On this week’s show Adam Boileau and Patrick Gray discuss the week’s news, including:


CBP loses photo and license plate database
Some Android phones shipped with backdoor
Info on Google’s cloud outage
USG ramps up “defend forward”
Trump and Mnuchin can’t get their stories straight on Huawei
The latest from Baltimore, more on that RDP bug
TalkTalk hacker sentenced
Much, much more


This week’s show is brought to you by Remediant! Remediant CEO Tim Keeler will be along this week to have a chinwag. We’ll talk about how simple security tech is really en vogue these days and how that’s a good thing.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.





Show notes




CBP says hackers stole license plate and travelers' photos | ZDNet


Hackers Breach Company That Makes License Plate Readers for U.S. Government - VICE


Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online • The Register


Google confirms that advanced backdoor came preinstalled on Android devices | Ars Technica


Two-thirds of iOS apps disable ATS, an iOS security feature | ZDNet


How a Google Cloud Catch-22 Broke the Internet | WIRED


Google Cloud Status Dashboard


U.S. ramping up offensive cyber measures to stop economic attacks, Bolton says


Trump and Mnuchin on Huawei, trade, national security


Huawei executive labeled a 'moral vacuum' in heated UK hearing - CNN


Russia and Iran Plan to Fundamentally Isolate the Internet | WIRED


For two hours, a large chunk of European mobile traffic was rerouted through China | ZDNet


Baltimore’s bill for ransomware: Over $18 million, so far | Ars Technica


A botnet is brute-forcing over 1.5 million RDP servers all over the world | ZDNet


Microsoft warns about email spam campaign abusing Office vulnerability | ZDNet


SymCrypt Bug Would Let Attacker "Take Down Entire Windows Fleet"


Senator asks Department of Justice if it can keep a lid on its software exploits


'You don't stand a chance': how the press freedom argument will go for Assange


TalkTalk hacker Daniel Kelley sentenced to four years - BBC News


A Push to Protect Campaigns from Hackers Hits an FEC Roadblock | WIRED


Top voting machine maker reverses position on election security, promises paper ballots | TechCrunch


Windows 10 zero-day details published on GitHub | ZDNet


Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks


New RCE vulnerability impacts nearly half of the internet's email servers | ZDNet


Major HSM vulnerabilities impact banks, cloud providers, governments | ZDNet


'RAMBleed' Rowhammer attack can now steal data, not just alter it | ZDNet


A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’ | TechCrunch


That push notification on your phone might be a phishing attempt


New Spam Campaign Controlled by Attackers via DNS TXT Records


Fortune 500 giant Tech Data exposed customer and billing data | TechCrunch


FBI Issues Warning on ‘Secure’ Websites Used For Phishing


Diebold Nixdorf warns customers of RCE bug in older ATMs | ZDNet


Microsoft Blocks Some Bluetooth Devices Due to Security Risks


Apple's 'Find My' Feature Uses Some Very Clever Cryptography | WIRED


VLC 3.0.7 is Biggest Security Release Due to EU Bounty Program


How to create an EVIL LTE Twin – Adam Toscher – Medium