Episodes

  • Episode 198

    Episode 198
    Jul 15 2024
    This week in InfoSec (10:28)10th July 1999 - Cult of the Dead Cow (cDc) member DilDog debuted the program Back Orifice 2000 (BO2k) at DEF CON 7. It was the successor to Back Orifice, released by cDc a year prior. DilDog proclaimed it "a remote administration tool for corporate America".https://twitter.com/todayininfosec/status/18111336060159836809th July 1981 - The game that launched two of the most famous characters in video game history is released for sale. Donkey Kong was created by Nintendo, a Japanese playing card and toy company turned fledgling video game developer, who was trying to create a hit game for the North American market. Unable at the time to acquire a license to create a video game based on the Popeye character, Nintendo decides to create a game mirroring the characteristics and rivalry of Popeye and Bluto. Donkey Kong is named after the game’s villain, a pet gorilla gone rogue. The game’s hero is originally called Jumpman, but is retroactively renamed Mario once the game becomes popular and Nintendo decides to use the character in future games.Due to the similarity between Donkey Kong and King Kong, Universal Studios sued Nintendo claiming Donkey Kong violated their trademark. Kong, however, is common Japanese slang for gorilla. The lawsuit was ruled in favor of Nintendo. The success of Donkey Kong helped Nintendo become one of the dominant companies in the video game market. Rant of the Week (15:55)Palestinians say Microsoft unfairly closing their accountsPalestinians living abroad have accused Microsoft of closing their email accounts without warning - cutting them off from crucial online services.They say it has left them unable to access bank accounts and job offers - and stopped them using Skype, which Microsoft owns, to contact relatives in war-torn Gaza.Microsoft says they violated its terms of service - a claim they dispute. Billy Big Balls of the Week (27:39)Scalpers Work With Hackers to Liberate Ticketmaster's ‘Non-Transferable’ TicketsA lawsuit filed in California by concert giant AXS has revealed a legal and technological battle between ticket scalpers and platforms like Ticketmaster and AXS, in which scalpers have figured out how to extract “untransferable” tickets from their accounts by generating entry barcodes on parallel infrastructure that the scalpers control and which can then be sold and transferred to customers.By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removing the anti-scalping restrictions put on the tickets by Ticketmaster and AXS. 'Gay furry hackers' breach conservative US think tank behind Project 2025A collective of self-described "gay furry hackers" have released 2GB of data lifted from the Heritage Foundation, the conservative think-tank behind Project 2025 - a set of proposals that would bring the USA closer to being an authoritarian state.The hacktivist group, known as SiegedSec, has been running a campaign it calls "OpTransRights," targeting (mostly government) websites to disrupt efforts to enact or enforce anti-trans and anti-abortion laws. Industry News (33:26)10 Billion Passwords Leaked on Hacking ForumCrypto Thefts Double to $1.4 Billion, TRM Labs FindsRussia Blocks VPN Services in Information CrackdownTicketmaster Extortion Continues, Threat Actor Claims New Ticket LeakCyber-Attack on Evolve Bank Exposed Data of 7.6 Million CustomersMost Security Pros Admit Shadow SaaS and AI UseRussian Media Uses AI-Powered Software to Spread DisinformationSmishing Triad Targets India with Fraud SurgeFraud Campaign Targets Russians with Fake Olympics Tickets Tweet of the Week (41:18)https://x.com/dennishegstad/status/1810044171765645568 Come on! Like and bloody well subscribe!
    Show more Show less
    44 mins
  • Episode 197 - The Andy Is Distracted Episode

    Episode 197 - The Andy Is Distracted Episode
    Jul 8 2024

    This week in InfoSec (07:40)

    With content liberated from the “today in infosec” twitter account and further afield

    3 July 1996 - a mere 28 years ago the movie Independence Day was released. In it, Jeff Goldblum and Will Smith fly into an alien vessel in a 50-year-old space junker, then upload a computer virus in less than 5 minutes

    https://twitter.com/todayininfosec/status/1808464060972667170

    Rant of the Week (11:07)

    Cancer patient forced to make terrible decision after Qilin attack on London hospitals

    https://www.theregister.com/2024/07/05/qilin_impacts_patient/

    EXCLUSIVE The latest figures suggest that around 1,500 medical procedures have been canceled across some of London's biggest hospitals in the four weeks since Qilin's ransomware attack hit pathology services provider Synnovis. But perhaps no single person was affected as severely as Johanna Groothuizen.

