The Host Unknown Podcast

This week in InfoSec   (07:32)With content liberated from the “today in infosec” twitter account and further afield20th March 2007: Dragos Ruiu announced the first Pwn2Own contest, which was held that April in Vancouver, Canada. The contest is still being held today - and in fact Pwn2Own Vancouver 2024 started today.https://twitter.com/todayininfosec/status/177059269525524903816th March 1971: The first computer virus, Creeper, infected computers on the ARPANET, displaying "I'M THE CREEPER : CATCH ME IF YOU CAN." It was named after the Creeper - a villain from a 1970 episode of the TV series "Scooby-Doo, Where Are You!"https://twitter.com/todayininfosec/status/1768973007555375317 Rant of the Week (14:29)Majority of Americans now use ad blockersMore than half of Americans are using ad blocking software, and among advertising, programming, and security professionals that fraction is more like two-thirds to three-quarters.According to a survey of 2,000 Americans conducted by research firm Censuswide, on behalf of Ghostery, a maker of software to block ads and online tracking, 52 percent of Americans now use an ad blocker, up from 34 percent according to 2022 Statista data. Billy Big Balls of the Week (23:01)Execs in Japan busted for winning dev bids then outsourcing to North KoreansTwo executives were issued arrest warrants in Japan on Wednesday, reportedly for charges related to establishing a business that outsourced work to North Korean IT engineers.At least one of the individuals – a 53 year old named Pak Hyon-il – is a South Korean national. His alleged accomplice, 42-year old Toshiron Minomo, is Japanese and once worked for Hyon-il, according to local media.Pak served as president of Fuchu-based IT firm ITZ, while Minomo was the head of Fukuyama-based Robast. Industry News (29:09)UK Blames China for 2021 Hack Targeting Millions of Voters' DataFake Ozempic Deals on the Rise as Experts Warn of Phishing ScamsPortugal Forces Sam Altman's Worldcoin to Stop Collecting Biometric DataOnly 5% of Boards Have Cybersecurity Expertise, Despite Financial BenefitsUK Law Enforcers Arrest 400 in Major Fraud CrackdownChinese Hackers Target ASEAN Entities in Espionage CampaignNHS Trust Confirms Clinical Data Leaked by “Recognized Ransomware Group”US Treasury Urges Financial Sector to Address AI Cybersecurity ThreatsCISA Launches New Cyber Incident Reporting Rules for US Defense Contractors Tweet of the Week  (40:52)https://twitter.com/bettersafetynet/status/1773626490384511113 Come on! Like and bloody well subscribe!

This week in InfoSec  (14:26)With content liberated from the “today in infosec” twitter account and further afield7th March 2017: WikiLeaks began its new series of leaks on the U.S. Central Intelligence Agency (CIA). Code-named Vault 7 by WikiLeaks, it was the largest ever publication of confidential documents on the agency.https://twitter.com/todayininfosec/status/176582899371309056514th March 2013: Security journalist Brian Krebs was swatted when police responded to a spoofed 911 call claiming Russians had broken into his home and had shot his wife.One of several people who made the false report, Eric Taylor (aka Cosmo the God), was sentenced to probation in 2017.https://twitter.com/todayininfosec/status/1768253237260435814 Rant of the Week (21:38)US Congress goes bang, bang, on TikTok sale-or-ban planThe United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban.The bill names only TikTok as a "foreign adversary controlled application" and prohibits "Providing services to distribute, maintain, or update" the app – including by offering it for sale in an app store. Even updates to the app aren't allowed.If TikTok's US operations were locally owned and operated, none of the sanctions the bill mentions would be enforceable. And US lawmakers' fears that TikTok gives Beijing a way to gather intelligence and surveil citizens would be eased.