This episode sponsored by Duo Security.Alex Stamos co-hosts this week’s episode. Topics discussed include:
- DNC says Russia tried to own its servers in November 2018
- South Korean Defence Ministry owned
- Lazarus Group busy in Chile
- West African banks suffer multiple intrusions
- Michael Cohen admits rigging online poll for Trump
- Nine charged over SEC hack
- More USG SSL certificates due to expire
- apt-get remote root RCE
- Don’t use your Garmin to scope your murder escape route
- Big plot twist in viral video outrage
This week’s show is brought to you by Duo Security, which I guess is now Cisco Duo Security. Wendy Nather - Duo’s head of advisory CISOs - will be along in this week’s sponsor interview to talk about a topic near and dear to my heart: victim shaming. That’s a good one so please do stick around for that.
Links to everything that we discussed are below and you can follow Patrick or Alex on Twitter if that’s your thing.
Show notes
- DNC says Russia tried to hack its servers again in November 2018 | ZDNet
- Hackers breach and steal data from South Korea's Defense Ministry | ZDNet
- North Korean hackers infiltrate Chile's ATM network after Skype job interview | ZDNet
- West African banks hit by multiple hacking waves last year | ZDNet
- Michael Cohen says Trump directed him to pay for poll rigging - CNNPolitics
- Nine defendants charged in SEC hacking scheme that netted $4.1 million | Ars Technica
- 773M Password ‘Megabreach’ is Years Old — Krebs on Security
- Advertising network compromised to deliver credit card stealing code | ZDNet
- Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide | Safety Detective
- These are all the federal HTTPS websites that’ll expire soon because of the US government shutdown | TechCrunch
- The Hacker News on Twitter: "We all love your media player, but that’s really rude #VLC 🙄 VLC developers refused to consider #software "update-over-HTTP" as a threat. Responded→ “no threat model. no proof. no #security bug" It wouldn't hurt if you simply consider the suggestion. https://t.co/GWhE1US5Ko… https://t.co/7ja6wM4Ube"
- Remote Code Execution in apt/apt-get
- Hitman Runner Mark Fellows Convicted of Mob Murder on GPS Watch Data
- HN Front Page on Twitter: "FBI arrests PureVPN user with log data that was said to not exist L: https://t.co/bnY0CPyidf C: https://t.co/M1uhBVTRVC"
- Lin Affidavit
- Huawei founder says company would not share user secrets | The Sacramento Bee
- Opinion | If 5G Is So Important, Why Isn’t It Secure? - The New York Times
- Facebook’s Sputnik Takedown — In Depth – DFRLab – Medium
- Covington students, Nathan Phillips viral video: Twitter suspends account that helped ignite controversy - CNN
- Russia tries to force Facebook and Twitter to relocate servers to Russia | Ars Technica
- Forget Bitcoin: Why Criminals are Using Fortnite to Launder Illicit Funds
- Fortnite security issue would have granted hackers access to accounts | ZDNet
- VC funding of cybersecurity companies hits record $5.3B in 2018 | TechCrunch
