It's the last episode of the year as Host Unknown's contractual duties draw to a close. This weeks episode brings you your regular podcasty delectables: This week in Infosec Tweet of the Week Billy Big Balls Rant of the week Industry News Will we have a Little people today? We also look back at some of the notable events of the year
This might be the last episode of the week, but that doesn't mean we scraped the barrel (except maybe for The Little People, but Jav has had a written warning for that already). Andy misunderstands the concept of "this week in infosec" and Thom tries to hold it together while juggling his newly acquired career in the security industry.
Your usual tasty festive treats this week are:
This Week in Infosec
Liberated from the “today in infosec” twitter account:
5th December 2013: Troy Hunt launched the site "Have I Been Pwned? (HIBP)". At launch, passwords from the Adobe, Stratfor, Gawker, Yahoo! Voices, and Sony Pictures breaches were indexed. Today? The identification of 10.5 billion compromised accounts.
https://twitter.com/todayininfosec/status/1335020238765744129?s=20
8th December 2020: December 8, FireEye, a well-known security firm, announced that they had experienced a security incident that involved the theft of FireEye Red Team tools – the date of the incident was not revealed. Reportedly, evidence suggests that the compromise may have been carried out by a Russian nation-state threat actor “with top-tier offensive capabilities.” Per the blog post announcing the hack and authored by FireEye CEO Kevin Mandia, it appears that the attackers were also interested in the details related to FireEye customers that are government agencies. FireEye has engaged the FBI for this investigation.
Tweet of the Week
https://twitter.com/GrazianoDennis/status/1336796234120646662?s=20
Billy Big Balls
3 Reasons Scientists Endure Social Media Trolls And Attacks
Industry News
#WebSummit: Nick Clegg Claims Internet Needs Accountability, Not Rules
Ransomware Set for Evolution in Attack Capabilities in 2021
2020: The Most Vulnerable Year Yet?
Thales and Google Cloud Partner for External Encryption Key Management
#BHEU: Collision of Cyber-Communities Creating Tension and Risk
#BHEU: Focus on Security Fundamentals, Not Adversarial Sophistication
Data Loss Reports to ICO Increase Once Again
#BHEU: North Korea’s Cyber-Offense Strategy Evolving to Focus on International Economic Targets
Jav's industry News
Near three in ten of workers furloughed feel less loyal to their employer post-furlough
Business Executives’ Logins Sold on Russian Hacking Forum; Accounts Can Be Used for BEC Scams
Power banks could infect your smartphone with malware
Experts On Clop Ransomware Attacking Retail Giant E-Land
Credential Stuffing Attack Targeted Spotify, Affecting More Than 300,000 Accounts
South Korean retail giant E-Land Retail suffers Clop ransomware attack
Rant of the Week
A new lawsuit brought by one of Apple’s oldest foes seeks to force the iPhone maker to allow alternatives to the App Store, the latest in a growing number of cases that aim to curb the tech giant’s power.
The lawsuit was filed on Thursday by the maker of Cydia, a once-popular app store for the iPhone that launched in 2007, before Apple created its own version. The lawsuit alleges that Apple used anti-competitive means to nearly destroy Cydia, clearing the way for the App Store, which Cydia’s attorneys say has a monopoly over software distribution on iOS, Apple’s mobile operating system.
https://www.washingtonpost.com/technology/2020/12/10/cydia-apple-lawsuit/
https://twitter.com/ihackbanme/status/1337079701756493825?s=20
The Little People
Don't go there. Seriously, just skip ahead.
Look Back on the Year
January:
Travelex: Travelex services were pulled offline following a malware infection. The company itself and businesses using the platform to provide currency exchange services were all affected.
February:
Estée Lauder: 440 million internal records were reportedly exposed due to middleware security failures.
March:
Marriott: The hotel chain suffered a cyberattack in which email accounts were infiltrated. 5.2 million hotel guests were impacted.
April:
Nintendo: Nintendo said 160,000 users were impacted by a mass account hijacking account caused by the NNID legacy login system.
May:
EasyJet: The budget airline revealed a data breach exposing data belonging to nine million customers, including some financial records.
Blackbaud: The cloud service provider was hit by ransomware operators who hijacked customer systems. The company later paid a ransom to stop client data from being leaked online.
June:
University of California SF: The university paid a $1.14 million ransom to hackers in order to save COVID-19 research.
July:
MGM Resorts: A hacker put the records of 142 million MGM guests online for sale.
August:
Experian, South Africa: Experian's South African branch disclosed a data breach impacting 24 million customers.
September:
NS8: The CEO of the cyberfraud startup was accused of defrauding investors out of $123 million.
October:
Dickey's: The US barbeque restaurant chain suffered a point-of-sale attack between July 2019 and August 2020. Three million customers had their card details later posted online.
November:
Manchester United: Manchester United football club said it was investigating a security incident impacting internal systems.
Fake Zoom invite cripples Aussie hedge fund with $8m hit
December:
FireEye: FireEye disclosed a cyberattack, suspected to be the work of a nation-state group. The cybersecurity firm said the hack resulted in penetration tools being stolen.
The Dead Donkey
Microsoft discloses fewest vulnerabilities in a month since January
Description: Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of vulnerabilities in any Patch Tuesday since January. There are only 10 critical vulnerabilities as part of this release, while there are two moderate-severity exploits, and the remainder are considered "important." Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs.
https://blog.talosintelligence.com/2020/12/microsoft-patch-tuesday-dec-2020-.html