This week in InfoSec takes us back to a time when it would have been cheaper to pay the ransom Rant of the Week explores the grind culture Gen Z are afraid of Billy Big Balls makes removable media policies worth their weight in gold Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is a message from the Electronic Frontier Foundation's Director of Cyber Security
This week in InfoSec (12:47)
With content liberated from the “today in infosec” twitter account and further afield
22nd March 2018: The city of Atlanta announced it was victim to a ransomware attack. The attackers demanded $51,000 worth of bitcoin to release the encrypted data, but Atlanta didn't pay the ransom. Whether or not to pay ransom isn't a simple or easy matter, but this proved to be expensive.
21st March 2001: SMBRelay and SMBRelay2 were released by Sir Dystic at the @lantacon convention in Atlanta, Georgia. The tools were developed to carry out SMB man-in-the-middle attacks on Windows machines.
Rant of the Week (19:43)
Billy Big Balls of the Week (29:08)
Journalist opens USB letter bomb in newsroom
Journalists across Ecuador have been targeted by explosive devices sent through the post.
One presenter, Lenin Artieda, was injured when he opened the envelope in the middle of the newsroom.
He said the explosive device looked like a USB drive. He plugged it into his computer and it detonated.
The Ecuadorean attorney-general's department confirmed it had opened a terrorism investigation into the letters on Monday.
It did not name the specific news outlets targeted. However, at least five different organisations across Ecuador were sent the letters.
The government has condemned the attacks, describing freedom of expression as "a right that must be respected".
"Any attempt to intimidate journalism and freedom of expression is a loathsome action that should be punished with all the rigour of justice," it said in a statement.
The interior minister, Juan Zapata, said the devices were all sent from the same town. Three were sent to media outlets in Guayaquil and two to the capital, Quito.
While Mr Artieda was injured by the device, others sent through the post failed to explode or were never opened.
Police carried out a controlled detonation of one of the devices sent to TC Television, prosecutors confirmed.
From 2017, Mr Self Destruct v1
Industry News (36:51)
Ferrari Reveals Data Breach Ransom Attack
Just 1% of Dot-Org Domains Are Fully DMARC Protected
BreachForums Shuts Down After Admin's Arrest
Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts
UK Government Sets Out Vision for NHS Cybersecurity
New Post-Exploitation Attack Method Found Affecting Okta Passwords
China-Aligned "Operation Tainted Love" Targets Middle East Telecom Providers
UK Parliament Bans TikTok from its Network and Devices
IRS Phishing Emails Used to Distribute Emotet
Tweet of the Week (44:52)