Podcast: Play in new window | Download (Duration: 29:33 — 33.8MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast: Facebook revealed that a breach affected 50 million accounts and as many as 90 million users. Is complexity at the root of the social media giant’s troubles? We speak with Gary McGraw of the firm Synopsys about it. Also: BIOS-based malware has been demonstrated at security conferences for years. Last week, the security firm ESET warned that it identified a sample in the wild. Even worse: the Russian Hacking Group Fancy Bear was believed to be responsible. We’ll talk to firmware security expert Giovanni Vigna of the firm Lastline about the truth and hype around LoJax and other firmware based attacks.
North Korean state-sponsored hacking group Lazarus is believed to be behind a recent crypto jacking attack on several banks with an unexpected twist–the use of a Trojan that tricked a company employee into downloading malware, according to Kaspersky Lab.
Questions are being raised about whether remote-access and testing tools from a mysterious company called Breaking Security are made and sold by cyber criminals, after the tools have been widely adopted as a turnkey solution for setting up and running botnets, according to Cisco Talos.
Human rights organization Amnesty International reports it’s been the target of a spyware campaign traced to a secretive Israel cyber-surveillance company and distributed through the chat application WhatsApp.
Because of its potential to earn hackers millions in a steady stream of cash, Kaspersky Labs has deemed crypto-jacking the new ransomware in a report that arrived just as researchers spotted two new types of malware targeting the growing popularity of cryptocurrencies.