[Related or coincidental? Or a BBB?]Former US Treasury secretary Steve Mnuchin thinking about buying TikTokOn the heels of the US House of Representatives passing a TikTok ban bill, former US Treasury secretary and private equity mogul Steve Mnuchin is apparently thinking about buying the platform.Speaking to CNBC's pre-market team at Squawk Box, Mnuchin said he hoped the TikTok ban would pass in the Senate, forcing a sale of the platform to a US-based parent. "It's a great business and I'm going to put together a group to buy TikTok," Mnuchin told CNBC. Mnuchin didn't mention whether partners had been identified, or what phase the purchase was in. Billy Big Balls of the Week (32:14)CEO of Data Privacy Company Onerep.com Founded Dozens of People-Search FirmsThe data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.Onerep’s “Protect” service starts at $8.33 per month for individuals and $15/mo for families, and promises to remove your personal information from nearly 200 people-search sites. Onerep also markets its service to companies seeking to offer their employees the ability to have their data continuously removed from people-search sites. Industry News (41:21)UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat HitRussia’s Midnight Blizzard Accesses Microsoft Source CodeThird-Party Breach and Missing MFA Contributed to British Library Cyber-AttackLawmakers Slam UK Government’s “Ostrich Strategy” for CybersecurityGoogle to Restrict Election-Related Answers on AI Chatbot GeminiMeta Sues Former VP After Defection to AI StartupGoogle Paid $10m in Bug Bounties to Security Researchers in 2023French Employment Agency Data Breach Could Affect 43 Million PeopleTikTok Faces US Ban as House Votes to Compel ByteDance to Sell Tweet of the Week (50:29)https://twitter.com/andylapteff/status/1767952062279492006 Come on! Like and bloody well subscribe!

This week in InfoSec  (06:53)With content liberated from the “today in infosec” twitter account and further afield1st March 1988: The MS-DOS boot sector virus "Ping-Pong" was discovered at the Politecnico di Torino (Turin Polytechnic University) in Italy.The virus would show a small ball bouncing around the screen in both text mode (ASCII character "•") and graphical mode.https://twitter.com/todayininfosec/status/1763540406443163705  26th February 2004: Antivirus firm F-Secure apologized for sending the Netsky.B virus to 1000s of its UK customers & partners via a mailing list. The unknown sender sent it through the email list server, which didn't scan for viruses. And there was no business reason to accept external emails.https://twitter.com/todayininfosec/status/1762092359313936553   Rant of the Week (11:48)Meta's pay-or-consent model hides 'massive illegal data processing ops': lawsuitConsumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a "fake choice" between paying up and consenting to being profiled and tracked via data collection. Billy Big Balls of the Week (20:16)Fox News 'hacker' turns out to be journalist whose lawyers say was doing his job A Florida journalist has been arrested and charged with breaking into protected computer systems in a case his lawyers say was less "hacking," more "good investigative journalism." Tim Burke was arrested on Thursday and charged with one count of conspiracy, six counts of accessing a protected computer without authorization, and seven counts of intercepting or disclosing wire, oral or electronic communications for his supposed role in the theft of unedited video streams from Fox News. Industry News (27:48)UK Unveils Draft Cybersecurity Governance Code to Boost Business Resilience34 Million Roblox Credentials Exposed on Dark Web in Three YearsBiden Bans Mass Sale of Data to Hostile NationsUS Government Warns Healthcare is Biggest Target for BlackCat AffiliatesSavvy Seahorse Targets Investment Platforms With DNS ScamsPharma Giant Cencora Reports Cybersecurity BreachUK Home Office Breached Data Protection Law with Migrant Tracking Program, ICO FindsFive Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools InsufficientBiden Warns Chinese Cars Could Steal US Citizens' Data Tweet of the Week (35:17)https://twitter.com/_FN8_/status/1762583435745402951 Come on! Like and bloody well subscribe!

