Risky Business #751 -- Snowflake, operation Endgame and Microsoft's looming FTC problem

PLUS: Joseph Cox joins the show to talk about his new book, Dark Wire...
05 Jun 2024 » Risky Business

On this week’s show Patrick Gray and Mark Piper discuss the week’s security news, including:

  • What on earth happened at Snowflake?
  • A look at operation Endgame
  • Check Point’s hilarious adventures with dot dot slash
  • Report says the FTC is looking at Microsoft’s security product bundling
  • More ransomware hits Russia
  • Much, much more

404 Media co-founder Joseph Cox is this week’s feature guest. He joins us to talk about his new book, Dark Wire, which is all about the FBI’s Anom sting.

This week’s show is brought to you by Resourcely. If your Terraform is a mess or your CSPM dashboards are lighting up with insane and stupid things, you should check out Resourcely. Its founder and CEO Travis McPeak will be along in this week’s sponsor interview to talk about all things Terraform.

Show notes

The Snowflake breach and the need for mandatory MFA
Snowflake at centre of world’s largest data breach | by Kevin Beaumont | Jun, 2024 | DoublePulsar
Cloud company Snowflake denies that reported breach originated with its products
‘Operation Endgame’ Hits Malware Delivery Platforms – Krebs on Security
Treasury Sanctions Creators of 911 S5 Proxy Botnet – Krebs on Security
TikTok warns of exploit aimed at 'high-profile accounts’
SEC clarifies intent of cybersecurity breach disclosure rules after initial filings | Cybersecurity Dive
SEC.gov | Disclosure of Cybersecurity Incidents Determined To Be Material and Other Cybersecurity Incidents[*]
Nurses at Ascension hospital in Michigan raise alarms about safety following ransomware attack
London hospitals declare emergency following ransomware attack | Ars Technica
North Korea’s ‘Moonstone Sleet’ using fake tank game, custom ransomware in attacks
OpenAI models used in nation-state influence campaigns, company says
National Vulnerability Database | NIST
More than 600,000 routers knocked out in October by Chalubo malware
Hackers steal $305M from DMM Bitcoin crypto exchange | TechCrunch
Germany's main opposition party hit by ‘serious’ cyberattack
Cyberattack disrupts operations of supermarkets across Russia
Rare earths miner targeted in cyber attack prior to removal of Chinese investors - ABC News
Check Point - Wrong Check Point (CVE-2024-24919)
Kevin Beaumont: "The latest Risky Business epis…" - Infosec Exchange
This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI | WIRED
FTC-industry talks over possible Microsoft probe raised recent hacking incidents - Nextgov/FCW
Tim Schofield 🏴󠁧󠁢󠁥󠁮󠁧󠁿 🇬🇧 🇪🇺🗺: "@riskybusiness @metlstorm I d…" - Infosec Exchange
Dark Wire: The Incredible True Story of the Largest Sting Operation Ever: Cox, Joseph: 9781541702691: Amazon.com: Books
Distant Field Labs