May 29, 2024

Risky Business #750 -- Why Microsoft's Recall is an attacker's best friend

Listen Later

1 hour 1 minute

On this week’s show Patrick and Adam discuss the week’s security news, including:

Russian delivery company gets ransomware-wiper’d

A supply-chain attack targets video software used in US courts

Checkpoint firewalls get hacked, details as clear as mud

Microsoft Recall delights hackers

Aussie telco Optus gets told its IR report isn’t legal advice

Cyber insurer says you’re 5x more likely to get rekt if you have a Cisco ASA

And much, much more.

This week’s episode is sponsored by Kroll Cyber. Alex Cowperthwaite, Kroll’s technical director research and development for offence joins to talk about how his team attacks AI models, in ways both classic and new.

Show notes

Major Russian delivery company down for three days due to cyberattack

Stark Industries Solutions: An Iron Hammer in the Cloud – Krebs on Security

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog

Check Point Software customers targeted by hackers using old, local VPN accounts | Cybersecurity Dive

US pharma giant Cencora says Americans' health information stolen in data breach | TechCrunch

Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’ | WIRED

Kevin Beaumont: "I got ahold of the Copilot+ so…" - Cyberplace

Kevin Beaumont: "For those who aren’t aware, Mi…" - Cyberplace

Patrick Gray on X: "You know it’s coming… Microsoft Defender Advanced Security for Recall"

Microsoft Edge for Business: Revolutionizing your business with AI, security and productivity - Microsoft Edge Blog

Optus loses appeal to keep Deloitte report on cyberattack secret

Optus says it will defend allegations it failed to protect confidential details of 9 million customers in cyber attack - ABC News

Nearly 3 million affected by Sav-Rx data breach

Spyware app pcTattletale was hacked and its website defaced | TechCrunch

#F**kStalkerware pt. 6 - tattling on pcTattletale

Spyware maker pcTattletale shutters after data breach | TechCrunch

Jeremy Kirk: "Cyber insurer Coalition releas…" - Infosec Exchange

Coalition_2024-Cyber-Claims-Report

TikTok says it disrupted 15 influence operations this year — including one from China

Israeli private eye accused of hacking was questioned about DC public affairs firm, sources say | Reuters

RansomHub claims attack on Christie’s, the world’s wealthiest auction house

Open-Source Assessments of AI Capabilities: The Proliferation of AI Analysis Tools, Replicating Competitor Models, and the Zhousidun Dataset

Shashank Joshi on X: "Additionally, OpenAI will retain and consult with other safety, security, and technical experts to support this work, including former cybersecurity officials, Rob Joyce [@RGB_Lights], who advises OpenAI on security, and John Carlin."

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Risky Business

By Patrick Gray

4.6

354354 ratings

May 29, 2024

Risky Business #750 -- Why Microsoft's Recall is an attacker's best friend

Listen Later

1 hour 1 minute

On this week’s show Patrick and Adam discuss the week’s security news, including:

Russian delivery company gets ransomware-wiper’d

A supply-chain attack targets video software used in US courts

Checkpoint firewalls get hacked, details as clear as mud

Microsoft Recall delights hackers

Aussie telco Optus gets told its IR report isn’t legal advice

Cyber insurer says you’re 5x more likely to get rekt if you have a Cisco ASA

And much, much more.

This week’s episode is sponsored by Kroll Cyber. Alex Cowperthwaite, Kroll’s technical director research and development for offence joins to talk about how his team attacks AI models, in ways both classic and new.

Show notes

Major Russian delivery company down for three days due to cyberattack

Stark Industries Solutions: An Iron Hammer in the Cloud – Krebs on Security

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog

Check Point Software customers targeted by hackers using old, local VPN accounts | Cybersecurity Dive

US pharma giant Cencora says Americans' health information stolen in data breach | TechCrunch

Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’ | WIRED

Kevin Beaumont: "I got ahold of the Copilot+ so…" - Cyberplace

Kevin Beaumont: "For those who aren’t aware, Mi…" - Cyberplace

Patrick Gray on X: "You know it’s coming… Microsoft Defender Advanced Security for Recall"

Microsoft Edge for Business: Revolutionizing your business with AI, security and productivity - Microsoft Edge Blog

Optus loses appeal to keep Deloitte report on cyberattack secret

Optus says it will defend allegations it failed to protect confidential details of 9 million customers in cyber attack - ABC News

Nearly 3 million affected by Sav-Rx data breach

Spyware app pcTattletale was hacked and its website defaced | TechCrunch

#F**kStalkerware pt. 6 - tattling on pcTattletale

Spyware maker pcTattletale shutters after data breach | TechCrunch

Jeremy Kirk: "Cyber insurer Coalition releas…" - Infosec Exchange

Coalition_2024-Cyber-Claims-Report

TikTok says it disrupted 15 influence operations this year — including one from China

Israeli private eye accused of hacking was questioned about DC public affairs firm, sources say | Reuters

RansomHub claims attack on Christie’s, the world’s wealthiest auction house

Open-Source Assessments of AI Capabilities: The Proliferation of AI Analysis Tools, Replicating Competitor Models, and the Zhousidun Dataset

Shashank Joshi on X: "Additionally, OpenAI will retain and consult with other safety, security, and technical experts to support this work, including former cybersecurity officials, Rob Joyce [@RGB_Lights], who advises OpenAI on security, and John Carlin."

...more

More shows like Risky Business

Security Now (Audio) by TWiT

Security Now (Audio)

1,970 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

366 Listeners

Hacked by Hacked

Hacked

176 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,006 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Click Here by Recorded Future News

Click Here

408 Listeners

Malicious Life by Malicious Life

Malicious Life

925 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,871 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

166 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

Hacking Humans by N2K Networks

Hacking Humans

314 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners