On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:
This week’s sponsor interview is with Brian Dye, CEO of Corelight. We speak to him about what he’s calling “Open NDR”. A lot of the big SOCs have settled on their preferred ways of sharing threat information, and Brian drops by to talk all about those trends.
Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.
Show notes White House formally blames Russian intelligence service SVR for SolarWinds hack | The Record by Recorded Future CISA, FBI, NSA reveal five enterprise bugs exploited by Russia's APT29 group | The Record by Recorded Future Hackers go after SonicWall email appliances with three zero-days | The Record by Recorded Future Hackers are exploiting a Pulse Secure 0-day to breach orgs around the world | Ars Technica New Cring ransomware deployed via unpatched Fortinet VPNs | The Record by Recorded Future US says APTs are using Fortinet bugs to gain initial access for future attacks | The Record by Recorded Future Nightmare week for security vendors: Now a Trend Micro bug is being exploited in the wild | The Record by Recorded Future Password manager Passwordstate hacked to deploy malware on customer systems | The Record by Recorded Future Codecov discloses 2.5-month-long supply chain attack | The Record by Recorded Future Vulnerability in time-syncing software puts a ton of corporate networks at risk | The Record by Recorded Future NSA says it found new critical vulnerabilities in Microsoft Exchange Server Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities | USAO-SDTX | Department of Justice Ransom Gangs Emailing Victim Customers for Leverage – Krebs on Security Ransomware gang tries to extort Apple hours ahead of Spring Loaded event | The Record by Recorded Future UnitingCare Queensland hit by cyber attack - Security - iTnews Ransomware gang threatens to expose police informants if ransom is not paid | The Record by Recorded Future Ransomware gang wants to short the stock price of their victims | The Record by Recorded Future How the Kremlin provides a safe harbor for ransomware Malvertisers hacked 120 ad servers to load malicious ads | The Record by Recorded Future Security researcher drops Chrome and Edge exploit on Twitter | The Record by Recorded Future Recent Chromium bug used to attack Chinese WeChat users | The Record by Recorded Future SAP systems usually come under attack 72 hours after a patch | The Record by Recorded Future European cops collected data from encrypted chat service for weeks prior to cocaine bust Colombia’s cartels target Europe with cocaine, corruption and torture | Drugs trade | The Guardian Australian firm Azimuth unlocked the San Bernardino shooter’s iPhone for the FBI - The Washington Post Signal >> Blog >> Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective Lawyer Asks For New Trial After Cellebrite Vulnerability Discovery Cellebrite Pushes Update After Signal Owner Hacks Device Signal Adds a Payments Feature—With a Privacy-Focused Cryptocurrency | WIRED WhatsApp Spying Site Blames WhatsApp for Letting It Spy Phone numbers for 533 million Facebook users leaked on hacking forum | The Record by Recorded Future Facebook Wants to 'Normalize' the Mass Scraping of Personal Data Palestinian Hackers Tricked Victims Into Installing iOS Spyware | WIRED The UK Is Trying to Stop Facebook's End-to-End Encryption | WIRED Hackers move $760 million from the 2016 Bitfinex hack | The Record by Recorded Future 'Fourth Amendment Is Not For Sale Act' Would Ban Clearview and Warrantless Location Data Purchases Ill-advised research on Linux kernel lands computer scientists in hot water | The Daily Swig Researchers trick Duo 2FA into sending authentication request to attacker-controlled device | The Daily Swig NAME:WRECK vulnerabilities impact millions of smart and industrial devices | The Record by Recorded Future Google's Project Zero updates vulnerability disclosure rules to add patch cushion | The Record by Recorded Future Suspected North Korean hackers set up fake company to target researchers, Google says - CyberScoop National security: Five Eyes split demands Australia reset with New Zealand Dan Kaminsky: Tributes pour in for security researcher who died after short illness | The Daily Swig