On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- USA floats new sanctions against Russia
- TikTok, WeChat get stay of execution
- Dependency confusion is ugh
- US indicts Lazarus crypto-thieves
- France ties Sandworm crew to Centreon intrusion
- MORE
This week’s show is brought to you by Thinkst Canary. Thinkst’s founder Haroon Meer is this week’s sponsor guest and he joins us to have a very Haroon-style conversation. We talk about how security controls and detections often fall over when things happen that take place outside of our assumptions: trojaned software updates, attackers hiding in unconventional places like monitors, things like that. That’s a great conversation.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Biden administration planning to sanction Russia for SolarWinds hacks - The Washington Post
- SolarWinds hackers targeted NASA, Federal Aviation Administration networks | TechCrunch
- SolarWinds hackers studied Microsoft source code for authentication and email | Reuters
- Centreon says only 15 entitites were targeted in recent Russian hacking spree | ZDNet
- France Ties Russia's Sandworm to a Multiyear Hacking Spree | WIRED
- Dax-Côte d’Argent hospital in France hit by ransomware attack | The Daily Swig
- FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group | ZDNet
- China Hijacked an NSA Hacking Tool in 2014—and Used It for Years | WIRED
- Biden administration pauses Trump's plans to ban WeChat, TikTok - CyberScoop
- North Korean Hackers Accused Of ‘Biggest Cryptocurrency Theft Of 2020’—Their Heists Are Now Worth $1.75 Billion
- Feds Indict North Korean Hackers for Years of Heists and Scams | WIRED
- Dependency confusion attack mounted via PyPi repo exposes flawed package installer behavior | The Daily Swig
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Feb, 2021 | Medium
- Microsoft warns enterprises of new 'dependency confusion' attack technique | ZDNet
- Microsoft starts removing Flash from Windows devices via new KB4577586 update | ZDNet
- Flash version distributed in China after EOL is installing adware | ZDNet
- Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang — Krebs on Security
- (2) The Riviera Maya Gang: Cash, Crime, Killing - YouTube
- Spike in ATM Skimming in Mexico? — Krebs on Security
- Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests | ZDNet
- New malware found on 30,000 Macs has security pros stumped | Ars Technica
- Apple Is Going to Make It Harder to Hack iPhones With Zero-Click Attacks
- RIPE NCC discloses failed brute-force attack on its SSO service | ZDNet
- Lawmakers Demand Answers from Military on Muslim App Data
- BIND implements DNS-over-HTTPS to offer enhanced privacy | The Daily Swig
- Parler Says It’s Back | WIRED
- Security bugs left unpatched in Android app with one billion downloads | ZDNet
- Yandex said it caught an employee selling access to users' inboxes | ZDNet
- Prosecutor charges former phone company employee in SIM-swap scheme | Ars Technica
- Authorities arrest SIM swapping gang that targeted celebrities | ZDNet
- Data retention laws: Australian police given new metadata recommendations
- Prosecutors Suspend Government Spyware Used in WhatsApp Phishing Attacks
- Canary — know when it matters
