This episode sponsored by Bugcrowd.On this week’s show Patrick and Adam discuss the week’s security news, including:
- US Treasury targets DPRK APT crews
- Russia owned FBI counter surveillance team radio comms
- New details on 2016 attack against Ukraine power grid
- US Government to sue Edward Snowden for memoir profits
- Did RCMP intelligence director tip Phantom Secure on investigation?
- Much, much more!
This week’s sponsor interview is with Casey Ellis of Bugcrowd. It’s an interesting chat with Casey this week. He was at the Billington cyber conference a couple of weeks ago and he had a bunch of interesting discussions there with people in the aerospace sector.
Between recent Black Hat presentations on 787 security and the trouble Boeing has had with it’s 737-MAX, software security and resiliency is all of a sudden on the agenda in aerospace. Casey drops by to talk about all of that.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- US Treasury sanctions three North Korean hacking groups | ZDNet
- Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups | U.S. Department of the Treasury
- North Korean hackers target U.S. entities amid stalled denuclearization talks
- Exclusive: Russia carried out a 'stunning' breach of FBI communications system, escalating the spy game on U.S. soil
- New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction | WIRED
- Exclusive: Australia concluded China was behind hack on parliament, political parties – sources - Reuters
- US sues Edward Snowden over new book | ZDNet
- Investigation into senior RCMP official stemmed from disruption of encrypted phone service: sources - National | Globalnews.ca
- Israeli police arrest execs from vendor of mobile surveillance tech | ZDNet
- Infamous surveillance tech vendor makes pledge to follow UN human rights policy | ZDNet
- This Company Built a Private Surveillance Network. We Tracked Someone With It - VICE
- Simjacker attack exploited in the wild to track users for at least two years | ZDNet
- A Password-Exposing Bug Was Purged From LastPass | WIRED
- The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite | WIRED
- Database leaks data on most of Ecuador's citizens, including 6.7 million children | ZDNet
- Arrest made in Ecuador's massive data breach | ZDNet
- Data of 24.3 million Lumin PDF users shared on hacking forum | ZDNet
- Hacked government contractor shares breach details as investigation continues
- FIN7's IT admin pleads guilty for role in billion-dollar cybercrime crew
- Google discloses vulnerability in Chrome OS 'built-in security key' feature | ZDNet
- Sophos open-sources Sandboxie, a utility for sandboxing any application | ZDNet
- Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode | ZDNet
- Most Android flashlight apps request an absurd number of permissions | ZDNet
- Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions
- NY Payroll Company Vanishes With $35 Million — Krebs on Security
- 2 charged say they were hired to break into Dallas County courthouse
