Risky Business #720 -- How cloud identity provider federation features can get you mega-owned

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

• Why everyone should pay attention to some recent attacks on Okta customers

• Why third party comms apps are risky af

• Why are Russian espionage opps using Tor for C2?

• Surveillance firms abuse Fiji Telco Digicel’s SS7 access

• Much, much more!

This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes Cross-Tenant Impersonation: Prevention and Detection | Okta Security BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps NCSC-MAR-Infamous-Chisel.pdf Ukraine says an energy facility disrupted a Fancy Bear intrusion Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News CISA, MITRE shore up operational tech networks with adversary emulation platform LogicMonitor customers hit by hackers, because of default passwords | TechCrunch Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. | Ars Technica Why is .US Being Used to Phish So Many of Us? – Krebs on Security UK cyber agency announces Ollie Whitehouse as its first ever CTO Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p ONLINE-SCAM-OPERATIONS-2582023.pdf Unmasking Trickbot, One of the World’s Top Cybercrime Gangs | WIRED

Release date

Lydbog: 5. september 2023