    Hanna – the name she goes by – is now missing her right breast after her skin-sparing mastectomy and immediate breast reconstruction surgery was swapped out for a simple mastectomy at the last minute.

    Billy Big Balls of the Week (18:20)

    Ransomware scum who hit Indonesian government apologizes, hands over encryption key

    https://www.theregister.com/2024/07/04/hackers_of_indonesian_government_apologize/

    Industry News (24:28)

    Vinted Fined €2.3m Over Data Protection Failure

    Europol Warns of Home Routing Challenges For Lawful Interception

    Meta Faces Suspension of AI Data Training in Brazil

    New Ransomware Group Phones Execs to Extort Payment

    UK’s NCA Leads Major Cobalt Strike Takedown

    Cyber Extortion Soars: SMBs Hit Four Times Harder

    New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action

    Dozens of Arrests Disrupt €2.5m Vishing Gang

    Health Tech Execs Get Jail Time For $1bn Fraud Scheme

    Tweet of the Week (31:07)

    Come on! Like and bloody well subscribe!
    Show more Show less
    39 mins
  • Episode 196 - The Nuclear Option Episode

    Episode 196 - The Nuclear Option Episode
    Jul 1 2024

    This Week in InfoSec (12:30)

    With content liberated from the “today in infosec” twitter account and further afield

    24th June 1987: The movie Spaceballs was released. With a budget of $23 million, it grossed $38 million at the box office in North America. Though 37 years have passed, the secret code scene remains a reminder of why security is hard.

    Watch the secret code scene from Spaceballs and weep. Or laugh. Or both. Has much changed when it comes to password security since the movie was released 37 years ago today?

    The 64 second scene: https:///youtu.be/a6iW-8xPw3k

    https://x.com/todayininfosec/status/1805302016451002501

    27th June 2011: Anonymous released its first cache from Operation AntiSec, information from a US anti-cyberterrorism program.

    https://x.com/todayininfosec/status/1806302186487345226

    Rant of the Week (18:15)

    Korean telco allegedly infected its P2P users with malware
    A South Korean media outlet has alleged that local telco KT deliberately infected some customers with malware due to their excessive use of peer-to-peer (P2P) downloading tools.

    The number of infected users of “web hard drives” – the South Korean term for the online storage services that allow uploading and sharing of content – has reportedly reached 600,000.

    Billy Big Balls of the Week (26:33)

    Crypto scammers circle back, pose as lawyers, steal an extra $10M in truly devious plan
    The FBI says in just 12 months, scumbags stole circa $10 million from victims of crypto scams after posing as helpful lawyers offering to recover their lost tokens.

    Between February 2023-2024, scammers were kicking US victims while they were already down, preying on their financial vulnerability to defraud them for a second time in what must be seen as a new low, even for that particular breed of dirtball.

    It's the latest update from the FBI's Internet Crime Complaint Center (IC3) on the ongoing issue which was first publicized in August last year.

    Industry News (34:24)

    US Bans Kaspersky Over Alleged Kremlin Links

    Sellafield Pleads Guilty to Historic Cybersecurity Offenses

    Polish Prosecutors Step Up Probe into Pegasus Spyware Operation

    Credential Stuffing Attack Hits 72,000 Levi’s Accounts

    Google's Naptime Framework to Boost Vulnerability Research with AI

    Fake Law Firms Con Victims of Crypto Scams, Warns FBI

    IT Leaders Split on Using GenAI For Cybersecurity

    Majority of Critical Open Source Projects Contain Memory Unsafe Code

    CISOs Reveal Firms Prioritize Savings Over Long-Term Security

    Tweet of the Week (43:08)

    https://twitter.com/StuAlanBecker/status/1806137799248359443

    Comments: https://twitter.com/derJamesJackson/status/1806307954586538205

    Alternate TotW:

    https://twitter.com/susisnyder/status/1806222280382406836

    Come on! Like and bloody well subscribe!
    Show more Show less
    49 mins
  • Episode 195 - The Smashing Unknown Episode

