This week in InfoSec talks about orifices Rant of the Week discusses personal data in group chats Billy Big Balls asks you to think of the poor US government Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is some career advice
This week in InfoSec (11:56)
With content liberated from the “Today in Infosec” Twitter account and further afield
4th August 1998: Microsoft published a critical security bulletin MS98-010, titled 'Information on the "Back Orifice" Program'.
Microsoft Security Bulletin MS98-010 - Critical
https://twitter.com/todayininfosec/status/1423037189714219020
27th July 2000: In security bulletin MS00-047, Microsoft thanked PGP's COVERT Labs and Sir Dystic of Cult of the Dead Cow for reporting NetBIOS vulnerabilities
Patch Available for 'NetBIOS Name Server Protocol Spoofing' Vulnerability
https://twitter.com/todayininfosec/status/1287934373019385861
Rant of the Week (18:31)
Brit healthcare body rapped for WhatsApp chat sharing patient data
Staff at NHS Lanarkshire - which serves over half a million Scottish residents - used WhatsApp to swap photos and personal info about patients, including children's names and addresses.
Following a probe, the UK Information Commissioner's Office (ICO) has now issued a heavily redacted official reprimand to the organization, which oversees three hospitals plus clinics and more across rural and urban Lanarkshire in the Central Lowlands of Scotland. It said a group chat created in March 2020 – just as the UK government issued the first COVID lockdown – was in breach of Article 58 of the UK GDPR.
Information was shared between 26 staff for more than two years – from 1 April 2020 to 25 April 2022 – over hundreds of entries within the WhatsApp group that included adult and child patients' names, plus hundreds of patients' phone numbers, many dates of birth, and at least 28 home addresses, "15 images, three videos, and four screenshots." Some of this info included clinical information, and therefore "special category" data in breach of Article 9 of the UK GDPR.
Yes, on their actual work phones, using software provided via NHS portal.
The staffers were using copies of WhatsApp downloaded directly via NHS Lanarkshire's portal on their work phones, it emerged, but someone, whose name was redacted, was added to the group "in error." That "unauthorised individual" was given access to "four students' names and student numbers, one child's name, and two children's names and addresses."
The ICO noted that since WhatsApp stated it was an encrypted platform, staff thought it would be secure. This, the watchdog said, "demonstrates that information governance expectations regarding WhatsApp were not understood by staff involved in the WhatsApp Group."
Billy Big Balls of the Week (31:21)
[The fact the government doesn’t even try to hide what they do and gaslight the country by saying it would be the worst intelligence failure of their time is a BBB move to me - but I’ll let Jav decide 😀]
White House: Losing Section 702 spy powers would be among 'worst intelligence failures of our time'
The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year.
Section 702 of the Foreign Intelligence Surveillance Act (FISA) allows the American government to monitor electronic communications of foreign persons outside of the United States [PDF], and people they confer with, including US persons. While it's supposed to be used as an intelligence tool — to prevent terrorist attacks or track down similar targets — it's also at times abused to conduct warrantless snooping on Americans including protesters, campaign donors, and elected officials.
The controversial law, introduced in 2008, is up for renewal at the end of the year, and the US intelligence community has been frantically lobbying to keep these surveillance powers. FBI Director Chris Wray said last week that Section 702 data was responsible for "97 percent of our raw technical reporting on cyber actors."
Now the White House has thrown its weight behind its intel services, arguing that curbing the legislation or letting it drop would be "one of the worst intelligence failures of our time."
Despite unanimously recommending that Congress renew Section 702, the PIAB's report [PDF] does acknowledge that "complacency, a lack of proper procedures, and the sheer volume of Section 702 activity led to FBI's inappropriate use" of the surveillance powers to query US persons
Industry News (37:04)
NHS Staff Reprimanded For WhatsApp Data Sharing
Canon Inkjet Printers Expose Wi-Fi Threat
AI-Enhanced Phishing Driving Ransomware Surge
Hundreds of Citrix Endpoints Compromised With Webshells
Cocaine Smugglers that Posed as PC Sellers Jailed
Humans Unable to Reliably Detect Deepfake Speech
Menlo Leverages Advanced Technology to Combat Surging Browser Threats
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
Hacktivist Collective “Mysterious Team Bangladesh” Revealed
Noteworthy mention: Security Serious Unsung Heroes Awards 2023 Open for Nominations
Tweet of the Week (47:23)
