In this episode, Bill and Gavin discuss strange meetings in English Forests, improvements in security guidelines around IoT devices, bricking iPhone with a single message, and the issues with non-experts defining government policy. Bill is also joined by Tenable Researcher Jimi Sebree to discuss how he discovers new zero-days and a recent Arlo Camera teardown.

1. All things IoT
   1. https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8228.pdf
2. Crime does not pay
   1. https://www.darkreading.com/attacks-breaches/former-equifax-cio-sentenced-to-prison-for-insider-trading/d/d-id/1335078
3. 1 more reason to use a password vault
   1. https://medium.com/@NullByteWht/hacking-macos-how-to-dump-1password-keepassx-lastpass-passwords-in-plaintext-723c5b1c311b
4. Convenient loss @ a convenience store
   1. https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
5. 2019 so far so….
   1. https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/
6. Protect yourself at all times
   1. https://www.infosecurity-magazine.com/news/bas-magecart-breach-lands-it-183m
   2. https://www.infosecurity-magazine.com/news/ba-hit-by-global-web-skimming/
7. When the non-experts are making policy
   1. https://www.itnews.com.au/news/amazon-blasts-australias-technically-flawed-anti-encryption-laws-527855
8. Bricking an iphone with malformed imessage https://bugs.chromium.org/p/project-zero/issues/detail?id=1826
   1. Fixed in 12.3
   2. https://www.forbes.com/sites/daveywinder/2019/07/07/google-confirms-apple-iphone-bricking-imessage-bomb/#788e01f07a43
   3. Similar to “Black dot” from last year