CISA reports a ransomware infestation in a US natural gas compression facility--it arrived by spearphishing and there are, CISA thinks, larger lessons to be learned. A new threat actor, possibly linked to China’s government, is running an espionage campaign against gambling and betting operations in Southeast Asia. More notes on firmware signatures. Huawei loses one in US Federal Court, and the defense asks for a mistrial in the Vault 7 case. Caleb Barlow from CynergisTek on Wigle and the impact your SSID name can have on your privacy, guest is Anita D’Amico from CodeDX on which developers and teams are more likely to write vulnerable software.