This week in InfoSec is a story of a guy who made his defence lawyers case very difficult Rant of the Week is a privacy snafu we’re not at all surprised about Billy Big Balls is a man who made the most of working from home, literally Industry News is the latest and greatest news stories from around the world And Tweet of the Week is a matter of perspective
This week in InfoSec (06:25)
With content liberated from the “today in infosec” twitter account and further afield
16th February 2010: Version 2.0 of the CWE/SANS Top 25 Most Dangerous Software Errors was released.
Take a look and decide which of these weaknesses have been eradicated over the last 14 years.
https://twitter.com/todayininfosec/status/1758712418601971748
20th February 2003: Alan Giang Tran, former network admin for 2 companies, was arrested after allegedly destroying data on the companies' networks. Two months later he pleaded guilty to a federal charge of intentionally causing damage to a protected computer.
https://twitter.com/todayininfosec/status/1760021831354896443
Rant of the Week (14:01)
Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data
Avast, the cybersecurity software company, is facing a $16.5 million fine after it was caught storing and selling customer information without their consent. The Federal Trade Commission (FTC) announced the fine on Thursday and said that it’s banning Avast from selling user data for advertising purposes.
From at least 2014 to 2020, Avast harvested user web browsing information through its antivirus software and browser extension, according to the FTC’s complaint. This allowed it to collect data on religious beliefs, health concerns, political views, locations, and financial status. The company then stored this information “indefinitely” and sold it to over 100 third parties without the knowledge of customers, the complaint says.
Billy Big Balls of the Week(25:02)
Husband 'made over a million' by eavesdropping on BP wife
The husband of a BP employee has been charged with insider trading in the US following claims he overheard details of calls made by his wife while working from home.
The US Securities and Exchange Commission alleged Tyler Loudon made $1.76m (£1.39m) in illegal profits.
The regulator claimed Mr Loudon heard several of his wife's conversations about BP's takeover of TravelCenters of America and bought shares in the firm.
BP has declined to comment.
The SEC said: "We allege that Mr Loudon took advantage of his remote working conditions and his wife's trust to profit from information he knew was confidential."
His wife - a mergers and acquisitions manager at BP - worked on the oil giant's takeover of TravelCenters.
The SEC said Mr Loudon purchased 46,450 shares of TravelCenter's stock, without his wife's knowledge, before the deal was made public in February last year.
Following the announcement, TravelCenter's share price rose nearly 71% and Mr Loudon allegedly immediately sold all of his newly-bought shares for a profit, the SEC said.
Industry News (32:16)
Attacker Breakout Time Falls to Just One Hour
NCSC Sounds Alarm Over Private Branch Exchange Attacks
Biden Executive Order to Bolster US Maritime Cybersecurity
Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited
Chinese Duo Found Guilty of $3m Apple Fraud Plot
OWASP Releases Security Checklist for Generative AI Deployment
Russian-Aligned Network Doppelgänger Targets German Elections
Change Healthcare Cyber-Attack Leads to Prescription Delays
ICO Bans Serco Leisure's Use of Facial Recognition for Employee Attendance
Tweet of the Week (42:37)
