Risky Business cover image

Risky Business

Risky Business #783 -- Evil webcam ransomwares entire Windows network

Mar 12, 2025
Rob Joyce, former Special Assistant to the US President and cybersecurity director at the NSA, shares his insights on national security challenges. He discusses groundbreaking cyber threats, including a ransomware attack using a Linux webcam to infiltrate Windows networks. Lee Chagolla-Christensen, Principal Security Researcher at SpecterOps, dives into the vulnerabilities of NTLM authentication in Active Directory and the potential of Bloodhound to address these issues. The conversation highlights the evolving landscape of cybersecurity and the importance of robust defense mechanisms.
01:03:40

Podcast summary created with Snipd AI

Quick takeaways

  • A new Bluetooth-proximity phishing attack demonstrates how attackers can exploit authentication flows to intercept session tokens and gain access to accounts.
  • The ongoing repercussions of the LastPass hack illustrate the critical importance of robust security practices and how compromised credentials can lead to substantial financial losses.

Deep dives

Passkey Account Takeover Technique

A new passkey account takeover technique has been reported, which requires Bluetooth proximity for execution. This technique involves an attacker using a phishing page to lure a victim into authenticating with their passkey while simultaneously redirecting the victim's device to an attacker-controlled URL. By exploiting the cross-device authentication flow, attackers can intercept the authentication request and ultimately gain session tokens. While this exploit demonstrates a creative vulnerability, it has prompted discussions around its practicality and the potential need for further security measures.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner