Risky Business #589 -- Why Microsoft's steep E5 license pricing is a national security risk

How foreign intelligence services are leveraging malicious Azure apps...
24 Jun 2020 » Risky Business

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • Australia “under attack” - a wrap
  • Microsoft releases more security protections for E5 customers
  • US to introduce “anti encryption” bill
  • Shady encrypted phone company owned by the cops
  • NSA to offer filtered DNS services to defence industry
  • MORE

This week’s sponsor is Kasada. They offer a service that eliminates synthetic/bot traffic from the web. Former Australian Prime Minister Malcolm Turnbull is an investor and has joined Kasada’s board. Kasada’s CEO Pascal Podvin is this week’s sponsor guest.

You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.

You can subscribe to our new YouTube channel here.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

One thing Microsoft could do to avert state-sponsored attacks - Risky Business
Australia blames a state actor for major disruptions. China is already denying it.
Microsoft's 'Safe Documents' feature reaches general availability in Office 365 | ZDNet
Microsoft releases first public preview of its Defender antivirus on Android | ZDNet
Graham, Cotton, Blackburn Introduce Balanced Solution to Bolster National Security, End Use of Warrant-Proof Encryption that Shields Criminal Activity | United States Senate Committee on the Judiciary
Encrypted Phone Network Says It's Shutting Down After Police Hack - VICE
‘BlueLeaks’ Exposes Files from Hundreds of Police Departments — Krebs on Security
The NSA is piloting a secure DNS service for the defense industrial base
Bolton book could cause 'irreparable damage' to US signals intelligence, NSA director says
Federal agencies recommend blocking Hong Kong-US undersea cable over national security concerns
North Korea's state hackers caught engaging in BEC scams | ZDNet
Zoom Reverses Course and Promises End-to-End Encryption for All Users | WIRED
AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever | ZDNet
Oracle’s BlueKai tracks you across the web. That data spilled online | TechCrunch
How spies used LinkedIn to hack European defense companies
Crooks abuse Google Analytics to conceal theft of payment card data | Ars Technica
To evade detection, hackers are requiring targets to complete CAPTCHAs | Ars Technica
Adobe wants users to uninstall Flash Player by the end of the year | ZDNet
New Zealand freezes $90 million connected to accused bitcoin launderer Alexander Vinnik
Warning: ‘Invisible God’ Hacker Sold Access To More Than 135 Companies In Just Three Years
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy — Krebs on Security
Chrome extensions with 33 million downloads slurped sensitive user data | Ars Technica
Microsoft: COVID-19 malware attacks were barely a blip in total malware volume | ZDNet
Russia unbans Telegram | ZDNet
Facebook sues websites that sold Instagram likes and scraped Facebook user data | ZDNet
Mozilla to launch VPN product 'in the next few weeks' | ZDNet
Hackers Compromise a Grey Market for Roblox Items - VICE
Security researcher earns $4k bug bounty after hacking into Starbucks database | The Daily Swig
FBI tracked Philly protester through Etsy, LinkedIn to charge her with torching police cars
Samsung Blu-ray players are rebooting in a loop and nobody knows why | ZDNet
Maersk, me & notPetya - gvnshtn
Twitter says some business users had their private data exposed | TechCrunch