1. 5th November 1993: Bugtraq was created by Scott Chasin as a full disclosure vulnerability reporting mailing list at the dawn of the World Wide Web. Bugtraq had an enormous influence on how orgs responded to vuln disclosure and paved the way for a shift which led to bug bounty programs.

https://x.com/todayininfosec/status/1986164925039841770

1. 24th October 2002: The worm-like Friendgreet propagated by emailing all Outlook contacts from each computer where it was installed. But THERE WAS A TWIST!

The software presented a EULA stating it would do that!

They gave fair warning, right!?

(EULA = End User License Agreement)

https://x.com/todayininfosec/status/1981885412374114601

CyberSlop — meet the new threat actor, MIT and Safe Security

Cybersecurity vendors peddling nonsense isn’t new, but lately we have a new dimension — Generative AI. This has allowed vendors — and educators — to peddle cyberslop for profit.

Earlier this year, MIT released a working paper and made a webpage around 80% of ransomware attacks using Generative AI

Law passed for scammers, mules to be caned after victims in Singapore lose almost $4b since 2020

SINGAPORE – Scammers will get at least six strokes of the cane, with the punishment going up to 24 strokes depending on the severity of the offence.

Those to be caned will include syndicate members and recruiters, and those who help them, such as money mules who provide their bank accounts, SIM cards or Singpass credentials.

These mules will face discretionary caning of up to 12 strokes.

Tweet of the week: https://x.com/phl43/status/1985841184141689196

Come on! Like and bloody well subscribe!

This week in InfoSec is a Mitnick/Android double act

https://www.computerhistory.org/tdih/september/27/#hacker-mitnick-indicted-on-charges

https://thisdayintechhistory.com/09/23/the-first-android-introduced/

Rant of the Week is the future of the UK, the future I tell you…

New digital ID will be mandatory for workers in the UK

Billy Big Balls gives the best reason ever to go full speed ahead with AI

Silicon Valley’s latest argument against regulating AI: that would literally be the Antichrist

Industry News is the latest and greatest security news stories from around the world

Tweet of the Week is valuable fitness advice from infosec

https://bsky.app/profile/secure-ics-ot.bsky.social/post/3lzpgdl7dts2u

Come on! Like and bloody well subscribe!

1. 18th September 2014: Home Depot disclosed that its data breach was estimated to impact 56 million unique payment cards.

Home Depot disclosed that its data breach was estimated to impact 56 million unique payment cards.

https://x.com/todayininfosec/status/1968870469408309285

1. 18th September 2001: The Nimda worm was released. Utilizing 5 different infection vectors, it became the most widespread virus/worm ever after only 22 minutes.

Why "Nimda"?

$ echo "admin" | rev

nimda

https://x.com/todayininfosec/status/1968721441836134825

Rant of the week Google stuffs Chrome full of AI features whether you like it or not

Billy big balls Former Facebook policy lead Niamh Sweeney appointed DPC commissioner

Tweet of the week https://bsky.app/profile/jwgoerlich.bsky.social/post/3lz4qt5a64k2p

Come on! Like and bloody well subscribe!

The notes go here. I really can't go and look for them right now.

This week in InfoSec is a sticky pickle

Rant of the Week will have you guessing at who it could possibly be, again…

Billy Big Balls is why british men need to take their passport to the bathroom these days

Industry News is the latest and greatest security news stories from around the world

And

Tweet of the Week is well... Thom got it wrong.

Come on! Like and bloody well subscribe!

8th July 2008: Several DNS vendors released patches to mitigate an attack method discovered by Dan Kaminsky which could be used to cause DNS cache poisoning. Kaminsky had discovered the vulnerability 6 months prior and reported it to vendors privately so they could address it. RIP, Dan.

https://x.com/todayininfosec/status/1942695691270193211

10th July 1999: Cult of the Dead Cow (cDc) member DilDog debuted the program Back Orifice 2000 (BO2k) at DEF CON 7. It was the successor to Back Orifice, released by cDc a year prior. DilDog proclaimed it "a remote administration tool for corporate America".

https://x.com/todayininfosec/status/1943440335608385876

Outsourced Trust: How Coinbase's $400M Problem Started in an Indian Call Center

The GPS Leak No One Talked About: Uffizio’s Silent Exposure

Hundreds of Malicious Domains Registered Ahead of Prime Day

M&S Chair Details Ransomware Attack, Declines to Confirm if Payment Was Made

Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft

Qantas Confirms 5.7 Million Customers Hit by Data Breach

Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer

Four Arrested in Connection with April UK Retail Attacks

TikTok's Handling of EU User Data in China Comes Under Scrutiny Again

LLMs Fall Short in Vulnerability Discovery and Exploitation

MPs Warn of “Significant” Iranian Cyber-Threat to UK

https://x.com/krezae/status/1943463109173338558

Come on! Like and bloody well subscribe!

27th June 2007: Live Free or Die Hard was released. Cop John McClane partners with hacker Matt Farrell to stop cyberterrorists trying to take down the US's infrastructure. Traceroute (1337!) is used to find the ringleader's location, then McClane kills him by shooting HIS OWN shoulder.

https://x.com/todayininfosec/status/1938731279937057144

1st July 2003: California's data breach notification law went into effect. California became the first US state to require disclosure of breaches of personal information.
https://x.com/todayininfosec/status/1940220561080332760

Meta calls €200M EU fine over pay-or-consent ad model 'unlawful'

Meet Soham Parekh, the engineer burning through tech by working at three to four startups simultaneously

https://x.com/nickvangilder/status/1940110830085054891

Come on! Like and bloody well subscribe!

17th June 1995: Spyglass goes public

World Wide Web software producer Spyglass Inc. went public, the year after it had begun distributing its Spyglass Mosaic software, an early browser for navigating the Web. With previous year's earnings at $7 million, Spyglass was founded by students at the Illinois Supercomputing Center, which also inspired Netscape Communications Corp.

https://www.computerhistory.org/tdih/june/27/#spyglass-goes-public

26th June 1989: Robert Tappan Morris (who released the Morris worm in 1988) became the first person to be indicted under the US's Computer Fraud and Abuse Act (CFAA), enacted by Congress 3 years earlier. He was later sentenced to three years of probation and fined $10,050

https://x.com/todayininfosec/status/1938292354965770278

Visiting students can't hide social media accounts from Uncle Sam anymore

Meta’s AI training on copyrighted content is ‘fair use’, US judge says

https://x.com/filip_dragovic/status/1937932750415086010

Come on! Like and bloody well subscribe!

11th June 1986: Ferris Bueller's Day Off was released. https://x.com/todayininfosec/status/1932838235102716317

13th June 1994: A Russian hacker group led by Vladimir Levin stole $10.7 million from Citibank via X.25, in what was the first international bank robbery over a network to be made public. Levin was caught in London in 1995 and sentenced in the US to 3 years in prison in 1998. https://x.com/todayininfosec/status/1933504310643773697

“Localhost tracking” explained. It could cost Meta 32 billion.

Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

Industry News

#Infosec2025: Top Six Cyber Trends CISOs Need to Know

Half of Mobile Users Now Face Daily Scams

Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud

Hands-On Skills Now Key to Landing Your First Cyber Role

Phishing Alert as Erie Insurance Reveals Cyber “Event”

Europol Says Criminal Demand for Data is “Skyrocketing”

NIST Publishes New Zero Trust Implementation Guidance

Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

Tweet of the week

https://bsky.app/profile/brianhonan.bsky.social/post/3lrilyd7rpk2m

Come on! Like and bloody well subscribe!