    Episode 195 - The Smashing Unknown Episode
    Jun 10 2024
    This week in InfoSec (11:16)With content liberated from the “today in infosec” twitter account and further afield5th of June 1991, a mere 33 years ago, : Philip Zimmermann sent the first release of PGP to 2 friends, Allan Hoeltje and Kelly Goen, to upload to the Internet. From the man himself, First, I sent it to Allan Hoeltje, who posted it to Peacenet, an ISP that specialized in grassroots political organizations, mainly in the peace movement. Peacenet was accessible to political activists all over the world. Then, I uploaded it to Kelly Goen, who proceeded to upload it to a Usenet newsgroup that specialized in distributing source code. At my request, he marked the Usenet posting as "US only". Kelly also uploaded it to many BBS systems around the country. I don't recall if the postings to the Internet began on June 5th or 6th.It may be surprising to some that back in 1991, I did not yet know enough about Usenet newsgroups to realize that a "US only" tag was merely an advisory tag that had little real effect on how Usenet propagated newsgroup postings. I thought it actually controlled how Usenet routed the posting. But back then, I had no clue how to post anything on a newsgroup, and didn't even have a clear idea what a newsgroup was.After releasing PGP, I immediately diverted my attention back to consulting work, to try to get caught up on my mortgage payments. I thought I could just release PGP 1.0 for MSDOS, and leave it alone for awhile, and let people play with it. I thought I could get back to it later, at my leisure. Little did I realize what a feeding frenzy PGP would set off. Apparently, there was a lot of pent-up demand for a tool like this. Volunteers from around the world were clamoring to help me port it to other platforms, add enhancements, and generally promote it. I did have to go back to work on paying gigs, but PGP continued to demand my time, pulled along by public enthusiasm.I assembled a team of volunteer engineers from around the world. They ported PGP to almost every platform (except for the Mac, which turned out to be harder). They translated PGP into foreign languages. And I started designing the PGP trust model, which I did not have time to finish in the first release. Fifteen months later, in September 1992, we released PGP 2.0, for MSDOS, several flavors of Unix, Commodore Amiga, Atari, and maybe a few other platforms, and in about ten foreign languages. PGP 2.0 had the now-famous PGP trust model, essentially in its present form.It was shortly after PGP 2.0's release that US Customs took an interest in the case. Little did they realize that they would help propel PGP's popularity, helping to ignite a controversy that would eventually lead to the demise of the US export restrictions on strong cryptography.7 June 2009. A mere 15 years ago. Sophos launched its (utterly shit) IT vigilante marketing campaignDress up a British man (who appears to have had a nervous breakdown over a corporate data breach incident) in an orange gimp suit – that will sell security software for sure!At least, that was the plan made by Sophos’s marketing department for its “IT Vigilante” campaign.https://www.youtube.com/watch?v=-gc6sDqofcIhttps://grahamcluley.com/top-five-worst-videos-anti-virus/Other awful videos:Happy birthday Eugene Kaspersky: https://www.youtube.com/watch?v=ujnq188E5-wEugene’s “silent movie”: https://www.youtube.com/watch?v=Ib8UjCQl5sE&t=6s Rant of the Week (22:45)https://www.bbc.co.uk/news/articles/cxee7317kgmoRussian hackers are behind the cyber attack on a number of major London hospitals, according to the former chief executive of the National Cyber Security Centre.Ransomware attacks on the healthcare industry as a whole have increased significantly over the past year. Whaley attributes the uptick to “lives on the line.”“While no sector is invulnerable to these attacks… healthcare providers have proven time and time again that they’re the most willing to pay a ransom following these incidents," Whaley said.“Bad actors know this and smell blood in water,” he added. Whaley pointed out that the rise in state-sponsored cyberattacks combined “with the further digitization of the NHS paints a pretty grim picture for the defensive capabilities of the British healthcare sector… and possibly a warning sign of much larger attacks to come.” Graham's Giant Gonads of the Week (30:51)Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Labhttps://therecord.media/kaspersky-apple-bug-bounty-declinedhttps://securelist.com/trng-2023/Apple has snubbed Russian cybersecurity firm Kaspersky Lab, refusing to shell out a bug bounty for four zero-day vulnerabilities discovered in iPhone software. Targets were infected using zero-click exploits via the iMessage platform, and the malware ran with root privileges, gaining complete control over the device and user data. The twist?The vulnerabilities were used to spy on Kaspersky ...
    Show more Show less
    49 mins
  • Episode 194

    Episode 194
    Jun 3 2024

    This week in InfoSec (07:29)

    With content liberated from the “today in infosec” twitter account and further afield

    28th May: 2014: LulzSec hacker Hector Monsegur, known as Sabu, was sentenced and released the same day on time served for his role in a slew of high-profile cyberattacks. He had served 7 months in prison after his arrest.

    https://x.com/todayininfosec/status/1795228730735886650

    25th May 2018: The General Data Protection Regulation (GDPR) in the European Union (EU) to strengthen and unify data protection became effective - just over 2 years after it was adopted by the EU.

    https://twitter.com/todayininfosec/status/1794461551534936503

    Rant of the Week (18:34)

    Bing outage shows just how little competition Google search really has

    Bing, Microsoft's search engine platform, went down in the very early morning 23rd May. That meant that searches from Microsoft's Edge browsers that had yet to change their default providers didn't work. It also meant that services relying on Bing's search API—Microsoft's own Copilot, ChatGPT search, Yahoo, Ecosia, and DuckDuckGo—similarly failed.

    If dismay about AI's hallucinations, power draw, or pizza recipes concern you—along with perhaps broader Google issues involving privacy, tracking, news, SEO, or monopoly power—most of your other major options were brought down by a single API outage this morning. Moving past that kind of single point of vulnerability will take some work, both by the industry and by you, the person wondering if there's a real alternative.

    Billy Big Balls of the Week (26:56)

    IT worker sued over ‘vengeful’ cyber harassment of policeman who issued a jaywalking ticket


    In an ongoing civil lawsuit, an IT worker is accused of launching a "destructive cyber campaign of hate and revenge" against a police officer and his family after being issued a ticket for jaywalking.

    Industry News (34:44)

    Check Point Urges VPN Configuration Review Amid Attack Spike

    Courtroom Recording Software Vulnerable to Backdoor Attacks

    New North Korean Hacking Group Identified by Microsoft

    Internet Archive Disrupted by Sustained and “Mean” DDoS Attack

    Advance Fee Fraud Targets Colleges With Free Piano Offers

    US-Led Operation Takes Down World’s Largest Botnet

    First American Reveals Data Breach Impacting 44,000 Individuals

    Europol-Led Operation Endgame Hits Botnet, Ransomware Networks

    BBC Pension Scheme Breached, Exposing Employee Data

    Tweet of the Week (47.14)

    https://twitter.com/DebugPrivilege/status/1795823939631067165

    Come on! Like and bloody well subscribe!
    Show more Show less
    51 mins
  • Episode 193 - The "At Last!" Episode

