Brought to you by Trail of Bits

We don't just fix bugs, we fix software

Show notes

Trump campaign points finger at Iranian hackers for documents leak

FBI says it's investigating efforts to hack Trump and Biden-Harris campaigns

Iranian hackers ramping up US election interference, Microsoft warns

State Dept puts $10 million bounty on IRGC-CEC hackers

CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says | Cybersecurity Dive

Dominic White 👾 on X: "CrowdStrike accepting the @PwnieAwards for “most epic fail” at @defcon. Class act. https://t.co/e7IgYosHAE" / X

Russia's Kursk region suffers 'massive' DDoS attack amid Ukraine offensive

Elon Musk on X: "@markpinc Yeah" / X

Progress Software says SEC declines to pursue action related to MOVEit exploitation spree | Cybersecurity Dive

NHS software supplier Advanced faces £6m fine over ransomware attack failings

Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms | TechCrunch

5th Circuit rules geofence warrants illegal in win for phone users’ privacy | Ars Technica

Customs and Border Protection agents need a warrant to search your phone - The Verge

Hackers could spy on cell phone users by abusing 5G baseband flaws, researchers say | TechCrunch

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections | WIRED

Downgrade Attacks Using Windows Updates | SafeBreach

Listen to the whispers: web timing attacks that actually work | PortSwigger Research

Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! | DEVCORE

Trail of Bits Advances to AIxCC Finals | Trail of Bits Blog