SN 732: SIM Jacking
This Week's StoriesSIMjacker allows attackers to hijack any phone just by sending it an SMS message.Here comes iOS "Lucky" 13!Chrome follows Mozilla to DoH with a twist.Want to enable DoH in Chrome right now? You can, right now, if...
SN 731: DeepFakes
This week's stories:Get rich quick spotting deepfakes!A forced two-day recess of all schools in Flagstaff, ArizonaThe case of a ransomware operator being too greedyApple's controversial response to Google's discovery of Chinese iOS hacksZerodium's new payout schedule and what it...
SN 730: The Ransomware Epidemic
This Week's Stories:Google expands its bug bounty programNew bug bounty millionairesGoogle's Project Zero group dropped a bomb on iOSRansomware attacks on local governments and businesses are on the riseWe invite you to read our show notes at https://www.grc.com/sn/SN-730-Notes.pdf ...
SN 729: Next Gen Ad Privacy
• Texas Ransomware Update• Remember that Kazakhstan cert?• The mixed-blessing of "wide open" source projects• RubyGems is in trouble again• Chrome to add data breach notification• iOS v12.4 updated quickly to 12.4.1• Next-gen ad privacyWe invite you to read...
SN 728: The KNOB is Broken
• Last Tuesday was another busy and important patch Tuesday• And speaking of Patch Tuesday... 3rd-Party A/V Strikes Again!• Kaspersky facilitates independent web tracking• So, what the heck is "CTF" ??• 23 Government agencies in Texas were hit with...
SN 727: BlackHat & DefCon
This Week's Stories• BlackHat and Def Con 2019• Microsoft dangles $300,000 for Azure hacks at BlackHat...• Hotel chaos from Germany's Chaos Computer Club• 40 dangerous drivers• Google's battle to allow its Incognito users' Incognitoness to be Incognito• Microsoft ranks...
SN 726: Steve’s File Sync Journey
This week's stories• A widespread false alarm about Facebook's planned subversion of end-to-end encryption• Still more municipality Ransomware attacks• Anti-encryption saber rattling among the Five Eyes nations• Microsoft's discovery of Russian-backed IoT compromise• Chrome 76's changes• Black Hat and...
SN 725: Urgent/11
This Week's Stories- Marcus Hutchins ... is Free!- U.S. Attorney General Bill Barr on "warrant proof data encryption"- What malware is the most popular underground?- This Week in Ransomware- Your NAS is Grass!- 11 vulnerabilities in VxWorks' TCP/IP stack...
SN 724: Hide Your RDP Now!
This Week's Stories• Welcome to Kazakhstan! Please check your privacy at the border.• Mozilla marking all non-HTTPS pages as "not secure"• Chrome Incognito Mode getting a bit more incognito• A forthcoming "super Incognito mode" for Firefox• Rust-TLS outperforms OpenSSL...
SN 723: Encrypting DNS
• Bullet points from last Tuesday's monthly Windows patches as well• Notes from the end of Windows 7• Laporte County Under Ransomware Attack• The mixed blessing of fining companies for self-reporting• A survey of enterprise malware headaches• Some Mozilla/...
SN 722: Gem Hack & Ghost Protocol
This Week's Stories• Mozilla's privacy-enhancing DNS over HTTPS support• Facial recognition and automobile license plate scanners• The future of satellite-based Internet services• How a Ruby code repository was hacked• The UK GCHQ's proposal for adding "ghost" participants into private...
SN 721: Exposed Cloud Databases
• Ransomware in Florida and elsewhere• The "Going Dark" anti-encryption debate• A BlueKeep Proof of Concept demo produced by the guys at SophosLabs• Massive publicly-exposed databases• Chinese IoT manufacturer logs a million+ customer devices into a 2+ billion record...
SN 720: Bug Bounty Business
• Update on the Linux TCP SACK Kernel panic• Hackers exploit a Firefox flaw and attack Coinbase• Google corrects a flaw with Nestcam• An elegant solution to OpenSSH key theft via Rowhammer attacks• Update on the BlueKeep RDP vulnerability•...
SN 719: Exim Under Siege
• A new DRAM problem called "RAMBleed"• A bad Linux TCP SACK server kernel crashing flaw• Last week's patch Tuesday• A Bluetooth surprise• Another useless warning about the BlueKeep vulnerability• Microsoft misses a 90-day Tavis Ormandy deadline• Good news...
SN 718: Update Exim Now!
• SandboxEscaper drops another 0-day• The still-not-yet-widely-exploited BlueKeep vulnerability• GoldBrute Botnet pounding on RDP servers (but not yet using BlueKeep)• The FBI issued an interesting advisory about not trusting secure sites just because they're secure• VLC receives 33 security...
Ning Wang – Offensive Security
Ning WangCEO Offensive Security
Why Nominated: Ning Wang is a rising star has worked to break the
boundaries in the security industry, so that people can see that anyone is
capable of starting a career in cybersecurity and advancing it –...
Dani Martínez – IOActive
Dani MartínezSecurity ConsultantIOActive
Why nominated:
Dani Martínez proved to be a self-starter, beginning his career in
IT he soon developed an interest in cybersecurity and began taking online
courses in his spare time. Martínez also dove write in and began a
cybersecurity blog...
Maurice Stebila – Harman, a Samsung Company
Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company
Why nominated: Maurice Stebila has spent more than 30 years in the automotive,
manufacturing and financial services industry supporting two of the world’s
largest companies – EDS/General Motors and Harman by Samsung...
Ed Adams – Security Innovation
Ed AdamsPresident and CEOSecurity Innovation
Why Nominated:
A highly respected veteran of the cybersecurity industry, Security Innovation
CEO Ed Adams has taken on several new leadership roles in the year or so. Last
April, he was named to board of directors of...
David Archer – Galois
David ArcherPrincipal scientistGalois
Why Nominated: Archer, an
advocate for preserving privacy of data even when it’s used in decision-making
both within the U.S. at all levels of government as well as internationally,
directs research in privacy-preserving information technologies.
Profile: David Archer is all...
