The Host Unknown Podcast

This week in InfoSec (09:32)With content liberated from the “today in infosec” twitter account and further afield18th September 2001: The Nimda worm was released. Utilising 5 different infection vectors, it became the most widespread virus/worm after only 22 minutes. $ echo "admin" | rev nimda  https://twitter.com/todayininfosec/status/170376036668821104116th September 2008: 20-year-old David Kernell compromised the Yahoo! email account of US vice presidential candidate Sarah Palin, then posted her emails to 4chan. 2 years later he was found guilty and sentenced to a year in prison. At age 30 he died of complications related to MS.https://twitter.com/todayininfosec/status/1703169477548884296 Rant of the Week (14:55)[We’re sympathetic of companies who get hacked and what they have to deal with, but there comes a time when they’re repeatedly hacked and you have to ask questions]:T-Mobile app glitch let users see other people's account infoT-Mobile customers said they could see other peoples' account and billing information after logging into the company's official mobile application.According to user reports on social media, the exposed information included customers' names, phone numbers, addresses, account balances, and credit card details like the expiration dates and the last four digits.As first reported by The Verge, some of the customers affected by this issue could see the sensitive information of multiple other people while logged into their own accounts.While a massive number of reports started surfacing earlier today on Reddit and Twitter, some T-Mobile customers also claimed that they've been experiencing this throughout the last two weeks."Reported this issue when it first popped up here on Reddit over 2 weeks ago and sent pics of the other person's info to their security team. No response, but wow, just wow," one customer said.Nine data breaches since 2018In May, T-Mobile disclosed the second data breach since the start of 2023 after hundreds of customers had their personal information exposed between late February and March after attackers hacked into the carrier's systems.In January, the mobile carrier revealed another data breach after the sensitive info of 37 million customers was stolen using one of its Application Programming Interfaces (APIs).Since 2018, T-Mobile has been hit by seven other data breaches:In August 2018, attackers accessed the data of around 3% of all T-Mobile customers.In 2019, T-Mobile exposed the account info of an undisclosed number of prepaid customers.In March 2020, T-Mobile employees were affected by a breach exposing their personal and financial information.In December 2020, threat actors accessed customer proprietary network info (phone numbers, call records).In February 2021, an internal T-Mobile app was accessed by unknown attackers without authorization.In August 2021, hackers brute-forced their way through T-Mobile's network following a breach of one of its testing environments.In April 2022, the notorious Lapsus$ extortion gang breached T-Mobile's network using stolen credentials. Billy Big Balls of the Week  (23:31)Singapore may split liability for phishing losses between banks and victimsSingapore officials announced on Monday that next month they will deliver a consultation paper detailing a split liability scheme that will mean both consumers and banks are on the hook for financial losses flowing from scams.It is an answer to a common question these days: in a world of rampant payment and transfer scams, who is responsible?Countries like Australia have also considered shared loss schemes. Meanwhile, the European Commission has proposed a "refund" to victims of certain types of fraud, including authorised push payment scams.Starting next year, the UK will enforce mandatory reimbursement by banks to scam victims up to one million pounds – with the sending and receiving banks sharing the bill.Singapore's minister of state Alvin Tan has a different view."There are some views that banks can easily absorb losses arising from individual scam cases. However, full restitution without due consideration of culpability is neither fair nor desirable," he told Parliament on Monday. Industry News (33:01)Caesars Entertainment Reveals Major Ransomware BreachPirated Software Likely Cause of Airbus BreachTikTok Fined $368m For Child Data Privacy OffensesIllegal Betting Ring Used Satellite Tech to Get Scoop on ResultsMicrosoft AI Researchers Leak 38TB of Private DataClorox Struggling to Recover From August Cyber-AttackThreat Actor Claims Major TransUnion Data BreachFinnish Authorities Shutter Dark Web Drugs MarketplaceInternational Criminal Court Reveals Security Breach Tweet of the Week (41:32) https://x.com/gabsmashh/status/1704875732282077244?s=20 Come on! Like and bloody well subscribe!