This week in InfoSec  (06:25)With content liberated from the “today in infosec” twitter account and further afield16th February 2010: Version 2.0 of the CWE/SANS Top 25 Most Dangerous Software Errors was released.Take a look and decide which of these weaknesses have been eradicated over the last 14 years.Web Archivehttps://twitter.com/todayininfosec/status/175871241860197174820th February 2003: Alan Giang Tran, former network admin for 2 companies, was arrested after allegedly destroying data on the companies' networks. Two months later he pleaded guilty to a federal charge of intentionally causing damage to a protected computer.https://twitter.com/todayininfosec/status/1760021831354896443 Rant of the Week (14:01)Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing dataAvast, the cybersecurity software company, is facing a $16.5 million fine after it was caught storing and selling customer information without their consent. The Federal Trade Commission (FTC) announced the fine on Thursday and said that it’s banning Avast from selling user data for advertising purposes.From at least 2014 to 2020, Avast harvested user web browsing information through its antivirus software and browser extension, according to the FTC’s complaint. This allowed it to collect data on religious beliefs, health concerns, political views, locations, and financial status. The company then stored this information “indefinitely” and sold it to over 100 third parties without the knowledge of customers, the complaint says. Billy Big Balls of the Week(25:02)Husband 'made over a million' by eavesdropping on BP wifeThe husband of a BP employee has been charged with insider trading in the US following claims he overheard details of calls made by his wife while working from home.The US Securities and Exchange Commission alleged Tyler Loudon made $1.76m (£1.39m) in illegal profits.The regulator claimed Mr Loudon heard several of his wife's conversations about BP's takeover of TravelCenters of America and bought shares in the firm.BP has declined to comment.The SEC said: "We allege that Mr Loudon took advantage of his remote working conditions and his wife's trust to profit from information he knew was confidential."His wife - a mergers and acquisitions manager at BP - worked on the oil giant's takeover of TravelCenters. The SEC said Mr Loudon purchased 46,450 shares of TravelCenter's stock, without his wife's knowledge, before the deal was made public in February last year.Following the announcement, TravelCenter's share price rose nearly 71% and Mr Loudon allegedly immediately sold all of his newly-bought shares for a profit, the SEC said. Industry News (32:16)Attacker Breakout Time Falls to Just One HourNCSC Sounds Alarm Over Private Branch Exchange AttacksBiden Executive Order to Bolster US Maritime CybersecurityRansomware Warning as CVSS 10.0 ScreenConnect Bug is ExploitedChinese Duo Found Guilty of $3m Apple Fraud PlotOWASP Releases Security Checklist for Generative AI DeploymentRussian-Aligned Network Doppelgänger Targets German ElectionsChange Healthcare Cyber-Attack Leads to Prescription DelaysICO Bans Serco Leisure's Use of Facial Recognition for Employee Attendance Tweet of the Week (42:37)https://twitter.com/lauriewired/status/1760751495073640705 Come on! Like and bloody well subscribe!

This week in InfoSec  (08:40) With content liberated from the “today in infosec” twitter account and further afield14th February 2001: In a presentation at Black Hat Windows Security Conference 2001, Andrey Malyshev of ElcomSoft shared that Microsoft Excel uses a default encryption password of "VelvetSweatshop". https://twitter.com/todayininfosec/status/175778227540662283516th February 2004: The Netsky worm first appeared. It spread via an email attachment which after opened would search the computer for email addresses then email itself to those addresses. Its dozens of variants accounted for almost a quarter of malware detected in 2004.https://twitter.com/todayininfosec/status/1758497889972576608       Rant of the Week (5:10)Air Canada must pay damages after chatbot lies to grieving passenger about discountAir Canada must pay a passenger hundreds of dollars in damages after its online chatbot gave the guy wrong information before he booked a flight.Jake Moffatt took the airline to a small-claims tribunal after the biz refused to refund him for flights he booked from Vancouver to Toronto following the death of his grandmother in November last year. Before he bought the tickets, he researched Air Canada's bereavement fares – special low rates for those traveling due to the loss of an immediate family member – by querying its website chatbot.The virtual assistant told him that if he purchased a normal-price ticket he would have up to 90 days to claim back a bereavement discount. Following that advice, Moffatt booked a one-way CA$794.98 ticket to Toronto, presumably to attend the funeral or attend to family, and later an CA$845.38 flight back to Vancouver.He also spoke to an Air Canada representative who confirmed he would be able to get a bereavement discount on his flights and that he should expect to