Risky Business #715 -- Pressure mounts on Microsoft to explain itself

02 Aug 2023 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:

  • Ron Wyden’s “please explain” letter to Microsoft
  • Chinese APT crews prepositioning to disrupt US military logistics
  • China claims US hacked its seismology sensors
  • Ivanti/MobileIron exploitation going vertical
  • Much, much more

This week’s show is brought to you by Stairwell. Mike Wiacek, Stairwell’s founder and CEO, is this week’s sponsor guest. He’s joined by Eric Foster, Stairwell’s VP of Business Development.

Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.

Show notes

Wyden letter to CISA, DOJ, FTC re 2023 Microsoft breach
Senator calls on DOJ to investigate alleged China hack of Microsoft cloud tools
U.S. Hunts Chinese Malware That Could Disrupt American Military Operations - The New York Times
Multiple Chinese APTs establish major beachheads inside sensitive infrastructure | Ars Technica
John Hultquist🌻 on Twitter: "We found this actor in land, air, and sea transportation targets which could be leveraged for a serious disruption to logistics." / X
China accuses U.S. of hacking earthquake monitoring equipment
Exclusive: Pentagon Investigates ‘Critical Compromise’ Of Air Force Communications Systems
CISA: Ivanti hacks targeting Norway began in April
US, Australia cyber agencies warn IDOR security flaws can be exploited ‘at scale’ | TechCrunch
Ivanti warns of second vulnerability used in attacks on Norway gov’t
Andrew Morris on Twitter: "Exploitation of Ivanti EPMM (MobileIron Core) CVE-2023-35078 is currently popping off https://t.co/tkRoWqvtv1 https://t.co/XOaWEZ3U3X" / X
Trail of Bits | Products
US contractor says info of up to 10 million leaked in MOVEit breach
British ambulances unable to access patient records system following cyberattack
Valid account credentials are behind most cyber intrusions, CISA finds | Cybersecurity Dive
An Unexpected Endorsement for WebAuthn | Okta Security
SEC votes to overhaul disclosure rules for material cyber events | Cybersecurity Dive
White House unveils ‘whole of society’ push to expand cybersecurity workforce
Section 702 surveillance powers are necessary, but FBI access needs limits, panel says
The NSA Is Lobbying Congress to Save a Phone Surveillance 'Loophole' | WIRED
Kazakhstan refuses to extradite detained Russian cyber expert to US
Russia Sends Cybersecurity CEO to Jail for 14 Years – Krebs on Security
Millions stolen from crypto platforms through exploited ‘Vyper’ vulnerability
A New Attack Impacts ChatGPT—and No One Knows How to Stop It | WIRED
Cloud company assisted 17 different government hacking groups, U.S. researchers say | Reuters
No evidence ransomware victims with cyber insurance pay up more often, UK report says
‘Worm-like’ botnet malware targeting popular Redis storage tool
Hackers are infecting Call of Duty players with a self-spreading malware | TechCrunch
Bug in Minecraft mods allows hackers to exploit players' devices