Rick Holland and Alex Guirakhoo join Harrison Van Riper this week to talk through more Sodinokibi activity. Just yesterday, a cloud hosting provider for Digital Dental Records was hit with Sodinokibi, apparently affecting around 400 different dental providers around the US. It seems like were hearing about more and more people actually paying out these ransom demands. Do we think it’s just a reporting bias or do we think they’re actually paying out more often?
Then the team looks at the Imperva breach, where its Incapsula Web Application Firewall product was inadvertently exposing some data, including email addresses, hashed and salted passwords, API keys and SSL certificates.
Google’s Project Zero also discovered a series of 0-day exploits being actively used in the wild targeting iPhones. The team discuses how this will factor into risk models moving forward. We close out with everyone’s top (and weirdest) choices at the Texas State Fair. Yummmmm.
Resources From this Week’s Episode:
More Sodinokibi activity
https://www.scmagazine.com/home/security-news/dentist-offices-nationwide-hit-with-revil-ransomware-attacks/ https://krebsonsecurity.com/2019/08/ransomware-bites-dental-data-backup-firm/ https://www.bleepingcomputer.com/news/security/a-look-inside-the-highly-profitable-sodinokibi-ransomware-business/
iOS exploits discovered