In this week’s podcast (#124): we speak with French security researcher Baptiste Robert about research on the social media accounts pushing the french “Yellow Vest” protests. Surprise, surprise: they’re not french. Also: Brian Fox of the firm Sonatype joins us to talk about the recent compromise of the Github event-stream project and why social engineering poses a real risk to the security of the software supply chain.
A small Nigerian Internet service provider (ISP) hijacked traffic meant for Google data centers on Monday, re-routing local traffic through China and Russia and making some hosted services temporarily unavailable for users.
China is eyeing dominance of the Internet of Things (IoT) market and may use vulnerabilities in these technologies as the next front on its ongoing cyberwar with the United States, according to a new report.
In this week’s episode (#115), noted hardware enthusiast and hacker Joe Grand (aka “Kingpin”) told reporters from Bloomberg that finding an in-the-wild supply chain hack implanting malicious hardware on motherboards was akin to witnessing “a unicorn jumping over a rainbow.” They went with their story about just such an attack anyway. Joe joins us in the Security Ledger studios to talk about whether Bloomberg got it right. Also, Adam Meyers of Crowdstrike comes into the studio to talk about the U.S. Department of Justice indictment of seven Russian nationals. Adam talks about the hacks behind the charges and what comes next.
Attacks against smart devices are surging, with both old and new threats targeting connected devices that remain largely unsecured, according to researchers at Kaspersky Lab.
