Risky Business #817 —— 比往常感恩节更平静的“杀戮”

在本周的节目中，Patrick Gray 和 Adam Boileau 讨论了本周的网络安全新闻。尽管美国正值感恩节，一周相对平静，但总有一些网络话题可谈：

• 空客在宇宙射线翻转导致一架A320飞机俯冲后，推出了软件更新。
• Krebs 通过通常薄弱的安全操作追踪到一名“Scattered Lapsus$ Hunters”青少年…
• …与此同时，《Wired》杂志发布了一份针对青少年的安全操作指南。
• 微软认为其登录门户值得部署一项内容安全策略。
• 韩国在线零售商数据泄露事件影响了该国65%的人口。

本周节目由 Nebulock 赞助。创始人兼首席执行官 Damien Lewke 加入节目，讨论了他们在为 MacOS 引入更多 Sigma 威胁检测规则方面的工作。 本期节目也可在 Youtube 上观看。

节目说明

• Airlines race to fix their Airbus planes after warning solar radiation could cause pilots to lose control | CNN
• Congress calls on Anthropic CEO to testify on Chinese Claude espionage campaign | CyberScoop
• Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog
• Update: Shai-Hulud and the npm Ecosystem: Why CTEM Must Extend Beyond Your Walls | Armis
• Glassworm’s resurgence | Secure Annex
• 4.3 Million Browsers Infected: Inside ShadyPanda’s 7-Year Malware Campaign | Koi Blog
• Post by @spuxx.bsky.social — Bluesky
• Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security
• The WIRED Guide to Digital Opsec for Teens | WIRED
• Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos - ABC News
• Ed Conway on X: “The person who first downloaded the OBR’s document at 11:35 on Budget day (I’m guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!) https://t.co/6iLm2uEUj2” / X
• Reuters accused of hack attack | ZDNET
• The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’ | WIRED
• Microsoft tightens cloud login process to prevent common attack | Cybersecurity Dive
• Fortinet FortiWeb flaws found in unsupported versions of web application firewall | Cybersecurity Dive
• Cryptomixer platform raided by European police; $29 million in bitcoin seized | The Record from Recorded Future News
• Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange | The Record from Recorded Future News
• Data breach hits ‘South Korea’s Amazon,’ potentially affecting 65% of country’s population | The Record from Recorded Future News
• NSA Contractor Groomed Teenage Girls On Reddit, DOJ Alleges
• Nebulock developed coreSigma for MacOS
• coreSigma 代码仓库:
  • https://github.com/nebulock/coresigma-macos
  • https://github.com/nebulock/coresigma-macos-signatures