This episode sponsored by AttackIQ.On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Half of all UK COBRA meetings are ransomware related
- Ransomware biggest risk to US port security
- White House to move on spyware industry
- EU to launch its own Starlink equivalent
- Much, much more
AttackIQ’s Jonathan Reiber will be joining us in this week’s sponsor interview to talk about how companies and their boards are really moving towards outcomes-based security programs.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes
- Ransomware incidents now make up majority of British government’s crisis management COBRA meetings - The Record by Recorded Future
- DHS Secretary: Cyberattacks are the most significant threat to port infrastructure - The Record by Recorded Future
- Michigan school districts reopen after three-day closure due to ransomware attack - The Record by Recorded Future
- Microsoft: Royal ransomware group using Google Ads in campaign - The Record by Recorded Future
- Researchers Quietly Cracked Zeppelin Ransomware Keys – Krebs on Security
- Risky Biz News: Cyber Partisans hack and disrupt Kremlin censor
- US, Estonian authorities arrest two over $575 million cryptocurrency fraud - The Record by Recorded Future
- New FTX CEO details 'complete failure of corporate controls' at crypto platform
- OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs
- EU reaches agreement on new satellite constellation - The Record by Recorded Future
- Ukraine’s Engineers Dodged Russian Mines To Get Kherson Back Online–With A Little Help From Elon Musk’s Satellites
- Senate Democrats call on FTC to investigate Twitter's data security
- 11.17.22 - FTC - Twitter Letter
- Twitter has a lot of your data. Here's what you can do about it.
- Mastodon vulnerable to multiple system configuration problems | The Daily Swig
- System misconfiguration is the number one vulnerability, at least for Mastodon
- White House expected to issue executive order reining in spyware
- H20220930-005_Himes-Speier cc's - DocumentCloud
- A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup | WIRED
- Risky Biz News: Iranian state hackers breached US government agency and deployed a cryptominer, out of all things
- India removes ban on VLC media player after cybersecurity concerns addressed - The Record by Recorded Future
- Amazon addresses vulnerability affecting AWS AppSync - The Record by Recorded Future
- CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You
- Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA
- Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization | CISA
