Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
https://risky.biz/
Risky Business #580 -- Czech spear phishing spurs fightin' words from Pompeo
On this week’s show Patrick and Adam discuss the week’s security news, including:
- Czechs claim state-backed healthcare sector attack preparation
- Pompeo goes full cyber berserker
- New iOS exploit chain targets Uyghur diaspora
- Zoom 0day for $500k? Tell him he’s dreamin’.
This week’s show is brought to you by Trail of Bits. Dan Guido is this week’s sponsor guest and he’s talking about the future of secure, app-based voting.
You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here.
You can subscribe to our new YouTube channel here.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes Czech cyber officials warn of serious threat to health care sector UPDATE 1-Czechs warn of imminent, large-scale cyberattacks on hospitals - Reuters The United States Concerned by Threat of Cyber Attack Against the Czech Republic’s Healthcare Sector - United States Department of State Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers US offers $5 million reward for information on North Korean hackers | ZDNet New iOS exploit discovered being used to spy on China's Uyghur minority | ZDNet Hackers target oil producers as they struggle with a record glut of crude | Ars Technica What fools these mortals be: 'Shakespearean' hackers hit Azerbaijani government and energy sectors Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000 - VICE Security researcher discloses four IBM zero-days after company refused to patch | ZDNet Zoom to revamp bug bounty program, bring in more security experts | ZDNet IT services firm Cognizant hit with Maze ransomware Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting The CFAA will soon have its day before the Supreme Court Hundreds of academics back privacy-friendly coronavirus contact tracing apps | TechCrunch Hackers steal $25 million worth of cryptocurrency from Lendf.me platform | ZDNet Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment | ZDNet DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs | ZDNet German government might have lost tens of millions of euros in COVID-19 phishing attack | ZDNet Tor Project lays off a third of its staff | ZDNet Supply-chain attack hits RubyGems repository with 725 malicious packages | Ars Technica ICEBUCKET group mimicked smart TVs to steal ad money | ZDNet Coronavirus scientists are big targets for foreign cyber-espionage, FBI says New tool detects AWS intrusions where hackers abuse self-replicating tokens | ZDNet Nintendo accounts are getting hacked and used to buy Fortnite currency | ZDNet People Are Making Bots to Snatch Whole Foods Delivery Order Time Slots - VICE (64) Everything you ever wanted to know about Bluetooth contact tracing but were too scared to ask - YouTube Deterrence in cyberspace isn't working. What next? - Risky Business Governments gravitate to Gapple contact tracing standard - Risky Business Seriously Risky Business