On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• Apple ruins exploit developers’ week with fresh memory corruption mitigations
• Feross Aboukhadijeh drops by to talk about the big, dumb npm supply chain attack
• Salesloft says its GitHub was the initial entry point for its compromise
• Sitecore says people should “patch” its using-the-keymat-from-the-documentation “zero day”
• Rogue certs for 1.1.1.1 appear to be just (stupid) testing
• Jaguar Land Rover ransomware attackers are courting trouble

This week’s episode is sponsored by open source cloud security tool, Prowler. Founder Toni de la Fuente joins to discuss their new support for Microsoft 365. Time to point Prowler at your OneDrive and Sharepoint!

This episode is also available on Youtube.

• Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research
• Venezuela's president thinks American spies can't hack Huawei phones | TechCrunch
• 18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security
• Software packages with more than 2 billion weekly downloads hit in supply-chain attack - Ars Technica
• Salesloft platform integration restored after probe reveals monthslong GitHub account compromise | Cybersecurity Dive
• CISA orders federal agencies to patch Sitecore zero-day following hacking reports | The Record from Recorded Future News
• SAP warns of high-severity vulnerabilities in multiple products - Ars Technica
• The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. - Ars Technica
• Cyberattack on Jaguar Land Rover threatens to hit British economic growth | The Record from Recorded Future News
• Cyberattack forces Jaguar Land Rover to tell staff to stay at home | The Record from Recorded Future News
• Bridgestone Americas continues probe as it looks to restore operations | Cybersecurity Dive
• Qantas penalizes executives for July cyberattack | The Record from Recorded Future News
• Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' | The Record from Recorded Future News
• GOP Cries Censorship Over Spam Filters That Work – Krebs on Security
• Risky Bulletin: APT report? No, just a phishing test! - Risky Business Media
• Post by @patrick.risky.biz — Bluesky

In this edition of the Snake Oilers podcasts, three vendors pop in to pitch you all on their wares:

• Automated, AI-powered threat hunting with Nebulock

Damien Lewke from Nebulock joins the show to talk about how its agentic AI platform can surface attacker activity out of all those “low” and “informational” findings your detection team doesn’t have time to look at.

• Runtime security for hypervisors from Vali Cyber

Austin Gadient from Vali Cyber stops by to talk about ZeroLock, its hypervisor security product. It’s marketed as a counter-ransomware control but is just a generally useful security platform for virtualised environments.

• A secure mobile telco: Cape

The only thing American cell providers love more than providing patchy coverage is getting their customers’ data owned. Cape is here to change that. It’s a security and anonymity-focussed virtual mobile network operator (MVNO) that’s been spun up by a highly competent team. If we lived in the USA we would be customers, and a bunch of CISOs listening to this might want to consider Cape subscriptions for their workforce.

This episode is also available on Youtube

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including:

• The Salesloft breach and why OAuth soup is a problem
• The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed
• Google says it will stand up a “disruption unit”
• Microsoft writes up a ransomware gang that’s all-in on the cloud future
• Aussie firm hot-mics its work-from-home employees’ laptops
• Youtube scam baiters help the feds take down a fraud ring

This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools can help smaller organisations claw their way above the “security poverty line”. A dedicated monitoring team, threat hunting and alert triage, in a company that only has a couple of part time infosec people? Yes please!

This episode is also available on Youtube.

• The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
• Salesloft: The Leading AI Revenue Orchestration Platform
• Palo Alto Networks, Zscaler customers impacted by supply chain attacks | Cybersecurity Dive
• The impact of the Salesloft Drift breach on Cloudflare and our customers
• China used three private companies to hack global telecoms, U.S. says
• CSA_COUNTERING_CHINA_STATE_ACTORS_COMPROMISE_OF_NETWORKS.PDF
• Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense | CyberScoop
• Ransomware gang takedowns causing explosion of new, smaller groups | The Record from Recorded Future News
• Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier | The Record from Recorded Future News
• Storm-0501’s evolving techniques lead to cloud-based ransomware | Microsoft Security Blog
• The Era of AI-Generated Ransomware Has Arrived | WIRED
• Between Two Nerds: How threat actors are using AI to run wild - YouTube
• Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
• UK sought broad access to Apple customers’ data, court filing suggests
• ICE reactivates contract with spyware maker Paragon | TechCrunch
• WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
• Safetrac turned staff laptops into covert recording devices to monitor WFH
• Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring - Risky Business Media