In the last week's newsletter, I mentioned the book
This Is How They Tell Me the World Ends: The Cyberweapons Arms Race. I hope a few of you already started reading it. This week we have new information about one of the major stories from the book. Apparently, the Chinese teams managed to get the same exploits from
Equation Group 3 years earlier (
2013) before the Shadow Broker leak. They were happily using the offensive tools against the USA, where the original exploits were found by the US folks only. This story warns us once again about why we should make responsible disclosures. All of the computer exploits can be used against the creator. You can read the wired story with details, or the Checkpoint report for technical details on how did they identify the exploits.
Links for the week
- Unauthorized RCE in VMware vCenter patch your systems regularly
- Vietnamese Human Rights attacked
- Changes in Indian rules for online content, you can also read Access Now story on the same.
- The Saudi Kill Team identified you can also read related backstory from Citizenlab.
- Quickbooks malware
- A rooster was held in Indian police station
- Auth-Bypass in Cisco
- NurseryCam breach
- Matrix/Element exploit
Podcast for the week
You should listen to Michael Foord talking to Brian from Test & Code on
testing, TDD, and many things more.