Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #799 -- Everyone's Sharepoint gets shelled
July 23, 2025
1:13:55
12.67 MB ( 58.31 MB less)
Downloads: 0
Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss:
- Microsoft tried to make outsourcing the Pentagon’s cloud maintenance to China okay (it was not)
- She shells Sharepoint by the sea-shore (by ‘she’ we mean ‘China’)
- Four (alleged) Scattered Spider members arrested (and bailed) in the UK
- Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M
- Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things!
This week’s episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system.
This episode is also available on Youtube.
Show notes
- Update on DOD’s cloud services
- Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review
- A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers
- While DOD policy bans unauthorized apps like TikTok from being on employees phones over national security risks
- Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security
- National Guard was hacked by China's 'Salt Typhoon' group, DHS says
- Suspected contractor for China’s Hafnium group arrested in in Italy | Cybersecurity Dive
- Singapore accuses Chinese state-backed hackers of attacking critical infrastructure networks | The Record from Recorded Future News
- UK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on Security
- Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods
- Brazilian police arrest IT worker over $100 million cyber theft | The Record from Recorded Future News
- At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds | WIRED
- Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment | The Record
- Indian crypto exchange CoinDCX says $44 million stolen from reserves | The Record
- Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record
- PoisonSeed bypassing FIDO keys to ‘fetch’ user accounts
- Risky Bulletin: Browser extensions hijacked for web scraping botnet
- A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors
- A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunch
- Ukrainian hackers wipe databases at Russia's Gazprom in major cyberattack, intelligence source says
- File transfer company CrushFTP warns of zero-day exploit seen in the wild | The Record
- HPE warns of hardcoded passwords in Aruba access points
- Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257)
- Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw | Cybersecurity Dive
- Google finds custom backdoor being installed on SonicWall network devices - Ars Technica
- Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years