Risky Business Risky Business #780 -- ASD torched Zservers data while admins were drunk
13 snips
Feb 19, 2025 Braden Rogers, Chief Customer Officer at Island, discusses the pressing challenges of AI data exposure. He dives into the emotional toll recent cyber incidents have had on the tech community. The conversation also highlights the complexities of managing unstructured data in enterprises and the increasing necessity of robust security measures as large language models become ubiquitous. Additionally, Braden critiques existing protections against prompt injection attacks while advocating for smarter data governance strategies.
AI Snips
Chapters
Transcript
Episode notes
ASD's Data Removal
- The Australian Signals Directorate (ASD) reportedly erased Medibank data from ZServers, a bulletproof hosting provider.
- This occurred while the ZServers admins were allegedly out drinking, according to reports.
Device Code Phishing Rise
- Device code phishing, where attackers exploit device authorization codes, is increasingly popular among Russian APT groups.
- This technique targets multi-factor authentication by phishing the code used to link devices to accounts.
Authentication Complexity
- Modern authentication flows, while secure, have become increasingly complex and confusing for users.
- This complexity can be exploited by attackers, as seen with device code phishing, highlighting the need for simpler authentication.