Risky Business #720 -- How cloud identity provider federation features can get you mega-owned
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Why everyone should pay attention to some recent attacks on Okta customers
- Why third party comms apps are risky af
- Why are Russian espionage opps using Tor for C2?
- Surveillance firms abuse Fiji Telco Digicel’s SS7 access
- Much, much more!
This week’s show is brought to you by Gigamon. Mark Jow, Gigamon’s EMEA Technical Director is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Cross-Tenant Impersonation: Prevention and Detection | Okta Security
- BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
- NCSC-MAR-Infamous-Chisel.pdf
- Ukraine says an energy facility disrupted a Fancy Bear intrusion
- Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach – Krebs on Security
- Telstra-owned Pacific mobile network likely exploited by spies for hire - ABC News
- CISA, MITRE shore up operational tech networks with adversary emulation platform
- LogicMonitor customers hit by hackers, because of default passwords | TechCrunch
- Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong. | Ars Technica
- Why is .US Being Used to Phish So Many of Us? – Krebs on Security
- UK cyber agency announces Ollie Whitehouse as its first ever CTO
- Embattled consulting firm PwC swept up in global cyber breach of file service MOVEit by cybercrime group C10p
- ONLINE-SCAM-OPERATIONS-2582023.pdf
- Unmasking Trickbot, One of the World’s Top Cybercrime Gangs | WIRED
