20 min listen
Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
FromRisky Business
Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
FromRisky Business
ratings:
Length:
20 minutes
Released:
Oct 11, 2023
Format:
Podcast episode
Description
On this week’s show Patrick Gray and Lina Lau discuss the week’s security news. They cover:
Microsoft has killed VBScript
Google to make passkeys the new default sign-in method
MGM losses to exceed $100m
Clorox has a bad quarter
Why a bug in cURL could be really bad news
Much, much more
This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments.
Show notes
Deprecated features in the Windows client - What's new in Windows | Microsoft Learn
Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED
AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive
MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive
Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive
Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states
Cybercrime gangs now deploying ransomware within 24 hours of hacking victims
Microsoft: Human-operated ransomware attacks tripled over past year
Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks
Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop
67 X accounts spread coordinated Israel-Hamas disinformation: report
John Hultquist? on X: "We are currently seeing pro-Iran information operations actors promoting content across various social media channels, in favor of Hamas and critical of Israel’s response to the attacks. 1/x" / X
Hacktivism erupts in response to Hamas-Israel war | TechCrunch
‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines
Joe Truzman on X: "Israeli Police Spokesperson: The Cyber Unit of the Police at Lahav 433 has frozen accounts of cryptocurrencies that served Hamas' terrorist organization to solicit donations on social networks. The Cyber Unit of Lahav 433, in cooperation with the Ministry of Defense, the…" / X
Cloud giants sound alarm on record-breaking DDoS attacks | Cybersecurity Dive
Israel's Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance | WIRED
Edward Snowden on X: "Netanyahu nurtured a zillion-dollar industry selling spying tools to despots that use them to break into the iPhones of critics, elected opponents, human rights lawyers, and even students (these are all real examples). Turns out they're not very useful for spying on Hamas, tho.…" / X
HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks
NVD - CVE-2023-44487
Maintainers warn of vulnerability affecting foundational open-source tool
23andMe user data targeting Ashkenazi Jews leaked online
23andMe User Data Stolen in Credential Stuffing Attack
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability | Ars Technica
From AI with love: Scammers integrate ChatGPT into dating-app tool
Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist | WIRED
Microsoft has killed VBScript
Google to make passkeys the new default sign-in method
MGM losses to exceed $100m
Clorox has a bad quarter
Why a bug in cURL could be really bad news
Much, much more
This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments.
Show notes
Deprecated features in the Windows client - What's new in Windows | Microsoft Learn
Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED
AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive
MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive
Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive
Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states
Cybercrime gangs now deploying ransomware within 24 hours of hacking victims
Microsoft: Human-operated ransomware attacks tripled over past year
Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks
Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop
67 X accounts spread coordinated Israel-Hamas disinformation: report
John Hultquist? on X: "We are currently seeing pro-Iran information operations actors promoting content across various social media channels, in favor of Hamas and critical of Israel’s response to the attacks. 1/x" / X
Hacktivism erupts in response to Hamas-Israel war | TechCrunch
‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines
Joe Truzman on X: "Israeli Police Spokesperson: The Cyber Unit of the Police at Lahav 433 has frozen accounts of cryptocurrencies that served Hamas' terrorist organization to solicit donations on social networks. The Cyber Unit of Lahav 433, in cooperation with the Ministry of Defense, the…" / X
Cloud giants sound alarm on record-breaking DDoS attacks | Cybersecurity Dive
Israel's Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance | WIRED
Edward Snowden on X: "Netanyahu nurtured a zillion-dollar industry selling spying tools to despots that use them to break into the iPhones of critics, elected opponents, human rights lawyers, and even students (these are all real examples). Turns out they're not very useful for spying on Hamas, tho.…" / X
HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks
NVD - CVE-2023-44487
Maintainers warn of vulnerability affecting foundational open-source tool
23andMe user data targeting Ashkenazi Jews leaked online
23andMe User Data Stolen in Credential Stuffing Attack
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability | Ars Technica
From AI with love: Scammers integrate ChatGPT into dating-app tool
Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist | WIRED
Released:
Oct 11, 2023
Format:
Podcast episode
Titles in the series (46)
Feature interview: Australia's Cyber Security Minister Clare O'Neil: Clare O'Neil and Ciaran Martin talk to Patrick Gray about cyber strategy and releasing the hounds… by Risky Business