Risky Business #750 -- Why Microsoft's Recall is an attacker's best friend

On this week’s show Patrick and Adam discuss the week’s security news, including:

• Russian delivery company gets ransomware-wiper’d
• A supply-chain attack targets video software used in US courts
• Checkpoint firewalls get hacked, details as clear as mud
• Microsoft Recall delights hackers
• Aussie telco Optus gets told its IR report isn’t legal advice
• Cyber insurer says you’re 5x more likely to get rekt if you have a Cisco ASA
• And much, much more.

This week’s episode is sponsored by Kroll Cyber. Alex Cowperthwaite, Kroll’s technical director research and development for offence joins to talk about how his team attacks AI models, in ways both classic and new.

Show notes

• Major Russian delivery company down for three days due to cyberattack
• Stark Industries Solutions: An Iron Hammer in the Cloud – Krebs on Security
• CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog
• Check Point Software customers targeted by hackers using old, local VPN accounts | Cybersecurity Dive
• US pharma giant Cencora says Americans' health information stolen in data breach | TechCrunch
• Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’ | WIRED
• Kevin Beaumont: "I got ahold of the Copilot+ so…" - Cyberplace
• Kevin Beaumont: "For those who aren’t aware, Mi…" - Cyberplace
• Patrick Gray on X: "You know it’s coming… Microsoft Defender Advanced Security for Recall"
• Microsoft Edge for Business: Revolutionizing your business with AI, security and productivity - Microsoft Edge Blog
• Optus loses appeal to keep Deloitte report on cyberattack secret
• Optus says it will defend allegations it failed to protect confidential details of 9 million customers in cyber attack - ABC News
• Nearly 3 million affected by Sav-Rx data breach
• Spyware app pcTattletale was hacked and its website defaced | TechCrunch
• #F**kStalkerware pt. 6 - tattling on pcTattletale
• Spyware maker pcTattletale shutters after data breach | TechCrunch
• Jeremy Kirk: "Cyber insurer Coalition releas…" - Infosec Exchange
• Coalition_2024-Cyber-Claims-Report
• TikTok says it disrupted 15 influence operations this year — including one from China
• Israeli private eye accused of hacking was questioned about DC public affairs firm, sources say | Reuters
• RansomHub claims attack on Christie’s, the world’s wealthiest auction house
• Open-Source Assessments of AI Capabilities: The Proliferation of AI Analysis Tools, Replicating Competitor Models, and the Zhousidun Dataset
• Shashank Joshi on X: "Additionally, OpenAI will retain and consult with other safety, security, and technical experts to support this work, including former cybersecurity officials, Rob Joyce [@RGB_Lights], who advises OpenAI on security, and John Carlin."