Risky Business #753 – Congress and vuln researchers maul Microsoft

On this week’s retreat special, the entire Risky Business team is together in a tropical paradise for the first time. The team takes a break from the infinity pool to discuss the week’s security news:

• Microsoft recalls Recall, but why did it have to be such a mess

• And a Windows kernel wifi code-exec, really?

• Passkeys and identity are hard

• Scattered Spider bigwig arrested in Spain

• The pentagon runs a deeply flawed info-op

• Is it time E2E crypto nerds accept their place in the world?

• And much, much more.

This week’s show is brought to you by Corelight… Corelight’s CEO Brian Dye will be along in this week’s sponsor interview to make a really compelling case for something that shouldn’t exist… which is NDR in cloud environments.

Show notes Microsoft shelves Recall feature release after security uproar Microsoft’s Recall puts the Biden administration’s cyber credibility on the line | CyberScoop Microsoft’s cybersecurity vulnerabilities endanger America US lawmakers grill Microsoft president over China ties, hacks | Reuters Microsoft Refused to Fix Flaw Years Before SolarWinds Hack — ProPublica CVE-2024-30078 - Security Update Guide - Microsoft - Windows Wi-Fi Driver Remote Code Execution Vulnerability Security bug allows anyone to spoof Microsoft employee emails | TechCrunch Patrick Gray on X: "I was wrong about some things I said about iCloud accounts in this week’s show and I’ll tell you all exactly how I was wrong in next week’s show" Passkeys in Microsoft Authenticator and Entra ID Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake | WIRED MFA plays a rising role in major attacks, research finds | Cybersecurity Dive Luke Jennings on LinkedIn: saas-attacks/techniques/ghost_logins/description.md at main ·… Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested – Krebs on Security EXPOSED: Identities of Iranian Hackers Targeting Israel and Other Countries Revealed | Matzav.com Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating | Ars Technica Windows flaw may have been exploited with Black Basta ransomware before it was patched Crown Equipment Corporation victim of a Ransomware attack | Born's Tech and Windows World City governments in Michigan, New York face shutdowns after ransomware attacks Cleveland confirms ransomware attack as City Hall remains closed Authorities investigating extended ‘network outage’ at organization that runs TheBus Pentagon ran secret anti-vax campaign to incite fear of China vaccines Shashank Joshi on X: "Just finished “Information Operations”, a new book by @TathamSteve. Includes this anecdote on a British effort to stop children throwing stones at a base in Afghanistan. “LRGR was the abbreviation for the Long-Range Gonad Reducer.” https://t.co/zmoxb45Cgz" Dmitri Alperovitch on X: "@shashj They also allegedly hacked the email of the lieutenant leading the medical service of the 960th unit and retrieved the medical certificates of 150 officers and enlisted personnel" Signal president Meredith Whittaker criticizes EU attempts to tackle child abuse material

Release date

Lydbog: 19. juni 2024