This episode sponsored by SpecterOps.On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news including:
- Microsoft did a good thing! Soon all Azure admins will require MFA
- The three billion row National Public Data breach mess, courtesy Florida Man
- US govt confirms that it was Iran that hacked the Trump campaign
- Is TP-Link the next Huawei, or just not very good at computers?
- Major Chinese RFID card maker has hardcoded backdoors
- And much, much more.
This week’s episode is sponsored by Specter Ops, makers of Bloodhound Enterprise. VP of Products Justin Kohler joins to talk about how they’ve joined their on-prem AD and cloud Entra attack path graphs, so you can map out that juicy, real-world attack surface.
Show notes
- Announcing mandatory multi-factor authentication for Azure sign-in | Microsoft Azure Blog
- phishing resistant mfa - Google Search
- Microsoft will require MFA for all Azure users
- NationalPublicData.com Hack Exposes a Nation’s Data – Krebs on Security
- National Public Data Published Its Own Passwords – Krebs on Security
- Bloomberg Law
- How the government's proposed 'Trust Exchange' digital ID scheme would work - ABC News
- German Cyber Agency Wants Changes in Microsoft, CrowdStrike Products After Tech Outage - WSJ
- Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts — FBI
- Crypto firm says hacker locked all employees out of Google products for four days
- ZachXBT on X: "Seven hours ago a suspicious transfer was made from a potential victim for 4064 BTC ($238M)" / X
- Bitcoin News Today: $238 Million Bitcoin Heist Linked to Genesis Global Trading
- Routers from China-based TP-Link a national security threat, US lawmakers claim
- Hardware backdoors found in Chinese smart cards
- Unmasking Styx Stealer: How a Hacker's Slip Led to an Intelligence Treasure Trove - Check Point Research
- Hardware backdoors found in Chinese smart cards
- Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months
