Risky Business cover image

Risky Business

Risky Business #783 -- Evil webcam ransomwares entire Windows network

Mar 12, 2025
Rob Joyce, former Special Assistant to the US President and cybersecurity director at the NSA, shares his insights on national security challenges. He discusses groundbreaking cyber threats, including a ransomware attack using a Linux webcam to infiltrate Windows networks. Lee Chagolla-Christensen, Principal Security Researcher at SpecterOps, dives into the vulnerabilities of NTLM authentication in Active Directory and the potential of Bloodhound to address these issues. The conversation highlights the evolving landscape of cybersecurity and the importance of robust defense mechanisms.
01:03:40

Podcast summary created with Snipd AI

Quick takeaways

  • A new Bluetooth-proximity phishing attack demonstrates how attackers can exploit authentication flows to intercept session tokens and gain access to accounts.
  • The ongoing repercussions of the LastPass hack illustrate the critical importance of robust security practices and how compromised credentials can lead to substantial financial losses.

Deep dives

Passkey Account Takeover Technique

A new passkey account takeover technique has been reported, which requires Bluetooth proximity for execution. This technique involves an attacker using a phishing page to lure a victim into authenticating with their passkey while simultaneously redirecting the victim's device to an attacker-controlled URL. By exploiting the cross-device authentication flow, attackers can intercept the authentication request and ultimately gain session tokens. While this exploit demonstrates a creative vulnerability, it has prompted discussions around its practicality and the potential need for further security measures.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode