This episode sponsored by ExtraHop.On this week’s show Patrick and Adam discuss the week’s security news, including:
- Trump’s war on TikTok (featuring guest Alex Stamos)
- Twitter hackers caught. Pretty embarrassing stuff, really.
- NSO implants target Easter Bunny
- Garmin may need a good OFAC lawyer (featuring comment from Dmitri Alperovitch)
- Blackberry cracked after five years leads to multiple arrests in Australia
- Much, much more
Matt Cauthorn of ExtraHop Networks is this week’s news guest. He’ll join us to talk about how the pivot to work from home has changed incident response workflows. The tl;dr is the north-south traffic might look a bit different these days but the east-west shenanigans are still the same.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- TikTok review reduced to meaningless farce - Risky Business
- China will not accept U.S. 'theft' of TikTok: China Daily - Reuters
- Beware of find-my-phone, Wi-Fi, and Bluetooth, NSA tells mobile users | Ars Technica
- Three Individuals Charged For Alleged Roles In Twitter Hack | USAO-NDCA | Department of Justice
- How the Alleged Twitter Hackers Got Caught | WIRED
- US files superseding indictment against former Twitter employees accused of spying for Saudi Arabia
- Twitter prepares to pay up to $250 million for using security data for advertising
- Exclusive: Papers leaked before UK election in suspected Russian operation were hacked from ex-trade minister - sources - Reuters
- Religious, political leaders in Togo allegedly targeted with NSO Group spyware
- 'Payment sent' - travel giant CWT pays $4.5 million ransom to cyber criminals - Reuters
- Garmin 'paid multi-million dollar ransom to criminals using Arete IR', say sources | Science & Tech News | Sky News
- Ransomware gang publishes tens of GBs of internal data from LG and Xerox | ZDNet
- Blackberry cracked five years after seizure sparks mass arrests for drug importation
- For North Korea, phishing with fake job-recruitment emails never gets old
- Suspected Chinese hackers targeting Vatican in advance of Beijing negotiations
- CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor | ZDNet
- Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH) | ZDNet
- EU sanctions China, Russia, and North Korea for past hacks | ZDNet
- Hackers Broke Into Real News Sites to Plant Fake Stories | WIRED
- Here's how Army Cyber Command plans to take on information warfare
- Exclusive: China-backed hackers 'targeted COVID-19 vaccine firm Moderna' - Reuters
- Kaspersky: New hacker-for-hire mercenary group is targeting European law firms | ZDNet
- BootHole fixes causing boot problems across multiple Linux distros | ZDNet
- Theoretical technique to abuse EMV cards detected used in the real world | ZDNet
- Is Your Chip Card Secure? Much Depends on Where You Bank — Krebs on Security
- New tool detects shadow admin accounts in AWS and Azure environments | ZDNet
- Cloud Native Security: Network Detection and Response | ExtraHop
