Risky Business #753 – Congress and vuln researchers maul Microsoft

PLUS: What we got wrong with Apple and iCloud...
19 Jun 2024 » Risky Business

On this week’s retreat special, the entire Risky Business team is together in a tropical paradise for the first time. The team takes a break from the infinity pool to discuss the week’s security news:

  • Microsoft recalls Recall, but why did it have to be such a mess
  • And a Windows kernel wifi code-exec, really?
  • Passkeys and identity are hard
  • Scattered Spider bigwig arrested in Spain
  • The pentagon runs a deeply flawed info-op
  • Is it time E2E crypto nerds accept their place in the world?
  • And much, much more.

This week’s show is brought to you by Corelight… Corelight’s CEO Brian Dye will be along in this week’s sponsor interview to make a really compelling case for something that shouldn’t exist… which is NDR in cloud environments.

Show notes

Microsoft shelves Recall feature release after security uproar
Microsoft’s Recall puts the Biden administration’s cyber credibility on the line | CyberScoop
Microsoft’s cybersecurity vulnerabilities endanger America
US lawmakers grill Microsoft president over China ties, hacks | Reuters
Microsoft Refused to Fix Flaw Years Before SolarWinds Hack — ProPublica
CVE-2024-30078 - Security Update Guide - Microsoft - Windows Wi-Fi Driver Remote Code Execution Vulnerability
Security bug allows anyone to spoof Microsoft employee emails | TechCrunch
Patrick Gray on X: "I was wrong about some things I said about iCloud accounts in this week’s show and I’ll tell you all exactly how I was wrong in next week’s show"
Passkeys in Microsoft Authenticator and Entra ID
Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake | WIRED
MFA plays a rising role in major attacks, research finds | Cybersecurity Dive
Luke Jennings on LinkedIn: saas-attacks/techniques/ghost_logins/description.md at main ·…
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested – Krebs on Security
EXPOSED: Identities of Iranian Hackers Targeting Israel and Other Countries Revealed | Matzav.com
Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating | Ars Technica
Windows flaw may have been exploited with Black Basta ransomware before it was patched
Crown Equipment Corporation victim of a Ransomware attack | Born's Tech and Windows World
City governments in Michigan, New York face shutdowns after ransomware attacks
Cleveland confirms ransomware attack as City Hall remains closed
Authorities investigating extended ‘network outage’ at organization that runs TheBus
Pentagon ran secret anti-vax campaign to incite fear of China vaccines
Shashank Joshi on X: "Just finished “Information Operations”, a new book by @TathamSteve. Includes this anecdote on a British effort to stop children throwing stones at a base in Afghanistan. “LRGR was the abbreviation for the Long-Range Gonad Reducer.” https://t.co/zmoxb45Cgz"
Dmitri Alperovitch on X: "@shashj They also allegedly hacked the email of the lieutenant leading the medical service of the 960th unit and retrieved the medical certificates of 150 officers and enlisted personnel"
Signal president Meredith Whittaker criticizes EU attempts to tackle child abuse material