On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:


SEC fines tech firms for downplaying the Solarwinds hacks
Anonymous Sudan still looks and quacks like a Russian duck
Apple proposes max 10 day TLS certificate life
Oopsie! Microsoft loses a bunch of cloud logs
Veeam and Fortinet are bad and should feel bad
North Koreans are good (at hacking)
And much, much more.


This week’s episode is sponsored by Proofpoint. Chief Strategy Officer Ryan Kalember joins to talk about their work keeping up with prolific threat actor SocGholish.

This episode is also available on Youtube.



Show notes


Four cyber companies fined for SolarWinds disclosure failures

U.S. charges Sudanese men with running powerful cyberattack-for-hire gang

Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals | WIRED

Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious

Microsoft confirms partial loss of security log data on multiple platforms | Cybersecurity Dive

Risky Biz News: Apple wants to reduce the lifespan of TLS certificates to 10 days

Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police

Crypto platform Radiant Capital says $50 million in digital coins stolen following account compromises

North Korean hackers use newly discovered Linux malware to raid ATMs - Ars Technica

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Security

Here’s how SIM swap in alleged bitcoin pump-and-dump scheme worked - Ars Technica

Critical Veeam CVE actively exploited in ransomware attacks | Cybersecurity Dive

FortiGate admins report active exploitation 0-day. Vendor isn’t talking. - Ars Technica

Hackers reportedly impersonate cyber firm ESET to target organizations in Israel

The latest in North Korea’s fake IT worker scheme: Extorting the employers

Ver todos los episodios