Risky Business Podcast
November 06, 2024
Risky Business #769 -- Sophos drops implants on Chinese exploit devs
Presented by
CEO and Publisher
Technology Editor
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
- Sophos drops implants on Chinese firewall exploit devs
- Microsoft workshops better just-in-time Windows admin privileges
- Snowflake hacker arrested in Canada
- Okta has a fun, but not very impactful auth-bypass bug
- Russians bring dumb-but-smart RDP client attacks
- And much, much more.
Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do.
This week’s episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network.
You can also watch this episode on Youtube
Brought to you by runZero
runZero: A New Kind of CAASM
Show notes
Okta AD/LDAP Delegated Authentication - Username Above 52 Characters Security Advisory
Does bcrypt have a maximum password length? - Information Security Stack Exchange
Local Administrator Protection | Privilege Protection
Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED
A Deeper Look at FortiJump (FortiManager CVE-2024-47575) | Bishop Fox
Man Arrested for Snowflake Hacking Spree Faces US Extradition | WIRED
Google uses large language model to discover real-world vulnerability
Thousands of hacked TP-Link routers used in yearslong account takeover attacks - Ars Technica
Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns
The Untold Story of Trump's Failed Attempt to Overthrow Venezuela's President | WIRED
Risky Biz News: The mystery at Mango Park
North Korean hackers seen collaborating with Play ransomware group, researchers say