The Host Unknown Podcast

Episode 174 - The Brexit Episode

Episode Summary

This week in InfoSec is a reminder of the Good Times, literally With the unreliable Thom and Jav out of the country, it's left to Andy to carry the show (as usual). Rant of the Week is a story about finding a fall guy (or gal) Billy Big Balls aims for compliance through extortion Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is some job hunting advice

Episode Notes

6:48 This week in InfoSec  

With content liberated from the “today in infosec” twitter account and further afield

  1. 15th November 1994: The earliest known example of the Good Times email hoax virus was posted to the TECH-LAW mailing list. Variants of the hoax spread for several years. In 1997, Cult of the Dead Cow (cDc) claimed responsibility for initiating the hoax..

https://twitter.com/todayininfosec/status/1724867863725412627

  1. 12th November 2012: John McAfee went into hiding because his neighbor, Gregory Faull, was found dead from a gunshot. Belize police wanted him to come in for questioning, but he fled to Guatemala where he was then arrested. He was never charged, though he lost a $25 million wrongful death suit. 

https://twitter.com/todayininfosec/status/1723790884053938623

 

11:57 Rant of the Week

Clorox CISO flushes self after multimillion-dollar cyberattack

The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars.

 

 18:15 Billy Big Balls

BlackCat plays with malvertising traps to lure corporate victims

Ads for Slack and Cisco AnyConnect actually downloaded Nitrogen malware

AlphV files SEC complaint

Affiliates of ransomware gang AlphV (aka BlackCat) claimed to have compromised digital lending firm MeridianLink – and reportedly filed an SEC complaint against the fintech firm for failing to disclose the intrusion to the US watchdog.

First reported by DataBreaches, the break-in apparently happened on November 7. AlphaV’s operatives claimed they did not encrypt any files but did steal some data – and MeridianLink was allegedly aware of the intrusion the day it occurred.

 

24:15 Industry news

MPs Dangerously Uninformed About Facial Recognition – Report

Cyber-Attack Could Have “Devastating” Impact on Aussie Exports

NCSC: UK Facing “Enduring and Significant” Cyber-Threat

UK Privacy Regulator Issues Black Friday Smart Device Warning

US Government Unveils First AI Roadmap For Cybersecurity

European Police Take Down $9m Vishing Gang

BlackCat Ransomware Group Reports Victim to SEC

Russian Hacking Group Sandworm Linked to Unprecedented Attack on Danish Critical Infrastructure

Cyber-Criminals Exploit Gaza Crisis With Fake Charity

 

30:56 Tweet of the Week

https://twitter.com/FadzaiVeanah/status/1724825417196904743