Risky Business

Risky Business #787 -- Trump fires NSA director, CISA cuts inbound

Apr 9, 2025

Derek Hansen, Vice President of Solutions Architecture at Yubico, dives into the complexities of passkey ecosystems for enterprises. He highlights the challenges companies face in adopting consumer-driven passkey technologies while maintaining security. The conversation covers the synchronization issues in password managers and the importance of robust security frameworks to combat malware threats. Hansen emphasizes the evolution towards passwordless authentication and the pivotal role of hardware keys in enhancing cybersecurity amidst the shifting technological landscape.

53:01

Creator website

Episode guests

Derek Hansen

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Oracle's acknowledgment of a cloud breach raises concerns about legacy systems potentially compromising current data security.

The dismissal of NSA leaders by the Trump administration highlights growing partisanship within national security decision-making and intelligence operations.

CISA's proposed staffing cuts could severely impair its effectiveness in proactively addressing increasing cybersecurity threats and risks.

Deep dives

Oracle Cloud Breach Confirmation

Oracle confirmed a breach involving legacy servers, contrary to its initial denial. The breach exposed usernames from two outdated systems that were mistakenly part of the cloud infrastructure. They reassured users that no usable passwords were compromised, citing that the exposed passwords were encrypted or hashed. However, there are concerns about potential access to more current data if legacy systems are not properly decommissioned.

Intro

2min

Legacy Vulnerabilities and Recent Breach Concerns

1min

Leadership Shakeups in Cybersecurity

20min

Exploiting Vulnerabilities: Crush FTP and Beyond

14min

From Scammers to Passkeys: A Dive into Security Updates

4min

Navigating Passkey Security Risks

10min

Exploring Passkeys and Hardware Authentication Trends

2min

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

Oracle quietly cops to being hacked, but immediately pivots into pretending it didn’t matter
NSA and CyberCom leaders fired for not being MAGA enough
US Treasury had some dusty corners it hadn’t found China in yet, looked, found China in them
…which is a great time to discuss slashing CISA’s staffing
Ransomware crews and bullet proof hosting providers are getting rekt, and we love it
And Microsoft patches yet another logging 0-day being used in the wild.

This episode is sponsored by Yubico, makers of Yubikey hardware authentication tokens. Yubico’s Vice President of Solutions Architecture and Alliances Derek Hanson joins to discuss how the consumer-centric passkey ecosystem has become a real challenge for enterprises. One that Yubico is actually ideally positioned to solve.

This episode is also available on Youtube.

Show notes

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Risky Business

Risky Business #787 -- Trump fires NSA director, CISA cuts inbound

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Oracle Cloud Breach Confirmation

Leadership Changes at NSA

CISA Job Cuts and Implications

Superannuation Scams in Australia

Challenges with Passkeys and User Experience

Show notes

Remember Everything You Learn from Podcasts