The Host Unknown Podcast

This week in Infosec19th January 2012: US federal authorities shut down /Megaupload.com, a popular hub for illegal media downloads, and arrested its leaders. Hours later, the hacktivist collective Anonymous, knocked the US Department of Justice website offline.https://en.wikipedia.org/wiki/Seizure_of_Megauploadhttps://twitter.com/todayininfosec/status/1219086142428999681?s=2025th January 2003: The SQL Slammer worm was first observed. Slammer spread to the vast majority of all vulnerable hosts worldwide in 10 minutes. Yes, 10 minutes.Though Microsoft released MS02-039 to patch the buffer overflow vuln in SQL Server six months earlier, many orgs hadn't patched.https://www.wired.com/2003/07/slammer/https://twitter.com/todayininfosec/status/1221132001501007873?s=20 Tweet of the Weekhttps://www.mirror.co.uk/tv/tv-news/bbc-wales-today-viewers-gobsmacked-23391438https://twitter.com/Lovehoney/status/1354378061635063809?s=20https://twitter.com/BCredibility/status/1354514912299593729/photo/1 Industry NewsMore Malware May Be Lurking on Govt School LaptopsRussian Government Agency Warns Firms of US AttackMisconfigured Cloud Server Exposes 66,000 GamersTikTok Bug Gave Access to Contacts’ Profile DetailsUK Spies Called on to Help in Fraud FightManufacturing Giant Suffers Major Cyber-DisruptionMore Security Vendors Admit to SolarWinds AttacksConsumers Falling for $100m Clone Firm ScamsRemote Workers Could Offer Brexit Britain Cybersecurity Lifeline Javvad’s Weekly StoriesFears over cyber crime tool that can build phishing pages in real-timeShould We Be Cautious About Law Enforcement Requests for Digital Data?Nefilim Ransomware Gang Hits Jackpot with Ghost AccountLaptops handed out by Department of Education found laced with malware Billy Big BallsThe greatest pyramid scheme of 2021 so far...https://imgur.com/a/DCCpuZAhttps://www.bbc.co.uk/news/newsbeat-55841719https://twitter.com/swardley/status/1354482558147448835?s=20Thom: Financial industry wrecks entire economyJav: "we must bail them out"Thom: Senators do insider tradingAndy: "nothing we can do"Thom: Covid shuts everything downJav: "bail out big company stocks with $4 trillion"Thom: Random people do a stonk on redditAndy: "halt trading & bail out hedge funds they bankrupted" Sticky Pickle of the WeekIn October 2020, Kanye West bought Kim Kardashian West a hologram of her late father, Robert Kardashian, to celebrate her 40th birthday, bringing to the wealthy the idea of digital representations of the dead that can more authentically communicate with the living.The hologram spoke for around three minutes, directly addressing Kardashian and her decision to become a lawyer “and carry on my legacy”.Imagine you had a bank balance like Jav, and you wanted to do something for your loved ones when you’ve departed this life, how on earth do you get started with a trusted company to preserve your legacy?  What would you do in this situation?This is what someone else is doing...Microsoft has been granted a patent that would allow the company to make a chatbot using the personal information of deceased people.  The patent describes creating a bot based on the “images, voice data, social media posts, electronic messages”, and more personal information.https://www.independent.co.uk/life-style/gadgets-and-tech/microsoft-chatbot-patent-dead-b1789979.html Come on! Like and bloody well subscribe!

This week in InfosecLiberated from the “today in infosec” twitter account:19th January 1986: The first PC virus appeared. It was a boot sector virus called Brain, which spread via infected floppy disks to computers running MS-DOS. It was written by 2 brothers in Pakistan to protect their medical software from piracy. They later even licensed Brain.https://www.theregister.com/2006/01/19/pc_virus_at_20/https://twitter.com/todayininfosec/status/1351695480791715840Worth mentioning Mikko Hyponnen ‘s TED talk on when he went to Pakistan to meet the brothers https://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net18th January 2011: Andrew Auernheimer and Daniel Spitler were arrested by FBI agents for hacking into AT&T's servers and downloading customer info in 2010. There's a lot more to the story - either you know it or you should research it.https://www.darkreading.com/risk-management/two-arrested-for-atandt-ipad-network-breach/d/d-id/1095520https://twitter.com/todayininfosec/status/1351277900834742274 Rant of the WeekGoogle threatens to pull out of Australiahttps://www.bbc.co.uk/news/world-australia-55760673 Tweet of the Weekhttps://twitter.com/DanRaywood/status/1351555439612354562Defining what disinformation is, the role it played in the attack on the Capitol, social media as a vessel to deliver messages, etc.https://www.washingtonpost.com/lifestyle/magazine/disinformation-can-be-a-very-lucrative-business-especially-if-youre-good-at-it-media-scholar-says/2021/01/19/4c842f06-4a04-11eb-a9d9-1e3ec4a928b9_story.html  https://twitter.com/washingtonpost/status/1351985551419863040 Industry NewsNSA: DNS over HTTPS Provides “False Sense of Security”Leaked #COVID19 Vaccine Data “Manipulated” to Mislead PublicEnvironmental Regulator Suffers Ransomware BlowGDPR Fines Surge 39% Over Past Year Despite #COVID19Cloud Config Error Exposes X-Rated College PicsCoin-Mining Malware Volumes Soar 53% in Q4 2020Malwarebytes: SolarWinds Hackers Read Our EmailsInterpol: Dating App Victims Lured into Investment ScamsThreat Actor Dumps 1.9 Million Pixlr Records Online Javvad’s Weekly StoriesNada. Nothing. Niet. Non.  