Cybersecurity Headlines

Microsoft MFA bypass, cybercrime marketplace takedown, Sophos hacker charged

Dec 13, 2024
Microsoft's multi-factor authentication faces a significant breach through the AuthQuake attack, raising alarms for security measures. The recent takedown of the Rydox cybercrime marketplace signals a win against cybercriminals. A Chinese national is indicted for hacking numerous Sophos firewall devices, showcasing the escalating threats in cybersecurity. Additionally, the podcast discusses the implications of SQL zero-day vulnerabilities on XG devices and highlights ongoing risks surrounding consumer data management.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

AuthQuake Attack

  • Researchers found an attack, AuthQuake, bypassing Microsoft's MFA.
  • It exploited the Authenticator app's six-digit code process, needing only an hour without user interaction.
ANECDOTE

Rydox Marketplace Takedown

  • The Justice Department seized Ridox, an online marketplace selling stolen data.
  • International collaboration led to arrests in Kosovo and Albania, with extraditions planned.
ANECDOTE

Sophos Firewall Hacking

  • Guan Tianfang, working for Sichuan Information Technology Company, faces charges for exploiting Sophos firewalls.
  • He and accomplices used a zero-day to deploy malware, impacting 81,000 devices.
Get the Snipd Podcast app to discover more snips from this episode
Get the app