Risky Business Podcast
July 24, 2024
Risky Business #756 -- Move fast and break everything
Presented by
CEO and Publisher
Technology Editor
The Risky Biz main show returns from a break to the traditional internet-melting mess that happens whenever Patrick Gray takes a holiday. Pat and Adam Boileau talk through the week’s security news, including:
- Oh Crowdstrike, no, oh no, honey, no
- AT&T stored call records on Snowflake and you’ll never guess what happened next
- Squarespace buys Google Domains and makes a hash of it
- Some but not all of the SECs case against Solarwinds gets thrown out
- Pity the incident responders digging through a terabyte of Disney Slack dumps
- Internet Explorer rises from the grave, and it wants SHELLS RAAAAARGH SSHHEEELLLS
- And much, much more.
This week’s show is brought to you by Sublime Security, a flexible and modern email security platform. If you’re sick of using a black box email security solution, Sublime is a terrific option for you.
Brought to you by Sublime Security
Cloud email security that's not a black box
Show notes
Risky Biz News: CrowdStrike faulty update affects 8.5 million Windows systems
Low-level cybercriminals are pouncing on CrowdStrike-connected outage | CyberScoop
CrowdStrike says flawed update was live for 78 minutes | Cybersecurity Dive
Crooks Steal Phone, SMS Records for Nearly All AT&T Customers – Krebs on Security
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks – Krebs on Security
Teenage suspect in MGM Resorts hack arrested in Britain
Majority of SEC civil fraud case against SolarWinds dismissed, but core remains | Cybersecurity Dive
How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter | WIRED
Kaspersky Lab Closing U.S. Division; Laying Off Workers
Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages | WIRED
Wallets tied to CDK ransom group received $25 million two days after attack | CyberScoop
UnitedHealth’s cyberattack response costs to surpass $2.3B this year | Cybersecurity Dive
Ransomware ecosystem fragmenting under law enforcement pressure and distrust
Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it | Ars Technica