Risky Business #739 -- ALPHV exit scams while Change Healthcare burns

In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:

• The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
• Predator spyware maker getting a stern sanctioning
• A German military WebEx meeting gets snooped
• Mem-corrpution is still king
• And much, much more

In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.

Show notes

• U.S. Air Force employee charged with giving classified information to woman he met on dating site
• Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind’
• AlphV’s hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive
• Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice
• Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1)
• Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED
• Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes
• US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters
• Brett Callow on X: "#Lockbit has de-listed Fulton County.
• Predator spyware endures even after widespread exposure, analysis shows | CyberScoop
• Predator spyware infrastructure taken down after exposure | CyberScoop
• U.S. bans maker of spyware that targeted a senator's phone
• Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case
• Whatsapp Inc vs NSO Group
• Russia’s chief propagandist leaks intercepted German military Webex conversation
• The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice
• A leaky database spilled 2FA codes for the world’s tech giants | TechCrunch
• In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive
• How to Secure the SaaS Apps of the Future | Okta Security