On this week’s show Patrick and Adam discuss the week’s security news, including:
- “Proud Boys” email campaign attributed to Iran in record time
- Sanctions for everyone!
- US doxes more adversary TTPs
- Katie Nickels and Chris Krebs join the show
This week’s show is brought to you by attack simulation platform company AttackIQ. Carl Wright from AttackIQ joins us this week to talk about the distinct possibility that large organisations are going to start slashing their security budgets in response to the changing economy.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- CISA, FBI roll the dice on transparency - Risky Business
- Exclusive: 'Dumb mistake' exposed Iranian hand behind fake Proud Boys U.S. election emails - sources | Reuters
- FBI News Conference on Election Security | C-SPAN.org
- Iran’s bogus email campaign on U.S. elections had a Facebook disinformation prong
- Why the US was so fast to blame Iran for voter intimidation emails in Florida
- US Treasury sanctions 5 Iranian organizations for alleged election influence operations
- 'MuddyWater' spies suspected in attacks against Middle East governments, telecoms
- The US Sanctions Russians for Potentially ‘Fatal’ Triton Malware | WIRED
- EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack
- DOD, FBI, DHS warn of active North Korean government-linked hacking operation
- FBI, CISA: Russian hackers breached US government networks, exfiltrated data | ZDNet
- The Hunter Biden laptop could be fake. Or it could be real. We may never know. - The Washington Post
- Exclusive: National Guard called in to thwart cyberattack in Louisiana weeks before election | Reuters
- Phishing groups are collecting user data, email and banking passwords via fake voter registration forms | ZDNet
- (1) John Hultquist on Twitter: "If the hackers claim to be criminal and there’s no way to pay them, that raises doubt. Likewise, if they claim to be ideological and ask for money..." / Twitter
- Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals
- Dr. Reddy's shuts 'key' plants worldwide after potential cyberattack hits COVID work | FiercePharma
- Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts
- A Hacker Is Threatening to Leak Patients' Therapy Notes | WIRED
- Tech giants among those affected by breach at PDF signature software maker Nitro | The Daily Swig
- Massive Nitro data breach impacts Microsoft, Google, Apple, more
- 404 Error | Nitro
- Hacker steals $24 million from cryptocurrency service 'Harvest Finance' | ZDNet
- MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states | ZDNet
- (3) Patrick Gray on Twitter: "Wooo... about time" / Twitter
- Apple notarizes six malicious apps posing as Flash installers | ZDNet
- The Now-Defunct Firms Behind 8chan, QAnon — Krebs on Security
- CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant
- Over 100 irrigation systems left exposed online without a password | ZDNet
- Microsoft launches machine learning cyber-attack threat matrix | The Daily Swig
- WordPress deploys forced security update for dangerous bug in popular plugin | ZDNet
- NSA whistleblower Edward Snowden granted permanent residency in Russia | ZDNet
- Process Herpaderping | herpaderping