pay roughly $380 to get to Toronto and back. Crucially, the rep didn't say anything about being able to claim the discount as money back after purchasing a ticket.When Moffatt later submitted his claim for a refund, and included a copy of his grandmother's death certificate, all well within that 90-day window, Air Canada turned him down.Staff at the airline told him bereavement fare rates can't be claimed back after having already purchased flights, a policy at odds with what the support chatbot told Moffatt. It's understood the virtual assistant was automated, and not a person sat at a keyboard miles away. Billy Big Balls of the Week (22:06)Australia passes Right To Disconnect law, including (for now) jail time for bosses who email after-hoursAustralia last week passed a Right To Disconnect law that forbids employers contacting workers after hours, with penalties including jail time for bosses who do the wrong thing.The criminal sanction will soon be overturned – it was the result of parliamentary shenanigans rather than the government's intent – and the whole law could go too if opposition parties and business groups have their way.European companies have already introduced Right To Disconnect laws in response to digital devices blurring the boundaries between working hours and personal time. The laptops or phones employers provide have obvious after-hours uses, but also mean workers can find themselves browsing emailed or texted messages from their boss at all hours – sometimes with an expectation of a response. That expectation, labor rights orgs argue, extends the working day without increasing pay.Right To Disconnect laws might better be termed "Right to not read or respond to messages from work" laws because that's what they seek to guarantee. Industry News (31:45)US, UK and India Among the Countries Most At Risk of Election Cyber InterferenceSouthern Water Notifies Customers and Employees of Data BreachCybersecurity Spending Expected to be Slashed in 41% of SMEsGoldPickaxe Trojan Blends Biometrics Theft and Deepfakes to Scam BanksMicrosoft, OpenAI Confirm Nation-States are Weaponizing Generative AI in Cyber-AttacksPrudential Financial Faces Cybersecurity BreachGoogle Warns Unfair AI Rules Could Empower Hackers, Harming DefenseHackers Exploit EU Agenda in Spear Phishing CampaignsNew Ivanti Vulnerability Observed as Widespread Security Concerns Grow Tweet of the Week (39:24)https://twitter.com/MalwareJake/status/1758454999380557885 Come on! Like and bloody well subscribe!

This podcast episode covers various topics such as DDoS attacks by MafiaBoy and Coolio, debunking the myth of a botnet controlling toothbrushes, changes to British Airways' tier point scheme, cybersecurity news including malware as a service and Chinese espionage, lack of trust in social media platforms like Facebook and TikTok, and a humorous discussion about Fortigate and myth creation.

This week in InfoSec  (08:19)With content liberated from the “today in infosec” twitter account and further afield31st Jan 2011 (13 years ago): Chris Russo reported a vulnerability to dating website PlentyOfFish's CEO Markus Frind's wife. Yada yada yada Markus Frind then accused Russo of extortion and emailed Russo's mother.  https://techcrunch.com/2011/01/31/plentyoffish-ceo-we-were-hacked-almost-extorted-so-i-emailed-the-hackers-mom/https://krebsonsecurity.com/2011/01/plentyoffish-com-hacked-blames-messenger/ Rant of the Week (13:56)The TikTok Hearing Revealed That Congress Is the ProblemFor some, the job on Thursday was casting the hearing's only witness, TikTok CEO Shou Zi Chew, as a stand-in for the Chinese government—in some cases, for communism itself—and then belting him like a side of beef. More than a few of the questions lawmakers put to Chew were vague, speculative, and immaterial to the allegations against his company. But the members of Congress asking those questions feigned little interest in Chew’s responses anyway. Attempts by Chew, a 40-year-old former Goldman Sachs banker, to elaborate on TikTok’s business practices were frequently interrupted, and his requests to remark on matters supposedly of considerable interest to members of Congress were blocked and occasionally ignored. These opportunities to get the CEO on record, while under oath, were repeatedly blown in the name of expediency and for mostly theatrical reasons. Chew, in contrast, was the portrait of patience, even when he was being talked over. Even when some lawmakers began asking and, without pause, answering their own questions.The hearing might’ve been a flop, had lawmakers planned to dig up new dirt on TikTok, which is owned by China-based ByteDance, or even hash out what the company could do next to allay their concerns. But that wasn't the aim. The House Energy and Commerce Committee was gathered, it said, to investigate “how Congress can safeguard American data privacy and protect children from online harms.” And on that, the hearing revealed plenty. Billy Big Balls of the Week (23:41)ICBC Partners Wary to Resume Trading With Bank After Cyberattack Industrial & Commercial Bank of China Ltd., the world’s largest lender