Catalin Cimpanu

Newsletter and Podcast Production at Risky Business

Parked account. I don't usually post here on a regular basis.

Featured in: Favicon

slate.com

zdnet.com

boingboing.net Favicon

softpedia.com Favicon

bleepingcomputer.com Favicon

substack.com Favicon

techrepublic.com Favicon

editorandpublisher.com Favicon

realcleardefense.com Favicon

therecord.media + 6 more

Articles

Risky Bulletin: CoinMarketCap hacked via a doodle image

5 days ago | news.risky.biz | Catalin Cimpanu

This newsletter is brought to you by Authentik. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. On Apple Podcasts:[This newsletter's podcast embed widget]CoinMarketCap—the go-to website where everyone goes to check cryptocurrency exchange rates—was hacked on Friday.
Risky Bulletin: White House rejects nominee for NSA & CyberCom leader

5 days ago | risky.biz | Catalin Cimpanu

Risky Bulletin: White House rejects nominee for NSA & CyberCom leader Presented by Catalin Cimpanu News Editor Claire Aird Newsreader The White House rejects the Pentagon’s nominee for NSA & CyberCom leader, the FCC probes the US Cyber Trust Mark program, a cyberattack disrupts Russia’s animal products industry, and hackers leak data about everyone in Paraguay. Your browser does not support the audio element.
Russian hackers abuse app-specific passwords to bypass MFA

1 week ago | news.risky.biz | Catalin Cimpanu

This newsletter is brought to you by enterprise browser maker Island. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. Russian cyber-spies have developed a new social engineering technique designed to extract application-specific passwords from their targets. Also known as app passwords, or ASPs, these allow attackers to bypass multi-factor authentication and access a victim's Gmail accounts.
Risky Bulletin: Russian hackers abuse app-specific passwords to bypass MFA

1 week ago | risky.biz | Catalin Cimpanu

Risky Bulletin: Russian hackers abuse app-specific passwords to bypass MFA Presented by Catalin Cimpanu News Editor Claire Aird Newsreader Russian hackers abuse app-specific passwords to bypass multi-factor, the tenth Salt Typhoon victim is identified, Predatory Sparrow destroys $90 million from an Iranian crypto-exchange, and Argentina arrests a Russian disinfo gang. Your browser does not support the audio element.
Chrome gets a new prompt to prevent sneaky local network attacks

1 week ago | news.risky.biz | Catalin Cimpanu

This newsletter is brought to you by enterprise browser maker Island. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. Google Chrome is adding a new prompt that will ask for permissions when websites or mobile apps want to connect to a user's localhost or access devices hosted on their internal local network (LAN).
Risky Bulletin: Israel-linked hackers claim Iran bank disruption

1 week ago | risky.biz | Catalin Cimpanu

Risky Bulletin: Israel-linked hackers claim Iran bank disruption Presented by Catalin Cimpanu News Editor Claire Aird Newsreader An Israeli-linked hacktivist group claims attack on Iranian bank, Chrome gets a new prompt to prevent local network attacks, a Century-old German napkin company goes under following ransomware attack, and Europol takes down the Archetyp dark web market. Your browser does not support the audio element.
Cock[.]li hacked using recent Roundcube zero-day

1 week ago | news.risky.biz | Catalin Cimpanu

This newsletter is brought to you by enterprise browser maker Island. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. A threat actor named Satoshi has allegedly hacked controversial email provider Cock[.]li and is now selling its data on an underground hacking forum. They are selling this data on a Russian language underground hacking forum named XSS for 1 Bitcoin, or approximately $105,000.
Risky Bulletin: Washington Post email accounts hacked

1 week ago | risky.biz | Catalin Cimpanu

Risky Bulletin: Washington Post email accounts hacked Presented by Catalin Cimpanu News Editor Claire Aird Newsreader Email accounts compromised at the Washington Post, shady email provider Cock.li gets hacked, hackers steal data from a French university, and the EU invests €145 million in hospital cybersecurity. Your browser does not support the audio element. Risky Bulletin: Washington Post email accounts hacked 0:00 / 5:48
Risky Bulletin: Predator spyware alive despite US sanctions

2 weeks ago | news.risky.biz | Catalin Cimpanu

Risky Business News — 14 min read This newsletter is brought to you by Push Security. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. Despite being sanctioned twice by the US Treasury Department last year, surveillance and spyware maker Intellexa has continued to operate and has even set up new server infrastructure for its customers.
Risky Bulletin: Predator spyware alive despite US sanctions

2 weeks ago | risky.biz | Catalin Cimpanu

Risky Bulletin: Predator spyware alive despite US sanctions Presented by Catalin Cimpanu News Editor Claire Aird Newsreader Intellexa is alive and well despite US sanctions, Paragon spyware used a zero-click iMessage exploit, South Korea’s largest online bookstore gets ransomwared, and law enforcement takes down several cybercrime operations. Your browser does not support the audio element.