Risky Business Risky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keys
52 snips
May 14, 2025 This week features Travis McPeak, Founder and CEO of Resourcely, who specializes in cloud security and Terraform management. They delve into the intriguing role of AI in SharePoint, revealing how Copilot could unintentionally leak sensitive data. The discussion also unpacks the evolving ransomware landscape, including shifts in group dynamics and the implications of recent high-profile attacks. Additionally, they highlight innovative research on vehicle hacking using Bluetooth vulnerabilities and emphasize the need for coordinated cloud security efforts, showcasing Resourcely's mission to streamline Terraform management.
AI Snips
Chapters
Transcript
Episode notes
Dragon Force's Ransomware-as-a-Service Shift
- Dragon Force ransomware has pivoted to selling platform services enabling others to launch attacks.
- Their statement not to attack Russia suggests links to Russian cybercriminal ecosystems despite earlier Malaysian origins.
Ransomware Ecosystem Under Pressure
- The ransomware ecosystem is under intense pressure with trust and communication breakdowns.
- Ransomware resolution rates have plummeted from 85% in 2019 to 27%, indicating growing operational difficulties.
Chinese APT Exploits SAP NetWeaver
- Chinese APT groups are exploiting a SAP NetWeaver Visual Composer vulnerability to deploy web shells.
- Poorly managed infrastructure reveals scan results publicly, showing operational sloppiness.