Risky Business #780 -- ASD torched Zservers data while admins were drunk
Feb 19, 2025
auto_awesome
Braden Rogers, Chief Customer Officer at Island, discusses the pressing challenges of AI data exposure. He dives into the emotional toll recent cyber incidents have had on the tech community. The conversation also highlights the complexities of managing unstructured data in enterprises and the increasing necessity of robust security measures as large language models become ubiquitous. Additionally, Braden critiques existing protections against prompt injection attacks while advocating for smarter data governance strategies.
Australia's Signals Intelligence Agency took decisive action to eliminate sensitive Medibank data from Russian hosting, showcasing effective cyber defense strategies.
Emerging device code phishing tactics reveal increased sophistication in cyber threats, necessitating greater user education on authentication methods.
The security breach of the Doge.gov website highlights lax data governance, emphasizing the need for stringent security measures in digital governance.
Deep dives
David Jorm's Legacy in Cyber Security
The passing of David Jorm has left a significant mark on the Australian cyber security community. Known for his intelligence and passion for hacking, Jorm was a well-respected figure, having contributed to various conferences and discussions around cyber security issues. His struggles with bipolar disorder and the complexity of his life underline the importance of mental health awareness in high-pressure fields such as cyber security. The narrative surrounding his death emphasizes a need for compassion and understanding of the personal battles individuals may face, regardless of their professional success.
Australian Cyber Security Agency's Crackdown on Cyber Crime
Recent actions by Australia's Signals Intelligence Agency to eliminate data from bulletproof hosting services have gained attention, particularly related to the Medibank hack. This operation involved targeting Z Servers, a sophisticated Russian hosting provider, to eliminate half a terabyte of sensitive data. Interestingly, the investigative process utilized linguists and psychologists to profile suspects, showcasing the agency's commitment to thoroughness and intelligence in cyber crime investigations. This proactive approach not only addresses immediate threats but also sends a strong warning to cyber criminals regarding the reach and capabilities of Australian cyber defenses.
A new phishing technique has been adopted by Russian APT groups, utilizing device code authentication to gain access to Microsoft 365 accounts. This method plays on the confusion surrounding multi-factor authentication setups that many users encounter, making it easier for attackers to steal authentication codes. By tricking users into entering session codes from seemingly legitimate requests, attackers can gain unauthorized access, highlighting the need for increased user education and awareness regarding authentication methods. This trend underscores the ongoing evolution of phishing tactics as cyber threats become more sophisticated and challenging to detect.
Doge.gov: A Security Breach Exposing Data Governance Flaws
The Doge.gov website recently suffered a security breach, allowing unauthorized individuals to post messages due to a lack of authentication controls. This incident raises concerns about the underlying data governance policies in place for government-related websites, questioning the security measures employed. The ease with which the site was compromised presents serious implications for the handling and protection of sensitive information. The breach serves as a reminder of the importance of rigorous security protocols and ongoing vigilance in maintaining data integrity in an increasingly digital world.
Cloudflare's Struggles Amid Piracy Enforcement in Spain
Cloudflare has found itself at the center of a legal battle in Spain, where local ISPs have been compelled to block access to pirated sports streams hosted through its infrastructure. This situation illustrates the complexities of operating a content delivery network that intersects with piracy efforts and the resulting consequences. Users attempting to access various online services may face disruptions due to these legal requirements, demonstrating the challenges of balancing content accessibility with copyright enforcement. This incident raises crucial discussions about the responsibilities of service providers and the implications for users navigating the digital landscape.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:
Australian spooks scrubbed Medibank data off Zservers bulletproof hosting
Why device code phishing is the latest trick in confusing poor users about cloud authentication
Cloudflare gets blocked in Spain, but only on weekends and because of… football?
Palo Alto has yet another dumb bug
Adam gushes about Qualys’ latest OpenSSH vulns
Enterprise browser maker Island is this week’s sponsor and Chief Customer Officer Bradon Rogers joins the show to talk about how the adoption of AI everywhere is causing headaches.
