The Host Unknown Podcast

This Week in InfoSec (09:55)With content liberated from the “today in infosec” twitter account and further afield31st March 1999: The hugely successful motion picture, The Matrix, is released on this day. Many call it a classic (ok, that’s me), many call it influential (ok, me again), but no one can deny that the impact it had on many aspects of our society from the emerging tech culture, to the movie industry, to science-fiction, to political thinking25th March 2010: Albert Gonzales was sentenced to 20 years in prison for stealing credit card data from TJX and other companies. He is currently serving his sentence at FMC Lexington, a Kentucky facility for inmates requiring medical or mental health attention.Sex, Drugs, and the Biggest Cybercrime of All Time Rant of the Week (19:32)Yale finance director stole $40m in computers to resell on the slyA now-former finance director stole tablet computers and other equipment worth $40 million from the Yale University School of Medicine, and resold them for a profit.https://www.dailymail.co.uk/news/article-10669329/Yale-School-Medicine-employee-stole-40-million-computers-electronics-school.html Billy Big Balls of the Week (30:30)Ubiquiti sues Krebs on Security for defamationNetwork equipment maker Ubiquiti on Tuesday filed a lawsuit against infosec journalist Brian Krebs, alleging he defamed the company by falsely accusing the firm of covering up a cyber-attack.On March 30, 2021, Krebs reported that Ubiquiti had disclosed a January breach involving a third-party cloud provider, later revealed to be AWS, and that an unnamed source within the firm had claimed the company was downplaying a catastrophic compromise.Apple and Meta shared data with hackers pretending to be law enforcement officialsApple and Meta handed over user data to hackers who faked emergency data request orders typically sent by law enforcement, according to a report by Bloomberg. The slip-up happened in mid-2021, with both companies falling for the phony requests and providing information about users’ IP addresses, phone numbers, and home addresses.Law enforcement officials often request data from social platforms in connection with criminal investigations, allowing them to obtain information about the owner of a specific online account. While these requests require a subpoena or search warrant signed by a judge, emergency data requests don’t — and are intended for cases that involve life-threatening situations.Industry News (37:24)Dental Practice Fined for Sharing Patient Data on Social MediaYandex is Sending iOS Users' Data to RussiaAttackers Steal $618m From Crypto FirmNew Research Claims Biden's Disclosure Deadlines Are UnrealisticNCSC: Time to Rethink Russian Supply Chain RisksCyber-attack on California Healthcare OrganizationNew Version of PCI DSS Designed to Tackle Emerging Payment ThreatsNo Patch Available Yet for Critical SpringShell BugCISA Issues UPS Warning Tweet of the Week (https://twitter.com/AskAManager/status/1509246642364588040https://twitter.com/HackingLZ/status/1509529191439425540 Come on! Like and bloody well subscribe!

Linkshttps://www.theguardian.com/uk/canoe Authentication oufit Okta investigating Lapsus$ breach report Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminalNetflix to Charge Password SharersBackground Check Company Sued Over Data BreachOkta Confirms 2.5% of Customers Impacted by Lapsus BreachMedical Service Leaks 12,000 Sensitive Patient ImagesWest Blocks Russia's Access to Weather DataFastest Ransomware Encrypts 100k Files in Four MinutesUS Indicts Russian Over "Carding Shop"Okta CSO: Lapsus Incident Was “Embarrassing”Indian Police Bust Online Helicopter ScamTweet of the week https://twitter.com/aschmelyun/status/1506960015063625733    Come on! Like and bloody well subscribe!

