Risky Biz Soap Box: Okta's Brett Winterford on session cookie theft and mitigations
08/08/22 • 40 min
2 Listeners
In this edition of the Soap Box podcast Okta’s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware.
He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication.
Show notes
In this edition of the Soap Box podcast Okta’s APAC CISO and former Risky Biz editor Brett Winterford talks about how attackers are getting much better at swiping session cookies via realtime phishing and malware.
He also talks about some mitigation strategies to combat this threat and introduces the concept of continuous authentication.
Show notes
Previous Episode
Risky Business #674 -- "Free money" exploit spawns $150m blockchain feeding frenzy
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Taiwan tensions fail to conjure the cyber apocalypse
- Crypto bridge exploit results in $150m feeding frenzy
- Chainalysis evidence to be challenged in court
- Post-quantum NIST candidate algorithm gets smoked
- DSIRF’s Russia links
- Much, much more
This week’s sponsor interview is with Jerrod Chong from Yubico. He’s joining the show to talk about why consumer-focussed implementations of Webauthn like Apple’s Passkeys aren’t a great enterprise solution.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Taiwanese websites hit with DDoS attacks as Pelosi begins visit
- 'Frenzied mob' steals more than $156 million from crypto platform Nomad - The Record by Recorded Future
- Bitcoin Fog Case Could Put Cryptocurrency Tracing on Trial | WIRED
- Post-quantum encryption contender is taken out by single-core PC and 1 hour | Ars Technica
- Federal court system suffered previously undisclosed breach, congressional committee says
- Australian police charge man with developing spyware used by more than 14,500 people - The Record by Recorded Future
- Risky Biz News: Microsoft puts the limelight on another spyware maker—DSIRF from Austria
- Eavesdropping probe finds Israeli police exceeded authority | AP News
- Hacker use of Microsoft macros plummeted after default block: report - The Record by Recorded Future
- On security researcher's newsletter, exposing cybercriminals behind ransomware
- Luxembourg energy companies struggling with alleged ransomware attack, data breach - The Record by Recorded Future
- At least 34 healthcare orgs affected by alleged ransomware attack on OneTouchPoint - The Record by Recorded Future
- American Dental Association says April cyberattack involved ransomware - The Record by Recorded Future
- Ransomware group demands £500,000 from British schools, citing cyber insurance policy - The Record by Recorded Future
- Hackers stole passwords for accessing 140,000 payment terminals | TechCrunch
- Experts warn of hacker claiming access to 50 U.S. companies through breached MSP - The Record by Recorded Future
- German prosecutors issue warrant for Russian government hacker over energy sector attacks - The Record by Recorded Future
- The commercial satellite boom is leaving space vulnerable to hackers - The Record by Recorded Future
Next Episode
Risky Business #675 -- The problem with Mudge's whistleblowing complaint
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- A deep look at Mudge’s sensational whistleblower complaint against Twitter
- Brazilian Federal Police raid Lapsus$ crew
- NSO CEO to stand down (again), 100 staff to be let go
- Signal users impacted in Twilio incident
- Tornado Cash OFACs around and finds out
- Much, much more
This week’s show is brought to you by Greynoise. Its founder, Andrew Morris, joins the show with a stinging critique of the wider threat intelligence industry. Don’t miss that one.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Patrick Gray on Twitter: "Jesus... can open, worms everywhere. You basically can’t find anyone more credible than @dotMudge in infosec so this is a massive deal https://t.co/TaDQzTEtzR" / Twitter
- Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number - The Record by Recorded Future
- A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years | WIRED
- TikTok Says, No, It Isn't Stealing Your Passwords
- Brazilian police launch investigation targeting Lapsus$ group - The Record by Recorded Future
- Israeli spyware company NSO Group CEO steps down | Reuters
- How a Third-Party SMS Service Was Used to Take Over Signal Accounts
- VIASAT hack impacted French critical services | Cybernews
- DOJ now relies on paper for its most sensitive court documents, official says
- Microsoft disrupts Russia-linked hacking group targeting defense and intelligence orgs - The Record by Recorded Future
- Lloyd’s to forbid insurers from covering losses due to state-backed hacks - The Record by Recorded Future
- U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury
- OFAC Around and Find Out - Lawfare
- Suspected Tornado Cash developer arrested in Netherlands - The Record by Recorded Future
- Report: Ransomware gangs, fraudsters laundered $540 million through RenBridge platform - The Record by Recorded Future
- Risky Biz News: Is ransomware going after the Global South? Sure looks like it!
- Ransomware Now Threatens the Global South | Royal United Services Institute
- Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research
- The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape | Radware Blog
- Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug
- A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED
If you like this episode you’ll love
Episode Comments
Featured in these lists
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/risky-business-43859/risky-biz-soap-box-oktas-brett-winterford-on-session-cookie-theft-and-23024790"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to risky biz soap box: okta's brett winterford on session cookie theft and mitigations on goodpods" style="width: 225px" /> </a>
Copy