This week in InfoSec takes us back to the building blocks of the internet Rant of the Week is an experiment in snitches get stitches Billy Big Balls identifies a genius way to reduce risks Industry News is the latest and greatest news stories from around the world And Tweet of the Week is another loss for anonymity
This week in InfoSec (08:49)
With content liberated from the “today in infosec” twitter account and further afield
7th April 1969: Steve Crocker, a graduate student at UCLA and part of the team developing ARPANET, writes the first “Request for Comments“. The ARPANET, a research project of the Department of Defense’s Advanced Research Projects Agency (ARPA), was the foundation of today’s modern Internet. RFC 1 defined the design of the host software for communication between ARPANET nodes. This host software would be run on Interface Message Processors or IMPs, which were the precursor to Internet routers. The “host software” defined in RFC 1 would later be known as the Network Control Protocol or NCP, which itself was the forerunner to the modern TCP/IP protocol the Internet runs on today.
https://thisdayintechhistory.com/04/07/rfc-1-defines-the-building-block-of-internet-communication/
7th April 2014: The Heartbleed Bug was publicly disclosed. The buffer over-read vulnerability had been discovered by Neel Mehta and later privately reported to the OpenSSL project, which patched it the next day. The vulnerability was inadvertently introduced into OpenSSL 2 years prior.
https://twitter.com/todayininfosec/status/1777136463882183076
Rant of the Week (17:09)
OpenTable is adding your first name to previously anonymous reviews
Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names.
OpenTable notified members of this new policy change today in emails to members who had previously left a review on the platform, stating the change was made to provide more transparency.
"At OpenTable, we strive to build a community in which diners can help other diners discover new restaurants, and reviews are a big part of that," reads the OpenTable email seen by BleepingComputer.
"We've heard from you, our diners, that trust and transparency are important when looking at reviews."
"To build on the credibility of our review program, starting May 22, 2024, OpenTable will begin displaying diner first names and profile photos on all diner reviews. This update will also apply to past reviews.
Billy Big Balls of the Week (26:36)
Lloyds Bank axes risk staff after executives complain they are a ‘blocker’
Lloyds Banking Group plans to cut jobs in risk management after an internal review found the function was a “blocker to our strategic transformation”.
The restructuring was outlined in a memo last month from Lloyds’ chief risk officer Stephen Shelley, who said two-thirds of executives believed risk management was blocking progress while “less than half our workforce believe intelligent risk-taking is encouraged”. The lender was “resetting our approach to risk and controls”, Shelley said in the memo, seen by the Financial Times, adding that “the initial focus is on non-financial risks”.
Industry News (33:55)
T: Famous YouTube Channels Hacked to Distribute Infostealers
A: US Federal Data Privacy Law Introduced by Legislators
J: Foreign Interference Drives Record Surge in IP Theft
T: Half of UK Businesses Hit by Cyber-Incident in Past Year, UK Government Finds
A: US Claims to Have Recovered $1.4bn in COVID Fraud
J: Women Experience Exclusion Twice as Often as Men in Cybersecurity
T: Threat Actors Game GitHub Search to Spread Malware
A: Data Breach Exposes 300k Taxi Passengers’ Information
J: Apple Boosts Spyware Alerts For Mercenary Attacks
Tweet of the Week (52:08)
