A contractor for Russia’s FSB security agency was apparently breached. NSO Group says its Pegasus software can now obtain access to private messages held in major cloud services. Iranian cyber operations are said to be spiking, and Tehran is paying particular attention to LinkedIn. Colleges and universities are experiencing ERP issues, and a minor wave of bogus student applications. Equifax receives its judgment. And there’s a sentence in the case of the NSA hoarder. Joe Carrigan from JHU ISI on Android apps circumventing privacy permission settings. Guest is David Brumley from ForAllSecure on autonomous security and DevSecOps.