Billy Big Balls of the WeekAditya Singh: Man found 'living in airport for three months' over Covid fearsA man too afraid to fly due to the pandemic lived undetected in a secure area of Chicago's international airport for three months, US prosecutors say.Aditya Singh, 36, was arrested on Saturday after airline staff asked him to produce his identification.He pointed to a badge, but it allegedly belonged to an operations manager who reported it missing in October.Police say Mr Singh arrived on a flight from Los Angeles to O'Hare International Airport on 19 October.https://www.bbc.co.uk/news/world-us-canada-55702003 Thom's Podcasting Desk Other StoriesGo read this report about the US military endangering passenger jets by blocking GPSGPS jamming can shut off a pilot’s access to navigation — or worsehttps://www.theverge.com/2021/1/21/22242761/us-military-gps-jamming-tests-airplane-danger Ubiquiti, maker of prosumer routers and access points, has had a data breachThe email encourages users to change their passwordshttps://www.theverge.com/2021/1/11/22226061/ubiquiti-data-breach-email-third-party-unathorized-access In hidden message on White House website, Biden calls for codershttps://www.reuters.com/article/usa-biden-digital-service/in-hidden-message-on-white-house-website-biden-calls-for-coders-idINKBN29Q08Q Bugs in Signal, other video chat apps allowed attackers to listen in on usershttps://www.helpnetsecurity.com/2021/01/21/bugs-video-chat-apps/  Come on! Like and bloody well subscribe!

The boys are back in town. Jav's return has also reduced the average age of this podcast by roughly twenty years. The good news though is that we not only have a full program, but also new jingles too!This week in InfosecLiberated from the “today in infosec” twitter account:16th January 2007: Jeffrey Goodin became the first person convicted under the US CAN-SPAM Act. He sent emails pretending to be AOL's billing department. He could have faced...wait for it...wait for it...101 years in prison! Instead, he was sentenced to 70 months. https://www.nytimes.com/2007/01/17/technology/17spam.htmlhttps://www.lawdonut.co.uk/business/marketing-and-selling/marketing-and-advertising/your-email-marketing-and-anti-spam-lawhttps://twitter.com/todayininfosec/status/121796248290962636812th January 1984: The first issue of 2600 was mailed to several dozen people. At the time, it was a 3 page monthly newsletter. 2600: The Hacker Quarterly is still published today.https://en.wikipedia.org/wiki/2600:_The_Hacker_Quarterlyhttps://twitter.com/todayininfosec/status/1216431003721293825?s=20 Rant of the WeekTech companies have grown a pair of balls in Trump’s last days in office.  Host Unknown remembers.Twitter, Facebook, Snapchat, Shopify are just some of the companies finally taking a stand. AirBnB have cancelled reservations in DC during the week of Biden’s inaugurationhttps://www.independent.co.uk/voices/trump-ban-facebook-twitter-parler-first-amendment-b1785631.html Tweet of the WeekWhatsApp clarifies it’s not giving all your data to Facebook after surge in Signal and Telegram usersThe company is trying to contain fallout over a privacy policy update“We want to be clear that the policy update does not affect the privacy of your messages with friends or family in any way. Instead, this update includes changes related to messaging a business on WhatsApp, which is optional, and provides further transparency about how we collect and use data,” the company writes on the new FAQ page.https://www.theverge.com/2021/1/12/22226792/whatsapp-privacy-policy-response-signal-telegram-controversy-clarificationhttps://twitter.com/nickstatt/status/1349029486734565380 Industry NewsCEO Refutes Reports of Involvement in SolarWinds CampaignRyuk Ransomware Attackers Have Made $150mJav: Emotet Tops Malware Charts in December After RebootHigh Court Rules Against Government Bulk HackingOver 100,000 UN Employee Records Accessed by ResearchersUS Announces Controversial State Department Cyber-BureauChinese Startup Leaks Social Profiles of 214 Million UsersNew Malware Implant Discovered as Part of SolarWinds AttackNew Zealand Central Bank Breach Hit Other CompaniesHealthcare Hit by 187 Million Monthly Web App Attacks in 2020Microsoft Fixes Windows Defender Zero-Day BugMimecast Cert Abused to Target Inboxes in “Sophisticated” AttackEuropean Regulator: #COVID19 Vaccine Data Leaked OnlineCISA Warns of Cloud Attacks Exploiting Poor Cyber-HygieneRing Rolls-Out End-to-End Encryption to Bolster Privacy Javvad’s Weekly StoriesVulnerable Database Exposed UN Employees' DataWill the National Cyber Force make the UK safer? Industry respondsUnited Nations suffers potential data breachBest practices for building a security culture programFive Key Cybersecurity Themes from 2020 Billy Big BallsDark Market taken offlineDarkMarket, the world's largest illegal marketplace on the dark web, has been taken offline in an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the United Kingdom (the National Crime Agency), and the USA (DEA, FBI, and IRS). Europol supported the takedown with specialist operational analysis and coordinated the cross-gender collaborative effort of the Host Unknown countries involved.DarkMarket in figures:almost 500 000 users;more than 2 400 sellers; over 320 000 transactions;more than 4 650 bitcoin and 12 800 monero transferred. At the current rate, this corresponds to a sum of more than €140 million. The vendors on the marketplace mainly traded all kinds of drugs and sold counterfeit money, stolen or counterfeit credit card details, anonymous SIM cards and malware.https://gizmodo.com/the-internets-biggest-darknet-just-got-taken-down-1846044148https://www.europol.europa.eu/newsroom/news/darkmarket-worlds-largest-illegal-dark-web-marketplace-taken-down Will we have a Little people today?No Sticky Pickle of the weekImagine the year is 2009 and you’re sitting at home eating your lunch over your laptop as you always do and you spill your drink.Laptop stops working due to the spillage, you salvage the parts you can and over time you forget about them and they get thrown out with the household rubbish.Thinking nothing of it, you hear that this particular thing you threw out is now worth money.  Over time, you watch it’s value increase phenomenally.  You attempt to follow the trail and realise that what you threw out is sitting in the council landfill site.There are no guarantees that you’ll find it but you know in your heart it’s in there and if you can rummage through the landfill, you are sure you can find it.What would you do in this situation?https://www.bbc.co.uk/news/uk-wales-55658942  Come on! Like and bloody well subscribe!

Welcome back to the New year and the new look Host Unknown, with a slightly less ethnically diverse lineup than usual, but, but still the same average quality and distinctly suspect ethics you have come to expect from Host Unknown. This week Thom displays his love of the Animaniacs, Andy has audio issues and Graham has the voice of a midnight hour radio show host. Smutty or Security?Graham wins by a nose and a euphemism. This Week in InfoSecLiberated from the “today in infosec” twitter accoun):6th January 1982: The final draft of the script for the movie WarGames was printed. Due to the Cold War and relative ignorance about remotely accessible computers, the film released in 1983 scared the hell out of politicians, the military, and adults. And inspired a generation of hackers!https://twitter.com/todayininfosec/status/1214381338028953600  8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker".  8 months later it was published in issue 7 of the hacker zine Phrack.http://phrack.org/issues/7/3.html#articlehttps://twitter.com/todayininfosec/status/12150268696003133449th January 2001: Macromedia, the maker of the Flash media player, claimed that Flash was secure because it was "a constrained environment by design". https://web.archive.org/web/20010123231000/http://www.zdnet.com/zdnn/stories/news/0,4586,2672473,00.htmlhttps://twitter.com/todayininfosec/status/1215067971963375616End of the road for Flashhttps://twitter.com/gcluley/status/1344822920946872320https://www.bbc.co.uk/news/technology-55497353 Rant of the Weekhttps://www.bbc.co.uk/news/technology-55573149https://threatpost.com/facebooks-mandatory-data-sharing-whatsapp-ire/162828/WhatsApp is forcing users to agree to sharing information with Facebook if they want to keep using the service.The update is designed to “offer integrations across the Facebook Company Products”, which also includes Instagram and Messenger.Some of the data that WhatsApp collects includes:User phone numbersOther people’s phone numbers stored in address booksProfile namesProfile pictures andStatus message including when a user was last onlineDiagnostic data collected from app logsThe company warns users in a pop-up notice that they "need to accept these updates to continue using WhatsApp" - or delete their accounts."Opt in, or fuck off by 8th Feb."But…. some good news!And the UK is still considered part of the “European region”, even if we’re not in the EU.  