Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #751 -- Snowflake, operation Endgame and Microsoft's looming FTC problem
On this week’s show Patrick Gray and Mark Piper discuss the week’s security news, including:
- What on earth happened at Snowflake?
- A look at operation Endgame
- Check Point’s hilarious adventures with dot dot slash
- Report says the FTC is looking at Microsoft’s security product bundling
- More ransomware hits Russia
- Much, much more
404 Media co-founder Joseph Cox is this week’s feature guest. He joins us to talk about his new book, Dark Wire, which is all about the FBI’s Anom sting.
This week’s show is brought to you by Resourcely. If your Terraform is a mess or your CSPM dashboards are lighting up with insane and stupid things, you should check out Resourcely. Its founder and CEO Travis McPeak will be along in this week’s sponsor interview to talk about all things Terraform.
Show notes
- The Snowflake breach and the need for mandatory MFA
- Snowflake at centre of world’s largest data breach | by Kevin Beaumont | Jun, 2024 | DoublePulsar
- Cloud company Snowflake denies that reported breach originated with its products
- ‘Operation Endgame’ Hits Malware Delivery Platforms – Krebs on Security
- Treasury Sanctions Creators of 911 S5 Proxy Botnet – Krebs on Security
- TikTok warns of exploit aimed at 'high-profile accounts’
- SEC clarifies intent of cybersecurity breach disclosure rules after initial filings | Cybersecurity Dive
- SEC.gov | Disclosure of Cybersecurity Incidents Determined To Be Material and Other Cybersecurity Incidents[*]
- Nurses at Ascension hospital in Michigan raise alarms about safety following ransomware attack
- London hospitals declare emergency following ransomware attack | Ars Technica
- North Korea’s ‘Moonstone Sleet’ using fake tank game, custom ransomware in attacks
- OpenAI models used in nation-state influence campaigns, company says
- National Vulnerability Database | NIST
- More than 600,000 routers knocked out in October by Chalubo malware
- Hackers steal $305M from DMM Bitcoin crypto exchange | TechCrunch
- Germany's main opposition party hit by ‘serious’ cyberattack
- Cyberattack disrupts operations of supermarkets across Russia
- Rare earths miner targeted in cyber attack prior to removal of Chinese investors - ABC News
- Check Point - Wrong Check Point (CVE-2024-24919)
- Kevin Beaumont: "The latest Risky Business epis…" - Infosec Exchange
- This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI | WIRED
- FTC-industry talks over possible Microsoft probe raised recent hacking incidents - Nextgov/FCW
- Tim Schofield 🏴 🇬🇧 🇪🇺🗺: "@riskybusiness @metlstorm I d…" - Infosec Exchange
- Dark Wire: The Incredible True Story of the Largest Sting Operation Ever: Cox, Joseph: 9781541702691: Amazon.com: Books
- Distant Field Labs