This episode sponsored by Trail of Bits.On this week’s show Patrick and Adam discuss the week’s security news, including:
- Czechs claim state-backed healthcare sector attack preparation
- Pompeo goes full cyber berserker
- New iOS exploit chain targets Uyghur diaspora
- Zoom 0day for $500k? Tell him he’s dreamin’.
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he’s talking about the future of secure, app-based voting.
You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.
You can subscribe to our new YouTube channel here.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Czech cyber officials warn of serious threat to health care sector
- UPDATE 1-Czechs warn of imminent, large-scale cyberattacks on hospitals - Reuters
- The United States Concerned by Threat of Cyber Attack Against the Czech Republic’s Healthcare Sector - United States Department of State
- Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers
- US offers $5 million reward for information on North Korean hackers | ZDNet
- New iOS exploit discovered being used to spy on China's Uyghur minority | ZDNet
- Hackers target oil producers as they struggle with a record glut of crude | Ars Technica
- What fools these mortals be: 'Shakespearean' hackers hit Azerbaijani government and energy sectors
- Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000 - VICE
- Security researcher discloses four IBM zero-days after company refused to patch | ZDNet
- Zoom to revamp bug bounty program, bring in more security experts | ZDNet
- IT services firm Cognizant hit with Maze ransomware
- Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting
- The CFAA will soon have its day before the Supreme Court
- Hundreds of academics back privacy-friendly coronavirus contact tracing apps | TechCrunch
- Hackers steal $25 million worth of cryptocurrency from Lendf.me platform | ZDNet
- Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment | ZDNet
- DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs | ZDNet
- German government might have lost tens of millions of euros in COVID-19 phishing attack | ZDNet
- Tor Project lays off a third of its staff | ZDNet
- Supply-chain attack hits RubyGems repository with 725 malicious packages | Ars Technica
- ICEBUCKET group mimicked smart TVs to steal ad money | ZDNet
- Coronavirus scientists are big targets for foreign cyber-espionage, FBI says
- New tool detects AWS intrusions where hackers abuse self-replicating tokens | ZDNet
- Nintendo accounts are getting hacked and used to buy Fortnite currency | ZDNet
- People Are Making Bots to Snatch Whole Foods Delivery Order Time Slots - VICE
- (64) Everything you ever wanted to know about Bluetooth contact tracing but were too scared to ask - YouTube
- Deterrence in cyberspace isn't working. What next? - Risky Business
- Governments gravitate to Gapple contact tracing standard - Risky Business
- Seriously Risky Business
