The Host Unknown Podcast

Episode 199 - The Holiday Is Over Episode

Episode Summary

This week in InfoSec is pride-themed Rant of the Week is a sweet tale of a flesh eating virus Billy Big Balls is a story of how the turns have tabled Industry News is the latest and greatest news stories from around the world And Tweet of the Week Makes the case for extra intelligence among us

Episode Notes

This week in InfoSec  (06:43)

With content liberated from the “today in infosec” twitter account and further afield

18th August 2004: Text messages sent to promote the video game "Resident Evil: Outbreak" stated "Outbreak: I'm infecting you with t-virus". This scared recipients, who were only about 7% less technologically savvy than mobile phone users today.

https://x.com/todayininfosec/status/1825257955878641888   

 

20th August 2003: Philippe Oechslin shared his technique he called "rainbow tables" during a talk at the 23rd annual crypto conference, Crypto 2003.

It became a popular approach for cracking password hashes. Today it's less widely used due to adoption of practices that reduce its efficacy.

https://x.com/todayininfosec/status/1825865870716870802

 

Rant of the Week  (10:59)

This uni thought it would be a good idea to do a phishing test with a fake Ebola scare

University of California Santa Cruz (UCSC) students may be relieved to hear that an emailed warning about a staff member infected with the Ebola virus was just a phishing exercise.

The message, titled "Emergency Notification: Ebola Virus Case on Campus," went out to the university community on Sunday, August 18. It began, "We regret to inform you that a member of our staff, who recently returned from South Africa, has tested positive for the Ebola virus."

The message went on to say that the university has initiated a contact tracing protocol and asks message recipients to "Please Log In to the Access Information Page for more details" – the very activity phishing messages attempt to encourage in order to capture login credentials.

The simulated attack was similar to an actual phishing message sent on August 1, 2024, as shown on the UCSC Phish Bowl, a collection of real and test phishing attempts.

But the one sent on Sunday was intended to raise awareness of phishing rather than to actually steal information.

In that, it succeeded. The message prompted the UCSC Student Health Center to publish a notice about a "Phishing email with misleading health information."

On Monday, Brian Hall, chief information security officer for UCSC, sent out an apology to the university community.

 

Billy Big Balls of the Week (18:20)

Russia tells citizens to switch off home surveillance because the Ukrainians are coming

Russia's Ministry of Internal Affairs is warning residents of under-siege regions to switch off home surveillance systems and dating apps to stop Ukraine from using them for intel-gathering purposes.

Residents of the Bryansk, Kursk, and Belgorod regions were issued with the warnings amid what seems like Russia being thoroughly rattled by Ukraine's incursion into the country's southwest.

"The enemy is massively identifying IP ranges in our territories and connecting to unprotected video surveillance cameras remotely, viewing everything from private yards to roads and highways of strategic importance," said the ministry, according to Russian newswire Interfax. "In this regard, if there is no urgent need, it is better not to use video surveillance cameras.

"It is highly discouraged to use online dating services. The enemy actively uses such resources for the covert collection of information."

These warnings were just two of many included in a public memo aimed at protecting the identities of high-value Russian individuals, including military personnel, law enforcement agents, and nuclear energy workers.

 

Industry News (24:51)

Iran Behind Trump Campaign Hack, US Government Confirms

New DNS-Based Backdoor Threat Discovered at Taiwanese University

Most Ransomware Attacks Now Happen at Night

CISA to Get New Headquarters as $524M Contract Awarded

Australia Calls Off Clearview AI Investigation Despite Lack of Compliance

Backdoor in Mifare Smart Cards Could Open Doors Around the World

Security Flaws in UK Political Party Donation Platforms Exposed

Company Fined $1m for Fake Joe Biden AI Calls

FAA Admits Gaps in Aircraft Cybersecurity Rules: New Regulation Proposed

 

Tweet of the Week (32:19)

https://x.com/anon_opin/status/1826015107857416458?s=46&t=1-Sjo1Vy8SG7OdizJ3wVbg