Risky Business #734 -- The number of hacked Microsoft 365 customers is skyrocketing

In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:

• More details on sanctioned Medibank hacker Aleksandr Ermakov
• More details on alleged Scattered Spider hacker Noah Michael Urban
• RUMINT that the number of Microsoft customers impacted by the SVR oauth/365 campaign is huge
• Ron Wyden did something useful…
• …then did something stupid
• Ivanti’s clown car collides with dumpster fire
• Much, much more

This week’s feature guest is Australia’s assistant foreign minister (and cybersecurity tragic) Tim Watts. He joins us to talk about why the Australian government sanctioned Aleksandr Ermakob.

Sublime Security founder and CEO Josh Kamdjou is this week’s sponsor guest. He joins us to talk about combating QR-code phishing.

Show notes

• Exclusive: US disabled Chinese hacking network targeting critical infrastructure | Reuters
• Medibank’s Attacker: IT Businessman, Claimed Psychologist… | Intel471
• Who is Alleged Medibank Hacker Aleksandr Ermakov? – Krebs on Security
• Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider – Krebs on Security
• Microsoft says Russian hackers also targeted other organizations | TechCrunch
• HPE hit by a monthslong cyberattack on its cloud-based email | Cybersecurity Dive
• (99+) Microsoft's Dangerous Addiction To Security Revenue | LinkedIn
• Microsoft critics accuse the firm of ‘negligence’ in latest breach | CyberScoop
• N.S.A. Buys Americans’ Internet Data Without Warrants, Letter Says - The New York Times
• Trading platform EquiLend down following cyberattack | Cybersecurity Dive
• Ivanti Connect Secure zero-day patches delayed | Cybersecurity Dive
• Popular CI/CD tool Jenkins discloses critical CVE | Cybersecurity Dive
• MOVEit liabilities mount for Progress Software | Cybersecurity Dive
• Tim Watts bio:
• Pennywise - Down Under [Men at Work Cover] - YouTube