This week on Hacker And The Fed Microsoft releases their 2023 digital defense report, are paying ransoms illegal in the United States? The NSA and CISA red and blue teams share top 10 cyber security misconfigurations, a 158 year old company shuts down because of a ransomware attack, and we answer listener questions about fido2 security keys and "hacktivist" rules. Links from the episode: Microsoft Releases Its Yearly Digital Defense Report https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023   Are Paying Ransoms Illegal in the U.S.? https://www.huntonprivacyblog.com/2022/07/26/florida-enacts-law-prohibiting-state-agencies-from-paying-cyber-ransoms/   NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a   Zero-days for Hacking WhatsApp are Now Worth Millions of Dollars https://techcrunch.com/2023/10/05/zero-days-for-hacking-whatsapp-are-now-worth-millions-of-dollars/   Lazarus Impersonated Meta Recruiter to Breach Spanish Aerospace Firm https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/   Kettering logistics firm enters administration with 730 jobs lost https://www.bbc.com/news/uk-england-northamptonshire-66927965   FDA Cyber Mandates for Medical Devices Goes into Effect https://cyberscoop.com/fda-cybersecurity-medical-devices/   City of Dallas Suffers a Ransomware Attack https://dallascityhall.com/DCH%20Documents/dallas-ransomware-incident-may-2023-incident-remediation-efforts-and-resolution.pdf   International Committee of the Red Cross Published Rules of Engagement for Civilian Hackers Involved in Conflicts https://www.bbc.co.uk/news/technology-66998064 https://www.theregister.com/2023/10/04/red_cross_hacktivist_rules/   Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off   Get your Hacker and the Fed merchandise at hackerandthefed.com Send HATF your questions at [email protected]