Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #659 -- Okta and Microsoft meet LAPSUS$
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Okta’s somewhat awful comms around its LAPSUS$ incident
- Inside Microsoft’s brush with the same group
- How Elon Musk’s Starlink service is being used to drop bombs on Russian tanks
- US, UK governments warn of impending Russian cyberdoom
- Much, much more…
This week’s sponsor interview is with Paul Lanzi, co-founder of Remediant. Paul joins the show this week to talk about cyber insurance. It’s a topic that has come up a lot for us lately – ransomware has borderline sunk the current cyber insurance model as payments ballooned and payouts made a lot of insurers adjust premiums to the. But all is not lost – Paul says this blowup means the insurance industry is actually adapting and could wind up being a driver of better security practices.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Hackers hit authentication firm Okta, customers 'may have been impacted' | Reuters
- Updated Okta Statement on LAPSUS$ | Okta
- Microsoft investigating Lapsus$ claims of Bing, Cortana data theft - The Record by Recorded Future
- DEV-0537 criminal actor targeting organizations for data exfiltration and destruction - Microsoft Security Blog
- U.K. echoes Biden warning on Russian cyberattacks - The Record by Recorded Future
- Statement by President Biden on our Nation’s Cybersecurity | The White House
- FBI advised that hackers scanned networks of 5 US energy firms ahead of Biden's Russia cyberattack warning - CNNPolitics
- CISA, FBI warn of satellite network hacks following Viasat cyberattack - The Record by Recorded Future
- Specialist Ukrainian drone unit picks off invading Russian forces as they sleep | News | The Times
- China’s DJI And Its Billionaire Chief Put In An Awkward Spot As Both Sides In Ukraine War Use Its Drones
- Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine | Snyk
- Catalin Cimpanu on Twitter: "Following the poisoning of the node-ipc npm package to sabotage systems in Belarus and Russia, Russia's NKTsKI cyber-security agency has told companies to use local repos for FOSS software, use older versions prior to the invasion, and audit new updates https://t.co/3PlKdXTfn1 https://t.co/EV25HBBZFN" / Twitter
- U.S. bars ex-spies from becoming 'mercenaries,' following Reuters series | Reuters
- Behold, a password phishing site that can trick even savvy users | Ars Technica
- Death of the Password? FIDO Alliance Reveals Its New Plan | WIRED
- Scammers have 2 clever new ways to install malicious apps on iOS devices | Ars Technica
- New details emerge on prolific Conti-linked cybercrime group
- Trickbot is using MikroTik routers to ply its trade. Now we know why | Ars Technica
- Sandworm-linked botnet has another piece of hardware in its sights
- Hacker Steals Customer Data From Circle, BlockFi, Other Big Crypto Firms - Decrypt
- Lawmakers Probe Early Release of Top RU Cybercrook – Krebs on Security
- A different way to do PAM -- Paul Lanzi, Remediant - YouTube