This week in InfoSec (08:18)With content liberated from the “today in infosec” twitter account and further afield13th September 2011: Backup tapes containing info on 4.9 million TRICARE military health care customers were stolen from an SAIC employee's parked car which a burglar broke into by breaking a vent window.  TRICARE Breach Affects 4.9 Millionhttps://twitter.com/todayininfosec/status/170193692357973223112th September 2001: MafiaBoy (Michael Calce) was sentenced in Canada to 8 months of open custody, 1 year of probation, and restricted Internet use for crimes related to DoS attacks he performed against numerous high profile websites at age 15 the year prior.Cyber Attackshttps://twitter.com/todayininfosec/status/1701628591262302571 Rant of the Week (17:27)[Responsible disclosure?  Even close competitors share threat intel]: https://twitter.com/vegasstarfish/status/1702076730075492739 - video in link too Billy Big Balls of the Week (25:21)10 years ago, Apple finally convinced us to lock our phonesEvery phone you pick up today has a fingerprint scanner, a face scanner, an option for PINs with four, six, or more digits, and often all of them at once. Phones prompt you to set up a scan and a passcode the first time you turn them on, and you’d be hard-pressed to find anyone who doesn’t have some form of security set up.But go back just 10 years, and the story was very different. Back when our phones were still used almost entirely as phones and not teeny personal computers, most of the “locking” features on mobile devices were designed more to prevent you from butt-dialing anyone than to protect your sensitive information.It wasn’t until the iPhone 5S came along — 10 years ago this month — that everything changed.It just goes to show how much of an innovator and an investor in security Apple always has been. They removed the headphone jack and called it courage…Just a couple of days ago they pushed the boundaries of innovation even more and introduced USB C to the latest iphones. Now that’s real courage Industry News  (34:29)Ransomware Attack Wipes Out Sri Lankan Government DataEuropol: Financial Crime Makes “Billions” and Impacts “Millions”Cyber-criminals “Jailbreak” AI Chatbots For Malicious EndsUK ICO and NCSC Set to Share Anonymized Threat IntelligenceMGM Criticized for Repeated Security FailuresNew Microsoft Teams Phishing Campaign Targets Corporate EmployeesLazarus Group Blamed For $53m Heist at CoinExElon Musk in Hot Water With FTC Over Twitter Privacy IssuesManchester Police Officers’ Data Breached in Third-Party Attack Tweet of the Week (41:54)https://x.com/Marlebean/status/1308858471106871298?s=20 Come on! Like and bloody well subscribe!

This week in InfoSec (11:51)With content liberated from the “today in infosec” twitter account and further afield6th September 1987: Thomas Haynie was accused of intentionally jamming Playboy's satellite network with a text-only message. Haynie was an uplink engineer at the Christian Broadcasting Network and was on duty at the time of the jamming. He received 3 years of probation. CBN engineer denies pre-empting soft-porn movieshttps://twitter.com/todayininfosec/status/1302620593322438656 Rant of the Week (20:12)If you like to play along with the illusion of privacy, smart devices are a dumb ideaDepressingly predictable research from Which? serves as another reminder, if one was needed, that furnishing your home with internet-connected "smart" devices could be a dumb idea if you'd rather try to preserve your privacy.The consumer rights organization's analysis of a number of IoT products – from speakers and security cameras to TVs and washing machines – found that they all demand customer data above and beyond what is needed for the product to perform its function, and then distribute that information to a horde of faceless corporations.Consumer campaign group Which? pointed out that this means consumers are not only in many cases paying thousands for the product itself, with all its "smart" connected bells and whistles, but continue to pay in the form of their personal data.The outfit broke down what information is required to set up an account with the product manufacturers, what permissions the associated apps request, and what customer activity companies are tapping into.Spoiler alert: it's all for ads and marketing.Disturbingly, every single brand examined required both exact and approximate location data – as though your fancy washing machine needed to "know" where it is to clean your clothes. Billy Big Balls of the Week (28:52)Guy who ran Bitcoins4Less tells Feds he had less than zero laundering protectionsA California man has admitted he failed to bake anti-money laundering protections into his cryptocurrency exchange, thus allowing scammers and drug traffickers to launder millions of dollars through the service.Charles James Randol, 33, who is now due to be sentenced, faces a maximum of five years in federal prison and three years supervised release, plus a fine of up to $250,000 or twice the total illicit proceeds from the scams, whichever amount is greater.Randol provided cryptocurrency exchange services in various ways, including via the post, ATMs, and occasionally in person, prosecutors told a Los Angeles federal court on Tuesday. The Santa Monica man would handle crypto-cash transactions exceeding $10,000 without knowing who his customers were – folks known only as "Puppet Shariff," "White Jetta," "Aaavvv," "Aaaa," and "Yogurt Monster," for example – which is hardly in line with regulatory requirements.To stay on the right side of American law, Randol should have verified and recorded their identities.In his plea agreement, the cryptocurrency dealer admitted to three in-person transactions between October 2020 to January 2021 in which he gave an undercover FBI agent a total of $273,940 in cash for Bitcoin, and kept a four percent commission fee. Randol "did not request a name, proof of identity, social security number, or any other information about [the undercover agent] or the source of the funds being exchanged," the plea agreement says.