This episode sponsored by Proofpoint.On this week’s show Patrick and Adam talk through all the week’s security news, including:
- NSO Group WhatsApp vuln coverage goes nuclear
- Activists targeted by NSO malware in hiding in west after CIA tipoffs
- Cisco Trust Anchor drags on sea floor
- Linux kernel bugs likely overhyped
- Adobe patches insane number of CVEs
- Microsoft patches rumoured GCHQ VEP’d RDP bug
- New hardware bugs affect Intel processors
- SHA-1 collisions become much more practical
- Major US anti-virus firms owned hard
This week’s sponsor interview with Ryan Kalember of Proofpoint. Ryan is a listener, and when he heard Adam talking about how password rotations actually result in crappy passwords, it hit a nerve with him. He says Proofpoint, via its CASBY product, is seeing a lot of targeted credential stuffing campaigns cycling through variations of passwords that have appeared in dumps.
Apparently the bad guys are hip to what a typical password rotation variation looks like and they’re using this knowledge to better direct their cred stuffing attempts.
Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- How Hackers Broke WhatsApp With Just a Phone Call | WIRED
- Israel gives 'Pegasus' spyware to countries like Saudi Arabia
- CIA Sent Warnings to 3 Khashoggi Associates About New Saudi Threats | Time
- WhatsApp Hack Shows End-to-End Encryption Is Pointless - Bloomberg
- The NSO WhatsApp Vulnerability - This is How It Happened - Check Point Research
- It’s Almost Impossible to Tell if Your iPhone Has Been Hacked - VICE
- Human rights groups to ask Israeli court to revoke NSO Group’s export license
- A Cisco Router Bug Has Massive Global Implications | WIRED
- Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
- Security Updates Released for Adobe Flash Player, Reader, and Media Encoder
- Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003 — Krebs on Security
- Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn
- Two years after WannaCry, a million computers remain at risk | TechCrunch
- Intel CPUs impacted by new Zombieload side-channel attack | ZDNet
- ZombieLoad attack lets hackers steal data from Intel chips - The Verge
- Patch status for the new MDS attacks against Intel CPUs | ZDNet
- SHA-1 collision attacks are now actually practical and a looming danger | ZDNet
- NVIDIA Patches High Severity Windows GPU Display Driver Flaws
- Keyloggers Injected in Web Trust Seal Supply Chain Attack
- Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
- New Details Emerge of Fxmsp's Hacking of Antivirus Companies
- DOJ Says Chinese Hackers Attacked Anthem, but Not Why | WIRED
- “RobbinHood” ransomware takes down Baltimore City government networks | Ars Technica
- Julian Assange to face revived rape investigation in Sweden
- Former NSA analyst charged in leak of classified documents to reporter
- New leaks of Iranian cyber-espionage operations hit Telegram and the Dark Web | ZDNet
- Jokeroo Ransomware as a Service Pulls an Exit Scam
- Nigerian BEC Scammers Shifting to RATs As Tool of Choice
- Mozilla offers research grant for a way to embed Tor inside Firefox | ZDNet
- Experts Doubt Russian Claims That Cryptographic Flaw Was a Coincidence - VICE
- Microsoft recommends using a separate device for administrative tasks | ZDNet
- Unsecured server exposes data for 85% of all Panama citizens | ZDNet
