Podcast Episode 15: So. Much. News!!

In this week’s news we have a lot to cover. We talk about an intrusion at StackOverflow, a proposal to modify the WordPress plugin guidelines, how Chinese hackers are getting better at stealing US cyber secrets, ethical issues of firms promising ransomware solutions that only include paying the ransomware, a breach on the Joomla extension directory server, Google’s aggregation of your purchase receipts and suspension of Android support for Huawei amongst many other stories.

Here are approximate timestamps in case you want to jump around:
0:46 Code signing in WordPress 5.2
4:07 Stack Overflow intrusion
8:00 WordPress plugin guideline proposal
12:00 US cyber secrets being stolen by China
16:00 Ransomware solution
21:11 Joomla extension directory experienced an intrusion
24:40 Google aggregating purchase data
27:58 Google suspends Android support for Huawei
33:00 How effective is basic account hygiene at preventing hijacking
35:00 735K fraudulently obtained IP addresses revoked
38:29 Baltimore ransomware nightmare continues
43:01 460,000 user accounts breached on Uniqlo online
43:59 OGusers forum hacked

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

• Code signing is now a part of WordPress as of version 5.2. A vulnerability found by Wordfence developer Matt Barry illustrates why this is important.
• Stack Overflow experienced an intrusion on their dev environment that affected about 250 public users.
• A proposal to modify the WordPress plugin guidelines is up for discussion. The proposal will limit the alerts on the plugin dashboard to reduce noise.
• US cyber secrets are being stolen as China is getting better at stealing them.
• Firms promising ransomware solutions are usually just paying the ransom.
• A breach on the Joomla extension directory was recently discovered.
• Google is aggregating your purchase receipts, and it’s difficult to delete.
• Google suspends Android support for Huawei, though the Trump administration has temporarily lifted the ban.
• Google security research looks at how basic account hygiene prevents hijacking.
• Approximately 735,000 fraudulently obtained IP addresses have been revoked by ARIN.
• The Baltimore ransomware nightmare continues, crippling the Maryland city.
• Over 460,000 accounts stolen from Uniqlo, a Japanese clothing company.
• OGusers, a forum popular with those involved in hijacking online accounts and SIM swapping attacks has itself been breached.

You can find me on Twitter as @mmaunder and Kathy as @kathyzant. Please don’t hesitate to post your feedback in the comments below.