Foxy Zero Days and MSSP Misery

In this episode, Bill and Gavin talk about a Firefox Zero Day, organizations facing bankruptcy due to ransomware, and MSSP's as an attack vector and C&C Slack. They are also joined by Matt Everson and Justin Brown from Tenable Research team. Breaches costing real money.https://krebsonsecurity.com/2019/06/collections-firm-behind-labcorp-quest-breaches-files-for-bankruptcy/Paying Ransom & other feeshttps://nypost.com/2019/06/20/florida-city-pays-hackers-600k-in-bitcoin-to-get-computer-systems-back/https://www.youtube.com/watch?v=wQjR3NWXqgkhttps://www.helpnetsecurity.com/2019/06/24/eurofins-ransomware-attack/Firefox has a 0-dayhttps://objective-see.com/blog/blog_0x43.htmlCVE-2019-11707Help software is the vulnerabilityhttps://safebreach.com/Post/OEM-Software-Puts-Multiple-Laptops-At-RiskSlack - is more than usefulhttps://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackorhttps://www.tenable.com/blog/slack-patches-download-hijack-vulnerability-in-windows-desktop-appGangs attacking MSSPshttps://www.informationsecuritybuzz.com/expert-comments/hacker-gang-deploys-ransomware-on-customer-systems-by-hacking-msps/