[Good comment]: Working for an American financial institution, we must go through mandatory AML (anti money laundering) training each year, and the consequences for the firm if an audit finds a violation tend to be in the high 6-digit payouts.With that in mind, a kid operating a blatantly open money laundering gig takes a proportionally much smaller punishment (assuming white-glove inmates usually manage to leave the can way before their time is served)] Industry News (36:14)UK Electoral Commission Fails Cybersecurity Test Amid Data BreachCrypto Casino Stake.com Back Online After $40m HeistUK Government Backs Down on Anti-Encryption StanceHundreds of Scam Pages Uncovered in Major Investment Fraud CampaignThink Tank Urges Labour to Promote “Securonomics” AgendaChinese Hacker Steals Microsoft Signing Key, Spies on US GovernmentIBM Reports Patient Data Breach at Johnson & Johnson SubsidiaryUK and US Sanction 11 Russians Tied to Conti/TrickBot RansomwareZero-Day Flaw Exposes Atlas VPN User IPs Tweet of the Week (44:39)https://twitter.com/KimZetter/status/1699546860187472034 Come on! Like and bloody well subscribe!

This week in InfoSec (10:17)With content liberated from the “today in infosec” twitter account and further afield29th August 1990: The British Computer Misuse Act Goes into Effect  One of the earliest laws anywhere designed to address computer fraud, the Act resulted from a long debate in the 1980s over failed prosecutions of hackers -- in one well-publicised case, two men hacked into a British Telecom computer leaving messages in the Duke of Edinburgh's private mailbox.Archive of historic BT 'email' hack preserved24th August 1993: Perhaps the most famous lawsuit in technology history is decided for Microsoft. Apple claimed that Microsoft’s Windows violated their copyrights on the “visual displays” of the Macintosh. The judge in the case ruled that most of the claims were covered by a 1985 licensing agreement. Other claims were not violations of copyright due to the “merger doctrine”, which basically states that ideas can not be copyrighted. This paved the way for Microsoft to develop Windows 95, which imitated the Macintosh even more so than previous versions of Windows.Today in Apple history: Tide turns against Apple in war with Microsoft Rant of the Week (16:57)X wants permission to start collecting your biometric data and employment historyX, the platform previously known as Twitter, is expanding the amount of data it collects on users. The social network has updated its privacy policy to include carveouts for “biometric information” and “employment history,” as spotted by Bloomberg.“Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes,” the privacy policy reads. It doesn’t include any details on what kind of biometric information this includes — or how X plans to collect it — but it typically involves fingerprints, iris patterns, or facial features.X Corp. was named in a proposed class action lawsuit in July over claims that its data collection violates the Illinois Biometric Information Privacy Act. The lawsuit alleges that X “has not adequately informed individuals” that it “collects and/or stores their biometric identifiers in every photograph containing a face” that’s uploaded to the platform. Billy Big Balls of the Week (27:28)Classiscam fraud-as-a-service expands, now targets banks and 251 brandsThe "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.Like a ransomware-as-a-service operation, this Telegram-based operation recruits affiliates who use the service's phishing kits to create fake ads and pages to steal money, credit card information, and, more recently, banking credentials.Group-IB has published new information on the operation today, reporting that Classiscam has made $64.5 million in combined earnings from scamming users of classifieds sites and stealing their money and payment card details.The number of targeted brands has also grown from 169 brands last year to 251 this year, and there are now 393 criminal gangs targeting users in 79 countries, coordinating in one of the operation's 1,366 Telegram channels.[This is better than most public companies annual report calls]: Industry News (33:57) Report Reveals Growing Disparity in Cyber Insurance LandscapePrivacy Regulator Warns of Surge in “Text Pest” CasesNCSC Issues Cyber Warning Over AI ChatbotsOpenAI Promises Enterprise-Grade Security with ChatGPT for BusinessFBI-Led Operation Duck Hunt Shuts Down QakBot MalwareChinese Hackers Target US, Other Govts With Barracuda FlawClassiscam Spreads: $64.5M Scheme Targets 79 CountriesFacebook Accounts Targeted by Vietnamese Threat GroupsNew Research Exposes Airbnb as Breeding Ground For Cybercrime Tweet of the Week (43:17)https://twitter.com/HedgehogCycling/status/1696568821505552666?s=20 Come on! Like and bloody well subscribe!

