Artwork

المحتوى المقدم من Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !

Episode 171 - The Stitched Up Episode

43:16
 
مشاركة
 

Manage episode 379685343 series 2706360
المحتوى المقدم من Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

This week in InfoSec (09:48)

With content liberated from the “today in infosec” twitter account and further afield

8th October 2018: Google announced that it exposed the private info of hundreds of thousands of Google+ users between 2015 and 2018, only disclosing it 7 months after discovery because it was reported by The Wall Street Journal. Social network Google+ launched in 2011 and closed in 2019.

Google hid major Google+ security flaw that exposed users’ personal information

https://twitter.com/todayininfosec/status/1711159728552685667

16th October 1983: FBI agents raided homes of "young electronics buffs known as 'hackers'" in 6 states as part of an investigation of unauthorized intrusions into scores of large commercial and DoD computers. These teens included Lord Flathead - real name Tom Anderson, future MySpace founder.

https://twitter.com/todayininfosec/status/1712593589237076056

Rant of the Week (15:44)

Everest cybercriminals offer corporate insiders cold, hard cash for remote access

The Everest ransomware group is stepping up its efforts to purchase access to corporate networks directly from employees amid what researchers believe to be a major transition for the cybercriminals.

In a post at the top of its dark web victim blog, Everest said it will offer a "good percentage" of the profits generated from successful attacks to those who assist in its initial intrusion.

The group also promised to offer partners "full transparency" regarding the nature of each operation, as well as confidentiality about their role in the attack.

Everest is specifically looking for access to organizations based in the US, Canada, and Europe, and would accept remote access by a variety of means including TeamViewer, AnyDesk, and RDP.

Billy Big Balls of the Week (22:23)

Chinese citizens feel their government is doing a fine job with surveillance

Chinese residents are generally comfortable with widespread use of surveillance technology, according to a year-long project conducted by the Australian Strategic Policy Institute (ASPI) and an unnamed non-government research partner.

The project mainly investigated how state surveillance is conducted by Beijing and how the population of the People's Republic of China (PRC) perceives it. For the investigation, the researchers conducted media analysis, and an online survey of over 4,000 Chinese citizens.

Most respondents ranked their trust in central government positively – at an average of 7.3 on a scale out of 10. Businesses received a 6.7 rating. When it came to surveillance – by video, audio or internet activity – roughly half said they were comfortable.

As part of the project, ASPI provided a tool that could be considered quite subversive in China: an interactive website that provided access to uncensored non-Beijing information about deployed surveillance technologies and the agencies that run them. It consisted of five educational modules with quizzes at the end.

The website content was shaped by the survey results and reached over 55,000 users over the course of four months. It covered facial recognition, Wi-Fi probes, DNA surveillance, database management and surveillance cameras.

Industry News (28:08)

AWS to Mandate Multi-Factor Authentication from 2024

Blackbaud Settles Ransomware Breach Case For $49.5m

DNA Tester 23andMe Hit By Credential Stuffing Campaign

MGM Resorts Reveals Over $100M in Costs After Ransomware Attack

Air Europa Asks Customers to Cancel Cards After Breach

US Smashes Annual Data Breach Record With Three Months Left

European Police Hackathon Hunts Down Traffickers

Chinese APT ToddyCat Targets Asian Telecoms, Governments

California Enacts “Delete Act” For Data Privacy

Tweet of the Week (36:01)

https://twitter.com/ireteeh/status/1712408097170325968

Come on! Like and bloody well subscribe!

  continue reading

210 حلقات

Artwork
iconمشاركة
 
Manage episode 379685343 series 2706360
المحتوى المقدم من Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

This week in InfoSec (09:48)

With content liberated from the “today in infosec” twitter account and further afield

8th October 2018: Google announced that it exposed the private info of hundreds of thousands of Google+ users between 2015 and 2018, only disclosing it 7 months after discovery because it was reported by The Wall Street Journal. Social network Google+ launched in 2011 and closed in 2019.

Google hid major Google+ security flaw that exposed users’ personal information

https://twitter.com/todayininfosec/status/1711159728552685667

16th October 1983: FBI agents raided homes of "young electronics buffs known as 'hackers'" in 6 states as part of an investigation of unauthorized intrusions into scores of large commercial and DoD computers. These teens included Lord Flathead - real name Tom Anderson, future MySpace founder.

https://twitter.com/todayininfosec/status/1712593589237076056

Rant of the Week (15:44)

Everest cybercriminals offer corporate insiders cold, hard cash for remote access

The Everest ransomware group is stepping up its efforts to purchase access to corporate networks directly from employees amid what researchers believe to be a major transition for the cybercriminals.

In a post at the top of its dark web victim blog, Everest said it will offer a "good percentage" of the profits generated from successful attacks to those who assist in its initial intrusion.

The group also promised to offer partners "full transparency" regarding the nature of each operation, as well as confidentiality about their role in the attack.

Everest is specifically looking for access to organizations based in the US, Canada, and Europe, and would accept remote access by a variety of means including TeamViewer, AnyDesk, and RDP.

Billy Big Balls of the Week (22:23)

Chinese citizens feel their government is doing a fine job with surveillance

Chinese residents are generally comfortable with widespread use of surveillance technology, according to a year-long project conducted by the Australian Strategic Policy Institute (ASPI) and an unnamed non-government research partner.

The project mainly investigated how state surveillance is conducted by Beijing and how the population of the People's Republic of China (PRC) perceives it. For the investigation, the researchers conducted media analysis, and an online survey of over 4,000 Chinese citizens.

Most respondents ranked their trust in central government positively – at an average of 7.3 on a scale out of 10. Businesses received a 6.7 rating. When it came to surveillance – by video, audio or internet activity – roughly half said they were comfortable.

As part of the project, ASPI provided a tool that could be considered quite subversive in China: an interactive website that provided access to uncensored non-Beijing information about deployed surveillance technologies and the agencies that run them. It consisted of five educational modules with quizzes at the end.

The website content was shaped by the survey results and reached over 55,000 users over the course of four months. It covered facial recognition, Wi-Fi probes, DNA surveillance, database management and surveillance cameras.

Industry News (28:08)

AWS to Mandate Multi-Factor Authentication from 2024

Blackbaud Settles Ransomware Breach Case For $49.5m

DNA Tester 23andMe Hit By Credential Stuffing Campaign

MGM Resorts Reveals Over $100M in Costs After Ransomware Attack

Air Europa Asks Customers to Cancel Cards After Breach

US Smashes Annual Data Breach Record With Three Months Left

European Police Hackathon Hunts Down Traffickers

Chinese APT ToddyCat Targets Asian Telecoms, Governments

California Enacts “Delete Act” For Data Privacy

Tweet of the Week (36:01)

https://twitter.com/ireteeh/status/1712408097170325968

Come on! Like and bloody well subscribe!

  continue reading

210 حلقات

كل الحلقات

×
 
Loading …

مرحبًا بك في مشغل أف ام!

يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.

 

دليل مرجعي سريع