Saturday, December 5, 2020

S3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tips

We look at a network intrusion where the crooks tried to take over dozens of different online accounts from every user, we discuss the potential dangers of digital doorbells, and we give you some handy hints for improving your...

S3 Ep8: A conversation with Katie Moussouris

How do you go from pentester to creator of Microsoft’s bug bounty program? Find out from hacker and vulnerability disclosure pioneer, Katie Moussouris. Join us for a fascinating interview with Katie about her journey, the bugs in bug bounty...

S3 Ep7: When ransomware crooks get a big fat zero!

In this episode: we say thanks to companies that refuse to pay ransomware hush money, dig into the new Sophos 2021 Threat Report, and take a quick look inside a malicious Linux kernel driver. Also, a sneak preview of...

S3 Ep6: How not to get scammed

In this episode: when payments go astray, why "just in case" cybersecurity warnings do more harm than good, how to shop safely on Black Friday and beyond, and (oh no!) what to do when all your emails disappear. With Kimberly...

S3 Ep5: Chrome, Flash and malware for sale

In this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of "malware-as-a-service", and the malware risks from image search. Also (oh! no!), why you should take care before you pair.

S3 Ep4.5: FBI "ransomware warning" for healthcare is a warning for everyone

On Wednesday, the FBI, CISA and HHS released an unprecedented warning against "an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers." In this quick mini-sode, Chester Wisniewski (Principal Research Scientist at Sophos) discusses what the threat...

S3 Ep4: Now THAT'S what I call a fire alarm!

S3 Ep4: Now THAT'S what I call a fire alarm! This week: Facebook scammers trick you with fake copyright notices, voice scammers automate their attacks on the vulnerable, how to tune up your mobile privacy, and (oh! no!) the best/worst...

S3 Ep3: Breaking crypto, busting hackers and pwning Chrome

This week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and (oh no!) why your vocabulary needs the word "restore"...

S3 Ep2: Creepy smartwatches, botnets and Pings of Death

This week we investigate a creepy smartwatch for kids, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and (oh no!) find the source of mysterious beeping from every computer in the...

S3 Ep1: Ransomware – is it really OK to pay?

Join us for the first episode in our brand new Series 3! This week we wonder whether Cybersecurity Awareness Month is a waste of time, explain the concept of "linkless phishing", ask if it's ever OK to pay a...

S3 Trailer: We’re back!

Get ready. A brand new season arrives Thursday, October 8th.

S2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapades

END OF SERIES SPECIAL: This week Mark shares why Pablo Escobar’s brother is suing Apple for $2.6b, Greg talks about a malicious ‘Octopus Scanner’ targeting developers on Github and Duck discusses the “Sign in with Apple” account...

S2 Ep41: Super-sized ransomware, FBI v Apple and AirPods hot or not

This week Peter shares how Ragnar Locker ransomware deploys a virtual machine to dodge security, Mark discusses the latest in the Apple v FBI saga and Duck talks "MagicPairing." Producer Alice Duckett is joined by Sophos experts Mark Stockley,...

S2 Ep40: Demonic printers, a sleazy stalker and 10 reasons to patch

This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin...

S2 Ep39: Thunderspy, government encryption, and reply all mistakes

In this episode Mark discusses government encryption, Duck tells us why turning your computer off is a cool idea and Greg regales us with his reply all woes. Host Anna Brading is joined by Sophos experts Mark Stockley, Paul...
SecurityWeek

Italy Says Two Arrested for Defense Data Theft

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday. The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...

The US Used the Patriot Act to Justify Logging Website Users

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
ZDNet

Ransomware hits helicopter maker Kopter

Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
ZDNet

Ransomware gangs are now cold-calling victims if they restore from backups without paying

Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
SC Magazine

Kmart, a vulnerable target, among those hit in Egregor ransomware attack spree

The fast-moving Egregor ransomware added Kmart to its list of retail targets, one day before the same attack group hit the Vancouver metro. The fast-moving Egregor ransomware has already hit other recognizable companies, most notably Barnes and Noble. Egregor first...