This week in InfoSec (14:00)With content liberated from the “today in infosec” twitter account and further afield18th August 2003: The Nachi worm began infecting Windows computers with the goal of REMOVING the Blaster worm and patching the vulnerability exploited by both worms.   Worm aims to eradicate Blasterhttps://twitter.com/todayininfosec/status/169261657352405025926th August 2008: It was reported that a laptop on the International Space Station was infected by removable media containing the http://W32.Gammima.AG worm. Space. Where you don't want to be dealing with malware.Malware detected at the International Space Stationhttps://twitter.com/todayininfosec/status/1298690676448735232 Rant of the Week (19:02)Cellebrite asks cops to keep its phone hacking tech ‘hush hush’For years, cops and other government authorities all over the world have been using phone hacking technology provided by Cellebrite to unlock phones and obtain the data within. And the company has been keen on keeping the use of its technology “hush hush.”As part of the deal with government agencies, Cellebrite asks users to keep its tech — and the fact that they used it — secret, TechCrunch has learned. This request concerns legal experts who argue that powerful technology like the one Cellebrite builds and sells, and how it gets used by law enforcement agencies, ought to be public and scrutinized.[That was this weeks Rant of the week] Billy Big Balls of the Week (28:35)Two teens were among those behind the Lapsus$ cyber-crime spree, jury findsTwo teenage members of the chaotic Lapsus$ cyber-crime gang helped compromise computer systems of Uber and Nvidia, and also blackmailed Grand Theft Auto maker Rockstar Games among other high-profile victims, a jury has decided.At Southwark Crown Court in London, England, on Wednesday, Arion Kurtaj, 18, and a 17-year-old male who because of his age cannot be identified for legal reasons were found to have committed various crimes. Kurtaj was held in custody while the other was released on bail; both await sentencing.This was an unusual case in that the jury was told not to find Kurtaj, who is autistic, guilty or not guilty as psychiatrists had earlier assessed that he was unfit to stand trial. Instead, the panel was asked to decided whether or not he did the things he was accused of.The two teens, along with other Lapsus$ members, also broke into and attempted to extort telecoms giant BT, Microsoft, Samsung, Vodafone, fintech firm Revolut, and Okta during their crime spree between 2021 and 2022. Industry News (36:23)UK’s AI Safety Summit Scheduled For Early NovemberPolice Insider Tipped Off Criminal Friend About EncroChat BustTesla: Insiders Responsible For Major Data BreachCyber-Attack on Australian Utility Firm Energy One Spreads to UK SystemsExperian Pays $650,000 to Settle Spam ClaimsWinRAR Vulnerability Affects Traders WorldwideSensitive Data of 10 Million at Risk After French Employment Agency BreachData of 2.6 Million Duolingo Users Leaked on Hacking ForumFBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers Tweet of the Week (47:47)https://twitter.com/securityweekly/status/1694705119793746015 Come on! Like and bloody well subscribe!

