This week in Infosec reminds us of the dangers of leasing equipment, Rant of the week is offering you a job..., Billy Big Balls gives a scary insight into the houses of the rich and famous, Seen on Reddit brings us commentary from peak Reddit, Industry News brings us the latest and greatest security news stories from around the world, And Tweet of the Week this week shows us we don’t learn from history.
This week in Infosec
With content liberated from the “today in infosec” twitter account
14th August 2013: Affinity Health Plan was fined $1,215,780 for a HIPAA violation after a photocopier purchased by CBS for an investigatory report in 2010 revealed medical info.
At $1.2M, photocopy breach proves costly
https://twitter.com/todayininfosec/status/1294252352191565824
17th August 2005: Jason Smathers, a former employee of AOL, was sentenced to 15 months in prison for selling screen names and email addresses of 92 million users to spammers.
Ex-AOL worker who stole e-mail list sentenced
Jason Smathers: Internet Criminal
https://twitter.com/todayininfosec/status/1295500512830394371
The Box incidental music © Charlie Langford
Rant of the Week
You can post LinkedIn jobs as almost ANY employer — so can attackers
Anyone can create a job listing on the leading recruitment platform LinkedIn on behalf of just about any employer—no verification needed.
And worse, the employer cannot easily take these down.
Now, that might be nothing new, but the feature and lax verification on career websites pave the ways for attackers to post bogus listings for malicious purposes.
The attackers can, for example, use this social engineering tactic to collect personal information and resumes from professionals who believe they are applying to a legitimate company, without realizing their data may be sold or used for phishing scams.
Billy Big Balls of the Week
Woman accessed ex-partner’s Alexa to torment his new girlfriend
Philippa Copleston-Warren terrified love rival by using smart device to switch lights on and off and tell her to get out of the house
Chelsea woman used Alexa to scold ex-lover’s new girlfriend
A management consultant from west London accessed the Alexa device at her ex-boyfriend’s home from more than 100 miles away to tell his new partner to get out of the house.
Philippa Copleston-Warren, 46, logged into an app linked to smart devices in the victim’s Lincolnshire home, and was able to see her ex’s new girlfriend on the property’s CCTV system.
Prosecutors said Copleston-Warren was able to tell the woman “to get out” and used the app to turn the bedside lights on and off.
At Isleworth crown court, Copelston-Warren admitted posting a naked photo of her ex-boyfriend on Facebook, accompanying it with the caption: “Do I look fat??? My daily question”.
[That was this weeks BILLY BIG BALLS]
[SEEN ON REDDIT] Thom:
Antivaxers Think Their ‘Pure’ Semen Will Skyrocket in Value
I’m going to retire as a “cum cow”
Industry News
"Jigsaw Puzzle" Phishing Attacks Use Morse Code to Hide
Cadbury Campaigns Against Cyber-bullying
Misconfigured Server Leaks US Terror Watchlist
Airline Employee Jailed for Spending Passengers’ Money
T-Mobile: 49 Million Customers Hit by Data Breach
JPMorgan Chase Notifies Customers of Data Breach
Coin Ninja CEO Admits Operating Darknet Bitcoin Mixer
Women Charged Over Sexually Exploitative Child Modeling Sites
Tweet of the Week
https://twitter.com/Kaipo_Rozwolf/status/1428426623091724289
OnlyFans Will Ban Pornography Starting in October, Citing Need to Comply With Financial Partners