by assets, has been unable to convince some market participants that it’s safe to reconnect their computer networks to the bank’s US unit after a ransomware attack disrupted its systems, according to people familiar with the matter.The attack, which was claimed by the Russia-linked LockBit cybercrime and extortion gang earlier this month, impeded trading in the $26 billion Treasury market and, the people said, it has left users of the bank’s US arm skittish about trading with the bank.For its part, ICBC has told users that its US division is back online and operational, the people said. One person familiar with the hack and investigation said a reason the bank could get back online quickly was that a key part of its trading system was unaffected by the attack — a server that was more than 20 years old, made by now-defunct IT equipment maker Novell Inc.. That server contained much of the bank’s trading data and capabilities and is so old that LockBit’s ransomware didn’t work on it, the person said. Industry News (35:28)US Agencies Failure to Oversee Ransomware Protections Threaten White House GoalsUS Thwarts Volt Typhoon Cyber Espionage Campaign Through Router DisruptionInterpol-Led Initiative Targets 1300 Suspicious IPsIvanti Releases Zero-Day Patches and Reveals Two New BugsPump-and-Dump Schemes Make Crypto Fraudsters $240mGoogle’s Bazel Exposed to Command Injection Threat Tweet of the Week (41:51)https://x.com/MikeIrvo/status/1752123455125016839?s=20 Come on! Like and bloody well subscribe!

This week in InfoSec  (04:51)With content liberated from the “today in infosec” twitter account and further afield25th January 2003: The SQL Slammer worm was first observed. It relied on a vulnerability Microsoft reported a whopping 6 months earlier via security bulletin MS02-039. Despite the long-available patch,  75,000 systems were compromised within 10 minutes..https://twitter.com/todayininfosec/status/175052975790379043121st January 1992: Former General Dynamics employee Michael John Lauffenburger was sentenced. He had created a logic bomb, which was programmed to go off on May 24, 1991. Unfortunately for him, an employee accidentally discovered it, dismantled it, and contacted authorities.https://twitter.com/todayininfosec/status/1749184231752802757      Rant of the Week (11:10)Third-party ink cartridges brick HP printers after ‘anti-virus’ updateHP is pushing over-the-air firmware updates to its printers, bricking them if they are using third-party ink cartridges. But don’t worry, it’s not a money-grab, says the company – it’s just trying to protect you from the well-known risk of viruses embedded in ink cartridges …HP has long been known for sketchy practices in its attempt to turn ink purchases into a subscription service. If you cancel a subscription, for example, the company will immediately stop the printer using the ink you’ve already paid for.CEO Enrique Lores somehow managed to keep a straight face while explaining to CNBC that the company was only trying to protect users from viruses which might be embedded into aftermarket ink cartridges.It can create issues [where] the printers stop working because the inks have not been designed to be used in our printers, to then create security issues. We have seen that you can embed viruses in the cartridges, and through the cartridge, go to the printer; from the printer, go to the network.ArsTechnica asked several security experts whether this could happen, and they said this is so out-there, it would have to be a nation-state attack on a specific individual. Billy Big Balls of the Week (19:04)British man Aditya Verma appears in Spanish court over plane-bomb hoaxA British man accused of public disorder after joking about blowing up a flight has gone on trial in Spain.Aditya Verma made the comment on Snapchat on his way to the island of Menorca with friends in July 2022.The message, sent before Mr Verma departed Gatwick airport, read: "On my way to blow up the plane (I'm a member of the Taliban)."Mr Verma told a Madrid court on Monday: "The intention was never to cause public distress or cause public harm."If found guilty, the university student faces a hefty bill for expenses after two Spanish Air Force jets were scrambled.Mr Verma's message was picked up by the UK security services who flagged it to Spanish authorities while the easyJet plane was still in the air.A court in Madrid heard it was assumed the message triggered alarm bells after being picked up via Gatwick's Wi-Fi network. Industry News (27:39)Thai Court Blocks 9near.org to Avoid Exposure of 55M CitizensMega-Breach Database Exposes 26 Billion RecordsFrench Watchdog Slams Amazon with €32m Fine for Spying on WorkersAI Set to Supercharge Ransomware Threat, Says NCSCX Makes Passkeys Available for US-Based UsersChatGPT Cybercrime Surge Revealed in 3000 Dark Web PostsHPE Says SolarWinds Hackers Accessed its EmailsSouthern Water Confirms Data Breach Following Black Basta ClaimsChina-Aligned APT Group Blackwood Unleashes NSPX30 Implant Tweet of the Week (33:12)https://x.com/TheHornetsFury/status/1750612652873928949?s=20 Come on! Like and bloody well subscribe!