    Episode 193 - The "At Last!" Episode
    May 27 2024
    This week in InfoSec (11:36) With content liberated from the “today in infosec” twitter account and further afield17th May 2015: CNN published their article on a statement Cybersecurity Consultant, Chris Roberts had publicly made on Twitter a month earlier. There were lots of accusations made regarding Chris Roberts' actions hacking into computer systems while a passenger on multiple airline flights. Did he actually cause a plane to fly sideways? Maybe? But it's not like he made it fly upside down.FBI: Hacker claimed to have taken over flight’s engine controlshttps://twitter.com/todayininfosec/status/1791214444980080724 26th May 1995: Gates Declares Internet "Most Important Single Development"Realising his company had missed the boat in estimating the impact and popularity of the Internet, Microsoft Corp. CEO Bill Gates issued a memo titled, "The Internet Tidal Wave," which signaled the company's renewed focus on that arena. In the memo, Gates declared that the Internet was the "most important single development" since the IBM personal computer -- a development that he was assigning "the highest level of importance”.https://1995blog.com/2020/05/25/25-years-on-bill-gates-internet-tidal-wave-memo-a-seminal-document-of-the-unfolding-digital-age/ Rant of the Week (18:00)Giving Windows total recall of everything a user does is a privacy minefieldMicrosoft's Windows Recall feature is attracting controversy before even venturing out of preview.Like so many of Microsoft's AI-infused products, Windows Recall will remain in preview while Microsoft refines it based on user feedback – or simply gives up and pretends it never happened.The principle is simple. Windows takes a snapshot of a user's active screen every few seconds and dumps it to disk. The user can then scroll through the archive of snapshots to find what were doing some time back, or query an AI system to recall past screenshots by text. Billy Big Balls of the Week (28:58)Hacker Breaches Scam Call Center, Warns Victims They've Been ScammedA hacker claims to have breached a scam call center, stolen the source code for the company’s tools, and emailed the company’s scam victims.The hack is the latest in a long series of vigilante actions in which hackers take matters into their own hands and breach or otherwise disrupt scam centers. A massively popular YouTube community, with creators mocking their targets, also exists around the practice. Industry News (34:17)Authorities Arrest $100m Incognito Drugs Market SuspectAI Seoul Summit: 16 AI Companies Sign Frontier AI Safety CommitmentsUK Government in £8.5m Bid to Tackle AI Cyber-ThreatsMastercard Doubles Speed of Fraud Detection with Generative AIPSNI Faces £750,000 Data Breach Fine After Spreadsheet LeakGitHub Fixes Maximum Severity Flaw in Enterprise ServerNational Records of Scotland Data Breached in NHS Cyber-AttackNVD Leaves Exploited Vulnerabilities UncheckedMicrosoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day Tweet of the Week (41:59)https://twitter.com/gcluley/status/1792881296907043217Two for one:https://twitter.com/mer__edith/status/1793888092321202634 Come on! Like and bloody well subscribe!
    Show more Show less
    48 mins
  • Episode 192 - The Unedited Episode

    Episode 192 - The Unedited Episode
    May 8 2024

    This week in InfoSec

    With content liberated from the “today in infosec” twitter account and further afield

    27th April 2012: The Information Commissioner's Office (ICO) in the UK issued its first-ever data breach fine to an NHS (National Health Service) organisation, fining Aneurin Bevan Health Board in Wales £70,000.

    https://www.digitalhealth.net/2012/04/first-nhs-fine-issued-by-ico/

    Rant of the Week

    Dropbox dropped the ball on security, haemorrhaging customer and third-party info

    Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.

    The attack, detailed in a regulatory filing, impacted Dropbox Sign – a service it bills as an "eSignature solution [that] lets you send, sign, and store important documents in one seamless workflow, without ever leaving Dropbox." So basically a DocuSign clone.

    The filing states that management became aware of the incident last week – on April 24 – and "immediately activated our cyber security incident response process to investigate, contain, and remediate the incident."

    That effort led to the discovery that "the threat actor had accessed data related to all users of Dropbox Sign, such as emails and usernames, in addition to general account settings."

    Billy Big Balls of the Week

    Chinese government website security is often worryingly bad, say Chinese researchers

    Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.

    The researchers concluded the investigation has uncovered "pressing security and dependency issues" that may not have a quick fix.

    "Despite thorough analyses, practical solutions to bolster the security of these systems remain elusive," wrote the researchers. "Their susceptibility to cyber attacks, which could facilitate the spread of malicious content or malware, underscores the urgent need for real-time monitoring and malicious activity detection."