Yes, we are still Europeans in 2021!However, the new version of the privacy policy for European users explicitly says that data can be shared with other Facebook companies to show personalised advertising and offers, make suggestions for content, and "help" to complete purchases, among other reasons.What’s telling to me...In 2018, the founders of WhatsApp quit FB over disagreements about privacy and encryption.  Walking away from $850 million...https://www.theguardian.com/technology/2018/apr/30/jan-koum-whatsapp-co-founder-quits-facebookhttps://www.forbes.com/sites/parmyolson/2018/09/26/exclusive-whatsapp-cofounder-brian-acton-gives-the-inside-story-on-deletefacebook-and-why-he-left-850-million-behind/If they can walk away from $850 million, surely WhatsApp users can switch to Signal.Alternatives:SignalWickr Billy Big BallsElon Musk has become the wealthiest person on the planet, surpassing Amazon CEO Jeff Bezos, thanks to the continued rise in Tesla’s stock price. Musk is now worth around $188 billion, according to Bloomberg’s Billionaires Index.“How strange,” Musk tweeted Thursday. “Well, back to work ...”Musk eclipsing Bezos’ own extravagant personal wealth of around $187 billion marks the latest development in a years-long rivalry between the two tech magnates.https://www.theverge.com/2021/1/7/22163361/elon-musk-billionaire-richest-world-jeff-bezos-tesla-stock-spacexEncrypted messaging app Signal says it’s seeing a swell of new users signing up for the platform, so much so that the company is seeing delays in phone number verifications of new accounts across multiple cell providers.As for what or who is responsible for so many new users interested in trying the platform, which is operated by the nonprofit Signal Foundation, there are two likely culprits: Tesla CEO Elon Musk and Signal competitor WhatsApp.https://www.theverge.com/2021/1/7/22218989/signal-new-signups-whatsapp-facebook-privacy-controversy-elon-musk Industry NewsNYSE to Delist Chinese Telcos on National Security GroundsOne Million Compromised Accounts Found at Top Gaming FirmsMicrosoft: SolarWinds Attackers Viewed Our Source CodeNYSE U-Turn Means Chinese Telcos Escape DelistingChinese APT Group Linked to Ransomware AttacksRansomware Surge Drives 45% Increase in Healthcare Cyber-AttacksUS: Fewer Than 10 Govt Agencies Hit by SolarWinds AttackMost Public Sector Victims Refuse to Pay Ransomware GangsDark Web User Numbers Spiked During #COVID19 LockdownOver a Third of TMT Firms Hit by Security Breach in 2020Social Media Neuters Trump’s Accounts After Fans Storm CapitolDoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes Tweet)s) of the WeekGraham from the Smashing Security podcast: @modesty_blaise0: Due to travel restrictions, the USA had to organize a coup at home this year.https://twitter.com/modesty_blaise0/status/1346965502703198208Andy: @ChatGotNextYou can’t even do this shit on GTAhttps://twitter.com/ChatGotNext/status/1346911137439223822Thom:@YousefMunayyerWe spend $750 billion annually on "defense" and the center of American government fell in two hours to the duck dynasty and the guy in the chewbacca bikinihttps://twitter.com/YousefMunayyer/status/1347026407294201863Graham from the Smashing Security podcast:@bocxtopit’s literally harder to sign into gmail from a new device than it is to breach the capitol wallshttps://twitter.com/bocxtop/status/1347003538468204545Andy:@notvikingstarting to think it’d actually be incredibly easy to steal the declaration of independencehttps://twitter.com/notviking/status/1346923223489736704Thom: (serious)@Olivia_BeaversIf there is still any question about how rhetoric can manifest into action, that question has been answered today.https://twitter.com/Olivia_Beavers/status/1346901714767642630 They Pushed Me Out And Maced Me Sticky Pickle of the WeekSticky Pickle of the WeekSticky Pickle of the WeekGraham applies his razor sharp mind to this weeks triple sticky pickle. US nuclear launch codes were 00000000  Come on! Like and bloody well subscribe!

This might be the last episode of the week, but that doesn't mean we scraped the barrel (except maybe for The Little People, but Jav has had a written warning for that already). Andy misunderstands the concept of "this week in infosec" and Thom tries to hold it together while juggling his newly acquired career in the security industry.Your usual tasty festive treats this week are:This Week in InfosecLiberated from the “today in infosec” twitter account:5th December 2013: Troy Hunt launched the site "Have I Been Pwned? (HIBP)". At launch, passwords from the Adobe, Stratfor, Gawker, Yahoo! Voices, and Sony Pictures breaches were indexed. Today? The identification of 10.5 billion compromised accounts.https://twitter.com/todayininfosec/status/1335020238765744129?s=208th December 2020: December 8, FireEye, a well-known security firm, announced that they had experienced a security incident that involved the theft of  FireEye Red Team tools – the date of the incident was not revealed. Reportedly, evidence suggests that the compromise may have been