Brought to you by Cmd Security

Defense in depth for Linux

Show notes

What We Can Learn from the Capital One Hack — Krebs on Security

E

GitHub sued for aiding hacking in Capital One breach | ZDNet

Hundreds of exposed Amazon cloud backups found leaking sensitive data | TechCrunch

Monzo admits to storing payment card PINs in internal logs | ZDNet

One Million Bank Phone Calls Found in Exposed Server - VICE

SEC Investigating Data Leak at First American Financial Corp. — Krebs on Security

North Korea took $2 billion in cyberattacks to fund weapons program: U.N. report - Reuters

An attempted heist at Coinbase was scary good, even though it failed - MIT Technology Review

Responding to Firefox 0-days in the wild - The Coinbase Blog

Three ads generate 5.5 times more revenue than a web-based cryptojacking script | ZDNet

Apple Hands Hackers Secret iPhones In A Bid To Boost Security, Sources Say

Apple expands bug bounty to macOS, raises bug rewards | ZDNet

Meet APT41, the Chinese hackers moonlighting for personal gain

Cloudflare Says It Won’t Ban 8chan, a Hotbed for Terrorist Manifestos - VICE

Cloudflare Is Protecting a Site Linked to a Neo-Nazi Terror Group - VICE

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts | WIRED

Feds plan to use SecureDrop as a vulnerability reporting portal

US military purchased $32.8m worth of electronics with known security risks | ZDNet

MICROCHIPS Act wants to secure US govt supply chain against Chinese sabotage | ZDNet

Cisco to pay $8.6 million fine for selling government hackable video surveillance technology - The Washington Post

Exclusive: Kaspersky Software Lingers On Sensitive Government Systems 2 Years After U.S. Ban

New advanced malware, possibly nation sponsored, is targeting US utilities | Ars Technica

Yet another hacking group is targeting oil and gas companies, Dragos says

NSA's reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy

A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van

Microsoft To Disable VBScript by Default on August 13th

These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer - VICE

This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station' | WIRED

Clever attack uses SQLite databases to hack other apps, malware servers | ZDNet

Researchers find security flaws in 40 kernel drivers from 20 vendors | ZDNet

Hackers Can Break Into an iPhone Just by Sending a Text | WIRED

Microsoft Invites Researchers to Hack Their Azure Security Lab

Hackers Take on Darpa's $10 Million Voting Machine | WIRED

13-Year-Old Encryption Bugs Still Haunt Apps and IoT | WIRED

Avaya VoIP Phones Harbored 10-year Old Vulnerability

Microsoft: Russian state hackers are using IoT devices to breach enterprise networks | ZDNet

Black Hat Talk About ‘Time AI’ Causes Uproar, Is Deleted By Conference - VICE

Development stops on PowerShell Empire framework after project reaches its goal | ZDNet

How AT&T Insiders Were Bribed to 'Unlock' Millions of Phones | WIRED

QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices | ZDNet

Security bugs in popular Cisco switch brand allow hackers to take over devices | ZDNet

WordPress team working on daring plan to forcibly update old websites | ZDNet

Vulnerability in Microsoft CTF protocol goes back to Windows XP | ZDNet

How offense and defense came together to plug a hole in a popular Microsoft program

Ancient technique tears a hole through modern web stacks at Black Hat 2019 | The Daily Swig

He tried to prank the DMV. Then his vanity license plate backfired big time.

*********READING LIST STARTS HERE: How a BlackBerry password cracked one of Australia’s biggest drug hauls

Who Owns Your Wireless Service? Crooks Do. — Krebs on Security

DARPA Is Building a $10 Million, Open Source, Secure Voting System - VICE

Now you can use Android phones, rather than passwords, to log in to Google* | Ars Technica

Database from StockX Hack Sold Online, Check If You're Included

Silent Windows update patched side channel that leaked data from Intel CPUs | Ars Technica

Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security - CyberScoop

A phishing campaign with nation-state hallmarks is targeting Chinese government agencies - CyberScoop

Guardian Firewall iOS App Automatically Blocks the Trackers on Your Phone | WIRED

A cyber-espionage group has been stealing files from the Venezuelan military | ZDNet

Voter records for 80% of Chile's population left exposed online | ZDNet

A Remote-Start App Exposed Thousands of Cars to Hackers | WIRED

FTC: Too many people signed up for Equifax cash, so they'll be getting less than $125 | ZDNet

Exclusive: Critical U.S. Election Systems Have Been Left Exposed Online Despite Official Denials - VICE

Windows malware strain records users on adult sites | ZDNet

State Farm says hackers confirmed valid usernames and passwords in credentials stuffing attack | ZDNet

iNSYNQ Ransom Attack Began With Phishing Email — Krebs on Security

Android Apps With Over 100M Installs Contain a Clicker Trojan

New HTTP/2 Flaws Expose Unpatched Web Servers to DoS Attacks

StockX was hacked, exposing millions of customers’ data | TechCrunch

CafePress Data Breach Exposes Personal Info of 23 Million Users