Cybersecurity Headlines

The podcast discusses a supply chain attack at CodeCov, a phishing campaign targeting large organizations, Windows 10 issues, a security bug in the Go library, a major BGP routing leak, a Twitter outage, over 1900 active hacking groups, top encountered malware strains of 2020, the passing of Charles Geshe, the 50th anniversary of FTP's development, and a weekly video chat on hacking distractions in cybersecurity.

SolarWinds attack linked to Russia, Chrome zero-day exploit, Chrome 90 released, Facebook fake accounts revealed, Sonatype sponsors software supply chain security. RAT functionality, cloud attacks, desktop app vulnerabilities, debunking cloud security myths discussed.

Davi Ottenheimer, vp, trust and digital ethics, Inrupt, joins the podcast to discuss cyber attacks, attribution, bug bounties, and prioritization. Topics include Israel's attack on Iran's nuclear reactor, data leak from Clubhouse, and the FBI's patching efforts. Excitement and concern are expressed regarding Israeli attribution and there is a debate on prioritizing cyber attacks amidst bigger issues like systemic racism.

FBI patches Exchange server backdoors, surge in Iced ID malware after Emotet shutdown, draft plan to improve power grid security, WhatsApp vulnerability, iPhone unlocking, exploiting code flaw, browser makers rejecting Flock, and deepfake threat to enterprises.

The podcast discusses a Chrome zero-day exploit, April Patch Tuesday patches, and the global financial system's vulnerability to cyberattacks. It also explores DNS vulnerabilities, Intel's partnership with DARPA, and a tax season phishing scam. Additionally, it covers new social engineering tactics such as malicious QR codes, hacking dialog boxes, deep fakes, and contact form attacks.

Nvidia announces AI tools, Biden's cybersecurity nominations, Apple chip security, software updates blocked, cheese shortage ransomware, Google's cookie alternative blocked, Zoom exploit, Microsoft's cyber-battle simulator.

Israeli cyberattack on Iranian nuclear facility, Joker malware infects Huawei devices, critical cloud bug in VMware Carbon Black, Sonatype's Nexus platform for software supply chain security, Clubhouse data leak affecting 1.3 million users, personal data of cyber criminals leaked in hack of carding forum.

Topics discussed in this podcast include Office 365 phishing, fake antivirus subscription bills, PHP user database leak, Trump's tweets blocked from National Archives, Facebook data leak, Microsoft OS vulnerabilities, Dark Web user's sentencing, and Sotero sponsor's data encryption service.

Former CISO of Dropbox, Justin Berman, discusses evolving tactics in cyber security, including ransomware as a service and hidden malware. They also talk about investment in firmware, a LinkedIn spearfishing campaign, the role of security in a corporate environment, and the abuse of platforms like GitHub and LinkedIn.

Malware spreading through Slack and Discord file sharing, Facebook responds to user data leak, impact of Cring ransomware, wine scams during lockdown, Google Forms used for phishing toolkits, launch of new tech regulator in the UK.