June 19, 2024

Risky Business #753 – Congress and vuln researchers maul Microsoft

1 hour 3 minutes

On this week’s retreat special, the entire Risky Business team is together in a tropical paradise for the first time. The team takes a break from the infinity pool to discuss the week’s security news:

Microsoft recalls Recall, but why did it have to be such a mess

And a Windows kernel wifi code-exec, really?

Passkeys and identity are hard

Scattered Spider bigwig arrested in Spain

The pentagon runs a deeply flawed info-op

Is it time E2E crypto nerds accept their place in the world?

And much, much more.

This week’s show is brought to you by Corelight… Corelight’s CEO Brian Dye will be along in this week’s sponsor interview to make a really compelling case for something that shouldn’t exist… which is NDR in cloud environments.

Show notes

Microsoft shelves Recall feature release after security uproar

Microsoft’s Recall puts the Biden administration’s cyber credibility on the line | CyberScoop

Microsoft’s cybersecurity vulnerabilities endanger America

US lawmakers grill Microsoft president over China ties, hacks | Reuters

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack — ProPublica

CVE-2024-30078 - Security Update Guide - Microsoft - Windows Wi-Fi Driver Remote Code Execution Vulnerability

Security bug allows anyone to spoof Microsoft employee emails | TechCrunch

Patrick Gray on X: "I was wrong about some things I said about iCloud accounts in this week’s show and I’ll tell you all exactly how I was wrong in next week’s show"

Passkeys in Microsoft Authenticator and Entra ID

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake | WIRED

MFA plays a rising role in major attacks, research finds | Cybersecurity Dive

Luke Jennings on LinkedIn: saas-attacks/techniques/ghost_logins/description.md at main ·…

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested – Krebs on Security

EXPOSED: Identities of Iranian Hackers Targeting Israel and Other Countries Revealed | Matzav.com

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating | Ars Technica

Windows flaw may have been exploited with Black Basta ransomware before it was patched

Crown Equipment Corporation victim of a Ransomware attack | Born's Tech and Windows World

City governments in Michigan, New York face shutdowns after ransomware attacks

Cleveland confirms ransomware attack as City Hall remains closed

Authorities investigating extended ‘network outage’ at organization that runs TheBus

Pentagon ran secret anti-vax campaign to incite fear of China vaccines

Shashank Joshi on X: "Just finished “Information Operations”, a new book by @TathamSteve. Includes this anecdote on a British effort to stop children throwing stones at a base in Afghanistan. “LRGR was the abbreviation for the Long-Range Gonad Reducer.” https://t.co/zmoxb45Cgz"

Dmitri Alperovitch on X: "@shashj They also allegedly hacked the email of the lieutenant leading the medical service of the 960th unit and retrieved the medical certificates of 150 officers and enlisted personnel"

Signal president Meredith Whittaker criticizes EU attempts to tackle child abuse material

...more

View all episodes

By Patrick Gray

4.6

352352 ratings