Podcast: Play in new window | Download (Duration: 19:17 — 11.5MB)
Argentinian data breach, NPM supply chain attack, Apple as a bad security neighbor, Play store fees dropping, and the return of the 90s encryption ban
Links:
Argentina RENAPER DB breached
https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/
https://techstory.in/argentinas-entire-population-at-risk-hacker-steals-government-id-database/
NPM supply chain attack: UA-Parser-JS lib released with backdoor
https://www.bleepingcomputer.com/news/security/popular-npm-library-hijacked-to-install-password-stealers-miners/
https://blog.sonatype.com/npm-project-used-by-millions-hijacked-in-supply-chain-attack
Apple silently fixing reported bugs without giving credit
https://www.bleepingcomputer.com/news/apple/apple-silently-fixes-ios-zero-day-asks-bug-reporter-to-keep-quiet/
Bringing back the encryption ban – this time “hacking tools”
https://www.bleepingcomputer.com/news/security/us-govt-to-ban-export-of-hacking-tools-to-authoritarian-regimes/
https://public-inspection.federalregister.gov/2021-22774.pdf