carried out by a Russian nation-state threat actor “with top-tier offensive capabilities.” Per the blog post announcing the hack and authored by FireEye CEO Kevin Mandia, it appears that the attackers were also interested in the details related to FireEye customers that are government agencies. FireEye has engaged the FBI for this investigation.https://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html Tweet of the Weekhttps://twitter.com/GrazianoDennis/status/1336796234120646662?s=20 Billy Big Balls3 Reasons Scientists Endure Social Media Trolls And Attackshttps://www.forbes.com/sites/marshallshepherd/2020/12/06/3-reasons-scientists-endure-social-media-trolls-and-attacks/?sh=668e1fb8424c Industry News#WebSummit: Nick Clegg Claims Internet Needs Accountability, Not RulesRansomware Set for Evolution in Attack Capabilities in 20212020: The Most Vulnerable Year Yet?Thales and Google Cloud Partner for External Encryption Key Management#BHEU: Collision of Cyber-Communities Creating Tension and Risk#BHEU: Focus on Security Fundamentals, Not Adversarial SophisticationData Loss Reports to ICO Increase Once Again#BHEU: North Korea’s Cyber-Offense Strategy Evolving to Focus on International Economic Targets Jav's industry NewsNear three in ten of workers furloughed feel less loyal to their employer post-furloughBusiness Executives’ Logins Sold on Russian Hacking Forum; Accounts Can Be Used for BEC ScamsPower banks could infect your smartphone with malwareExperts On Clop Ransomware Attacking Retail Giant E-LandCredential Stuffing Attack Targeted Spotify, Affecting More Than 300,000 AccountsSouth Korean retail giant E-Land Retail suffers Clop ransomware attack Rant of the WeekA new lawsuit brought by one of Apple’s oldest foes seeks to force the iPhone maker to allow alternatives to the App Store, the latest in a growing number of cases that aim to curb the tech giant’s power.The lawsuit was filed on Thursday by the maker of Cydia, a once-popular app store for the iPhone that launched in 2007, before Apple created its own version. The lawsuit alleges that Apple used anti-competitive means to nearly destroy Cydia, clearing the way for the App Store, which Cydia’s attorneys say has a monopoly over software distribution on iOS, Apple’s mobile operating system.https://www.washingtonpost.com/technology/2020/12/10/cydia-apple-lawsuit/https://twitter.com/ihackbanme/status/1337079701756493825?s=20 The Little PeopleDon't go there. Seriously, just skip ahead. Look Back on the YearJanuary:Travelex: Travelex services were pulled offline following a malware infection. The company itself and businesses using the platform to provide currency exchange services were all affected.February:Estée Lauder: 440 million internal records were reportedly exposed due to middleware security failures. March:Marriott: The hotel chain suffered a cyberattack in which email accounts were infiltrated. 5.2 million hotel guests were impacted. April:Nintendo: Nintendo said 160,000 users were impacted by a mass account hijacking account caused by the NNID legacy login system.May:EasyJet: The budget airline revealed a data breach exposing data belonging to nine million customers, including some financial records.Blackbaud: The cloud service provider was hit by ransomware operators who hijacked customer systems. The company later paid a ransom to stop client data from being leaked online.June:University of California SF: The university paid a $1.14 million ransom to hackers in order to save COVID-19 research.July:MGM Resorts: A hacker put the records of 142 million MGM guests online for sale.August:Experian, South Africa: Experian's South African branch disclosed a data breach impacting 24 million customers. September:NS8: The CEO of the cyberfraud startup was accused of defrauding investors out of $123 million.October:Dickey's: The US barbeque restaurant chain suffered a point-of-sale attack between July 2019 and August 2020. Three million customers had their card details later posted online. November:Manchester United: Manchester United football club said it was investigating a security incident impacting internal systems.Fake Zoom invite cripples Aussie hedge fund with $8m hitDecember:FireEye: FireEye disclosed a cyberattack, suspected to be the work of a nation-state group. The cybersecurity firm said the hack resulted in penetration tools being stolen. The Dead DonkeyMicrosoft discloses fewest vulnerabilities in a month since JanuaryDescription: Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of vulnerabilities in any Patch Tuesday since January. There are only 10 critical vulnerabilities as part of this release, while there are two moderate-severity exploits, and the remainder are considered "important." Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs.https://blog.talosintelligence.com/2020/12/microsoft-patch-tuesday-dec-2020-.html Come on! Like and bloody well subscribe!

