsuits | Cybersecurity Dive
• mgmkirwan - DocumentCloud
• Cross-Tenant Impersonation: Prevention and Detection | Okta Security
• 'Power, influence, notoriety': The Gen-Z hackers who struck MGM, Caesars | Reuters
• Youth hacking ring at the center of cybercrime spree | CyberScoop
• UK logistics firm blames ransomware attack for insolvency, 730 redundancies
• Philippines state health org struggling to recover from ransomware attack
• Bermuda’s premier attributes system outages to ‘Russia-based’ attackers
• Russian hackers target Ukrainian government systems involved in war crimes investigations
• (4) Oleg Shakirov on X: "Huge data breach in Russia A previously unknown group claims it stole data from Russia's major flight booking system Sirena Travel. The whole dataset includes 665 mil entries and spans 16 years; they posted a sample with 3 mil lines. I was able to verify one flight. Looks legit" / X
• Hackers break into Russian database with data on hundreds of millions of flights
• Canada blames border checkpoint outages on cyberattack
• Air Canada says hackers accessed limited employee records during cyberattack
• 3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone | Ars Technica
• Yes, you have to update your Apple devices again, because spyware is bad | TechCrunch
• GPUs from all major suppliers are vulnerable to new pixel-stealing attack | Ars Technica
• CISA's catalog of must-patch vulnerabilities crosses the 1,000 bug mark after 2 years
• Hong Kong crypto business Mixin says hackers stole $200 million in assets
• Cisco to buy Splunk for $28B | Cybersecurity Dive
• British Army general says UK now conducting ‘hunt forward’ operations
• World on the Brink: How America Can Beat China in the Race for the Twenty-First Century: Alperovitch, Dmitri, Graff, Garrett M.: 9781541704091: Amazon.com: Books
• Starlink in Ukraine: Why the Story Is Not So Simple | Geopolitics Decanted by Silverado