32: Breaches, Damned Breaches, and Statistics

SolarWinds and SUNBURST are still consuming the Infosec community and a few things have happened since our last episode. Since the Department of Justice has admitted that they were breached and that email inboxes were accessed, Kev tells us just how bad it is. We cover the saga from all angles, from Jetbrains to attribution and techniques to stock prices. And a cybersecurity podcast in 2021 wouldn’t be a cybersecurity podcast in 2021 if we didn’t talk about WhatsApp and the Twittersphere histrionics that have been going on. We shed some light over whether the changes to their privacy policy truly heralds a U-turn – or whether it's all just another excuse for some #outrage. Next up, cyber crackdowns and criminal marketplaces as the UK's National Crime Agency goes softly, softly. And finally, in "Hackers Could ..." Google's ReCaptcha can hack itself?***JetBrains in Solarwinds supply chainhttps://www.nytimes.com/2021/01/06/us/politics/russia-cyber-hack.htmlJustice Department breached https://www.theguardian.com/technology/2021/jan/06/doj-email-systems-solarwinds-hackersWhatsApp, Facebook, and our data https://www.talkandroid.com/361823-whatsapp-facebook-data-privacy/Hacking audio ReCaptcha with Google speech to text https://www.youtube.com/watch?v=xh145UIeN9M&feature=emb_title21 arrests in cyber crackdown https://www.nationalcrimeagency.gov.uk/news/21-arrests-in-nationwide-cyber-crackdown