This week in InfoSec talks about space viruses Rant of the Week says “don’t mention the tech” - we said it once but I think we got away with it Billy Big Balls reveals the identities of sophisticated hackers Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week asks you to think of the pain you cause your family
This week in InfoSec (14:00)
With content liberated from the “today in infosec” twitter account and further afield
18th August 2003: The Nachi worm began infecting Windows computers with the goal of REMOVING the Blaster worm and patching the vulnerability exploited by both worms.
Worm aims to eradicate Blaster
https://twitter.com/todayininfosec/status/1692616573524050259
26th August 2008: It was reported that a laptop on the International Space Station was infected by removable media containing the http://W32.Gammima.AG worm. Space. Where you don't want to be dealing with malware.
Malware detected at the International Space Station
https://twitter.com/todayininfosec/status/1298690676448735232
Rant of the Week (19:02)
Cellebrite asks cops to keep its phone hacking tech ‘hush hush’
For years, cops and other government authorities all over the world have been using phone hacking technology provided by Cellebrite to unlock phones and obtain the data within. And the company has been keen on keeping the use of its technology “hush hush.”
As part of the deal with government agencies, Cellebrite asks users to keep its tech — and the fact that they used it — secret, TechCrunch has learned. This request concerns legal experts who argue that powerful technology like the one Cellebrite builds and sells, and how it gets used by law enforcement agencies, ought to be public and scrutinized.
[That was this weeks Rant of the week]
Billy Big Balls of the Week (28:35)
Two teens were among those behind the Lapsus$ cyber-crime spree, jury finds
Two teenage members of the chaotic Lapsus$ cyber-crime gang helped compromise computer systems of Uber and Nvidia, and also blackmailed Grand Theft Auto maker Rockstar Games among other high-profile victims, a jury has decided.
At Southwark Crown Court in London, England, on Wednesday, Arion Kurtaj, 18, and a 17-year-old male who because of his age cannot be identified for legal reasons were found to have committed various crimes. Kurtaj was held in custody while the other was released on bail; both await sentencing.
This was an unusual case in that the jury was told not to find Kurtaj, who is autistic, guilty or not guilty as psychiatrists had earlier assessed that he was unfit to stand trial. Instead, the panel was asked to decided whether or not he did the things he was accused of.
The two teens, along with other Lapsus$ members, also broke into and attempted to extort telecoms giant BT, Microsoft, Samsung, Vodafone, fintech firm Revolut, and Okta during their crime spree between 2021 and 2022.
Industry News (36:23)
UK’s AI Safety Summit Scheduled For Early November
Police Insider Tipped Off Criminal Friend About EncroChat Bust
Tesla: Insiders Responsible For Major Data Breach
Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Systems
Experian Pays $650,000 to Settle Spam Claims
WinRAR Vulnerability Affects Traders Worldwide
Sensitive Data of 10 Million at Risk After French Employment Agency Breach
Data of 2.6 Million Duolingo Users Leaked on Hacking Forum
FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers
Tweet of the Week (47:47)
https://twitter.com/securityweekly/status/1694705119793746015