Most of this week's video went on the scraped (and faked) LinkedIn data, but it's the ransomware discussion that keeps coming back to mind. Even just this morning, 2 days after recording this live stream, I ended up on nation TV talking about the DP World security incident and whilst we don't have any confirmation yet, it has all the hallmarks of another ransomware case. In advance of that interview, I was trawling through various ransomware Tor sites and the volume of big names appearing there is just staggering. It does get me thinking: how many other individuals and corporations alike are being exposed through these and are never told about it? I wonder...
References
- Sponsored by: Webinar: 'How to Defend Against the Evilginx2.' Kuba Gretzky (Evilginx2) & Marcin Szary (Secfense) show a tool that counters MFA bypass.
- The LinkedIn scrape was a combination of data intended to be publicly consumable and lots of guessed email addresses (if you guess enough email addresses, you're bound to get some right!)
- The ransomware situation is getting just nuts, and it seems like there's no level criminals won't stoop to (that's a fascinating thread by Matt Johansen)
- The RDBMS component of HIBP is now running on "serverless" SQL Azure (yes, there are still servers, but it's not as obvious any more)