Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"

Risky Business
03/09/2025 1h 1min

Listen "Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup""

Descargar episodio Ver en sitio original

Episode Synopsis



On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:


The Salesloft breach and why OAuth soup is a problem
The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
Google says it will stand up a “disruption unit”
Microsoft writes up a ransomware gang that’s all-in on the cloud future
Aussie firm hot-mics its work-from-home employees’ laptops
Youtube scam baiters help the feds take down a fraud ring


This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.



Show notes


The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security


Salesloft: The Leading AI Revenue Orchestration Platform


Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive


The impact of the Salesloft Drift breach on Cloudflare and our customers


China used three private companies to hack global telecoms, U.S. says


CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF


Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop


Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News


Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News


Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog


The Era of AI-Generated Ransomware Has Arrived | WIRED


Between Two Nerds: How threat actors are using AI to run wild - YouTube


Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security


UK sought broad access to Apple customers’ data, court filing suggests


ICE reactivates contract with spyware maker Paragon | TechCrunch


WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch


Safetrac turned staff laptops into covert recording devices to monitor WFH


Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media





More episodes of the podcast Risky Business

Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD 29/10/2025
Risky Business #811 -- F5 is the tip of the crap software iceberg 22/10/2025
Wide World of Cyber: A deep dive on the F5 hack 21/10/2025
Risky Biz Soap Box: Why Mastercard is scaling its cybersecurity business 17/10/2025
Risky Business #810 -- Data extortion attacks have a silver lining 15/10/2025
Snake Oilers: Realm Security, Horizon3 and Persona 08/10/2025
Risky Business #809 -- Hackers try to pay a journalist for access to the BBC 01/10/2025
Risky Business #808 -- Insane megabug in Entra left all tenants exposed 24/09/2025
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc 17/09/2025
Risky Biz Soap Box: runZero shakes up vulnerability management 15/09/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA