Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
Risky Business #729 -- Why patching faster won't save us
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: Iran-linked attacks on US water infrastructure Why the ownCloud bug isn’t the end of the world The D-Link 0day that… never existed? In defence of Okta Much, much more This week’s show is brought to you by Proofpoint. Ryan Kalember, Proofpoint’s EVP of Cybersecurity Strategy, is this week’s sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks | Cybersecurity Dive North Texas water utility the latest suspected industrial ransomware target | Cybersecurity Dive Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation | Ars Technica Staples hit by cyberattack during critical Cyber Week sales push | Cybersecurity Dive New Jersey, Pennsylvania hospitals affected by cyberattacks 60 credit unions facing outages due to ransomware attack on popular tech provider HHS warns of ‘Citrix Bleed’ attacks after hospital outages Payments processor Tipalti investigating ransomware attack | Cybersecurity Dive CISA's Goldstein wants to ditch 'patch faster, fix faster' model | CyberScoop Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers | CISA Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says Latest severe Chrome bug prompts CISA warning Google researchers report critical 0-days in Chrome and all Apple OSes | Ars Technica Okta again promises it is taking security seriously | Cybersecurity Dive Okta: Breach Affected All Customer Support Users – Krebs on Security Russian and Chinese interference networks are ‘building audiences’ ahead of 2024, warns Meta Meta says it broke up Chinese influence operation looking to exploit U.S. political divisions Clandestine online operations now require sign-off by senior officials - The Washington Post Feds seize Sinbad crypto mixer allegedly used by North Korean hackers | TechCrunch US sanctions North Korean ‘Kimsuky’ hackers after surveillance satellite launch ‘Fugitive’ Spanish aristocrat behind North Korea cryptocurrency conference arrested Used by only a few nerds, Facebook kills PGP-encrypted emails | TechCrunch
Risky Business #728 -- The Citrixbleed ransomware disaster
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The Citrixbleed ransomware crisis Why the FBI hasn’t arrested Scattered Spider members DPRK is in your supply chains Microsoft has a brainwave and buys a HSM When civil war meets pig butchering Much, much more This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes ‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA Australian ports operator recovering after major cyber incident Minister lashes DP World hack failure Gang says ICBC paid ransom over hack that disrupted US Treasury market | Reuters Cyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states | CNN Politics Fidelity National Financial investigating cyberattack that led to service disruption | Cybersecurity Dive Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS North Texas water utility serving 2 million hit with cyberattack Healthcare manufacturer Henry Schein expects platform restored this week after cyberattack High-profile ransomware gang suspects arrested in Ukraine FBI struggled to disrupt dangerous casino hacking gang, cyber responders say | Reuters Chinese spies had acces to Dutch chip maker NXP's systems for over two years: report | NL Times North Korean supply chain attacks prompt joint warning from Seoul and London North Korean attack on CyberLink impacted devices around the world, Microsoft says North Korean ‘BlueNoroff’ group targeting financial institutions with macOS malware Microsoft upgrades security for signing keys in wake of Chinese breach | CyberScoop (14) Microsoft Should Look to the Past for Its Security Future Sacked Ukrainian cyber chief released on bail amid corruption probe Second top Ukrainian cyber official arrested amid corruption probe Report claims to reveal identity of Russian hacktivist leader Rebel offensive in Myanmar takes aim at online scam industry Myanmar Rebel Offensive Helps China's Cybercrime Crackdown Shadowy hacking group targeting Israel shows outsized capabilities | CyberScoop Nearly two dozen Danish energy companies hacked through firewall bug in May Senate proposes surveillance bill without FBI warrant requirement The FCC says new rules will curb SIM swapping. I’m pessimistic | Ars Technica EU urged to drop new law that could allow member states to intercept and decrypt global web traffic Google researchers discover 'Reptar,’ a new CPU vulnerability | Google Cloud Blog Spavor blames fellow prisoner Kovrig for Chinese detention, alleges he was used for intelligence gathering - The Globe and Mail The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story | WIRED
Risky Business #728 -- The Citrixbleed ransomware disaster
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They cover: The Citrixbleed ransomware crisis Why the FBI hasn’t arrested Scattered Spider members DPRK is in your supply chains Microsoft has a brainwave and buys a HSM When civil war meets pig butchering Much, much more This week’s show is brought to you by Airlock Digital. David Cottingham and Daniel Schell are this week’s sponsor guests. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that’s your thing. Show notes ‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA Australian ports operator recovering after major cyber incident Minister lashes DP World hack failure Gang says ICBC paid ransom over hack that disrupted US Treasury market | Reuters Cyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states | CNN Politics Fidelity National Financial investigating cyberattack that led to service disruption | Cybersecurity Dive Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS North Texas water utility serving 2 million hit with cyberattack Healthcare manufacturer Henry Schein expects platform restored this week after cyberattack High-profile ransomware gang suspects arrested in Ukraine FBI struggled to disrupt dangerous casino hacking gang, cyber responders say | Reuters Chinese spies had acces to Dutch chip maker NXP's systems for over two years: report | NL Times North Korean supply chain attacks prompt joint warning from Seoul and London North Korean attack on CyberLink impacted devices around the world, Microsoft says North Korean ‘BlueNoroff’ group targeting financial institutions with macOS malware Microsoft upgrades security for signing keys in wake of Chinese breach | CyberScoop (14) Microsoft Should Look to the Past for Its Security Future Sacked Ukrainian cyber chief released on bail amid corruption probe Second top Ukrainian cyber official arrested amid corruption probe Report claims to reveal identity of Russian hacktivist leader Rebel offensive in Myanmar takes aim at online scam industry Myanmar Rebel Offensive Helps China's Cybercrime Crackdown Shadowy hacking group targeting Israel shows outsized capabilities | CyberScoop Nearly two dozen Danish energy companies hacked through firewall bug in May Senate proposes surveillance bill without FBI warrant requirement The FCC says new rules will curb SIM swapping. I’m pessimistic | Ars Technica EU urged to drop new law that could allow member states to intercept and decrypt global web traffic Google researchers discover 'Reptar,’ a new CPU vulnerability | Google Cloud Blog Spavor blames fellow prisoner Kovrig for Chinese detention, alleges he was used for intelligence gathering - The Globe and Mail The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story | WIRED
Risky Biz Soap Box: Why o365 and Google Workspace are a security liability
In this Soap Box podcast Patrick Gray talks to Material Security’s CEO and co-founder Abhishek Agrawal about the security problems inherent to modern productivity suites. Does it make sense that threat actors can authenticate to o365 and Workspace accounts and clean them out entirely? Years of mail, years of files? Material Security has built a product that tackles this issue. It can lock up email archives behind MFA challenges, redact PII from inboxes, better control files share via Google Drive and OneDrive, and just generally limit the damage a threat actor can inflict when they compromise a cloud productivity account. Even if you’re not interested in buying a product to tackle this, we think this one is a great listen.
Risky Biz Soap Box: Why o365 and Google Workspace are a security liability
In this Soap Box podcast Patrick Gray talks to Material Security’s CEO and co-founder Abishek Agrawal about the security problems inherent to modern productivity suites. Does it make sense that threat actors can authenticate to o365 and Workspace accounts and clean them out entirely? Years of mail, years of files? Material Security has built a product that tackles this issue. It can lock up email archives behind MFA challenges, redact PII from inboxes, better control files share via Google Drive and OneDrive, and just generally limit the damage a threat actor can inflict when they compromise a cloud productivity account. Even if you’re not interested in buying a product to tackle this, we think this one is a great listen.
Risky Business #727 -- Mr Gray goes to Washington
On this week’s show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds’ CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk’s Gaza Strip adventures Much, much more This week’s show is brought to you by Greynoise. Andrew Morris, Greynoise’s founder and CEO, is this week’s sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple’s promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow’s lawsuit against NSO Group
Risky Business #727 -- Mr Gray goes to Washington
On this week’s show Patrick Gray talks through the news with Chris Krebs and Dmitri Alperovitch. They discuss: The SEC enforcement action against Solarwinds’ CISO The White House AI Executive Order CitrixBleed exploitation goes wide How Kaspersky captured some (likely) Five Eyes iOS 0day Elon Musk’s Gaza Strip adventures Much, much more This week’s show is brought to you by Greynoise. Andrew Morris, Greynoise’s founder and CEO, is this week’s sponsor guest. He talks about how Greynoise is using large language models to help them analyse massive quantities of malicious internet traffic. Show notes comp-pr2023-227.pdf Biden signs executive order to oversee and invest in AI tech Risky Biz News: CitrixBleed vulnerability goes from bad to disastrous Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X Andrew Morris on X: "Confluence bug is popping off. VAST majority of it is blasting thru Tor, similar to the first wave of Log4J exploitation two years ago. If you haven't patched, it's probably popped. https://t.co/4JC0uiTaqc https://t.co/wLDgQpq7r0" / X How Kaspersky obtained all stages of Operation Triangulation | Securelist Kaspersky reveals 'elegant' malware resembling NSA code | CyberScoop Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner A cascade of compromise: unveiling Lazarus' new campaign | Securelist Near-total internet and cellular blackout hits Gaza as Israel ramps up strikes Amichai Stein on X: "Israel's Communications Minister @shlomo_karhi in response to Elon Musk: Israel will use all the means at its disposal to fight this. Hamas will use this for terrorist activity. There is no doubt about it. We know it, and Musk knows it. Hamas is ISIS." / X Shashank Joshi on X: "Wonder what encryption, if any, they use? Vulnerable to tapping. "Hamas has maintained operational security by going “stone age” and using hard-wired phone lines while eschewing devices that are hackable or emit an electronic signature." https://t.co/ALVSXb55Zn" / X Hackers that breached Las Vegas casinos rely on violent threats, research shows | CyberScoop Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog GitHub - cloudflare/har-sanitizer Russia to launch its own version of VirusTotal due to US snooping fears iPhones have been exposing your unique MAC despite Apple’s promises otherwise | Ars Technica VMware warns of critical vulnerability affecting vCenter Server product Judge tosses Khashoggi widow’s lawsuit against NSO Group
Risky Biz Soap Box: Stairwell will offer platform to researchers
In this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell. Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place. But as you’ll hear, Stairwell is broadening out the use cases for its platform. You don’t want to forward files from every system? You don’t have to. It’s still very useful as an analysis platform. It’s sort of like VirusTotal, but private and with a bunch more bells and whistles. There’s also a bunch of sharing tools in the platform, which gives it a “social network for CTI nerds” flavour.
Risky Biz Soap Box: Stairwell will offer platform to researchers
In this edition of the Soap Box we hear from Mike Wiacek and Eric Foster from Stairwell. Stairwell makes a product that collects and analyses every executable file in your environment. You deploy file collectors to your systems and they forward all new files to Stairwell for manual and automated analysis. You can do a lot of really cool analysis once you have all that stuff in the same place. But as you’ll hear, Stairwell is broadening out the use cases for its platform. You don’t want to forward files from every system? You don’t have to. It’s still very useful as an analysis platform. It’s sort of like VirusTotal, but private and with a bunch more bells and whistles. There’s also a bunch of sharing tools in the platform, which gives it a “social network for CTI nerds” flavour.
Risky Business #726 -- Okta owned while Cisco takes a massive L
On this week’s show Patrick Gray talks through the news with Dmitri Alperovitch, NSA Cybersecurity director Rob Joyce and NSA CCC director Morgan Adamski. They discuss: The Okta breach 40-50k feral Ciscos Why the http/2 protocol flaw is a real headache The Ragnar Locker takedown What the NSA CCC has been thinking about This week’s show is brought to you by Socket. Socket’s founder Feross Aboukhadijeh joins us this week to talk about their actually-not-crazy use of large language models in their product. Show notes Hackers Stole Access Tokens from Okta’s Support Unit – Krebs on Security Almost 42K Cisco IOS XE devices exploited, no patch available | Cybersecurity Dive Critical Atlassian Confluence CVE under exploit by prolific state-linked actor | Cybersecurity Dive JetBrains vulnerability being exploited by North Korean gov’t hackers, Microsoft says Citrix Netscaler patch for critical CVE bypassed by malicious hackers | Cybersecurity Dive HTTP/2 Rapid Reset: A New Protocol Vulnerability Will Haunt the Web for Years | WIRED How North Korean Workers Tricked U.S. Companies into Hiring Them and Secretly Funneled Their Earnings into Weapons Programs Ragnar Locker takedown Europol: ‘Key target’ in Ragnar Locker ransomware operation arrested in Paris Hacker accused of breaching Finnish psychotherapy center facing 30,000 counts The US Congress Was Targeted With Predator Spyware Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion
Risky Business #726 -- Okta owned while Cisco takes a massive L
On this week’s show Patrick Gray talks through the news with Dmitri Alperovitch, NSA Cybersecurity director Rob Joyce and NSA CCC director Morgan Adamski. They discuss: The Okta breach 40-50k feral Ciscos Why the http/2 protocol flaw is a real headache The Ragnar Locker takedown What the NSA CCC has been thinking about This week’s show is brought to you by Socket. Socket’s founder Feross Aboukhadijeh joins us this week to talk about their actually-not-crazy use of large language models in their product. Show notes Hackers Stole Access Tokens from Okta’s Support Unit – Krebs on Security Almost 42K Cisco IOS XE devices exploited, no patch available | Cybersecurity Dive Critical Atlassian Confluence CVE under exploit by prolific state-linked actor | Cybersecurity Dive JetBrains vulnerability being exploited by North Korean gov’t hackers, Microsoft says Citrix Netscaler patch for critical CVE bypassed by malicious hackers | Cybersecurity Dive HTTP/2 Rapid Reset: A New Protocol Vulnerability Will Haunt the Web for Years | WIRED How North Korean Workers Tricked U.S. Companies into Hiring Them and Secretly Funneled Their Earnings into Weapons Programs Ragnar Locker takedown Europol: ‘Key target’ in Ragnar Locker ransomware operation arrested in Paris Hacker accused of breaching Finnish psychotherapy center facing 30,000 counts The US Congress Was Targeted With Predator Spyware Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion
Risky Biz Soap Box: Preventing MFA reset attacks
Patrick Gray speaks to Yubico’s Jerrod Chong about how organisations can better verify the identities of users when performing MFA resets. In other words, how to not get MGM’d. He also talks about the chain-of-trust issues inherent to synchronisable passkey implementations.
