On this week’s show, Patrick Gray and Adam Boileau discuss the week’s security news, including:

• Crowdstrike talks loud in its postmortem, but says very little
• Digicert fears the CA-Browser Forum, gets lawsuit from a customer
• Dmitri Alperovitch joins the show to talk about the Russian prisoner swap
• Cloudflare continues to harbour scum and villainy
• Professional ransomware crew … is an improvement?
• And much, much more.

This week’s episode is sponsored by Thinkst Canary. Links to everything discussed are below:

CrowdStrike investors file class action suit following global IT outage | Cybersecurity Dive https://www.cybersecuritydive.com/news/crowdstrike-class-action-suit-investors/723053/

CrowdStrike rebukes Delta’s negligence claims in fiery letter | Cybersecurity Dive https://www.cybersecuritydive.com/news/crowdstrike-delta-negligence-claims/723382/

Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf

Azure status history | Microsoft Azure https://azure.status.microsoft/en-us/status/history/

Sparks fly when lawyers meet a certificate revocation https://news.risky.biz/risky-biz-news-sparks-fly-when-lawyers-meet-a-certificate-revocation/

crt.sh | Alegeus https://crt.sh/?q=Alegeus

U.S. releases Russian hackers in Evan Gershkovich prisoner swap https://www.nbcnews.com/tech/security/us-releases-russian-hackers-evan-gershkovich-prisoner-swap-rcna164746

U.S. Trades Cybercriminals to Russia in Prisoner Swap – Krebs on Security https://krebsonsecurity.com/2024/08/u-s-trades-cybercriminals-to-russia-in-prisoner-swap/

Who are the two major hackers Russia just received in a prisoner swap? | Ars Technica https://arstechnica.com/security/2024/08/who-are-the-two-major-hackers-russia-just-received-in-a-prisoner-swap/

Hackers remotely wipe 13,000 students’ iPads and Chromebooks after breaching safety software https://therecord.media/hackers-wipe-student-devices-after-breaching-software

Mobile Guardian Device Management Application to be removed | MOE https://www.moe.gov.sg/news/press-releases/20240805-mobile-guardian-device-management-application-to-be-removed-from-personal-learning-devices

Unfashionably secure: why we use isolated VMs – Thinkst Thoughts https://blog.thinkst.com/2024/07/unfashionably-secure-why-we-use-isolated-vms.html

Ford wants patent for tech allowing cars to surveil and report speeding drivers https://therecord.media/ford-seeks-patent-cars-surveil-speeders-report-to-police

I’m Sorry, Dave, You’re Speeding | WIRED https://www.wired.com/2004/03/im-sorry-dave-youre-speeding/

Cloudflare once again comes under pressure for enabling abusive sites | Ars Technica https://arstechnica.com/security/2024/07/cloudflare-once-again-comes-under-pressure-for-enabling-abusive-sites/

Low-Drama ‘Dark Angels’ Reap Record Ransoms – Krebs on Security https://krebsonsecurity.com/2024/08/low-drama-dark-angels-reap-record-ransoms/

Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say | TechCrunch https://techcrunch.com/2024/07/31/bumble-and-hinge-allowed-stalkers-to-pinpoint-users-locations-down-to-2-meters-researchers-say/

Defending AI Model Files from Unauthorized Access with Canaries | NVIDIA Technical Blog https://developer.nvidia.com/blog/defending-ai-model-files-from-unauthorized-access-with-canaries/