This week in InfoSec (11:56)With content liberated from the “Today in Infosec” Twitter account and further afield4th August 1998: Microsoft published a critical security bulletin MS98-010, titled 'Information on the "Back Orifice" Program'.  Microsoft Security Bulletin MS98-010 - Criticalhttps://twitter.com/todayininfosec/status/1423037189714219020   27th July 2000: In security bulletin MS00-047, Microsoft thanked PGP's COVERT Labs and Sir Dystic of Cult of the Dead Cow for reporting NetBIOS vulnerabilities Patch Available for 'NetBIOS Name Server Protocol Spoofing' Vulnerabilityhttps://twitter.com/todayininfosec/status/1287934373019385861 Rant of the Week (18:31)Brit healthcare body rapped for WhatsApp chat sharing patient dataStaff at NHS Lanarkshire - which serves over half a million Scottish residents - used WhatsApp to swap photos and personal info about patients, including children's names and addresses.Following a probe, the UK Information Commissioner's Office (ICO) has now issued a heavily redacted official reprimand to the organization, which oversees three hospitals plus clinics and more across rural and urban Lanarkshire in the Central Lowlands of Scotland. It said a group chat created in March 2020 – just as the UK government issued the first COVID lockdown – was in breach of Article 58 of the UK GDPR.Information was shared between 26 staff for more than two years – from 1 April 2020 to 25 April 2022 – over hundreds of entries within the WhatsApp group that included adult and child patients' names, plus hundreds of patients' phone numbers, many dates of birth, and at least 28 home addresses, "15 images, three videos, and four screenshots." Some of this info included clinical information, and therefore "special category" data in breach of Article 9 of the UK GDPR.Yes, on their actual work phones, using software provided via NHS portal.The staffers were using copies of WhatsApp downloaded directly via NHS Lanarkshire's portal on their work phones, it emerged, but someone, whose name was redacted, was added to the group "in error." That "unauthorised individual" was given access to "four students' names and student numbers, one child's name, and two children's names and addresses."The ICO noted that since WhatsApp stated it was an encrypted platform, staff thought it would be secure. This, the watchdog said, "demonstrates that information governance expectations regarding WhatsApp were not understood by staff involved in the WhatsApp Group." Billy Big Balls of the Week (31:21)[The fact the government doesn’t even try to hide what they do and gaslight the country by saying it would be the worst intelligence failure of their time is a BBB move to me - but I’ll let Jav decide 😀]White House: Losing Section 702 spy powers would be among 'worst intelligence failures of our time'The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year.Section 702 of the Foreign Intelligence Surveillance Act (FISA) allows the American government to monitor electronic communications of foreign persons outside of the United States [PDF], and people they confer with, including US persons. While it's supposed to be used as an intelligence tool — to prevent terrorist attacks or track down similar targets — it's also at times abused to conduct warrantless snooping on Americans including protesters, campaign donors, and elected officials.The controversial law, introduced in 2008, is up for renewal at the end of the year, and the US intelligence community has been frantically lobbying to keep these surveillance powers. FBI Director Chris Wray said last week that Section 702 data was responsible for "97 percent of our raw technical reporting on cyber actors."Now the White House has thrown its weight behind its intel services, arguing that curbing the legislation or letting it drop would be "one of the worst intelligence failures of our time."Despite unanimously recommending that Congress renew Section 702, the PIAB's report [PDF] does acknowledge that "complacency, a lack of proper procedures, and the sheer volume of Section 702 activity led to FBI's inappropriate use" of the surveillance powers to query US persons Industry News  (37:04)NHS Staff Reprimanded For WhatsApp Data SharingCanon Inkjet Printers Expose Wi-Fi ThreatAI-Enhanced Phishing Driving Ransomware SurgeHundreds of Citrix Endpoints Compromised With WebshellsCocaine Smugglers that Posed as PC Sellers JailedHumans Unable to Reliably Detect Deepfake SpeechMenlo Leverages Advanced Technology to Combat Surging Browser ThreatsMicrosoft Teams Targeted in Midnight Blizzard Phishing AttacksHacktivist Collective “Mysterious Team Bangladesh” Revealed Noteworthy mention: Security Serious Unsung Heroes Awards 2023 Open for Nominations Tweet of the Week (47:23)https://twitter.com/Sheriffie/status/1686864006160711680 Come on! Like and bloody well subscribe!

