How CNC's Command and Control Is Used to Exploit Vulnerability

This week on Hacker And The Fed we discuss another zero-click exploit attacking iPhones via the iMessage app, millions of PC motherboards may be downloading malware, the FTC slams another company for violations, security researchers find a vulnerability in Gmail's checkmark system that is already being abused. And the Dutch government now mandates an easy way to contact website administrators.

Links from the episode:

Operation Triangulation: iOS devices targeted with previously unknown malware

securelist.com/operation-triangulation/109842/

thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html 

Millions of PC motherboards were sold with a firmware backdoor

arstechnica.com/security/2023/06/millions-of-pc-motherboards-were-sold-with-a-firmware-backdoor/

FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring

thehackernews.com/2023/06/ftc-slams-amazon-with-308m-fine-for.html

Bug in Gmail

twitter.com/chrisplummer/status/1664075886545575941

twitter.com/ChristopheDary/status/1664907465924681728

linkedin.com/posts/christophe-dary-85330561_spf-dmarc-bimi-activity-7070510499196489728-pPTh?utm_source=share&utm_medium=member_desktop

Security.txt now mandatory for Dutch government websites

netherlands.postsen.com/trends/198695/Securitytxt-now-mandatory-for-Dutch-government-websites.html

securitytxt.org

--

Support our sponsors:

Go to HelloFresh.com/hatf16 and use code hatf16 for 16 free meals plus free shipping!

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

--

For more information on Chris and his current work visit naxo.com and follow him on LinkedIn.

Follow Hector @hxmonsegur