The penultimate episode of the year, so only one more to go until you have the full set for 2020.This week in Infosec(Liberated from the “today in infosec” twitter account):3rd December 1980: The Australian Law Reform Commission chairman called for new laws to deal with "computer crime". He said the old definition of theft was not apt for a "fleeting, transient medium, the ephemeral flicker of a screen or information stored on a disc..."https://trove.nla.gov.au/newspaper/article/126161975https://twitter.com/todayininfosec/status/1334231500448034824?s=201st December 2012: Pepsi Cola's official website in the Philippines has been hacked by the Malaysian hacker group Cyb3rSeC.The hackers did not come across any sensitive information, but changed the appearance of the website. https://www.flashback.se/artikel/2637/pepsi-cola-hackadehttp://www.zone-h.org/mirror/id/18675231?hz=1https://www.securityfocus.com/news/389 Tweet of the Weekhttps://twitter.com/BriannaWu/status/1333150373599715329?s=19  Billy Big Ballshttps://www.vice.com/en/article/4ad3jm/watch-google-hacker-ha-26-iphones-with-zero-day-exploitWatch This Google Hacker Pwn 26 iPhones With a 'WiFi Broadcast Packet of Death'A Google security researcher found bugs that allowed him to take over nearby iPhones with a Raspberry Pi and just $100 in WiFi gear. Industry NewsExperts Call for Online Fake News to Be Addressed as #COVID19 Vaccine EmergesHow to Reduce Fake News in Online AdvertisingRemote Workers Admit Lack of Security Training#thinkcybersec: Reconsider Hiring Strategies to Meet 2021’s Digital Challenges#thinkcybersec: Don’t Presume Legacy Tech is a Negative ThingSalesforce Set to Acquire Slack for $27bnNative Cloud Security Controls Still “Not Good Enough”#WebSummit: Companies of the Future Should Focus on Data Privacy Rather than Data Collection Jav’s industry newsMicrosoft’s New Productivity Score And Workplace Tracking: Here’s The ProblemThere’s no vaccine for ransomwareRemote Workers Admit Lack of Security TrainingMicrosoft 365: Corporate Privacy Invader Masked As A Collaboration Tool?NHS Error Exposes Data on Hundreds of Patients and StaffSales of CEO email accounts may give cyber criminals access to the "crown jewels" of a company Infosec Stig is moving on from 17th December: https://www.infosecurity-magazine.com/editorial/final-shot-farewell/ Rant of the weekhttps://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillanceMicrosoft has apologised for enabling a feature, “productivity score”, which critics said was tantamount to workplace surveillance.The company says it will now make changes to the service, which lets IT administrators “help their people get the most” from its products, in order to limit the amount of information about individual employees that is shared with managers. The Little PeopleIs it Leslie Show or William Lau? @lausecurity Come on! Like and bloody well subscribe!

Trigger warning, this episode is over an hour long; do not time anything with the length of this episode. This Week in InfoSec21st November 2008: The Conficker worm was first discovered. It spread quickly by exploiting a vulnerability that was addressed via the patch described in Microsoft's out-of-band bulletin MS08-067 four weeks prior. It infected millions of computers, at the time more than any worm since 2003.https://twitter.com/todayininfosec/status/1330292959766573056?s=2022nd November 1987: Chicago TV stations WGN and WTTW had their signals overridden in 2 separate incidents by a man in a Max Headroom mask. To this day, the perpetrator is unknown. The second incident was...uh...wow...just wow. It's a must-watch.  Video: https://youtu.be/tWdgAMYjYSshttps://allthatsinteresting.com/max-headroom-hackhttps://twitter.com/todayininfosec/status/1330512600539521027?s=2024th November 2014: The Washington Post published an article which included a picture of TSA master keys. As a result, a short time later functional keys were 3-d printed using the [unblurred] key patterns displayed in the picture.  https://www.washingtonpost.com/local/trafficandcommuting/where-oh-where-did-my-luggage-go/2014/11/24/16d168c6-69da-11e4-a31c-77759fc1eacc_story.htmlhttps://twitter.com/todayininfosec/status/1331385955916402690?s=20 Tweet of the Weekhttps://twitter.com/geoffbelknap/status/1331690657170157568?s=20An outage with Amazon's web infrastructure left smart-home enthusiasts unable to use basic household items.Amazon Web Services is a huge part of the company's business and the backbone of the internet's most popular sites and services.A widespread US outage late on Wednesday disrupted many of those services.Robot vacuums and smart doorbells suddenly stopped working in people's homes.https://www.bbc.co.uk/news/technology-55087054I Cut the 'Big Five' Tech Giants From My Life. It Was Hellhttps://gizmodo.com/i-cut-the-big-five-tech-giants-from-my-life-it-was-hel-1831304194 Billy Big BallsA Hacker Nearly Stole $8 Million From An Aussie Hedge Fund Using A Fake Zoom InviteA fake Zoom invite has led to the demise of a successful Sydney-based hedge fund and nearly cost it $8.7million after a hacker was able to send off fake invoices on behalf of the firm.On Monday, the AFR reported that Levitas Capital was forced to close after its major client Australian Catholic Super withdrew its funds in the wake of the September cyber attack.The hedge fund's cyber investigators have pinpointed a fake Zoom invite opened by one of the fund's cofounders Michael Fagan or Michael Brookes.https://www.gizmodo.com.au/2020/11/a-hacker-nearly-stole-8-million-from-an-aussie-hedge-fund-using-a-fake-zoom-invite/ Lost All The Money! Industry NewsMicrosoft Announces Pluton Processor for Better Hardware Security#ISSE2020: Focus on 2020's Crypto Successes Rather than Efforts to Break itNCSC Issues Warning About Expected #BlackFriday Scams#COVID19 Drives Massive Multi-Cloud AdoptionFines Less of a Concern than Reputational Damage for Public Sector SecurityHome Depot Settles with US States Over 2014 Data BreachDDoS Attacks Against Online Retailers Increase Four-Fold During PandemicDefining Codes of Conduct to Enable Post Brexit GDPR ComplianceGDPR Has Had Successes, Requires Public Knowledge of Data Spread Javvad's Weekly NewsUp to 350,000 Spotify Users Targeted by Credential StuffersBeware of Black Friday Deals That Are Too Good To Be TrueData Breach of Online Kids’ Game Exposed Personal Data of 46 Million Parents and ChildrenSpotify Hit by Credential Stuffing Attack, 300K+ Accounts VulnerableFraud Operation Targets Spotify Users With Leaked DatabaseThom calling it:Manchester United Investigating Cybersecurity IncidentUK Football Club Says No Evidence of Fan Data Being Breachedhttps://www.databreachtoday.eu/manchester-united-investigating-cybersecurity-incident-a-15438 Rant of the WeekLeaked docs from inside Amazon’s Global Security Operations Center reveal company’s use of Pinkerton operatives—private intel—to spy on workers and the extensive monitoring of labor unions, environmental activists, and other social movementshttps://www.vice.com/en/article/5dp3yn/amazon-leaked-reports-expose-spying-warehouse-workers-labor-union-environmental-groups-social-movementshttps://twitter.com/josephfcox/status/1330924178875109376?s=20 The Little PeopleThis week we are joined by the opinionated but equally correct Tricia Howard @TriciaKicksSaaS  Come on! Like and bloody well subscribe!

