Risky Business #668 -- Microsoft is hiding its Azure security problems
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Paige Thompson guilty of Capital One hack
- Microsoft is hiding serious Azure security issues
- New Australian government lobbying for Julian Assange
- How to ransomware documents in the cloud
- Microsoft stops Windows 10/11 downloads in Russia
- Belarusian cyber partisans obtain spy agency’s audio recordings
- Much, much more
This week’s edition of the show is brought to you by Gigamon. Josh Day, Gigamon’s Director of applied threat research team, will be along in this week’s sponsor interview to talk about detecting badness on your network in encrypted traffic.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Former Seattle tech worker convicted of wire fraud and computer intrusions | USAO-WDWA | Department of Justice
- MPs back quiet diplomacy in Assange case
- Botched and silent patches from Microsoft put customers at risk, critics say | Ars Technica
- Microsoft’s Vulnerability Practices Put Customers At Risk | LinkedIn
- Security firm warns of ransomware attacks targeting Microsoft cloud 'versioning' feature - The Record by Recorded Future
- Separate Fujitsu cloud storage vulnerabilities could enable attackers to destroy virtual backups | The Daily Swig
- Large supermarket chain in southern Africa hit with ransomware - The Record by Recorded Future
- Telegram: Contact @tass_agency
- Microsoft pulls Windows 10 and 11 in Russia • The Register
- DDoS Attacks Delay Putin Speech at Russian Economic Forum
- Russia warns of a “military clash” if it’s hit by US cyberattacks - The Record by Recorded Future
- Belarusian hacktivist group releases purported Belarusian wiretapped audio of Russian embassy
- U.S. defense firm L3Harris in talks with NSO Group over spyware - The Washington Post
- Srsly Risky Biz: Friday June 17 - by Tom Uren
- Suspect in hacking Russian customs detained in Moscow
- String of attacks on French telecom infrastructure preceded April attack on fiber optic cables
- Chinese APT groups targeting India, Pakistan and more with Sophos firewall vulnerability - The Record by Recorded Future
- Ukrainian cybersecurity officials disclose two new hacking campaigns
- Police Linked to Hacking Campaign to Frame Indian Activists | WIRED
- INTERPOL raids hundreds of scammy call centers in sweep
- A Twitch Streamer Is Exposing Coronavirus Scams Live | WIRED
- Ranking The World's Angriest Scammers - 10/10 Rage - YouTube
- MIT researchers find new hardware vulnerability in the Apple M1 chip - The Record by Recorded Future
- A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys | Ars Technica
- Tornado Cash Is Crypto Hackers’ Favorite Way to Cash Out, But Experts Say It Can Be Traced
- How CISA's list of 'must-patch' vulnerabilities has expanded both in size, and who's using it
- The tale of a whale who took Solend’s money – Amy Castor