Introducing Qwiet AI AutoFix! Reduce the time to secure code by 95% Read More

Season 1  |  Episode 2

Get ready for Episode 2 of Hacking Exposed, Qwiet Edition!

Stu McClure, Chris Hatter, Chetan Conikee, and Ben Denkers are back.

In this episode, the discussion touches on:

  • the Microsoft hack, and how the company is handling it
  • more MOVEit victims
  • why passwords and tokens are just plain dumb
  • the hidden harms of logo-posting
  • whether you can trust criminals who exploit trust

 


Resources for this episode:

TechCrunch on the Microsoft hack.

An update from cybersecuritynews.com on the impact of MOVEit.

The recent executive order on cybersecurity.

 


Show Notes:

  • [00:00:41] Well-informed speculation abounds on the Microsoft situation.
  • [00:13:50] It’s important to remember that attacks usually aren’t publicly identified the first time they work . . .
  • [00:17:30] The MOVEit mess shows that outdated tech can be a cybercriminal’s best friend. Stay current on your patches!
  • [00:21:28] Enumerating endpoints and determining the footprint of a target are critical elements of most successful cyberattacks. Why make those jobs easier?
  • [00:23:20] What if the MOVEit debacle is just the opening salvo in a protracted campaign?

 


Episode Transcript

[00:00:00] Stu McClure: All right everybody. Welcome back to the Hacking Exposed Podcast Qwiet edition. I’m joined by my usual cool cohorts here and I’m super excited to cover the topics. This week there’s been some amazing stories to talk about, in particular Microsoft, more MOVEit victims, a lot of chat GPT and AI talk in and around enabling adversaries and maybe even replacing CISOs.

[00:00:41] We’ll first just kick it off with the biggest story I think we can talk about ri