This week in InfoSec takes us back to a time when a group of security professionals decided that they wanted something done right, so they did it theselves Rant of the Week continues to gaze at the Twitter “faecal-performance” from a safe distance Billy Big Balls pays homage to the under appreciated women in cyber security Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is someone making the best of the previously referenced Twitter “faecal-performance”
This week in InfoSec ( 11:47)
With content liberated from the “today in infosec” twitter account and further afield
4th March 1989: The article "COMPUTER DETECTIVE FOLLOWED TRAIL TO HACKER SPY SUSPECT" was published. It covers how Clifford Stoll's discovery of a 75¢ accounting discrepancy led to the arrest of Marcus Hess. It was also the topic of Stoll's book, The Cuckoo's Egg.
COMPUTER DETECTIVE FOLLOWED TRAIL TO HACKER SPY SUSPECT
https://twitter.com/todayininfosec/status/1632213421268533250
8th March 1993: AusCERT (@AusCERT) began as the Security Emergency Response Team (SERT), when it commenced incident response operations in Australia.
Forming an Incident Response Team
https://twitter.com/todayininfosec/status/1633511448000299014
Rant of the Week (16:45)
https://sports.yahoo.com/ransomware-group-posts-nude-photos-003700829.html
Twitter just let its privacy- and security-protecting Tor service expire
Twitter has allowed the certificate for its Tor onion site to expire, effectively killing off a privacy- and speech-protecting service that it introduced last year. Visiting the Tor-specific onion site address will now deliver a warning that the certificate verifying the site’s authenticity has lapsed; proceeding past that point (which is highly not recommended) currently delivers a Twitter error page. The certification expired on March 6th, just shy of two days before the site’s one-year launch anniversary.
Twitter no longer has a communications department to ask about the change, but the Tor Project confirmed the service’s lapse to The Verge. “The onion site is no longer available seemingly with no plans to renew. The Tor Project has reached out to Twitter to look into bringing the onion version of the social media platform back online,” said communications director Pavel Zoneff in a statement. “People who rely on onion services for an extra layer of protection and guarantee that they are accessing the content they are looking for now have one fewer way of doing so safely.”
Billy Big Balls of the Week (25:23)
Where are the women in cyber security? On the dark side, study suggests
If you can't join them, then you may as well try to beat them – at least if you're a talented security engineer looking for a job and you happen to be a woman.
As we've noted before, the infosec world moves at a glacial pace toward gender equity. It appears that's not the case in the cyber criminal underground, according to Trend Micro, which recently published a study in which it claims at least 30 percent – if not more – of cyber criminal forum users are women.
For its study, Trend Micro looked at five English-language cyber crime forums: Sinister, Cracked, Breached, Hackforums and (now defunct) Raidforum. And it inspected five Russian-language sites: XSS, Exploit, Vavilon, BHF and WWH-Club.
To be fair, Trend Micro's methodology is a bit iffy – and the report itself admits as much. Users on these forums are are largely anonymous, necessitating use of tools like Semrush and uClassify's Gender Analyzer V5 to make what amounts to guesses – at best.
Nonetheless, Trend Micro said it analyzed posts and traffic on the ten forums and found that, for English language sites, some 40 percent of users appear to be women, and 42.6 percent of Russian cyber crime forum users were women, or at least write like them.
"When compared to Stack Overflow, a developer and programming forum, only 12 percent of visitors were female," Trend Micro said of its use of Semrush.
Gender Analyzer V5 is trained on 5,500 blog posts written by women, and the same number by men, in order to analyze language for signs of gendered usage, which Trend Micro used to analyze a subset of profiles on English site Hackforums and Russian XSS. According to the report, 36 percent of users at Hackforums were likely women based on their use of language, and 30 percent of XSS forum users were reportedly women based on the same analysis.
So, what does that all mean? According to Trend Micro, it indicates that the cyber criminal underground is more meritocratic than the white hat world.
"Developers are valued for their skills and experience, and not necessarily for their gender when it comes to conducting business in the underground," Trend Micro said. As such, they say that investigators should avoid defaulting to "he" when discussing cyber criminals. But there's a more obvious lesson to be learned here.
If you overlook qualified security professionals on the basis of gender, don't be surprised if they end up on your radar again. Though perhaps in the form of a researcher bearing a friendly breach notice, and not someone out for criminal profit.
Industry News (30:57)
DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine
Two-Thirds of European Firms Have Started Zero Trust
Russian Disinformation Campaign Records High-Profile Individuals on Camera
Shein App Accessed Clipboard Data on Android Devices
Government Claims New UK GDPR Will Save Firms Billions
US RESTRICT Act Gains Support, Empowers Biden to Ban Foreign Tech
House Members at Risk After Insurer Data Breach
Tehran Targets Female Activists in Espionage Campaign
TikTok Initiates Project Clover Amid European Data Security Concerns
Tweet of the Week (38:04)