This Week in InfoSec (08:06)With content liberated from the “today in infosec” twitter account and further afield15th March 1985: The first Internet domain symbolics.com is registered by Symbolics, a Massachusetts computer company.16th March 2018: National Lottery owner Camelot has warned of a "low level" cyber-attack that affected customer accounts.  It has asked all of its customers to change the passwords on their accounts as a precaution. Rant of the Week (16:31)Germany advises citizens to uninstall Kaspersky antivirusNation's cybersecurity agency has doubts about Russian firm's reliabilityGermany's BSI federal cybersecurity agency has warned the country's citizens not to install Russian-owned Kaspersky antivirus, saying it has "doubts about the reliability of the manufacturer."Russia-based Kaspersky has long been a target of suspicious rumours in the West over its ownership and allegiance to Russia's rulers.In an advisory published today, the agency said: "The BSI recommends replacing applications from Kaspersky's virus protection software portfolio with alternative products." Billy Big Balls of the Week ( 24:49)The Workaday Life of the World’s Most Dangerous Ransomware GangA Ukrainian researcher leaked 60,000 messages from inside the Conti ransomware group. The Conti ransomware gang was on top of the world. The sprawling network of cybercriminals extorted $180 million from its victims last year, eclipsing the earnings of all other ransomware gangs. Then it backed Vladimir Putin’s invasion of Ukraine. And it all started falling apart. Industry News (31:24)French Bank Denies Access to Russian WorkforceUK Unveils New Cyber Flashing LawIsraeli Government Websites Taken Offline in Large-Scale Cyber-AttackHackers Hit RosneftUK Blocks Assange's Extradition AppealAvast Merger Raises Competition ConcernsIrish Watchdog Fines Meta $19m Over Data BreachKaspersky Hits Back at "Politically Motivated" BSI AdvisoryThousands of Mobile Apps Expose User Data Via Cloud Misconfigurations Tweet of the Week (39:12)https://twitter.com/moonpolysoft/status/1503519499089186818   Come on! Like and bloody well subscribe!

This Week in InfoSec (08:22)With content liberated from the “today in infosec” Twitter account and further afield6th March 1992:  The Michelangelo virus, so-named because it activates on March 6, the birthday of Michelangelo, begins infecting computers. The virus will also make news in 1993. It was one of the earliest viruses to receive widespread media attention and also one of the first to prompt widespread hysteria.  The irony of the name of the virus was that nothing in the virus’ code referenced Michelangelo. It is possible the virus author, who was never identified, did not know March 6th was Michelangelo’s birthday!9th March 1999:  United States Vice President Al Gore gives an interview on CNN’s Late Edition in which he states, “During my service in the United States Congress, I took the initiative in creating the Internet. I took the initiative in moving forward a whole range of initiatives that have proven to be important to our country’s economic growth and environmental protection, improvements in our educational system.” This is the infamous statement which will be widely misquoted as “I invented the Internet.” Rant of the Week  (13:59)Most Orgs Would Take Security Bugs Over Ethical Hacking HelpA new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old “security by obscurity” ways.Enterprises are putting greater stock in cybersecurity, but outdated “security by obscurity” is still prevailing as companies wrestle with security awareness and shy away from bug-bounty programs.That’s according to new survey data from HackerOne, which found that a full 65 percent of organizations surveyed claimed that they “want to be seen as infallible.” However, just as many – 64 percent – said they practice a culture of security through obscurity, where secrecy is used as the primary method of protecting sensitive systems and assets. Carole's Colossal Cahones (24:49)When Pigs Cry: Tool decodes the Emotional Lives of Swinehttps://www.nytimes.com/2022/03/09/science/pigs-oinks-grunts.html Industry News  (30:31)Google to Acquire MandiantDirty Pipe Exploit Rings Alarm Bells in the Linux CommunityChinese APT41 Group Compromises Six US Government NetworksPrison for Man Who Scammed US Government to Buy Pokémon CardUK Announces New Rules to Tackle Surging Online Scam AdvertsOver 90% of Exposed Russian Cloud Databases CompromisedAI Accountability Framework Created to Guide Use of AI in SecurityConti Group Spent $6m on Salaries, Tools and Services in a YearQakbot Debuts New Technique Tweet of the Week (39:33)https://twitter.com/paygapapp  https://twitter.com/achornback/status/1501677184515256321?s=12 Come on! Like and bloody well subscribe!

