Risky Business #816 -- Copilot Actions for Windows is extremely dicey

In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Salesforce partner Gainsight has customer data stolen
• Crowdstrike fires insider who gave hackers screenshots of internal systems
• Australian Parliament turns off wifi and bluetooth in fear of of visiting Chinese bigwigs
• Shai-Hulud npm/Github worm is back, and rm -rf’ier than ever
• SEC gives up on Solarwinds lawsuit
• Dog eats cryptographer’s key material

This week’s episode is sponsored by runZero. HD Moore pops in to talk about how they’re integrating runZero with Bloodhound-style graph databases. He also discusses uses for driving runZero’s tools with an AI, plus the complexities of shipping AI when the company has a variety of deployment models.

This episode is also available on Youtube.

Show notes

• Google says hackers stole data from 200 companies following Gainsight breach
• Gainsight Status
• Trust Status
• CrowdStrike fires 'suspicious insider' who passed information to hackers
• Salesforce cuts off access to third-party app after discovering ‘unusual activity’
• Атаки разящей панды: APT31 сегодня
• Office of Public Affairs | Seven Hackers Associated with Chinese Government Charged with Computer Intrusions
• Australian federal MPs warned to turn off phones when Chinese delegation visits Parliament House
• Sha1-Hulud: The Second Coming of the NPM Worm is Digging For Secrets
• FCC eliminates cybersecurity requirements for telecom companies
• Trade Associations Cybersecurity Practices Ex Parte
• SEC voluntarily dismisses SolarWinds lawsuit
• Record-breaking DDoS attack against Microsoft Azure mitigated
• The Cloudflare Outage May Be a Security Roadmap – Krebs on Security
• Critics scoff after Microsoft warns AI feature can infect machines and pilfer data
• vx-underground on X: "I've had a surprising amount of people ask me about Copilot"
• Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation
• Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack
• Russia arrests young cybersecurity entrepreneur on treason charges
• This campaign aims to tackle persistent security myths in favor of better advice
• Oops. Cryptographers cancel election results after losing decryption key.
• Uncovering network attack paths with runZeroHound
• Model Context Protocol