This week in InfoSec  (09:34)With content liberated from the “today in infosec” twitter account and further afield11th January 2000: Newly declassified documents proved the existence of ECHELON, a global eavesdropping network run by the NSA.https://twitter.com/todayininfosec/status/1745518896495390826  13th January 2009: The domain name http://clintonemail.com was registered - the one used for email addresses on the Clinton family's private email server, which drew controversy when it was revealed that then Secretary of State Hillary Clinton used it for official communications.https://twitter.com/todayininfosec/status/1746214861091053961     Rant of the Week (15:53)The 'nothing-happened' Y2K bug – how the IT industry worked overtime to save world's computersForty years ago, both Jerome and Marilyn Murray saw their brainchild reach the light of day. In 1984, their book, Computers in Crisis, was published, becoming the first authoritative guide to the Millennium Bug coding problem, which, in the final year of the century, would consume media, political and business attention.Today, more than 20 years after the date-field imposed deadline passed, the Millennium Bug — or Y2K problem — still gets a mixed reception. While many in the industry see it as a job well done — or at least adequately done — it has also become a byword for the over-reach of experts. Billy Big Balls of the Week (26:55)Woman films herself being fired by HR to expose how cold U.S. corporate culture can be (Link to actual TikTok video in here)Forbes article: Viral TikTok Video Of Cloudflare Employee Is A Lesson On How To Not Fire WorkersRecently, many of the new workplace trends have emanated from TikTok. Influencers have ushered in new themes, such as bare minimum Mondays, acting your wage, quiet quitting and rage applying. A new phenomenon has arisen where employees are now documenting their layoffs on the social media platform.This week, Brittany Pietsch, a mid-market account executive at Cloudflare, an Internet infrastructure provider that offers a variety of security, performance and reliability services for websites and applications, went viral after posting a video of her being let go from the tech company.Pietsch anticipated her firing, as her “work bff” had been given the pink slip 30 minutes prior to her meeting. The account executive was joined on a video call by a member of the human resources team and another individual, who didn’t introduce himself and jumped right into the purpose of the call, “We have an important meeting today. We finished our evaluations of 2023 performance. This is where you have not met Cloudflare expectations for performance. We have decided to part ways with you.” Industry News (36:02)1.3 Million FNF Customers' Data Potentially Exposed in Ransomware AttackHelloFresh Fined £140K After Sending 80 Million Spam MessagesBritish Library Catalogue Back Online After Ransomware AttackSenators Demand Probe into SEC Hack After Bitcoin Price SpikeTool Identifies Pegasus and Other iOS SpywareMajorca Tourist Hotspot Hit With $11m Ransom DemandAI, Gaming, FinTech Named Major Cybersecurity Threats For KidsNCSC Builds New “Cyber League” Threat Tracking CommunityIranian Phishing Campaign Targets Israel-Hamas War Experts Tweet of the Week (42:01)https://twitter.com/0xdade/status/1747820425693045014 Come on! Like and bloody well subscribe!

