Some guidance from the US government (including device security labels). Supply chain security. Developments in the cyber underworld (including a gang with some perverse integrity).

The US Federal government issues voluntary security guidelines. Possible privilege escalation within Google Cloud. An APT compromises JumpCloud. FIN8 reworks its Sardonic backdoor and continues its shift to ransomware. Ben Yelin looks at privacy legislation coming out of Massachusetts. Our guest is Alastair Parr of Prevalent discussing GDPR and third party risk. And some noteworthy Russian cyber crime–they don’t seem to be serving any political masters; they just want to get paid.

For links to all of today's stories check …

apt backdoor ben cloud cyber device device security escalation federal federal government fin8 gang google google cloud government guidance guidelines integrity jumpcloud legislation privacy privacy legislation privilege privilege escalation ransomware sardonic backdoor security supply supply chain supply chain security