This Week in InfoSec (08:37)With content liberated from the “today in infosec” Twitter account and further afield7th March 1997: During a hearing on Microsoft’s alleged antitrust activities, Bill Gates admits Microsoft’s contracts bar Internet content providers from promoting Netscape’s browser. Eventually, Internet Explorer dominates the web browser market as it is shipped for free with every copy of Windows.3rd March 2009: “You may be wondering why I’ve turned myself into a zombie.Well, it’s in honour of National Zombie Awareness Week in Australia, which is highlighting the problem of compromised computers (known as bots or zombies).Zombie computers can be invisibly controlled by criminal hackers to launch distributed denial-of-service attacks, spread spam messages or steal confidential information.” Rant of the Week (15:36)The zero-password future can't come soon enoughSpyCloud highlights poor password hygiene of consumers and the threat to enterprisesPasswords, long a weakness in the tapestry of defences designed to keep enterprises and individuals more secure, continue to be a problem due in large part to the same issue that has haunted them for years: the users themselves. Billy Big Balls of the Week (27:41)Russian Company Outsourced The Main Components In EV Chargers To A Ukrainian Company, Hilarity EnsuesThe electric car chargers along one of the most important freeways in Russia are all down Monday after the Ukrainian company tasked with building the main components in the chargers used backdoor access to hack them, shut them down, and program anti-Putin/pro-Ukrainian messages to scroll past on their screens.The outage affects chargers along the M11 motorway, which connects Moscow to St. Petersburg. The Russian energy company Rosseti confirmed the hack in a post on the company’s Facebook. Industry News (33:52)Ukraine Asks for Hackers’ HelpRussian TV Stations HackedConti Encrypts Karma Ransom Note in Same Victim NetworkApple and Google Turn Off Map Features to Help UkraineNIST Seeks Cybersecurity Framework FeedbackNvidia Admits Hackers Stole Employee and Internal DataRussia Denies Satellite Hacking and Warns of Wider WarSwiss Bank Requests Destruction of DocumentsVulnerability Exploit Attempts Surge Tenfold Against Ukrainian Websites Tweet of the Week (40:40)https://twitter.com/gyarbij/status/1499289498005422083 Come on! Like and bloody well subscribe!

This Week in InfoSec (11:37)With content liberated from the “today in infosec” twitter account and further afield23rd February 2005: The discovery of the first mobile phone virus, Cabir, is accounced. Specifically, Cabir is a worm which infects phones running the Symbian OS. Whenever an infected phone is activated, the message “Caribe” is displayed. Infected phones also attempts to spread the virus through Bluetooth signals. Billy Big Balls (21:51)https://nypost.com/2022/02/24/ukrainian-women-say-russian-troops-are-flirting-with-them-on-tinder/From Russia with lust.Russian soldiers poised to invade Ukraine have bombarded women on the other side of the border with Tinder messages Tuesday, according to the Sun.Dasha Synelnikova’s app lit up with matches from soldiers named Andrei, Alexander, Gregory, Michail and “Black” some 20 miles away, the report said.“I actually live in Kyiv but changed my location settings to Kharkiv after a friend told me there were Russian troops all over Tinder,” Synelnikova, a 33-year-old video producer, told the outlet.Many would-be paramours reportedly flirted with treachery as they gave away their military positions while forces assembled north of Kharkiv prepared for what appeared to be an imminent attack, according to Ukrainian military intelligence officials.“One muscular guy posed up trying to look sexy in bed posing with his pistol. Another was in full Russian combat gear and others just showed off in tight stripy vests,” Synelnikova told the British paper. Rant of the Week (28:57)A War in Europe Is Being Documented One Social Media Post at a TimeThe rest of the world watches Russia's invasion into Ukraine through the lens of Twitter and Tiktok. Industry News (35:28)Banking World Rocked After Leak Exposes 18,000 Credit Suisse AccountsTeen Framed for Cybercrime Files LawsuitUS Receives Ransomware WarningEU Deploys Cyber Response Unit to UkraineOfcom Set to Crack Down on Phone FraudVishing Makes Phishing Campaigns Three-Times More SuccessfulNonprofits Form Cyber CoalitionWMATA Twitter Account HackedUkraine Attacked with ‘Wiper’ Malware Tweet of the Week  (44:10)https://twitter.com/dcuthbert/status/1496935547171835911 Come on! Like and bloody well subscribe!

