Risky Business #720 -- How cloud identity provider federation features can get you mega-owned
Risky Business
English - September 05, 2023 14:00 - 56 minutes - 52.2 MB - ★★★★★ - 339 ratingsTechnology News Tech News Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
Why everyone should pay attention to some recent attacks on Okta customers
Why third party comms apps are risky af
Why are Russian espionage opps using Tor for C2?
Surveillance firms abuse Fiji Telco Digicel’s SS7 access
Much, much more!
This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
Cross-Tenant Impersonation: Prevention and Detection | Okta Security
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
NCSC-MAR-Infamous-Chisel.pdf
Ukraine says an energy facility disrupted a Fancy Bear intrusion
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security
Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News
CISA, MITRE shore up operational tech networks with adversary emulation platform
LogicMonitor customers hit by hackers, because of default passwords | TechCrunch
Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. | Ars Technica
Why is .US Being Used to Phish So Many of Us? – Krebs on Security
UK cyber agency announces Ollie Whitehouse as its first ever CTO
Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p
ONLINE-SCAM-OPERATIONS-2582023.pdf
Unmasking Trickbot, One of the World’s Top Cybercrime Gangs | WIRED