This week in Infosec is another story about leaked photos, but not the type you just thought of... Have you ever found yourself stuck in a pickle, or knee-deep in a dilemma? Don’t worry we are here to help! Industry News brings us the latest and greatest security news stories from around the world. And... Tweet of the Week ensures our food is up to federal standards, and thanks us for the memory, but just 48k mind you...
This Week in InfoSec (04:09)
With content liberated from the “today in infosec” twitter account
16th September 2008: 20-year-old David Kernell compromised the Yahoo! email account of US vice presidential candidate Sarah Palin, then posted her emails to 4chan.
2 years later he was found guilty and sentenced to a year in prison. At age 30 he died of complications related to MS.
Student convicted of hacking Sarah Palin e-mail account
https://twitter.com/todayininfosec/status/1306360597915865097
9th September 2015: The security of 300 million travel locks was compromised after 3-D printing files were posted online.
Then again, these travel locks never were particularly secure.
Lockpickers 3-D Print TSA Master Luggage Keys From Leaked Photos
https://twitter.com/todayininfosec/status/1303847394556219392
Tweet of the Week (13:06)
https://twitter.com/yolkfolk_com/status/1438580784294735875
Sticky Pickle of the Week (18:16)
Sticky Pickle of the Week is the part of the show where everyone chooses something that they like. It could be a funny story, a book they’ve read, a TV show, movie, record, a podcast, a website, or an app, whatever they like. It doesn’t have to be security-related necessarily.
Better not be!
Brits open doors for tech-enabled fraudsters because they 'don't want to seem rude'
Brits are too polite to tell phone scammers to "get stuffed", "take a hike" or "sling yer 'ook" when they impersonate so-called "trusted organisations" such as banks.
That's according to the trade association UK Finance, which found that the number of "impersonation scam cases" more than doubled in the first half of 2021 to 33,115 – up from 14,947 during the same period last year.
That is a Sticky Pickle
It's time to delete that hunter2 password from your Microsoft account, says IT giant
From this week, Microsoft won't require you, or your password manager, to come up with strings of letters, numbers, and special characters forming a silly sentence or a reconfiguration of an ex’s name and birthday to access the Windows giant's services.
That is to say, you can delete the password from your Microsoft account, and login using the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your cellphone or email inbox. (Last year, Redmond said SMS codes were unsafe for authentication, we note.)
That is a Sticky Pickle
A couple of ransomware gangs have threatened to start deleting files if targeted companies call in professional negotiators to help lower prices for decryption tools.
Grief Corp is the latest criminal crew to warn its victims with instant data destruction if it suspects a mark has engaged a mediator.
In a statement posted to its Tor-hosted blog, Grief Corp said: "We wanna play a game. If we see professional negotiator from Recovery Company™ – we will just destroy the data.
That is a Sticky Pickle
Industry News (31:16)
Poland Extradites Alleged Botnet Operator to US
UK Man Gets Five Years for Online Abuse Campaign
WhatsApp to Roll Out Encrypted Backups
US Locks Up Key Player in Nigerian Romance Scam
Apple Releases Urgent Patch Following Discovery of Pegasus Spyware
Massachusetts AG Launches Probe into T-Mobile Data Breach
Microsoft Patches OMIGOD, MSHTML and PrintNightmare Bugs
Americans Fined After Hacking for Foreign Government
Household Names Hit with £500K Fine for Spamming Consumers
Tweet of the Week (38:05)
https://twitter.com/snipeyhead/status/1437935968460304384?s=20