This episode sponsored by Airlock Digital.On this week’s show Patrick, Adam and Sherrod DeGrippo discuss the week’s security news, including:
- NSA and FBI doxx GRU malware. Lol.
- Malicious Azure app snags SANS staffer
- Oracle to acquire TikTok?
- Trump weighs Snowden pardon
- Much, much more
This week’s show is brought to you by Airlock Digital. They make allowlist/safelist software that is actually manageable at scale! David Cottingham, an Airlock co-founder, joins the show this week to talk through a few product updates.
Links to everything that we discussed are below and you can follow Patrick, Sherrod or Adam on Twitter if that’s your thing.
Show notes
- GRU uses Linux rootkits, everyone else is OAuth phishing - Risky Business
- NSA, FBI expose Russian intelligence hacking tool: report - Reuters
- For six months, security researchers have secretly distributed an Emotet vaccine across the world | ZDNet
- SANS Institute, which drills cyber professionals in defense, suffers data breach
- US Army report says many North Korean hackers operate from abroad | ZDNet
- Oracle Said to be Weighing Bid for TikTok’s U.S. Business - Bloomberg
- Final Senate Intel report details remarkable contact between Trump campaign, Russian spies
- Trump Pardon of Edward Snowden Would Backfire - Bloomberg
- Secret Service Bought Phone Location Data from Apps, Contract Confirms
- The Attack That Broke Twitter Is Hitting Dozens of Companies | WIRED
- The Secret SIMs Used By Criminals to Spoof Any Number
- An advanced group specializing in corporate espionage is on a hacking spree
- Cruise operator Carnival hit by ransomware
- Brown-Forman Was Target of Apparent Ransomware Attack - Bloomberg
- Blackbaud ransomware attack exposed donor data from two UK charities | The Daily Swig
- Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack — Krebs on Security
- Canadian government services forced offline after credential stuffing attacks | The Daily Swig
- Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs | ZDNet
- Signal adds message requests to stop spam and protect user privacy | ZDNet
- ReVoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations | ZDNet
- Sources: Mozilla extends its Google search deal | ZDNet
- Remote code execution vulnerability exposed in popular JavaScript serialization package | The Daily Swig
- Some email clients are vulnerable to attacks via 'mailto' links | ZDNet