Join us for possibly the most incompetently performed and produced infosec podcast available today. At least we have some of your favourites to share and enjoy: This week in InfoSec(Liberated from the “today in infosec” twitter account):14th November 1990: During an NBC News broadcast, two computer hackers from the hacker group MOD identified only by the aliases "Acid Phreak", "Phiber Optik" and “Scorpion” took responsibility for posting the "Happy Thanksgiving" message on the Learning Link's system after destroying data on it.https://twitter.com/todayininfosec/status/1327615750564179970?s=2016th November 2000: The FBI released a second batch of documents related to its Carnivore email surveillance program as a result of a FOIA request by EPIC.https://www.cnet.com/news/new-documents-shed-more-light-on-fbis-carnivore/https://twitter.com/todayininfosec/status/1328481891901726721?s=20 Tweet of the Weekhttps://twitter.com/lapcatsoftware/status/1326990296412991489?s=20https://9to5mac.com/2020/11/15/apple-explains-addresses-mac-privacy-concerns/https://appleinsider.com/articles/20/11/15/big-sur-telling-apple-what-app-youve-opened-isnt-a-security-or-privacy-issue Billy Big Balls of the WeekTimothy John Watson of Ransom, West Virginia, was arrested by federal agents this week for selling full-auto AR-15 sears disguised as “portable wall hangers” from a website dubbed portablewallhanger.com (still up as of 11/5 @ 2:07PM).The product is ostensibly designed to hang keys, lanyards, and other small objects in a place where they can be easily accessed because, according to the site, “searching for your keys really sucks!”They even provide a helpful assembly video.https://www.gunsamerica.com/digest/man-selling-full-auto-ar-15-sears-as-portable-wall-hangers/ Industry NewsIT Leaders Reliant on Data for Threat Insight#ISSE2020: Look to Decentralized (Rather than Legacy) Identity ApprovalsEmployees Have Access to an Average of 10 Million Files#ISSE2020: ‘Real’ Digital Identity Can Exist with New TechnologyIncrease in Ransomware Sophistication and Leverage of Legacy Malware Predicted for 2021#DxPsummit: Use Quarantine in Your Ransomware Recovery#DxPsummit: How Zoom Met 2020’s Security ChallengesMoD Receives Funding Boost and Confirms Increase in Cyber-Spending Javvad's Weekly StoriesLazarus malware deployed in South Korea supply chain hackData belonging to 27.7M Texas drivers stolen in latest case of unsecured storageAnimal Jam Hacked, 46M Records Roam the Dark Web Rant of the WeekA Muslim prayer app with over 98 million downloads is one of the apps connected to a wide-ranging supply chain that sends ordinary people's personal data to brokers, contractors, and the military.https://www.vice.com/en/article/jgqm5x/us-military-location-data-xmode-locate-x The Little PeopleSeriously? You honestly thought Jav could get a hot-trick of these together? Jog on!  Come on! Like and bloody well subscribe!

