On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Chinese spooks all up in western telco lawful intercept
• Jerks ruin the Internet Archive’s day
• Microsoft drops a great report with a bad chart
• The feds make their own crypto currency and get it pumped
• Forti-, Palo- and Ivanti-fail
• And much, much more

This week’s episode is sponsored by detection-as-code vendor Panther. Casey Hill, Panther’s Director Product Management joins to discuss why the old “just bung it all in a data lake and… ???… “ approach hasn’t worked out, and what smart teams do to handle their logs.

Show notes:

White House forms emergency team to deal with China espionage hack - The Washington Post https://www.washingtonpost.com/national-security/2024/10/11/china-hack-telecoms-salt-typhoon/

Exclusive | U.S. Officials Race to Understand Severity of China’s Salt Typhoon Hacks - WSJ https://www.wsj.com/politics/national-security/u-s-officials-race-to-understand-severity-of-chinas-salt-typhoon-hacks-6e7c3951

DDoS attacks on Internet Archive continue after data breach impacting 31 million https://therecord.media/internet-archive-data-breach-ddos-defacement

Microsoft Digital Defense Report 2024 https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/Microsoft%20Digital%20Defense%20Report%202024%20%281%29.pdf

Ransomware encryption down amid surge of attacks, Microsoft says | CyberScoop https://cyberscoop.com/ransomware-encryption-down-attacks-up-nation-state-crime/

Russian court websites down after breach claimed by pro-Ukraine hackers https://therecord.media/russian-court-websites-down-attack-claimed-pro-ukraine-group

Dutch government to manually replace tens of thousands of hackable traffic lights https://news.risky.biz/risky-biz-news-dutch-government-to-manually-replace-tens-of-thousands-of-hackable-traffic-lights/

Ukrainian anti-corruption agency reportedly finds no violations in disclosures of top cyber official https://therecord.media/illia-vitiuk-ukraine-investigation-anti-corruption-agency

Trump campaign turns to secure hardware after hacking incident | Reuters https://www.reuters.com/world/us/trump-campaign-turns-secure-hardware-after-hacking-incident-2024-10-11/

FBI creates its own crypto token to nab suspects in alleged fraud scheme https://www.ft.com/content/fca21775-f94d-4af4-b778-c1b72cc119f4

District of Massachusetts | Eighteen Individuals and Entities Charged in International Operation Targeting Widespread Fraud and Manipulation in the Cryptocurrency Markets | United States Department of Justice https://www.justice.gov/usao-ma/pr/eighteen-individuals-and-entities-charged-international-operation-targeting-widespread

Critical CVE in 4 Fortinet products actively exploited | Cybersecurity Dive https://www.cybersecuritydive.com/news/critical-cve-fortinet-exploited/729736/

Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/

Palo Alto Expedition: From N-Day to Full Compromise – Horizon3.ai https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Ivanti up against another attack spree as hackers target its endpoint manager | Cybersecurity Dive https://www.cybersecuritydive.com/news/ivanti-endpoint-manager-hackers-attack/728814/

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies · GitHub https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52

Recently-patched Firefox bug exploited against Tor browser users https://therecord.media/recently-patched-firefox-bug-being-used-against-tor-browser-users

New Release: Tails 6.8.1 | The Tor Project https://blog.torproject.org/new-release-tails-6-8-1/

Two never-before-seen tools, from same group, infect air-gapped devices - Ars Technica https://arstechnica.com/security/2024/10/two-never-before-seen-tools-from-same-group-infect-air-gapped-devices/

A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security https://krebsonsecurity.com/2024/10/a-single-cloud-compromise-can-feed-an-army-of-ai-sex-bots/

Opinion | The Cyber Sleuth - Washington Post https://www.washingtonpost.com/opinions/interactive/2024/cyber-sleuth/