On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• Australian airline Qantas looks like it got a Scattered Spider-ing
• Microsoft works towards blunting the next CrowdStrike disaster
• Changes are coming for Microsoft’s default enterprise app consenting setup
• Synology downplays hardcoded passwords for its M365 cloud backup agent
• The next Citrix Netscaler memory disclosure looks nasty
• Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses

This week’s episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of sprawling cloud environments.

Show notes:

Qantas hit by cyber attack, leaving 6 million customer records at risk of data breach https://www.abc.net.au/news/2025-07-02/qantas-cyber-attack-significant-data-stolen/105484720

Scattered Spider appears to pivot toward aviation sector | Cybersecurity Dive https://www.cybersecuritydive.com/news/scattered-spider-appears-to-pivot-toward-aviation-sector/751917/

Microsoft to make Windows more resilient following 2024 IT outage | Cybersecurity Dive https://www.cybersecuritydive.com/news/microsoft-windows-resilient-2024-it-outage/751740/

(384) The Ultimate Guide to App Consent in Microsoft Entra - YouTube https://www.youtube.com/watch?v=JBt-sB0qXqk

When Backups Open Backdoors: Accessing Sensitive Cloud Data via “Synology Active Backup for Microsoft 365” / modzero https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

AT&T deploys new account lock feature to counter SIM swapping | CyberScoop https://cyberscoop.com/att-wireless-account-lock-sim-swapping-protection/

Iran-linked hackers threaten to release Trump aides’ emails | Reuters https://www.reuters.com/legal/government/iran-linked-hackers-threaten-release-trump-aides-emails-2025-06-30/

US government warns of new Iran-linked cyber threats on critical infrastructure | Cybersecurity Dive https://www.cybersecuritydive.com/news/iran-cyberattacks-warning-us-government-israel-war/751963/

Actively exploited vulnerability gives extraordinary control over server fleets - Ars Technica https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/

Critical vulnerability in Citrix Netscaler raises specter of exploitation wave | Cybersecurity Dive https://www.cybersecuritydive.com/news/critical-vulnerability-citrix-netscaler/751617/

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams | WIRED https://www.wired.com/story/identities-of-80-plus-americans-stolen-for-north-korean-it-worker-scams/

Cloudflare confirms Russia restricting access to services amid free internet crackdown | The Record from Recorded Future News https://therecord.media/cloudflare-russia-restricting-access-crackdown

Mexican drug cartel used hacker to track FBI official, then killed potential FBI informants, government audit says | CNN Politics https://edition.cnn.com/2025/06/28/politics/mexican-drug-cartel-fbi-hack-informants?cid=ios_app

Audit of the FBI’s Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - Redacted Report https://oig.justice.gov/sites/default/files/reports/25-065_t.pdf

NATO members aim for spending 5% of GDP on defense, with 1.5% eligible for cyber | The Record from Recorded Future News https://therecord.media/nato-agreement-5percent-gdp-defense-spending-cyber

US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations | CyberScoop https://cyberscoop.com/bulletproof-hosting-provider-aezagroup-sanctions/

US, French authorities confirm arrest of BreachForums hackers | TechCrunch https://techcrunch.com/2025/06/26/us-french-authorities-confirm-arrest-of-breachforums-hackers/

Spanish police arrest five over $542 million crypto investment scheme | The Record from Recorded Future News https://therecord.media/spain-europol-cryptocurrency-investment-scheme-takedown

Scam compounds labeled a ‘living nightmare’ as Cambodian government accused of turning a blind eye | The Record from Recorded Future News https://therecord.media/cambodia-scam-compounds-amnesty-international-report