On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news in front of a live audience at AISA’s CyberCon in Canberra.
They cover:
- Yevgeny Prigozhin’s entire enterprise got majorly owned
- Kremlin bans iPhones among President’s staff
- A look at those Android handset baseband bugs (woof)
- A discussion of the acropalypse issue
- Why you need to sort out your egress filtering in light of the latest Outlook bug
- Shanna Daly joins us on stage to talk about why the infosec industry sucks
- Plus much much more
This week’s show is sponsored by Stairwell. Mike Wiacek, Stairwell’s founder, is this week’s sponsor guest.
Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing.
Show notes
- Dossier Center Investigation: Prigozhin's Cyber Troops
- Unwanted communications - Newspaper Kommersant No. 46 (7491) dated 03/20/2023
- Google tells users of some Android phones: Nuke voice calling to avoid infection | Ars Technica
- Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets
- Severe exploit could expose sensitive data on Pixel screenshots previously cropped
- Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug
- Ransomware gang exploited a zero-day in Microsoft security feature, Google says
- Feds Charge NY Man as BreachForums Boss “Pompompurin” – Krebs on Security
- After BreachForums arrest, new site administrator says the platform will live on
- 3xp0rt on Twitter: "BreachForums is offline everywhere https://t.co/Q2o133e9Oy" / Twitter
- Two U.S. Men Charged in 2022 Hacking of DEA Portal – Krebs on Security
- Crypto ‘Mixer’ Laundered $700 Million For Customers, Including Russian And North Korean Spies, DOJ Says
- China-linked hackers exploit Fortinet zero-day in new spying campaign
- Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA
- Clop ransomware is victimizing GoAnywhere MFT customers
- Security firm Rubrik is latest to be felled by GoAnywhere vulnerability | Ars Technica
- Crypto ATM manufacturer General Bytes hacked, at least $1.5 million stolen