This week in InfoSec  (06:16)With content liberated from the “today in infosec” twitter account and further afield6th January 2014: Intel renamed its McAfee subsidiary Intel Security, distancing itself from the name of McAfee's founder, John McAfee. In 2017 Intel spun off McAfee as a separate company...then several months later John McAfee and Intel settled a lawsuit over Intel's use of the McAfee name.https://twitter.com/todayininfosec/status/174371109655955460710th January 2000: The FBI was after the hacker Maxim after he posted credit card numbers online when CD Universe refused to pay $100,000 in extortion. 6 months later it was shared that he'd likely never be prosecuted b/c 1 or more of the firms which performed IR screwed up chain of custody.Data thief threatens to strike againhttps://twitter.com/todayininfosec/status/1745207259058081942   8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker".8 months later it was published in issue 7 of the hacker zine Phrack.Read it [again]. http://phrack.org/issues/7/3.html#articlehttps://twitter.com/todayininfosec/status/1744413963696161010 Rant of the Week (16:44)Cybercrooks play dress-up as 'helpful' researchers in latest ransomware rusePosing as cyber samaritans, scumbags are kicking folks when they're downRansomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers.Researchers at Arctic Wolf Labs publicized two cases in which casulaties of the Royal and Akira ransomware gangs were targeted by a third party, believed to be the same individual or group in both scenarios, and extorted by a fake cyber samaritan.Victims were approached by a "security researcher" who offered post-exploitation services. In one case, the mark was told the ransomware gang's server could be hacked and their stolen data could be deleted.Another victim was told the "researcher," who used different monikers in each attempt, gained access to the servers used to store victims' stolen data, offering the chance to either delete it or grant the victim access to the server themselves.In return, the hacked customers were asked for a fee of approximately 5 Bitcoin ($225,823 at today's exchange rate)."As far as Arctic Wolf Labs is aware, this is the first published instance of a threat actor posing as a legitimate security researcher offering to delete hacked data from a separate ransomware group," Stefan Hostetler and Steven Campbell, both senior threat intelligence researchers at Arctic Wolf, blogged."While the personalities involved in these secondary extortion attempts were presented as separate entities, we assess with moderate confidence that the extortion attempts were likely perpetrated by the same threat actor." Billy Big Balls of the Week (21:34)All India Pregnant Job service: Indian men conned by 'impregnating women' scamAs cyber scams go, this one is rather unique.In early December Mangesh Kumar (name changed) was scrolling on Facebook when he came across a video from the "All India Pregnant Job Service" and decided to check it out.The job sounded too good to be true: money - and lots of it - in return for getting a woman pregnant.It was, of course, too good to be true. So far, the 33-year-old, who earns 15,000 rupees ($180; £142) per month working for a wedding party decoration company, has already lost 16,000 rupees to fraudsters - and they are asking for more.But Mangesh, from the northern Indian state of Bihar, is not the only person to fall for the scam.Deputy superintendent of police Kalyan Anand, who heads the cyber cell in Bihar's Nawada district, told the BBC there were hundreds of victims of an elaborate con where gullible men were lured to part with their cash on the promise of a huge pay day, and a night in a hotel with a childless woman.So far, his team have arrested eight men, seized nine mobile phones and a printer, and are still searching for 18 others.But finding the victims has proved more tricky. Industry News (29:21)23andMe Blames User “Negligence” for Data BreachMerck Settles With Insurers Over $700m NotPetya ClaimNorth Korean Hackers Stole $600m in Crypto in 2023Anti-Hezbollah Groups Hack Beirut Airport ScreensUkrainian “Blackjack” Hackers Take Out Russian ISPCyber Insurance Market to be Worth Over $90bn by 2033Only 4% of US States Fully Prepared for Cyber-Attacks Targeting ElectionsNCSC Publishes Practical Security Guidance For SMBsMandiant's X Account Was Hacked in Brute-Force Password Attack Tweet of the Week (38:11)https://twitter.com/chris_walker_/status/1744805492273430886 Come on! Like and bloody well subscribe!