This week in InfoSec (05:54)With content liberated from the “today in infosec” twitter account and further afield18th July 2011: Microsoft Hotmail announced that it would be banning very common passwords such as "123456" and "ilovecats".  https://twitter.com/todayininfosec/status/1416957326205100035  27th July 1990: The case of United States v. Riggs was decided. Robert J. Riggs (Prophet) had stolen the E911 file from BellSouth, then co-defendant Craig Neidorf (Knight Lightning) had published it in Phrack. The file was neither valuable nor confidential. https://twitter.com/todayininfosec/status/1287768573310533633 Rant of the Week (16:59)VirusTotal: We're sorry someone fat-fingered and exposed 5,600 usersVirusTotal today issued a mea culpa, saying a blunder earlier this week by one of its staff exposed information belonging to 5,600 customers, including the email addresses of US Cyber Command, FBI, and NSA employees.The unintentional leak was due to the layer-eight problem; human error. On June 29, an employee accidentally uploaded a .csv file of customer info to VirusTotal itself, said Emiliano Martinez, tech lead of the Google-owned malware analysis site."This CSV file contained limited information of our Premium account customers, specifically the names of companies, the associated VirusTotal group names, and the email addresses of group administrators," Martinez wrote in a Friday disclosure."We removed the file, which was only accessible to partners and corporate clients, from our platform within one hour of its posting."The employee had this list in the first place because the customer data was "critical to their role," we're told.For those who don't know: VirusTotal allows netizens to – among other things – upload files, or submit a URL to one, and the site runs the material through various malware-scanning engines to see if anything malicious is detected or identified. Premium subscribers can also download uploaded samples, and thus that's how the uploaded .csv file of customer info was accidentally leaked.https://www.bbc.co.uk/news/uk-politics-66333488 Billy Big Balls of the Week (24:01)Crooks pwned your servers? You've got four days to tell us, SEC tells public companiesPublic companies that suffer a computer crime likely to cause a "material" hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securities and Exchange Commission.The SEC proposed the changes last March, and on Wednesday the financial watchdog voted to adopt the requirements [PDF]. The rules, which take effect 30 days after being signed into the Federal Register later this year, will require publicly traded firms to openly disclose in a new section (Item 1.05) of Form 8-K any cybersecurity incident that has a material impact on their business. Companies must make this determination "without reasonable delay," according to the new rules. If they decide a security breach is material, then they have four days to submit an Item 1.05 Form 8-K report detailing the material impact of the incident's "nature, scope, and timing," plus any impact or likely impact on the business. Those 8-K forms are made public by the SEC.It is that time of the show where we head to our news sources over at the Infosec PA newswire who have been very busy bringing us the latest and greatest security news from around the globe! Industry News (30:05)Booz Allen Pays $377m to Settle Government Fraud CaseCyber-Attack Strikes Norwegian Government MinistriesIndustry Coalition Calls For Enhanced Network ResilienceDark Web Markets Offer New FraudGPT AI ToolGroup-IB Founder Sentenced in Russia to 14 Years for TreasonSEC Wants Cyber-Incident Disclosure Within Four DaysSupply Chain Attack Hits NHS Ambulance TrustsNCSC Publishes New Guidance on Shadow ITOpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI https://www.outkick.com/robot-pizza-start-up-shuts-down-because-they-couldnt-keep-cheese-from-sliding-off/ Tweet of the Week (42:02)https://twitter.com/hilare_belloc/status/1683797122628321280 Come on! Like and bloody well subscribe!

This week in InfoSec (09:59)With content liberated from the “Today in infosec” Twitter account and further afield18th July 2011: LulzSec hacked the Sun newspaper's website, redirecting visitors to a hoax article claiming Rupert Murdoch died after ingesting palladium.  Hacked Sun site greatly exaggerates Murdoch's deathhttps://twitter.com/todayininfosec/status/1681469966527213568 14th July 2000: #Wireshark was releasedWireshark Is 25: The email that started it all and the lessons learned along the way Rant of the Week (16:49)French Assembly passes bill allowing police to remotely activate phone cameras and microphones for surveillanceFrench law enforcement may soon have far-reaching authority to snoop on alleged criminals. Lawmakers in France's National Assembly have passed a bill that lets police surveil suspects by remotely activating cameras, microphones and GPS location systems on phones and other devices. A judge will have to approve use of the powers, and the recently amended bill forbids use against journalists, lawyers and other "sensitive professions," according to Le Monde. The measure is also meant to limit use to serious cases, and only for a maximum of six months. Geolocation would be limited to crimes that are punishable by at least five years in prison.An earlier version of the bill passed the Senate, but the amendment will require that legislative body's approval before it can become law.Civil liberties advocates are alarmed. The digital rights group La Quadrature du Net previously pointed out the potential for abuse. As the bill isn't clear about what constitutes a serious crime, there are fears the French government might use this to target environmental activists and others who aren't grave threats. The organization also notes that worrying security policies have a habit of expanding to less serious crimes. Genetic registration was only used for sex offenders at first, La Quadrature says, but is now being used for most crimes. Billy Big Balls of the Week (26:37)OBITUARY Kevin David Mitnickhttps://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668Kevin David Mitnick, 59, died peacefully on Sunday, July 16, 2023, after valiantly battling pancreatic cancer for more than a year. Kevin is survived by his beloved wife, Kimberley Mitnick, who remained by his side throughout their 14-month ordeal. Kimberley is pregnant with their first child. Kevin was ecstatic about this new chapter in his and Kimberley's life together, which has now been sadly cut short.When his desire to push boundaries led him too far astray, he landed in juvenile detention and eventually served a couple of stints in prison. His time on the FBI's Most Wanted List was well documented in his New York Times bestselling book, The Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, and his other titles: The Art of Deception, The Art of Intrusion, both co-authored with William Simon, and The Art of Invisibility with Robert Vamosi.Kevin emerged from his final prison term, which he deemed a 'vacation,' in January 2000. He was a changed individual, and began constructing a new career, as a White Hat hacker and security consultant. He became a highly sought-after global public speaker, a writer, and established the successful Mitnick Security Consulting. In November 2011, he became the Chief Hacking Officer and part owner of security awareness training company KnowBe4, founded by close friend and business partner Stu Sjouwerman. Industry News (36:23)IT Security Pro Jailed for Attempted ExtortionSuspected Scareware Fraudster Arrested After Decade on the RunNCA: Nation States Using Cybercrime Groups as ProxiesScam Job Offers Target Uni StudentsIndustry Experts Urge CISA to Update Secure by Design GuidanceBiden-Harris Administration Unveils Smart Device Cyber ProgramEstee Lauder Breached by Two Ransomware GroupsOld Roblox Data Leak Resurfaces, 4000 Users' Personal Information ExposedMicrosoft Strengthens Cloud Logging Against Nation-State Threats Tweet of the Week (44:05)https://twitter.com/mattjay/status/1681710314381770752 Come on! Like and bloody well subscribe!

This week in InfoSecWith content liberated from the “today in infosec” twitter account and further afield13th July 2001: Code Red Worms its Way into the InternetThe Code Red worm is released onto the Internet. Targeting Microsoft’s IIS web server, Code Red had a significant effect on the Internet due to the speed and efficiency of its spread. Much of this was due to the fact that IIS was often enabled by default on many installations of Windows NT and Windows 2000. However, Code Red also affected many other systems with web servers, mostly by way of side-effect, exacerbating the overall impact of the worm, ensuring its place in history among the many malware outbreaks infecting Windows systems in the late 1990’s and early 2000’s.  10th July 1995: After writing the initial version of the yet-to-be-released SSH, Tatu Ylonen emailed a request to IANA for SSH to be assigned port 22, receiving approval/assignment mere hours later.https://www.ssh.com/academy/ssh/porthttps://twitter.com/todayininfosec/status/1281629953360982016]Rant of the WeekAustralia's 'great example of government using technology' found to be 'crude and cruel'. And literally lethal to citizensAn Australian government initiative described by the then-minister in charge as "a great example of the Government using technology" has been described by a Royal Commission as "a crude and cruel mechanism, neither fair nor legal, and it made many people feel like criminals."The initiative came to be known as "Robodebt" – reflecting its automated matching of data sets and issuance of debt notices to welfare recipients.But the algorithm Australia's government used to calculate the debts was based on massively and tragically incorrect assumptions.Australians are eligible for welfare payments if their income dips below certain levels in a given two-week period. In the early 2010s, the government of the day decided to ensure that welfare recipients hadn't received more payments than they were due, with data sharing between welfare and tax agencies informing the