Risky Business #795 -- How The Com is hacking Salesforce tenants

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• New York Times gets a little stolen Russian FSB data as a treat
• iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign
• Researcher figures out a trick to get Google account holders’ full names and phone numbers
• Major US food distributor gets ransomwared
• The Com’s social engineering of Salesforce app authorisations is a harbinger of our future problems
• Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar.

This week’s episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta’s Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst.

This episode is also available on Youtube.

Show notes

• How The Times Obtained Secret Russian Intelligence Documents - The New York Times
• Ukraine's military intelligence claims cyberattack on Russian strategic bomber maker | The Record from Recorded Future News
• Harris-Walz campaign may have been targeted by iPhone hackers, cybersecurity firm says
• iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S.
• Spyware maker cuts ties with Italy after government refused audit into hack of journalist’s phone | The Record from Recorded Future News
• Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist | TechCrunch
• Android chipmaker Qualcomm fixes three zero-days exploited by hackers | TechCrunch
• Cellebrite to acquire mobile testing firm Corellium in $200 million deal | CyberScoop
• Apple Gave Governments Data on Thousands of Push Notifications
• A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account
• Bruteforcing the phone number of any Google user
• Acreed infostealer poised to replace Lumma after global crackdown | The Record from Recorded Future News
• BidenCash darknet forum taken down by US, Dutch law enforcement | The Record from Recorded Future News
• NHS calls for 1 million blood donors as UK stocks remain low following cyberattack | The Record from Recorded Future News
• Major food wholesaler says cyberattack impacting distribution systems | The Record from Recorded Future News
• Kettering Health confirms attack by Interlock ransomware group as health record system is restored | The Record from Recorded Future News
• Hackers abuse malicious version of Salesforce tool for data theft, extortion | Cybersecurity Dive
• shubs on X: "IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we're releasing Newtowner, to help test for this issue: https://t.co/X3dkMz9gwK" / X
• Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect | WIRED
• Australian navy ship causes radio and internet outages to parts of New Zealand