This episode sponsored by Yubico.On this week’s show Patrick and Adam discuss the week’s security news, including:
- ASD launches offensive action against criminals
- Bio-tech firms working on COVID-19 targeted by ransomware
- Iran targets WHO
- Did you hear there’s a security issue with Zoom? You might not have heard. Don’t worry we’ll tell you about it
- Much, much more
This week’s show is brought to you by Yubico, makers of the Yubikey devices.
Yubico’s Chief Solutions Officer Jerrod Chong will be along in this week’s sponsor interview to talk through a few things: what is he seeing out there among users? As you’ll hear, he’s seeing what all of us are seeing, a massive rush to enable remote working. Jerrod also us through some new stuff Yubico is planning, from managed credential services through to biometric Yubikeys. Don’t miss it!
You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.
You can subscribe to our new YouTube channel here.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Australian government says it is hacking criminals who are exploiting the pandemic
- Hackers ‘Without Conscience’ Target Health-Care Providers - Bloomberg
- Exclusive: Hackers linked to Iran target WHO staff emails during coronavirus - sources - Reuters
- Iran’s ban on Telegram that was intended to facilitate domestic spying backfired
- DarkHotel hackers use VPN zero-day to breach Chinese government agencies | ZDNet
- NASA sees an “exponential” jump in malware attacks as personnel work from home | Ars Technica
- So Wait, How Encrypted Are Zoom Meetings Really? | WIRED
- Zoom admits some calls were routed through China by mistake | TechCrunch
- Zoom founder promises to remedy security, privacy concerns during a 'feature freeze' - CyberScoop
- New York City bans Zoom in schools, citing security concerns | TechCrunch
- DOJ says Zoom-bombing is a crime | ZDNet
- Video service Zoom taking security seriously: U.S. government memo - Reuters
- The Zoom Privacy Backlash Is Only Getting Started | WIRED
- The internet is now rife with places where you can organize Zoom-bombing raids | ZDNet
- Why Zoom Really Needs Better Privacy: $1.4 Million Orders Show The US Government’s COVID-19 Response Is Now Relying On It
- ‘War Dialing’ Tool Exposes Zoom’s Password Problems — Krebs on Security
- Microsoft Buys Corp.com So Bad Guys Can’t — Krebs on Security
- Experts agree: Internet voting isn’t ready for COVID-19 crisis - Risky Business
- Schiff wants ODNI to scrub out politics from election security briefs
- PayPal and Venmo Are Letting SIM Swappers Hijack Accounts - VICE
- Google backs Apple's SMS OTP standard proposal | ZDNet
- Microsoft announces IPE, a new code integrity feature for Linux | ZDNet
- Chrome 81 released with initial support for the Web NFC standard | ZDNet
- A Hacker Found a Way to Take Over Any Apple Webcam | WIRED
- Hardware microphone disconnect in Mac and iPad - Apple Support
- Hacking forum gets hacked for the second time in a year | ZDNet
- A hacker has wiped, defaced more than 15,000 Elasticsearch servers | ZDNet
- Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others | ZDNet
- Remote working security: Thousands of misconfigured Atlassian instances ripe for unauthorized access | The Daily Swig
- Cisco rations VPNs for staff as strain of 100,000+ home workers hits its network • The Register
- Twisted programming framework stung by brace of request smuggling vulnerabilities | The Daily Swig
- How we abused Slack's TURN servers to gain access to internal services | Communication Breakdown
- Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others — Krebs on Security
- XSS vulnerability found in Mozilla’s XSS-prevention library | The Daily Swig
- On signing the Joint Statement of the Russian Federation and the Republic of Burundi on the non-deployment of weapons in space by the first - News - Ministry of Foreign Affairs of the Russian Federation
- Exclusive: Elite hackers target WHO as coronavirus cyberattacks spike - Reuters
- Seriously Risky Business