 This Week in InfoSec (07:54)With content liberated from the “today in infosec” Twitter account and further afield15th February 1999Computer owners (dominated by Linux users) marched on Microsoft’s offices demanding refunds for the copies of Windows that came pre-installed on their computers. This day came to be known as Windows Refund Day.15th February 2007: TSA Removes Online Traveller Redress System.  The Transportation Security Agency has removed from its website an online system designed for travellers who have been told they are on a watchlist and inserted a statement that the agency takes information security seriously, following reporting by 27B (and others) that the site could put travellers at risk of identity theft and looked like online fraud. Rant of the Week (17:41)3G network shutting down could disable millions of home security alarms and car safety systemshttps://apple.news/AuLfeucEvTSOwz1aqMIUDowMillions of burglar alarms, car safety systems, GPS trackers, medical monitors, and even prisoner ankle tags could stop working when American 3G mobile networks shut down later this year. Billy Big Balls of the Week (29:26)Gary Bowser was recently sentenced to over 3 years in prison and ordered to pay millions to Nintendo for what his lawyers say was a relatively minor role in a Nintendo Switch piracy ring.He was the victim of domestic violence from a girlfriend, and another girlfriend of his was murdered. His older brother died in a plane crash, and Bowser’s mother died when he was 15, the court record adds. In response, Bowser drank, the court records state.Bowser was charged in Canada in 2004 in a fraud case concerning less than $5,000, the court records say. In 2018, he contracted lymphedema, likely from a mosquito bite, which “caused morbid swelling of his left leg,” the lawyers wrote.When Bowser did join Xecutor, he was the only member who did so under his own identity; his colleagues were pseudonymous on the site. Xecutor as “one of the most prolific video game hacking groups,” and said that Bowser also administered a website called rom-bank.com which contained illegal copies of over 10,000 video games, Bowser was paid $500 to $1,000 a month over the course of seven years to maintain the organization’s websitesLast week, Bowser was sentenced to more than three years in prison and has agreed to pay $4,500,000 in restitution to Nintendo. In a related civil lawsuit that concluded in December, a court ordered Bowser to also pay $10,000,000.https://www.vice.com/en/article/epxm5n/gary-bowser-small-apartment-owes-nintendo-10-million Unskilled hacker linked to years of attacks on aviation, transport sectorsFor years, a low-skilled attacker has been using off-the-shelf malware in malicious campaigns aimed at companies in the aviation sector as well as in other sensitive industries.The threat actor has been active since at least 2017, targeting entities in the aviation, aerospace, transportation, manufacturing, and defence industries.Tracked as TA2541 by cybersecurity company Proofpoint, the adversary is believed to operate from Nigeria and its activity has been documented before in the analysis of separate campaigns. Industry News (37:18) Trustpilot Sues Immigration Biz for Alleged Fake ReviewsInternet Society Data LeakedHealthcare Data Breaches Impact 147k IllinoisansFinance Officer Jailed After Stealing £200,000 from CharityRed Cross Attackers Exploited Zoho Bug Used by ChinaGrand Prix CFO Sentenced for Identity TheftResearchers Block "Largest Ever" Bot AttackData Privacy Lawsuit Could Cost Meta $90mPhishing Top Threat to US Healthcare Tweet of the Week (44:32 )https://twitter.com/zebpalmer/status/1492742757185556483   https://twitter.com/JackRhysider/status/1494330800564625413 [That was this week's TWEET OF THE WEEK!] Come on! Like and bloody well subscribe!

This Week in InfoSec (04:44)February 5th 2009 Come on Kaspersky, if you think you’re hard enough..February 5th 2009 The Sophos snowball fightFebruary 9th 2009 Hacked road sign warns of British invasion Rant of the Week (16:01)Hackers are hitting Britain where it hurts by targeting some of its favourite savoury snacks, with the likes of Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks in their cyber sights.Hackers hold Hula Hoops hostage in cyber-raid on Britain's KP Snacks | Reuters Billy Big Balls of the Week  (22:48)A woman accused of laundering billions of dollars in stolen cryptocurrency alongside her husband may end up becoming better known for her excruciating music career as a self-styled “raunchy rapper” called Razzlekhan.‘Sexy horror comedy’: Bitcoin laundering suspect is also ‘raunchy rapper’ Razzlekhan | Cryptocurrencies | The Guardian Industry News  (29:50)DDoS Attacks Hit All-time HighCalifornian College Attacked with RansomwareSANS Institute Launches Nationwide Scholarship ProgramICO Hit by 2650% Rise in Email AttacksAlmost $1.3bn Paid to Ransomware Actors Since 2020CISOs Reveal Biggest Challenges for Security Teams Tweet of the Week  (38:58)https://twitter.com/d0rkph0enix/status/1491914588811501568  Come on! Like and bloody well subscribe!

