This episode sponsored by Proofpoint.On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Emotet is… gone?
- Accellion FTAs were owned everywhere, not just in ANZ
- US courts air-gap sensitive filings in wake of Holiday Bear attacks
- iOS 14 brings iMessage security improvements
- Much, much more
Proofpoint’s Sherrod DeGrippo is this week’s sponsor guest. She joins the show to talk about Emotet’s demise, Trickbot’s survival, BEC, ransomware and more.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Cops Disrupt Emotet, the Internet's ‘Most Dangerous Malware’ | WIRED
- Emotet, NetWalker and TrickBot have taken big blows, but will it be enough?
- New Trickbot module uses Masscan for local network reconnaissance | ZDNet
- U.K. Arrest in ‘SMS Bandits’ Phishing Service — Krebs on Security
- Accellion appliances under attack - Risky Business
- Accellion FTA Targeted by Web Shell | GuidePoint Security
- Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say | Morningstar
- Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources | Reuters
- Russian hack brings changes, uncertainty to US court system
- After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case
- South Sudan worked with Israeli surveillance company to monitor citizens, Amnesty finds
- Apple Fixes One of the iPhone's Most Pressing Security Risks | WIRED
- The Taxman Cometh for ID Theft Victims — Krebs on Security
- Ransomware gangs are abusing VMWare ESXi exploits to encrypt virtual hard disks | ZDNet
- Facebook Ad Services Let Anyone Target US Military Personnel | WIRED
- Pranking My Roommate With Eerily Targeted Facebook Ads
- Hezbollah's cyber unit hacked into telecoms and ISPs | ZDNet
- Google bans another misbehaving CA from Chrome | ZDNet
- A network of Twitter bots has attacked the Belgian government's Huawei 5G ban | ZDNet
- FonixCrypter ransomware gang releases master decryption key | ZDNet
- For Microsoft, cybersecurity has become bigger than business
- Google funds project to secure Apache web server project with new Rust component | ZDNet
- SonicWall zero-day exploited in the wild | ZDNet
- Ollie Whitehouse on Twitter: "@SonicWall @NCCGroupInfosec We have had confirmed receipt from yourselves" / Twitter
- Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST] | SonicWall
- British Mensa website hacked after directors quit over ‘data protection failures’ | The Daily Swig
- Huawei’s HarmonyOS: “Fake it till you make it” meets OS development | Ars Technica
