Page de couverture de Risky Business #821 -- Wiz researchers could have owned every AWS customer

Risky Business #821 -- Wiz researchers could have owned every AWS customer

Risky Business #821 -- Wiz researchers could have owned every AWS customer

Écouter gratuitement

Voir les détails du balado

À propos de cet audio

 In this week’s show, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, joined by a special guest. BBC World Cyber Correspondent Joe Tidy is a long time listener and he pops in for a ride-along in the news segment plus a chat about his new book. This week news includes: Did the US cyber Venezuela’s power grid, or do they just want us to think they coulda?US govt might boycott the RSAC Conference ‘cause Jen Easterly being CEO makes them madMS Patch Tuesday fixes CVSS5.5 bug and … stops you shutting downWiz pulls off cloud stunt hack that ends with control of everyone’s AWS consoleMillions of Bluetooth devices that use Google’s Fast Pairing will pair with anyone, any timeGNU inet-tools’ telnetd parties like it’s 2007, and brings -f root unauthed remote login back Thinkst is this week’s sponsor, and long time friend of the show Haroon Meer joins. As always they’re polishing their Canary tokens - adding breadcrumbs to lead you to them - but they’re also a bunch of giant nerds who now run South Africa’s Computer Olympiad. This episode is also available on Youtube. Show notes Cyberattack in Venezuela Demonstrated Precision of U.S. Capabilities - The New York TimesWhy I’m withholding certainty that “precise” US cyber-op disrupted Venezuelan electricity - Ars TechnicaLayered Ambiguity: US Cyber Capabilities in the Raid to Extract Maduro from Venezuela | Royal United Services InstituteFormer CISA Director Jen Easterly Will Lead RSAC Conference | WIREDTrump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO - Nextgov/FCWFederal agencies ordered to patch Microsoft Desktop Windows Manager bug | The Record from Recorded Future NewsWindows 11 shutdown bug forces Microsoft into damage control • The RegisterCodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz BlogCritical flaw in AWS Console risked compromise of build environment | Cybersecurity DiveNever-before-seen Linux malware is “far more advanced than typical” - Ars TechnicaVoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point ResearchHundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking | WIREDCritical flaw in Fortinet FortiSIEM targeted in exploitation threat | Cybersecurity DiveCVE-2025-64155: 3 Years of Remotely Rooting the FortiSIEMA single click mounted a covert, multistage attack against Copilot - Ars TechnicaPolice raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader | The Record from Recorded Future NewsJordanian initial access broker pleads guilty to helping target 50 companies | The Record from Recorded Future NewsSupreme Court hacker posted stolen government data on Instagram | TechCrunchoss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetdHow crypto criminals stole $700 million from people - often using age-old tricksCtrl + Alt + Chaos: How Teenage Hackers Hijack the Internet
Pas encore de commentaire