 Haribo feature heavily this week, with Andy and Jav fighting over how much and how they should be delivered.This Week in InfoSec(Liberated from the “today in infosec” twitter account):5th November 1993: The Bugtraq mailing list was created by Scott Chasin.In 1995 it became the property of SecurityFocus, in 2002 Symantec acquired SecurityFocus, and the last message was posted to the list on February 25th, 2020, with no explanation from Symantec. https://en.m.wikipedia.org/wiki/Bugtraqhttps://twitter.com/todayininfosec/status/1324497907245109248?s=2013th November 2012: John McAfee went into hiding because his neighbor Gregory Faull was found dead from a gunshot the day before. Belize police wanted McAfee to come in for questioning, but McAfee stated the police were “out to get him”.https://www.theguardian.com/world/2012/nov/14/john-mcafee-hiding-businessman-murderhttps://twitter.com/todayininfosec/status/1326993312247656451?s=20 Billy Big BallsChris Nikic becomes first person with Down's syndrome to finish an Ironman triathlonhttps://www.bbc.co.uk/sport/triathlon/54869998Please consider donating here:https://www.charityextra.com/noahsarkmoments Rant of the WeekRansomware Group Turns to Facebook Adshttps://krebsonsecurity.com/2020/11/ransomware-group-turns-to-facebook-adsMark Zuckerberg defends not suspending Steve Bannon from Facebook https://www.theguardian.com/technology/2020/nov/12/mark-zuckerberg-steve-bannon-facebook-fauci-ban Industry NewsHas the Rise of Identity Seen the Death of Anonymity?Price Dropped on Hacked Educational RDP DetailsMalicious Use of SSL Increases as Attackers Deploy Hidden Attacks#EdgeLive: DDoS Attacks Are Evolving into Extortion-Led RDoS Campaigns#EdgeLive: Stopping API Attacks with Bot MitigationTop Ten: Things Learned from the (ISC)2 Workforce Study#EdgeLive: Phishing Attacks Now Targeting Enterprise SpecificsPSD2 Faces Further Delays as UK Lags Behind European ComplianceRecommendations Accepted in Advancement for EU Data Protection Transfers Tweet of the Weekhttps://twitter.com/phil_branigan1/status/1324761080762163203?s=20But also a story brought to our attention by @mat: Google Photos is ending unlimited storage and people are not happyhttps://mashable.com/article/google-photos-ends-unlimited-free-storage/?europe=truehttps://twitter.com/mat/status/1326593729860231168?s=20 The Little PeopleThe marvellously moustachioed Christian Toon Come on! Like and bloody well subscribe!

 The fourth member of the Host Unknown trio, Carole Theriault, joins the podcast to bring an air of respectability to proceedings. Needless to say it was an uphill struggle. This weeks show brings you, dear listener:Smut or SecurityDo you know the difference between your smut and your security? This Week in InfoSec (Liberated from the “today in infosec” twitter account):30th October 2001:  The author of the Nimda worm released a new variant that was functionally identical, but included a comment that it should be referred to as Concept Virus, not Nimda. It didn't happen - it got named Nimda.e. That’s right bitches.https://twitter.com/todayininfosec/status/1322141461949927424?s=2030th October 2013: Adobe revealed that a breach of 2.9 million customer accounts made public 3 weeks earlier actually affected 38 million users.https://nakedsecurity.sophos.com/2013/10/30/adobe-breach-thirteen-times-worse-than-thought-38-million-users-affected/https://twitter.com/todayininfosec/status/1322306716114001920?s=2031st October 2005: Winternals researcher Mark Russinovich posted to his blog a detailed description and technical analysis of F4I's XCP software that he ascertained had been recently installed on his computer by a Sony BMG music CD.https://web.archive.org/web/20150317040653/http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspxhttps://twitter.com/todayininfosec/status/1322629012540157952?s=202nd November 1988: The Morris worm spread like wildfire and was the first worm to get wide media attention.After its author, Robert Tappan Morris, released his "experiment", it quickly spread and made many of the systems on the Internet unusable - an epoch for security...both good and bad. It was one of the first computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It also resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act.https://twitter.com/todayininfosec/status/1323248705164791814?s=20 Tweet of the WeekFlushing Away Preconceptions of Riskhttps://twitter.com/StevenShorrock/status/1323335595465318401?s=20https://www.independent.co.uk/news/uk/home-news/bacteria-toilets-flush-lid-closed-b1535481.html Double Rant of the week #1The Poilce in the US struck a deal with Amazon to violate peoples Ringshttps://www.eff.org/deeplinks/2020/11/police-will-pilot-program-live-stream-amazon-ring-camerasThe police surveillance center in Jackson, Mississippi, will be conducting a 45-day pilot program to live stream the security cameras, including Amazon Ring cameras, of participating residents.While people buy Ring cameras and put them on their front door to keep their packages safe, police use them to build comprehensive CCTV camera networks blanketing whole neighborhoods. says the EFFOnly a few months ago, Jackson stood up for its residents, becoming the first city in the southern United States to ban police use of face recognition technology. Clearly, this is a city that understands invasive surveillance technology when it sees it, and knows when police have overstepped their ability to invade privacy.  Industry NewsPing Identity Acquires Symphonic to Boost API and Data Security OfferingFlorida Invests in Security Controls Ahead of #Election2020NCSC Partners with Microsoft to Support Cyber Accelerator ProgramGoogle Forms Used In Password-Stealing Spree: What You Need To Know Double Rant of the week #2Carole's Nasty Tweet (no screenshot, the nob deleted it. The Little PeopleWe were joined by Smashing Security's Terry Graham.  Come on! Like and bloody well subscribe!