On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- The msdt/office lolbinapalooza
- Microsoft to introduce sensible defaults to Azure
- Twitter fined $150m for sms 2fa spam
- It turns out npm got owned in that Heroku/Travis CI thing
- AWS cred-stealing supply chain attack was research your honour, I swear!
- Much, much more
We’ll be chatting with Airlock Digital co-founder and CTO Daniel Schell in this week’s sponsor interview. He’ll be walking us through some of his own research into how to own Microsoft boxes via document-embedded office add-ins.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.