Risky Business Podcast
January 17, 2024
Risky Business #732 — We are CRUSHED
Presented by
CEO and Publisher
Co-host at large
On this week’s SURPRISE edition, Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Their disappointment over last week’s SEC Twitter hack
- China rainbow-tables Airdrop
- Enterprise bugs galore…
- … and why patching fast is hard when there isn’t even a patch yet
- UEFI flaws get trad-BIOS-era vendor response
- and much, much more…
This week’s show is unsponsored, we’re just here for the fun of it.
Show notes
The SEC’s Official X Account Was ‘Compromised’ and Used to Post Fake Bitcoin News | WIRED
FireChat – the messaging app that’s powering the Hong Kong protests
End-of-life Cisco routers targeted by China’s Volt Typhoon group
Ivanti Connect Secure attacks part of deliberate espionage operation | Cybersecurity Dive
Ivanti Connect Secure VPN Exploitation Goes Global
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549
Aria Automation Missing Access Control Vulnerability (CVE-2023-34063)
Security Bulletin - January 16 2024
Stable Channel Update for Desktop
“MyFlaw” — Cross Platform 0-Day RCE Vulnerability Discovered in Opera’s Browser
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.
LeftoverLocals: Listening to LLM responses through leaked GPU local memory
Southeast Asian casino industry supercharging cyber fraud, UN says