This episode sponsored by Kasada.On this week’s show Patrick and Adam discuss the week’s security news, including:
- Coronavirus phishing lures are everywhere
- Czech hospital ransomwared during crisis
- Voatz mobile voting app destroyed by Trail of Bits audit
- We recap yesterday’s livestream
- Windows SMBv3 bug probably not such a big deal
- ALL the week’s news
This week’s sponsor interview is with Sam Crowther, founder of Kasada. They do bot detection and mitigation and apparently they’re quite good at it. Sam joins the show to talk through the new greyhatter of anti-anti-bot. It’s actually a really fun conversation, that one, so stick around for it.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- State-sponsored hackers are now using coronavirus lures to infect their targets | ZDNet
- The Internet is drowning in COVID-19-related malware and phishing scams | Ars Technica
- undefined
- TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years | Proofpoint US
- Live Coronavirus Map Used to Spread Malware — Krebs on Security
- Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak | ZDNet
- High-Stakes Security Setups Are Making Remote Work Impossible | WIRED
- A Mobile Voting App That's Already in Use Is Filled With Critical Flaws - VICE
- Microsoft delivers emergency patch to fix wormable Windows 10 flaw | Ars Technica
- undefined
- undefined
- undefined
- undefined
- Medical Device Regulation: EU to give €100bn MedTech industry a security health check | The Daily Swig
- WordPress to add auto-update feature for themes and plugins | ZDNet
- undefined
- Tor team warns of Tor Browser bug that runs JavaScript on sites it shouldn't | ZDNet
- Avast disables JavaScript engine in its antivirus following major bug | ZDNet
- US is preparing to ban foreign-made drones from government use | TechCrunch
- Card data from the Volusion web skimmer incident surfaces on the dark web | ZDNet
- Intel CPUs vulnerable to new 'Snoop' attack | ZDNet
- Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks | ZDNet
- We Built a Database of Over 500 iPhones Cops Have Tried to Unlock - VICE
- The Web’s Bot Containment Unit Needs Your Help — Krebs on Security
- undefined
- Cyberattack Hits HHS During Coronavirus Response - Bloomberg
- Microsoft discontinues RDCMan app following security bug | ZDNet
- Google awards $100k to Dutch bug hunter for cutting-edge cloud security research | The Daily Swig
- #737140 Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies
- oracle chat on prem - Google Search
- Risky Business - Risky Business
- publications/voatz-securityreview.pdf at master · trailofbits/publications · GitHub
- publications/voatz-threatmodel.pdf at master · trailofbits/publications · GitHub
- Our Full Report on the Voatz Mobile Voting Platform | Trail of Bits Blog
- Securing a work from home workforce - YouTube