process.To assess whether proper payments had been made, the relevant department averaged recipients' income across a year.Which was a huge mistake. Billy Big Balls of the WeekIndian developer fired 90 percent of tech support team, outsourced the job to AIHere's a story from the Department of Massive and Terrifying Irony: a startup Indian software developer struggled to afford its customer support team, so outsourced it – to an AI chatbot that was more efficient and cheaper.The developer is called Dukaan and offers a platform it promises allows rapid deployment of online stores.Founder Suumit Shah took to Twitter to reveal that the change to robo-service saw time to first response fall – from a minute and 44 seconds to zero. Resolution time plunged as well – from two hours and 13 minutes when humans were doing it, down to three minutes and 12 seconds with AI on the job. Overall customer support costs dropped by around 85 percent.Shah detailed how Dukaan struggled to hire people with the skills to work as support agents. "It's like – Lionel Messi doing a full time job at Decathlon, though the theory has some merit, but is ultimately flawed," he wrote.It is that time of the show where we head to our news sources over at the Infosec PA newswire who have been very busy bringing us the latest and greatest security news from around the globe! Industry News Martin Lewis Shocked at Deepfake Investment Scam AdCentral Bankers Develop Framework For Securing Digital CurrenciesEU Adopts New US Data Privacy AgreementClop: Behind MOVEit Lies a Loud, Adaptable and Persistent Threat GroupEthical Hackers Reveal How They Use Generative AIFewer Than 100 Scammers Responsible For Global Email ExtortionWhite House Publishes Plan to Implement US National Cybersecurity StrategyMandiant Unveils Russian GRU's Cyber Playbook Against UkraineNew CVSS Version Unveiled Amid Rising Cyber Threats Tweet of the Weekhttps://twitter.com/matthew_d_green/status/1679215510951477248 Come on! Like and bloody well subscribe!

This week in InfoSec (11:06)With content liberated from the “today in infosec” twitter account and further afield6th July 1995: Simple as 1-2-3: IBM Buys LotusIBM completes a $3.5 billion buyout of Lotus Development, the producer of the once-dominant Lotus 1-2-3 spreadsheet software and the then-popular Lotus Notes groupware. IBM had hoped to leverage Lotus 1-2-3 to challenge the increasingly demanded Microsoft Excel software, but alas, there was little slowing down the Microsoft juggernaut during the 1990’s. Lotus 1-2-3 steadily lost market share, and IBM finally announced the end of support for the software in 2013.  Lotus Notes groupware faired little better than 1-2-3, succumbing to Microsoft Exchange as the dominant groupware platform among large companies, but it remained entrenched among certain corporations for many years under the name IBM notes. In 2018 IBM sold Notes along with other software products to HCL Software for $1.8 Billion. HCL still develops and supports Notes to this day with a focus on security and lower cost as a way to compete with Microsoft Exchange. 1st July 2003: California's data breach notification law went into effect. It was the first US state to require disclosure of breaches of personal info.California SB 1386 - Personal Information: Privacyhttps://twitter.com/todayininfosec/status/1410750152671825925 Rant of the Week (20:12)Nickelodeon investigates breach after leak of 'decades old’ dataAt the end of June, a rumour emerged about a major leak from Nickelodeon's animation department. Proof of the alleged data leak started circulating on social media, showing an extensive collection of reportedly 500GB in documents and media files.Nickelodeon has confirmed that the data leaked from an alleged breach of the company is legitimate but some of it appears to be decades old.The data breach supposedly occurred in January this year and allegedly ended with Nickelodeon blocking the unauthorised access two months later. However, there is no reliable evidence about this..According to some sources, all the files were leaked on a private Discord server, and many of them are being reposted elsewhere. Billy Big Balls of the Week (28:38)Study shows 25% of kids apps violate COPPA.The researchers at Comparitech analyzed the top four hundred children’s apps offered in Apple’s App Store and found that one in four potentially violate the Children’s Online Privacy Protection Act (COPPA).  Industry News (37:48)Croydon Council Hit With Enforcement Notice For FOI FailReport Reveals Companies Unprepared For Darknet Data LeaksSecurity Experts Raise Major Concerns With Online Safety BillEuropean Commission to Tweak GDPR For Cross-Border CasesUK Citizens Wary of NHS AI Use, Citing Privacy ConcernsNagoya Port Faces Disruption After Ransomware AttackSuspicious Email Reports Up a Third as NCSC Hails Active DefensePolice Arrest Suspected OPERA1ER Cybercrime KinHuman Error the Leading Cause of Cloud Data Breaches Tweet of the Week (48:03)https://twitter.com/jason_kint/status/1676791388145430528 Come on! Like and bloody well subscribe!