This week in InfoSec asks “what could go wrong with a third party holding all of your contact information?” Rant of the Week demonstrates the value of deep vetting in security clearance Billy Big Balls reveals to us that AI stands for “Actual Indians” Industry News is the latest and greatest news stories from around the world And Tweet of the Week a new keyboard with a somewhat priapic name
This week in InfoSec (06:10)
With content liberated from the “today in infosec” twitter account and further afield
3rd April 2011: Email marketing and loyalty program management company Epsilon reported a data breach of names and email addresses of numerous companies' customers, totaling at least 60 million records. Dozens of companies were impacted, including Kroger, Walgreens, Verizon, and Chase.
https://twitter.com/todayininfosec/status/1775598288277835996
1st April 1995: US President Bill Clinton and Russian President Boris Yeltsin announced a pact to exchange their personal PGP keys and to make the technology available to all citizens worldwide. (April Fools' Day)
https://twitter.com/todayininfosec/status/1774994645053010184
Rant of the Week (13:06)
William Wragg honey trap scandal is ‘extremely troubling’ says minister
Explosive revelations that a senior Conservative MP leaked colleagues’ phone numbers to a man he had met on the gay dating app Grindr are “very serious”, a minister has warned, amid questions over whether the MP will face sanctions.
Vice chairman of the 1922 committee William Wragg admitted he sent the numbers after becoming concerned about the power the recipient had over him since he had sent intimate pictures of himself.
Treasury minister Gareth Davies said the situation was “incredibly troubling and very serious” but maintained that Mr Wragg would keep the party whip while the incident is being investigated.
Billy Big Balls of the Week (24:09)
Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery Stores
Amazon Fresh is moving away from a feature of its grocery stores where customers could skip checkout altogether.
Amazon is phasing out its checkout-less grocery stores with “Just Walk Out” technology, first reported by The Information Tuesday. The company’s senior vice president of grocery stores says they’re moving away from Just Walk Out, which relied on cameras and sensors to track what people were leaving the store with.
Just over half of Amazon Fresh stores are equipped with Just Walk Out. The technology allows customers to skip checkout altogether by scanning a QR code when they enter the store. Though it seemed completely automated, Just Walk Out relied on more than 1,000 people in India watching and labeling videos to ensure accurate checkouts. The cashiers were simply moved off-site, and they watched you as you shopped.
On Wednesday, GeekWire reported that Amazon Web Services is cutting a few hundred jobs in its Physical Stores Technology team, according to internal emails. The layoffs will allegedly impact portions of Amazon’s identity and checkout teams.
Industry News (29:46)
Dataset of 73 Million AT&T Customers Linked to Dark Web Data Breach
Firms Must Work Harder to Guard Children’s Privacy, Says UK ICO
Threat Actor Claims Classified Five Eyes Data Theft
Leicester Council Confirms Confidential Documents Leaked in Ransomware Attack
Jackson County IT Systems Hit By Ransomware Attack
LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches
China Using AI-Generated Content to Sow Division in US, Microsoft Finds
Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft
Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities
Tweet of the Week (35:58)
