Risky Business Podcast
August 31, 2022
Risky Business #676 -- Okta, Authy users among Twilio hack targets
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- The Twilio breach was actually a big deal
- How a Belarusian Cyber Partisans hack burned a GRU illegal
- Who wants 25m hashed passwords from Russia?
- An NFT we can get behind
- How attackers are using game anti-cheat drivers to defeat EDR
- Much, much more
This week’s sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Brought to you by Fastly
Modern web app and API security, anywhere
Show notes
Why the Twilio Breach Cuts So Deep | WIRED
Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica
The number of companies caught up in recent hacks keeps growing | Ars Technica
How 1-Time Passcodes Became a Corporate Liability – Krebs on Security
A huge Chinese database of faces and vehicle license plates spilled online | TechCrunch
Plex imposes password reset after hackers steal data for >15 million users | Ars Technica
Patrick Gray on Twitter: "https://t.co/DOFdMExsPe" / Twitter
Google Online Security Blog: Announcing Google’s Open Source Software Vulnerability Rewards Program
Hackers Are Using Anti-Cheat in 'Genshin Impact' to Ransom Victims
Chinese hackers zero in on Australian manufacturers, wind turbine operators
FTC sues data broker that tracks locations of 125M phones per month | Ars Technica
Buddle co-accused one of 50 alleged criminals preparing challenge to police sting
Researchers discover sprawling pro-U.S. social media influence campaign
Unheard Voice: Evaluating five years of pro-Western covert influence operations