Alex Stamos is our news co-host this week. Patrick and Alex discuss all the week’s security news, including:
- Mass exploitation of iOS devices by Chinese govt
- Telegram moves to nix phone number enumeration “feature”
- USA targeted Iranian maritime awareness system
- Existence of Stuxnet mole revealed by Kim Zetter
- @jack gets hacked
- Much, much more
This week’s sponsor interview is with Michelle Price of AustCyber. AustCyber is the organisation here in Australia that aims to build out the Australian cyber security industry and skills base, and Michelle pops in this week to tell us all about the upcoming Australian Cyber Week.
Links to everything are below in the show notes.
Show notes
- Project Zero: A very deep dive into iOS Exploit chains found in the wild
- Mysterious iOS Attack Changes Everything We Know About iPhone Hacking | WIRED
- iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources
- Apple iPhone Hack Exposed By Google Breaks WhatsApp Encryption
- This Has Been the Worst Year for iPhone Security Yet - VICE
- Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks | WIRED
- Exploit Sellers Say There are More iPhone Hacks on the Market Than They’ve Ever Seen - VICE
- Researchers uncover malicious sites targeting China's Uyghur population
- Confirmed: Google’s Android Suffers Sustained Attacks By Anti-Uighur Hackers
- Exclusive: Messaging app Telegram moves to protect identity of Hong Kong protesters - Reuters
- U.S. Cyberattack Hurt Iran’s Ability to Target Oil Tankers, Officials Say - The New York Times
- Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran
- North Korean state hackers target retired diplomats and military officials | ZDNet
- How Twitter CEO Jack Dorsey's Account Was Hacked | WIRED
- Google launches bounty program to spot misuses of Google API, Chrome, and Android user data | ZDNet
- Google adds all Android apps with +100m installs to its bug bounty program | ZDNet
- Cisco releases guides for incident responders handling hacked Cisco gear | ZDNet
- BEC overtakes ransomware and data breaches in cyber-insurance claims | ZDNet
- How MuleSoft patched a critical security flaw and avoided a disaster | ZDNet
- Rash of ransomware continues with 13 new victims—most of them schools | Ars Technica
- Russian police take down malware gang that infected 800,000+ Android smartphones | ZDNet
- Avast and French police take over malware botnet and disinfect 850,000 computers | ZDNet
- TrickBot, today's top trojan, adds feature to aid SIM swapping attacks | ZDNet
- German bank loses €1.5 million in mysterious cashout of EMV cards | ZDNet
- Over 47,000 Supermicro servers are exposing BMC ports on the internet | ZDNet
- Spam In your Calendar? Here’s What to Do. — Krebs on Security
- Marc Owen Jones on Twitter: "[Thread] As promised, today I want to tell you of how I became friends with a Twitter troll called Angus Gallagher. Angus recently had a sex/ethnicity reassignment operation. He is now called Jasmine, but we'll come to that a bit later. First though, say hi to Angus #StopTheCoup https://t.co/z9cjTZxkxo" / Twitter
- Security Engineer job in Austin, TX at Praetorian
- National Missing Persons Hackathon 2019 Tickets, Fri 11/10/2019 at 9:30 am | Eventbrite