Risky Business #609 -- It's not NotPetya

Presented by

On this week’s show, Patrick Gray talks to Joe Slowik and Dmitri Alperovitch about the APT campaign that impacted the US government and FireEye via SolarWinds’ supply chain.

Alex Stamos also joins the show to chime in more generally on supply chain interference before discussing some other news, like:

• Apple losing (most of) its case against Corellium
• Assange won’t be extradited… yet
• Adobe has finally killed Flash, and killed it good

This week’s show is brought to you by Signal Sciences. In this week’s sponsor interview we’ll be talking to a Signal Sciences customer, Doug DePerry. He heads product security at the Gemini cryptocurrency exchange. We’ll be talking to him about what that’s like because those sort of outfits tend to attract decent attackers.

Links to everything that we discussed are below and you can follow Patrick on Twitter if that’s your thing.

Brought to you by Fastly

Modern web app and API security, anywhere

Show notes

Apple loses copyright battle against security start-up Corellium - The Washington Post

Microsoft, Google, Cisco, and others file amicus brief in support of Facebook's NSO lawsuit | ZDNet

Zero-click iOS zero-day found deployed against Al Jazeera employees | ZDNet

Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate | ZDNet

Adobe to block Flash content from running on January 12, 2021 | ZDNet

Zodiac Killer cipher is cracked after eluding sleuths for 51 years | Ars Technica