On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover:
- Germans charge FinFisher executives
- The got FBI busted misusing 702 data
- Special guest Chris Krebs talks China, new CISA mandates and more
- New research breaks Android fingerprint auth
- Much, much more
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he joins us to talk about the work Trail of Bits is doing in securing AI systems, and making them safe.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Congress looks to expand CISA's role, adding responsibilities for satellites and open source software | CyberScoop
- Biden nominates Lt. Gen. Timothy Haugh for top position at NSA, Cyber Command
- Unsere Strafanzeige: Staatsanwaltschaft erhebt Anklage gegen FinFisher
- The Real Risks in Google’s New .Zip and .Mov Domains | WIRED
- FBI misused controversial surveillance tool to investigate Jan. 6 protesters
- Suspicion stalks Genesis Market’s competitors following FBI takedown
- Crimephones Are a Cop's Best Friend - by Tom Uren
- The Underground History of Turla, Russia's Most Ingenious Hacker Group | WIRED
- Some Of Russia’s Most Dangerous Cybercriminals Just Had Their Malware Dealer Unmasked
- Shifting tactics fuel surge in Business Email Compromise
- Treasury Department sanctions entities tied to North Korean IT scams, hacking | CyberScoop
- Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto | WIRED
- Leaked EU Document Shows Spain Wants to Ban End-to-End Encryption | WIRED
- Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones | Ars Technica
- It took 48 hours, but the mystery of the mass Asus router outage is solved | Ars Technica
- Popular Android TV boxes sold on Amazon are laced with malware | TechCrunch
- Teen hacker charged in scheme to siphon funds from sports betting accounts
- Researchers tie FIN7 cybercrime family to Clop ransomware
- German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack
- Dallas courts still closed 2 weeks post-ransomware attack | Cybersecurity Dive
- Health insurer says patients’ information was stolen in ransomware attack
- Patients angered after Oklahoma allergy clinic blames cyberattack for shutdown
- UK steel industry supplier Vesuvius says ‘cyber incident’ cost £3.5 million
- Researchers infiltrate Qilin ransomware group, finding lucrative affiliate payouts
- A different kind of ransomware demand: Donate to charity to get your data back | CyberScoop
- Joe Tidy on Twitter: "A bizarre one from Reading courts - an IT Security worker pleads guilty to piggy-backing off a cyber attack against his own firm. Liles switched the ransom payment details to his own Bitcoin wallet and changed the hacker's email to secretly apply pressured on bosses to pay up. https://t.co/Ze4yAJA6vM" / Twitter
- ChatGPT Scams Are Infiltrating Apple's App Store and Google Play | WIRED