Risky Business #668 -- Microsoft is hiding its Azure security problems

PLUS: Paige Thompson guilty of Capital One hack...
22 Jun 2022 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Paige Thompson guilty of Capital One hack
  • Microsoft is hiding serious Azure security issues
  • New Australian government lobbying for Julian Assange
  • How to ransomware documents in the cloud
  • Microsoft stops Windows 10/11 downloads in Russia
  • Belarusian cyber partisans obtain spy agency’s audio recordings
  • Much, much more

This week’s edition of the show is brought to you by Gigamon. Josh Day, Gigamon’s Director of applied threat research team, will be along in this week’s sponsor interview to talk about detecting badness on your network in encrypted traffic.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Former Seattle tech worker convicted of wire fraud and computer intrusions | USAO-WDWA | Department of Justice
MPs back quiet diplomacy in Assange case
Botched and silent patches from Microsoft put customers at risk, critics say | Ars Technica
Microsoft’s Vulnerability Practices Put Customers At Risk | LinkedIn
Security firm warns of ransomware attacks targeting Microsoft cloud 'versioning' feature - The Record by Recorded Future
Separate Fujitsu cloud storage vulnerabilities could enable attackers to destroy virtual backups | The Daily Swig
Large supermarket chain in southern Africa hit with ransomware - The Record by Recorded Future
Telegram: Contact @tass_agency
Microsoft pulls Windows 10 and 11 in Russia • The Register
DDoS Attacks Delay Putin Speech at Russian Economic Forum
Russia warns of a “military clash” if it’s hit by US cyberattacks - The Record by Recorded Future
Belarusian hacktivist group releases purported Belarusian wiretapped audio of Russian embassy
U.S. defense firm L3Harris in talks with NSO Group over spyware - The Washington Post
Srsly Risky Biz: Friday June 17 - by Tom Uren
Suspect in hacking Russian customs detained in Moscow
String of attacks on French telecom infrastructure preceded April attack on fiber optic cables
Chinese APT groups targeting India, Pakistan and more with Sophos firewall vulnerability - The Record by Recorded Future
Ukrainian cybersecurity officials disclose two new hacking campaigns
Police Linked to Hacking Campaign to Frame Indian Activists | WIRED
INTERPOL raids hundreds of scammy call centers in sweep
A Twitch Streamer Is Exposing Coronavirus Scams Live | WIRED
Ranking The World's Angriest Scammers - 10/10 Rage - YouTube
MIT researchers find new hardware vulnerability in the Apple M1 chip - The Record by Recorded Future
A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys | Ars Technica
Tornado Cash Is Crypto Hackers’ Favorite Way to Cash Out, But Experts Say It Can Be Traced
How CISA's list of 'must-patch' vulnerabilities has expanded both in size, and who's using it
The tale of a whale who took Solend’s money – Amy Castor