This episode sponsored by Duo Security.On this week’s show Patrick and Adam discuss the week’s security news, including:
- RIPE has officially run out of v4 addresses
- NSO workers sue Facebook to get their accounts back
- Mike Pompeo, Republican lawmakers keep Crowdstrike conspiracy theory alive
- Bugs, hacks, ransomware disasters and more.
This week’s sponsor interview is with Sally Carson of Duo Security. Sally has been a designer for over 20 years, joining Duo in 2015 to build the company’s Product Design and User Research practice from the ground up. Duo now employs one designer for every five users, which is an extremely generous ratio.
As you’ll hear, Sally thinks empathy is the key to designing usable technology.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- The RIPE NCC has run out of IPv4 Addresses — RIPE Network Coordination Centre
- Workers at Israeli surveillance firm NSO sue Facebook for blocking private accounts - Reuters
- In just three months, Google sent 12k warnings about government-backed attacks | ZDNet
- Pompeo says Trump’s debunked Ukraine conspiracy theory is worth looking into - The Washington Post
- (1) Kevin Collier on Twitter: "A fun fact about Republicans embracing the idiotic Crowdstrike conspiracy theory is that the RNSC and RNCC both use Crowdstrike. Have paid more than $175,000 since 2017, per FEC filings. https://t.co/LSvCEbYccP" / Twitter
- Five Years Later, Who Really Hacked Sony? | Hollywood Reporter
- Commerce Department proposes rules for implementing Trump’s supply-chain security order
- Data leak reveals how China 'brainwashes' Uighurs in prison camps - BBC News
- China used Nick Zhao to try infiltrate federal Parliament, ASIO believes
- Chinese spy Wang Liqiang's revelations spark Taiwan detention of couple at Taoyuan Airport
- Iranian Americans Struggle to Reach Family Amid Internet Blackout | WIRED
- Iran letter raises prospect of 'white list' internet clampdown - BBC News
- Kevin Rudd says Julian Assange faces 'unacceptable' and 'disproportionate' punishment
- How the NYPD's fingerprint database got shut down by a computer virus
- 110 Nursing Homes Cut Off from Health Records in Ransomware Attack — Krebs on Security
- Over 480 million mobile VPN apps have been downloaded in the past year | ZDNet
- A hacking group is hijacking Docker systems with exposed API endpoints | ZDNet
- Cheap kids smartwatch exposes the location of 5,000+ children | ZDNet
- The California DMV Is Making $50M a Year Selling Drivers’ Personal Information - VICE
- The Debate Over How to Encrypt the Internet of Things | WIRED
- 1.2 Billion Records Found Exposed Online in a Single Server | WIRED
- CISA and VotingWorks release open source post-election auditing tool | ZDNet
- Extensive hacking operation discovered in Kazakhstan | ZDNet
- DOD joins fight against 5G spectrum proposal, citing risks to GPS | Ars Technica
- Scammers try a new way to steal online shoppers’ payment-card data | Ars Technica
- Suspect can’t be compelled to reveal “64-character” password, court rules | Ars Technica
- Aleksei Burkov, Russian accused of operating 'elite' hacking forum, pleads not guilty
- Authorities Arrest Alleged Member of Group That Hacked Jack Dorsey - VICE
- Lights That Warn Planes of Obstacles Were Exposed to Open Internet - VICE
- Russia's ‘Sandworm’ Hackers Also Targeted Android Phones | WIRED
- Google will pay bug hunters up to $1.5m if they can hack its Titan M chip | ZDNet
- Twitter will finally let users disable SMS as default 2FA method | ZDNet
- New bypass disclosed in Microsoft PatchGuard (KPP) | ZDNet
- Exploit code published for dangerous Apache Solr remote code execution flaw | ZDNet
- Bugtraq: SEC Consult SA-20191125-0 :: FortiGuard XOR Encryption in Multiple Fortinet Products
