Risky Business #659 -- Okta and Microsoft meet LAPSUS$

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Okta’s somewhat awful comms around its LAPSUS$ incident
  • Inside Microsoft’s brush with the same group
  • How Elon Musk’s Starlink service is being used to drop bombs on Russian tanks
  • US, UK governments warn of impending Russian cyberdoom
  • Much, much more…

This week’s sponsor interview is with Paul Lanzi, co-founder of Remediant. Paul joins the show this week to talk about cyber insurance. It’s a topic that has come up a lot for us lately – ransomware has borderline sunk the current cyber insurance model as payments ballooned and payouts made a lot of insurers adjust premiums to the. But all is not lost – Paul says this blowup means the insurance industry is actually adapting and could wind up being a driver of better security practices.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #659 -- Okta and Microsoft meet LAPSUS$
0:00 / 0:00

Show notes

Hackers hit authentication firm Okta, customers 'may have been impacted' | Reuters

Updated Okta Statement on LAPSUS$ | Okta

Microsoft investigating Lapsus$ claims of Bing, Cortana data theft - The Record by Recorded Future

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction - Microsoft Security Blog

U.K. echoes Biden warning on Russian cyberattacks - The Record by Recorded Future

Statement by President Biden on our Nation’s Cybersecurity | The White House

FBI advised that hackers scanned networks of 5 US energy firms ahead of Biden's Russia cyberattack warning - CNNPolitics

CISA, FBI warn of satellite network hacks following Viasat cyberattack - The Record by Recorded Future

Specialist Ukrainian drone unit picks off invading Russian forces as they sleep | News | The Times

China’s DJI And Its Billionaire Chief Put In An Awkward Spot As Both Sides In Ukraine War Use Its Drones

Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine | Snyk

Catalin Cimpanu on Twitter: "Following the poisoning of the node-ipc npm package to sabotage systems in Belarus and Russia, Russia's NKTsKI cyber-security agency has told companies to use local repos for FOSS software, use older versions prior to the invasion, and audit new updates https://t.co/3PlKdXTfn1 https://t.co/EV25HBBZFN" / Twitter

U.S. bars ex-spies from becoming 'mercenaries,' following Reuters series | Reuters

Behold, a password phishing site that can trick even savvy users | Ars Technica

Death of the Password? FIDO Alliance Reveals Its New Plan | WIRED

Scammers have 2 clever new ways to install malicious apps on iOS devices | Ars Technica

New details emerge on prolific Conti-linked cybercrime group

Trickbot is using MikroTik routers to ply its trade. Now we know why | Ars Technica

Sandworm-linked botnet has another piece of hardware in its sights

Hacker Steals Customer Data From Circle, BlockFi, Other Big Crypto Firms - Decrypt

Lawmakers Probe Early Release of Top RU Cybercrook – Krebs on Security

A different way to do PAM -- Paul Lanzi, Remediant - YouTube