Risky Biz Soap Box: Preventing MFA reset attacks
Patrick Gray speaks to Yubico’s Jerrod Chong about how organisations can better verify the identities of users when performing MFA resets. In other words, how to not get MGM’d. He also talks about the chain-of-trust issues inherent to synchronisable passkey implementations.
Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
On this week’s show Patrick Gray and Lina Lau discuss the week’s security news. They cover: Microsoft has killed VBScript Google to make passkeys the new default sign-in method MGM losses to exceed $100m Clorox has a bad quarter Why a bug in cURL could be really bad news Much, much more This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments. Show notes Deprecated features in the Windows client - What's new in Windows | Microsoft Learn Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states Cybercrime gangs now deploying ransomware within 24 hours of hacking victims Microsoft: Human-operated ransomware attacks tripled over past year Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop 67 X accounts spread coordinated Israel-Hamas disinformation: report John Hultquist🌻 on X: "We are currently seeing pro-Iran information operations actors promoting content across various social media channels, in favor of Hamas and critical of Israel’s response to the attacks. 1/x" / X Hacktivism erupts in response to Hamas-Israel war | TechCrunch ‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines Joe Truzman on X: "Israeli Police Spokesperson: The Cyber Unit of the Police at Lahav 433 has frozen accounts of cryptocurrencies that served Hamas' terrorist organization to solicit donations on social networks. The Cyber Unit of Lahav 433, in cooperation with the Ministry of Defense, the…" / X Cloud giants sound alarm on record-breaking DDoS attacks | Cybersecurity Dive Israel's Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance | WIRED Edward Snowden on X: "Netanyahu nurtured a zillion-dollar industry selling spying tools to despots that use them to break into the iPhones of critics, elected opponents, human rights lawyers, and even students (these are all real examples). Turns out they're not very useful for spying on Hamas, tho.…" / X HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks NVD - CVE-2023-44487 Maintainers warn of vulnerability affecting foundational open-source tool 23andMe user data targeting Ashkenazi Jews leaked online 23andMe User Data Stolen in Credential Stuffing Attack Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability | Ars Technica From AI with love: Scammers integrate ChatGPT into dating-app tool Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist | WIRED
Risky Business #725 -- Microsoft knifes VBScript, passkeys the new default for Google accounts
On this week’s show Patrick Gray and Lina Lau discuss the week’s security news. They cover: Microsoft has killed VBScript Google to make passkeys the new default sign-in method MGM losses to exceed $100m Clorox has a bad quarter Why a bug in cURL could be really bad news Much, much more This week’s show is brought to you by KSOC. Jimmy Mesta, KSOC’s co-founder and CTO, is this week’s sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments. Show notes Deprecated features in the Windows client - What's new in Windows | Microsoft Learn Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states Cybercrime gangs now deploying ransomware within 24 hours of hacking victims Microsoft: Human-operated ransomware attacks tripled over past year Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop 67 X accounts spread coordinated Israel-Hamas disinformation: report John Hultquist🌻 on X: "We are currently seeing pro-Iran information operations actors promoting content across various social media channels, in favor of Hamas and critical of Israel’s response to the attacks. 1/x" / X Hacktivism erupts in response to Hamas-Israel war | TechCrunch ‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines Joe Truzman on X: "Israeli Police Spokesperson: The Cyber Unit of the Police at Lahav 433 has frozen accounts of cryptocurrencies that served Hamas' terrorist organization to solicit donations on social networks. The Cyber Unit of Lahav 433, in cooperation with the Ministry of Defense, the…" / X Cloud giants sound alarm on record-breaking DDoS attacks | Cybersecurity Dive Israel's Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance | WIRED Edward Snowden on X: "Netanyahu nurtured a zillion-dollar industry selling spying tools to despots that use them to break into the iPhones of critics, elected opponents, human rights lawyers, and even students (these are all real examples). Turns out they're not very useful for spying on Hamas, tho.…" / X HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks NVD - CVE-2023-44487 Maintainers warn of vulnerability affecting foundational open-source tool 23andMe user data targeting Ashkenazi Jews leaked online 23andMe User Data Stolen in Credential Stuffing Attack Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability | Ars Technica From AI with love: Scammers integrate ChatGPT into dating-app tool Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist | WIRED