This week in InfoSec is a creepy crawly story of bugs as old as time Rant of the Week is evidence of party games darker side Billy Big Balls is pumping and dumping Industry News is the latest and greatest news stories from around the world And Tweet of the Week asks how secure does your diary need to be
This week in InfoSec (08:29)
With content liberated from the “today in infosec” twitter account and further afield
10th October 1995: Netscape introduced the "Netscape Bugs Bounty", a program rewarding users who report "bugs" in the beta versions of its recently announced Netscape Navigator 2.0 web browser.
Navigator was the dominant browser from 1995-1998, when it was overtaken by Internet Explorer.
https://twitter.com/todayininfosec/status/1844466277718556683
8th October 2008: University student David Kernell was arraigned. He compromised the Yahoo! email account of US vice presidential candidate Sarah Palin, using public info to reset her password, posting her emails to 4chan. He was later found guilty and died from MS complications in 2018.
https://twitter.com/todayininfosec/status/1843619068302983592
Rant of the Week (20:24)
Cards Against Humanity campaigns to encourage voting, expose personal data abuse
Up to $100 for planning to vote and a public smear – how is this not illegal?
The troublemakers behind the party game Cards Against Humanity have launched a campaign demonstrating how easy it is to buy sensitive personal data about American voters, while simultaneously encouraging those Americans to plan how to cast a vote in the upcoming presidential election.
The "Cards Against Humanity Pays You to Give a Shit" campaign uses US citizens' personal data obtained from a broker to identify whether individuals voted in the 2020 US presidential election and how they lean politically. Those who didn't vote are asked to put info into the website, promise to vote in the upcoming election, make a voting plan, "and publicly post 'Donald Trump is a human toilet'" in exchange for up to $100.
Billy Big Balls of the Week (28:42)
FBI created a cryptocurrency so it could watch it being abused
The FBI created its own cryptocurrency so it could watch suspected fraudsters use it – an idea that worked so well it produced arrests in three countries
News of the Feds' currency, an Ethereum-based instrument named NexFundAI, appeared in a Wednesday Department of Justice announcement that eighteen individuals have been charged "for widespread fraud and manipulation in the cryptocurrency markets."
The Feds allege some of the fraud involved "wash trades" – transactions conducted solely to increase the volume of trades in a security or other asset. Rising volumes of trades are often seen as an indicator that a stock is of increasing interest as it has good growth prospects – a signal that can see prices rise. But wash trades are often conducted by related entities, or even the same entity, to create a false market signal – an arrangement also known as "pump and dump."
Industry News (34:36)
New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube
New Generation of Malicious QR Codes Uncovered by Researchers
Apple’s iPhone Mirroring Flaw Exposes Employee Privacy Risks
Former RAC Employees Get Suspended Sentence for Data Theft
Internet Archive Breached, 31 Million Records Exposed
Marriott Agrees $52m Settlement for Massive Data Breach
EU Adopts Cyber Resilience Act for Connected Devices
Over 10m Conversations Exposed in AI Call Center Hack
Disinformation Campaign Targets Moldova Ahead of EU Referendum
Tweet of the Week (45:07)
