On this week’s show Patrick Gray and Adam Boileau discuss the week’s infosec news, including:
- Chinese spooks all up in western telco lawful intercept
- Jerks ruin the Internet Archive’s day
- Microsoft drops a great report with a bad chart
- The feds make their own crypto currency and get it pumped
- Forti-, Palo- and Ivanti-fail
- And much, much more.
This week’s episode is sponsored by detection-as-code vendor Panther. Casey Hill, Panther’s Director Product Management joins to discuss why the old “just bung it all in a data lake and… ???… “ approach hasn’t worked out, and what smart teams do to handle their logs.
This episode is also available on [Youtube].(https://youtu.be/86zy6DcwtbE)
Show notes - White House forms emergency team to deal with China espionage hack - The Washington Post
- DDoS attacks on Internet Archive continue after data breach impacting 31 million
- Microsoft Digital Defense Report 2024
- Ransomware encryption down amid surge of attacks, Microsoft says | CyberScoop
- Russian court websites down after breach claimed by pro-Ukraine hackers
- Ukrainian anti-corruption agency reportedly finds no violations in disclosures of top cyber official
- Trump campaign turns to secure hardware after hacking incident | Reuters
- FBI creates its own crypto token to nab suspects in alleged fraud scheme
- District of Massachusetts | Eighteen Individuals and Entities Charged in International Operation Targeting Widespread Fraud and Manipulation in the Cryptocurrency Markets | United States Department of Justice
- Critical CVE in 4 Fortinet products actively exploited | Cybersecurity Dive
- Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
- Palo Alto Expedition: From N-Day to Full Compromise
- Ivanti up against another attack spree as hackers target its endpoint manager | Cybersecurity Dive
- 1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies · GitHub
- Recently-patched Firefox bug exploited against Tor browser users
- Two never-before-seen tools, from same group, infect air-gapped devices - Ars Technica
- A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security
- Opinion | The Cyber Sleuth - Washington Post