On this week’s show Patrick and Adam discuss the week’s security news, including:
- Apple jailbreakers partying in the streets
- Donald Trump targets Crowdstrike over 4chan conspiracy nonsense
- Ransomware absolutely everywhere this week
- Horror-show VxWorks bugs are popping up in other stacks
- OnApp fixes mother of all misconfigurations
- More SIM card issues
- Much, much more
In this week’s sponsor interview we chat with Mr Sandbox himself, VMRay’s Carsten Willems. He’s along to talk about VMRay’s involvement in a machine-learning bypass competition that happened at DEFCON earlier this year.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Unfixable iOS Device Exploit Is the Latest Apple Security Upheaval | WIRED
- No, it wasn’t a virus; it was Chrome that stopped Macs from booting | Ars Technica
- How Trump’s Ukraine Mess Entangled CrowdStrike | WIRED
- Trump Was Repeatedly Warned That Ukraine Conspiracy Theory Was ‘Completely Debunked’ - The New York Times
- Evan McMurry on Twitter: "NEW: Tom Bossert on Pres. Trump's Crowdstrike reference on Ukraine call: "It's not only a conspiracy theory, it is completely debunked... "I am deeply frustrated with what [Rudy Giuliani] and the legal team is doing in repeating that debunked theory to the president." https://t.co/o1lcVI31u8" / Twitter
- Trump Still Doesn't Believe Russia Hacked the 2016 Election | WIRED
- Trump told Russian officials in 2017 he wasn’t concerned about Moscow’s interference in U.S. election - The Washington Post
- Airbus hit by series of cyber attacks on suppliers
- U.S. Steps Up Scrutiny of Airplane Cybersecurity - WSJ
- Ransomware forces 3 hospitals to turn away all but the most critical patients | Ars Technica
- Surgeries delayed and patient security fears after cyber attack on Victorian hospitals
- Wood Ranch Medical Announces Permanent Closure Due to Ransomware Attack
- Malware infection disrupts production at defence contractor plants in three countries | ZDNet
- Over 500 US schools were hit by ransomware in 2019 | ZDNet
- Ransomware incident to cost Danish company a whopping $95 million | ZDNet
- Decades-Old Code Is Putting Millions of Critical Devices at Risk | WIRED
- Thousands of Cloud Computing Servers Could Be Owned With 'Very Simple' Attack, Researchers Say - VICE
- California's new labor law is going to impact bug bounty companies. By how much is unknown.
- Legit-Looking iPhone Lightning Cables That Hack You Will Be Mass Produced and Sold - VICE
- New SIM card attack disclosed, similar to Simjacker | ZDNet
- German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting — Krebs on Security
- Cloudflare, Google Chrome, and Firefox add HTTP/3 support | ZDNet
- Microsoft bans 38 file extensions in Outlook for the Web | ZDNet
- AT&T redirected pen-test payloads to the FBI's Tips portal | ZDNet
- Azure Sentinel, Microsoft's cloud-based SIEM, hits general availability | ZDNet
- Microsoft will now encrypt new SSDs with BitLocker | TechRadar
- High-severity vulnerability in vBulletin is being actively exploited | Ars Technica
- Cybersecurity giant Comodo can’t even keep its own website secure | TechCrunch
- Threesome Blowjob Scene on Giant Highway Billboard Could Have Caused an Accident, Police Say - VICE
- Porn on the big screen in central Auckland: Asics video monitor hacked - NZ Herald
- Yahoo Engineer Used Insider Access to Get Private Photos of Women - VICE
- Landmark White data beach: Sydney IT contractor arrested after high-profile cyber attack
- Home - MLSEC
- VMRay | Malware Analysis Tools | Malware Sandbox Solutions