This week in InfoSec is a tale software unknowingly spying on citizens of another nation Rant of the Week is a story about the app which poses a threat to national security Billy Big Balls is a story of playing both sides Industry News is the latest and greatest news stories from around the world And Tweet of the Week is a recap of the rules of surveillance
This week in InfoSec (14:26)
With content liberated from the “today in infosec” twitter account and further afield
7th March 2017: WikiLeaks began its new series of leaks on the U.S. Central Intelligence Agency (CIA). Code-named Vault 7 by WikiLeaks, it was the largest ever publication of confidential documents on the agency.
https://twitter.com/todayininfosec/status/1765828993713090565
14th March 2013: Security journalist Brian Krebs was swatted when police responded to a spoofed 911 call claiming Russians had broken into his home and had shot his wife.
One of several people who made the false report, Eric Taylor (aka Cosmo the God), was sentenced to probation in 2017.
https://twitter.com/todayininfosec/status/1768253237260435814
Rant of the Week (21:38)
US Congress goes bang, bang, on TikTok sale-or-ban plan
The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban.
The bill names only TikTok as a "foreign adversary controlled application" and prohibits "Providing services to distribute, maintain, or update" the app – including by offering it for sale in an app store. Even updates to the app aren't allowed.
If TikTok's US operations were locally owned and operated, none of the sanctions the bill mentions would be enforceable. And US lawmakers' fears that TikTok gives Beijing a way to gather intelligence and surveil citizens would be eased.
[Related or coincidental? Or a BBB?]
Former US Treasury secretary Steve Mnuchin thinking about buying TikTok
On the heels of the US House of Representatives passing a TikTok ban bill, former US Treasury secretary and private equity mogul Steve Mnuchin is apparently thinking about buying the platform.
Speaking to CNBC's pre-market team at Squawk Box, Mnuchin said he hoped the TikTok ban would pass in the Senate, forcing a sale of the platform to a US-based parent.
"It's a great business and I'm going to put together a group to buy TikTok," Mnuchin told CNBC. Mnuchin didn't mention whether partners had been identified, or what phase the purchase was in.
Billy Big Balls of the Week (32:14)
CEO of Data Privacy Company Onerep.com Founded Dozens of People-Search Firms
The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.
Onerep’s “Protect” service starts at $8.33 per month for individuals and $15/mo for families, and promises to remove your personal information from nearly 200 people-search sites. Onerep also markets its service to companies seeking to offer their employees the ability to have their data continuously removed from people-search sites.
Industry News (41:21)
UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat Hit
Russia’s Midnight Blizzard Accesses Microsoft Source Code
Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
Lawmakers Slam UK Government’s “Ostrich Strategy” for Cybersecurity
Google to Restrict Election-Related Answers on AI Chatbot Gemini
Meta Sues Former VP After Defection to AI Startup
Google Paid $10m in Bug Bounties to Security Researchers in 2023
French Employment Agency Data Breach Could Affect 43 Million People
TikTok Faces US Ban as House Votes to Compel ByteDance to Sell
Tweet of the Week (50:29)