Risky Business #772 -- Salt Typhoon is truly a national security disaster

On this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• A ransomware attack has crippled US supply chain software provider Blue Yonder
• Russian spies hack nearby wifi to get to their targets, but that doesn’t seem surprising?
• Salt Typhoon’s attacks on telcos are hard to solve and big on impact
• China’s surveillance state workers sell their access at home
• Palo Alto is bad and should feel bad
• And much, much more.

In this week’s sponsor interview Patrick Gray chats with Matt Muller from Tines about Gartner’s “spicy take” that the SOAR category is dead. SOAR is dead! Long live SOAR!

This episode is also available on Youtube.

Show notes

• Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder | The Record from Recorded Future News
• Customer Update
• Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack | WIRED
• China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware | The Record from Recorded Future News
• Emerging Details of Chinese Hack Leave U.S. Officials Increasingly Concerned
• Top senator calls Salt Typhoon “worst telecom hack in our nation’s history” - The Washington Post
• Privacy-focused mobile phone launches for high-risk individuals | CyberScoop
• China’s Surveillance State Is Selling Citizen Data as a Side Hustle | WIRED
• Former Verizon employee gets four-year sentence for sharing cyber secrets with Chinese government | The Record from Recorded Future News
• Surveillance Legislation (Confirmation of Application) Bill 2024 – Parliament of Australia
• ParlInfo - BILLS : Surveillance Legislation (Confirmation of Application) Bill 2024 : Second Reading
• ParlInfo - Surveillance Legislation (Confirmation of Application) Bill 2024
• ParlInfo - Surveillance Legislation (Confirmation of Application) Bill 2024
• Chris Bing: "Regarding the reported hack of the Gaetz-ethics committee report, the file storage platform (FileShare) that held the document said they weren't hacked. But rather: "this file was shared anonymously which allowed anyone to download. This was not a breach"" — Bluesky
• Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say
• Palo Alto Networks boasts as customers coalesce on its platforms | Cybersecurity Dive
• Palo Alto Networks pushes back as Shadowserver spots 2K of its firewalls exploited | Cybersecurity Dive
• RSF investigation: the Indian cyber-security giant silencing media outlets worldwide | RSF
• Patrick Gray (@patrick.risky.biz) — Bluesky
• metlstorm (@metlstorm.risky.biz) — Bluesky
• Catalin Cimpanu (@campuscodi.risky.biz) — Bluesky
• Tom Uren (@tom.risky.biz) — Bluesky