Risky Business Podcast

July 19, 2023

Risky Business #713 -- Microsoft activates PR weasels after State Department hack

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Microsoft’s weasel-word response to the State Department email hack
  • JumpCloud got owned, maybe by DPRK
  • Citrix 0day is getting stuff rekt
  • Two more spyware firms sanctioned by USA
  • Scammers list fake phone numbers for major airlines on Google Maps
  • Much, much more

This week’s show is brought to you by security focussed enterprise browser maker Island. Dan Amiga, Island’s CTO and co-founder, is this week’s sponsor guest. He talks about why widespread enterprise browser deployment is inevitable.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Risky Business #713 -- Microsoft activates PR weasels after State Department hack
0:00 / 0:00

Show notes

China-based hackers breach email accounts at State Department

Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts | Cybersecurity Dive

Microsoft takes pains to obscure role in 0-days that caused email breach | Ars Technica

Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection | Mandiant

Hackers target Pakistani government, bank and telecom provider with China-made malware

Risky Biz News: JumpCloud compromised by APT group

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns | Ars Technica

CISA warns of dangerous Rockwell industrial bug being exploited by gov’t group

Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products | Cybersecurity Dive

CISA gives US civilian agencies until August 1 to resolve four Microsoft vulnerabilities

Google fixes ‘Bad.Build’ vulnerability affecting Cloud Build service

White House unveils consumer labeling program to strengthen IoT security | Cybersecurity Dive

Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity

Two more foreign spyware firms blacklisted by US

Phone numbers for airlines listed on Google directed to scammers

By criminals, for criminals: AI tool easily generates ‘remarkably persuasive’ fraud emails

Itamar Golan 🤓 on Twitter: "A malicious LLM-based tool known as WormGPT 🪱 is rapidly gaining traction in underground forums. This tool empowers attackers to automate sophisticated phishing and BEC (Business Email Compromise) attacks, leveraging personalized fake emails to significantly enhance success… https://t.co/fAcrYhT696" / Twitter

FCC chair proposes $200M investment to boost K-12 cybersecurity | Cybersecurity Dive

Fed ends Capital One breach-related enforcement action | Cybersecurity Dive

Norwegian Refugee Council hit by cyberattack

Belarus-linked hacks on Ukraine, Poland began at least a year ago, report says

Albania’s PM complains US is not providing country with cyberdefense funds

VirusTotal: Datenleck offenbart Kunden der Google-Sicherheitsplattform - DER SPIEGEL

Genesis Market sold to anonymous buyer despite FBI disruption