    The study also highlights the need for "stringent vetting and regular updates" of third-party libraries and advocates "a diversified distribution of network nodes, which could substantially augment system resilience and performance."

    The study will likely not go down well in Beijing, as China's government has urged improvements to government digital services and apps often issues edicts about improving cybersecurity.

    Industry News

    Google Blocks 2.3 Million Apps From Play Store Listing

    Disinformation: EU Opens Probe Against Facebook and Instagram Ahead of Election

    NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms

    Lawsuits and Company Devaluations Await For Breached Firms

    UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA

    REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison

    Security Breach Exposes Dropbox Sign Users

    Indonesia is a Spyware Haven, Amnesty International Finds

    North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts

    Tweet of the Week

    https://twitter.com/summer__heidi/status/1783829402574639187

    Come on! Like and bloody well subscribe!
    Show more Show less
    49 mins
  • Episode 191 - This One's For The Boomers

    Episode 191 - This One's For The Boomers
    Apr 29 2024
    This week in InfoSec (07:04)With content liberated from the “today in infosec” twitter account and further afield23rd April 2005: The first video uploaded to YouTube, “Me at the zoo,” is posted on April 23, 2005 at 8:27 PM by co-founder Jawed Karim. For now being a piece of history, the video is actually pretty dumb.Note to future entrepreneurs: what you do may be for posterity. Choose wisely.22nd April 1988: 1988: The VIRUS-L email mailing list was created and moderated by Ken van Wyk while he was working at Lehigh University. It was the first electronic forum dedicated to discussing computer viruses.https://twitter.com/todayininfosec/status/1782424224348446910 Rant of the Week (13:21)Ring dinged for $5.6M after, among other claims, rogue insider spied on 'pretty girls'The FTC today announced it would be sending refunds totaling $5.6 million to Ring customers, paid from the Amazon subsidiary's coffers.The windfall stems from allegations made by the US watchdog that folks could have been, and were, spied upon by cybercriminals and rogue Ring workers via their Ring home security cameras.The regulator last year accused Ring of sloppy privacy protections that allowed the aforementioned spying to occur or potentially occur.Specifically, the FTC formally charged Ring with "compromising its customers' privacy by allowing any employee or contractor to access consumers' private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers' accounts, cameras, and videos." Billy Big Balls of the Week (21:41)Cops cuff man for allegedly framing colleague with AI-generated hate speech clipBaltimore police have arrested Dazhon Leslie Darien, the former athletic director of Pikesville High School (PHS), for allegedly impersonating the school's principal using AI software to make it seem as if he made racist and antisemitic remarks.Darien, of Baltimore, Maryland, was subsequently charged with witness retaliation, stalking, theft, and disrupting school operations. He was detained late at night trying to board a flight at BWI Thurgood Marshall Airport. Security personnel stopped him because the declared firearm he had with him was improperly packed and an ensuing background check revealed an open warrant for his arrest.He is quoted as saying “Arse cock pussy”. 😀"On January 17, 2024, the Baltimore County Police Department became aware of a voice recording being circulated on social media," said Robert McCullough, Chief of Baltimore County Police, at a streamed press conference today. "It was alleged the voice captured on the audio file belong to Mr Eric Eiswert, the Principal at the Pikesville High School. We now have conclusive evidence that the recording was not authentic. Industry News (30:51)Quishing Attacks Jump Tenfold, Attachment Payloads HalveAlarming Decline in Cybersecurity Job Postings in the USNCSC Announces PwC’s Richard Horne as New CEONSA Launches Guidance for Secure AI DeploymentEnd-to-End Encryption Sparks Concerns Among EU Law EnforcementFifth of CISOs Admit Staff Leaked Data Via GenAIUS Congress Passes Bill to Ban TikTokOnline Banking Security Still Not Up to Par, Says Which?Ring to Pay Out $5.6m in Refunds After Customer Privacy Breach Tweet of the Week (38:56)https://twitter.com/KimZetter/status/1783556843798671591 Come on! Like and bloody well subscribe!
    Show more Show less
    44 mins