Risky Business Weekly Cybersecurity News Podcast, Episode 757

Risky Business Media
Risky Business Media
1,560
0
Published 2024-07-30
In this podcast Patrick Gray and Adam Boileau from Risky Business Media talk through the week's cybersecurity news. Links to everything discussed are below:

Business interruption claims will drive insurance losses linked to CrowdStrike IT disruption | Cybersecurity Dive
www.cybersecuritydive.com/news/business-interrupti…

Delta hires David Boies to seek damages from CrowdStrike, Microsoft
www.cnbc.com/2024/07/29/delta-hires-david-boies-to…

CrowdStrike disruption direct losses to reach $5.4B for Fortune 500, study finds | Cybersecurity Dive
www.cybersecuritydive.com/news/crowdstrike-cost-fo…

Why CrowdStrike's Baffling BSOD Disaster Was Avoidable - YouTube
   • Why CrowdStrike's Baffling BSOD Disas...  

CrowdStrike offers a $10 apology gift card to say sorry for outage | TechCrunch
techcrunch.com/2024/07/24/crowdstrike-offers-a-10-…

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services – Krebs on Security
krebsonsecurity.com/2024/07/crooks-bypassed-google…

Hackers exploit VMware vulnerability that gives them hypervisor admin | Ars Technica
arstechnica.com/security/2024/07/hackers-exploit-v…

Microsoft calls out apparent ESXi vulnerability that some researchers say is a ‘nothing burger’ | CyberScoop
cyberscoop.com/microsoft-calls-out-apparent-esxi-v…

AMI Platform Key leak undermines Secure Boot on 800+ PC models
news.risky.biz/risky-biz-news-ami-platform-key-lea…

Chrome will now prompt some users to send passwords for suspicious files | Ars Technica
arstechnica.com/security/2024/07/google-overhauls-…

Google Online Security Blog: Improving the security of Chrome cookies on Windows
security.googleblog.com/2024/07/improving-security…

Cyber firm KnowBe4 hired a fake IT worker from North Korea | CyberScoop
cyberscoop.com/cyber-firm-knowbe4-hired-a-fake-it-…

North Korean hacker used hospital ransomware attacks to fund espionage | CyberScoop
cyberscoop.com/north-korea-hacking-indictment-fbi-…

North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
media.defense.gov/2024/Jul/25/2003510137/-1/-1/0/J…

North Korean hacking group makes waves to gain Mandiant, FBI spotlight | CyberScoop
cyberscoop.com/north-korean-hacking-group-makes-wa…

Chaining Three Bugs to Access All Your ServiceNow Data
www.assetnote.io/resources/research/chaining-three…

ServiceNow spots sales opportunities post-CrowdStrike outage | Cybersecurity Dive
www.cybersecuritydive.com/news/servicenow-ceo-crow…

Cyber Supply Chain Risk Management Conference (CySCRM) 2024 | Conference | PNNL
www.pnnl.gov/events/cyber-supply-chain-risk-manage…
All Comments (10)
  • @StephenMcGregor1986
    What's even more funny is that Uber shut those cards down due to suspicious activity lol
  • @jzk224
    Dio shirt? Good to see y’all’s faces 😅
  • @KevinBeaumont
    Great show. Re VMware, the vendor advisory is wrong - the group is ESX Admins, not ESXi Admins. Also, it doesn’t necessarily need domain admins to create - most orgs don’t have domain admins creating groups, they delegate it to service desk staff or MSPs. There’s likely more to come about why it’s a vuln - eg VMware have issued a patch which changes three different things for this one CVE.
  • @StephenMcGregor1986
    I just ask Perplexity - "Please point out any potential negative consequences contained within these terms and conditions"
  • @JimmerofOz
    I was expecting to see the Digicert massive pineapple of a mess up on their DCV failure leading to 24 hr revokation of some certs for their customers..
  • @williampfeifer2208
    Y'all have no right to have different faces than I made up in my mind from hearing your voices for all these years!
  • @googlehomemini2059
    Pat, you should put a shout out for people to subscribe / like / comment so that you drown out the movie of the same name… :)