The Host Unknown Podcast

Episode 181 - The Early early Show

Episode Summary

This week in InfoSec is of Worms and Bombs Rant of the Week tells us that our printers need anti-virus Billy Big Balls is what happens when you say the quiet parts out loud Industry News is the latest and greatest news stories from around the world And Tweet of the Week explains why we really enjoy doing the work we do

Episode Notes

This week in InfoSec  (04:51)

With content liberated from the “today in infosec” twitter account and further afield

25th January 2003: The SQL Slammer worm was first observed. It relied on a vulnerability Microsoft reported a whopping 6 months earlier via security bulletin MS02-039. Despite the long-available patch,  75,000 systems were compromised within 10 minutes..

https://twitter.com/todayininfosec/status/1750529757903790431

21st January 1992: Former General Dynamics employee Michael John Lauffenburger was sentenced. He had created a logic bomb, which was programmed to go off on May 24, 1991. Unfortunately for him, an employee accidentally discovered it, dismantled it, and contacted authorities.

https://twitter.com/todayininfosec/status/1749184231752802757     

 

Rant of the Week (11:10)

Third-party ink cartridges brick HP printers after ‘anti-virus’ update

HP is pushing over-the-air firmware updates to its printers, bricking them if they are using third-party ink cartridges. But don’t worry, it’s not a money-grab, says the company – it’s just trying to protect you from the well-known risk of viruses embedded in ink cartridges …

HP has long been known for sketchy practices in its attempt to turn ink purchases into a subscription service. If you cancel a subscription, for example, the company will immediately stop the printer using the ink you’ve already paid for.

CEO Enrique Lores somehow managed to keep a straight face while explaining to CNBC that the company was only trying to protect users from viruses which might be embedded into aftermarket ink cartridges.

It can create issues [where] the printers stop working because the inks have not been designed to be used in our printers, to then create security issues. We have seen that you can embed viruses in the cartridges, and through the cartridge, go to the printer; from the printer, go to the network.

ArsTechnica asked several security experts whether this could happen, and they said this is so out-there, it would have to be a nation-state attack on a specific individual.

 

Billy Big Balls of the Week (19:04)

British man Aditya Verma appears in Spanish court over plane-bomb hoax

A British man accused of public disorder after joking about blowing up a flight has gone on trial in Spain.

Aditya Verma made the comment on Snapchat on his way to the island of Menorca with friends in July 2022.

The message, sent before Mr Verma departed Gatwick airport, read: "On my way to blow up the plane (I'm a member of the Taliban)."

Mr Verma told a Madrid court on Monday: "The intention was never to cause public distress or cause public harm."

If found guilty, the university student faces a hefty bill for expenses after two Spanish Air Force jets were scrambled.

Mr Verma's message was picked up by the UK security services who flagged it to Spanish authorities while the easyJet plane was still in the air.

A court in Madrid heard it was assumed the message triggered alarm bells after being picked up via Gatwick's Wi-Fi network.

 

Industry News (27:39)

Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens

Mega-Breach Database Exposes 26 Billion Records

French Watchdog Slams Amazon with €32m Fine for Spying on Workers

AI Set to Supercharge Ransomware Threat, Says NCSC

X Makes Passkeys Available for US-Based Users

ChatGPT Cybercrime Surge Revealed in 3000 Dark Web Posts

HPE Says SolarWinds Hackers Accessed its Emails

Southern Water Confirms Data Breach Following Black Basta Claims

China-Aligned APT Group Blackwood Unleashes NSPX30 Implant

 

Tweet of the Week (33:12)

https://x.com/TheHornetsFury/status/1750612652873928949?s=20