This Week in InfoSec (05:24)With content liberated from the “today in infosec” Twitter account and further afield30th January 1982: The first computer virus was written.  Richard Skrenta writes the first PC virus code, which is 400 lines long and disguised as an Apple II boot program called “Elk Cloner“.3rd February 1986: "Vaporware" Announced.  Time magazine reports on frustrations with the slow development of software for use in the computer industry. Reporter Philip Elmer-DeWitt complained about delays in Microsoft Corporation's new Windows operating system, which had been delayed much longer than promised. Silicon Valley pundits had taken to calling such software "Vaporware," the magazine noted.30th January 2007:  Six years after the launch of Windows XP, the infamous operating system, Windows Vista, was released to an unsuspecting public. For various reasons, the launch of Vista was marred by numerous incompatibility, stability, and otherwise onerous problems. While Microsoft actually made Vista much more palatable after 2 Service Pack upgrades, the damage was already done. Vista’s reputation never recovered. Many wonder if this is why Microsoft so quickly followed only two years later with Windows 7. Rant of the Week (10:45)Execs keep flinging money at us instead of understanding security, moan infosec prosFresh from years of complaining about underfunding and not having enough staff to deal with problems, infosec bods are now complaining that corporate execs merely firehose cash at them without getting their own hands dirty or engaging with the problem.That's one conclusion that could be drawn from a Trend Micro study published yesterday. Around half of businesses surveyed are spending more on "cyber attacks" than they used to, it said, while a similar number reckon their C-suites don't know what "cyber risk management" means – possibly something about ensuring monitors are firmly bolted to desks. Billy Big Balls of the Week (16:55)How a US hacker took down North Korea's internet in a revenge cyber-attackThe blame for North Korea's persistent internet failures does not lie with the United States Cyber Command or any other state-sponsored hacker organisation.In fact, it was the work of an American man, who sat in his living room night after night, watching Alien movies and munching on spicy corn snacks—and periodically walking over to his home office to check on the progress of the programmes he was running to disrupt the internet of an entire country.US Hacker Brings Down North Korea's Internet After Latter's Attack On Security ResearchersFacebook says Apple iOS privacy change will result in $10 billion revenue hit this year Industry News (23:55)Social Security Numbers Most Targeted Sensitive DataFBI: Olympic Athletes Should Leave Devices at HomeBritish Council Students' Data Exposed in Major BreachData Leak Exposes IDs of Airport Security WorkersScottish Agency Still Recovering from 2020 Ransomware AttackFake Influencer Flags Hacking TacticsOnline Thieves Steal $320m from Crypto Firm WormholeHome Improvement Firm Fined £200k for Nuisance CallsGrowing Number of Phish Kits Bypass MFA Tweet of the Week (30:23)https://twitter.com/1MrStoner/status/1488941503049261059   Come on! Like and bloody well subscribe!

This Week in InfoSec (07:20)With content liberated from the “today in infosec” Twitter account and further afield26th January 2011: Facebook Enables HTTPS So You Can Share Without Being Hijacked.  Facebook announced Wednesday it would begin supporting a feature to protect users from having their accounts hijacked over Wi-Fi connections or snooped on by schools and businesses.19th January 2012: Feds Shutter Megaupload, Arrest Executives.  Since the shutdown of Megaupload, stories have erupted about the life and exploits of the company’s founder, a self-styled “Dr. Evil” of file sharing. Kim Dotcom’s opulent digs, high-end cars, fondness for models and other Bond-villain-esque behaviours have been splashed across websites and have confused evening newscasts for the last week.25th January 2003: A new worm took the Internet by storm, infecting thousands of servers running Microsoft’s SQL Server software every minute. The worm, which became known as SQL Slammer, eventually became the fastest-spreading worm ever and helped change the way Microsoft approached security and reshaped the way many researchers handled advisories and exploit code. The Inside Story of SQL Slammer.  Rant of the Week (15:35)Court papers indicate text messages from HMRC's 60886 number could snoop on Brit taxpayers' locationsBritain's tax collection agency asked a contractor to use the SS7 mobile phone signalling protocol that would make available location data of alleged tax defaulters, a High Court lawsuit has revealed.Her Majesty's Revenue and Customs had the potential to use SS7 to silently request that tax debtors' mobile phones give up location data over the past six years, according to papers filed in an obscure court case about a contract dispute. Billy Big Balls of the Week (25:31)Unmasking Poopsenders, The Anonymous Website That Sends People Fake PoopSince 2007, Poopsenders.com has let people send packages filled with disturbingly realistic feces. Now, 'United States of America v. Poopsenders.com' has named two men who may be responsible. Industry News (34:25)Merck Wins $1.4bn NotPetya Payout from InsurerCyber Essentials Overhauled for New Hybrid Working EraExperts Call for More Open Security Culture After VW SackingEyeMed Fined $600k Over Data BreachGovernment Trials Effort to Make Bug Scanning EasierBest Cybersecurity Research Paper RevealedNorth Korea Loses Internet in Suspected Cyber-AttackFlorida Considers Deepfake BanIT and DevOps Staff More Likely to Click on Phishing Links Tweet of the Week (41:12)https://twitter.com/ra6bit/status/1486695164332711939 Come on! Like and bloody well subscribe!