This episode sponsored by Material Security.On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
- Royal Mail attack was LockBit and GCHQ will probably “bust some heads”
- CircleCI’s incident report and the problem with malwared endpoints in the Zero Trust age
- Cloudflare backs Mastodon
- Paul Nakasone: NSA did some great stuff! It was really good!
- Cisco won’t patch SMB routers sold in 2020
- Much, much more
This week’s show is brought to you by Material Security. Material co-founder Ryan Noon and Snowflake’s head of cybersecurity strategy Omer Singer are this week’s sponsor guests.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Royal Mail cyberattack linked to LockBit ransomware operation
- Ransomware Diaries: Volume 1 | Analyst1
- Congressman calls on CISA to investigate air travel vulnerabilities after outage - The Record from Recorded Future News
- Ransomware attack on maritime software impacts 1,000 ships - The Record from Recorded Future News
- CircleCI incident report for January 4, 2023 security incident
- Researchers: Large language models will revolutionize digital propaganda campaigns
- Nick Cave - The Red Hand Files - Issue #218
- GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server
- Meta sues Voyager Labs over scraping user data
- Twitter says leaked data on 200 million users was likely publicly available info - The Record from Recorded Future News
- A Police App Exposed Secret Details About Raids and Suspects | WIRED
- ODIN Intelligence website is defaced as hackers claim breach | TechCrunch
- Nakasone: Foreign surveillance program helped fend off cyberattacks - The Record from Recorded Future News
- The Guardian confirms criminals accessed staff data in ransomware attack - The Record from Recorded Future News
- Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach - The Record from Recorded Future News
- Dark Pink, a newly discovered hacking campaign, threatens Southeast Asian military, government organizations
- The FBI Won't Say Whether It Hacked Dark Web ISIS Site
- Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks - The Record from Recorded Future News
- Cisco warns of two vulnerabilities affecting end-of-life routers - The Record from Recorded Future News
- Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica
- Vulnerability with 9.8 severity in Control Web Panel is under active exploit | Ars Technica
- CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog - The Record from Recorded Future News
- Hundreds of SugarCRM servers infected with critical in-the-wild exploit | Ars Technica
