Переходьте в офлайн за допомогою програми Player FM !
Episode 199 - The Holiday Is Over Episode
Manage episode 436524558 series 2706360
This week in InfoSec (06:43)
With content liberated from the “today in infosec” twitter account and further afield
18th August 2004: Text messages sent to promote the video game "Resident Evil: Outbreak" stated "Outbreak: I'm infecting you with t-virus". This scared recipients, who were only about 7% less technologically savvy than mobile phone users today.
https://x.com/todayininfosec/status/1825257955878641888
20th August 2003: Philippe Oechslin shared his technique he called "rainbow tables" during a talk at the 23rd annual crypto conference, Crypto 2003.
It became a popular approach for cracking password hashes. Today it's less widely used due to adoption of practices that reduce its efficacy.
https://x.com/todayininfosec/status/1825865870716870802
Rant of the Week (10:59)
This uni thought it would be a good idea to do a phishing test with a fake Ebola scare
University of California Santa Cruz (UCSC) students may be relieved to hear that an emailed warning about a staff member infected with the Ebola virus was just a phishing exercise.
The message, titled "Emergency Notification: Ebola Virus Case on Campus," went out to the university community on Sunday, August 18. It began, "We regret to inform you that a member of our staff, who recently returned from South Africa, has tested positive for the Ebola virus."
The message went on to say that the university has initiated a contact tracing protocol and asks message recipients to "Please Log In to the Access Information Page for more details" – the very activity phishing messages attempt to encourage in order to capture login credentials.
The simulated attack was similar to an actual phishing message sent on August 1, 2024, as shown on the UCSC Phish Bowl, a collection of real and test phishing attempts.
But the one sent on Sunday was intended to raise awareness of phishing rather than to actually steal information.
In that, it succeeded. The message prompted the UCSC Student Health Center to publish a notice about a "Phishing email with misleading health information."
On Monday, Brian Hall, chief information security officer for UCSC, sent out an apology to the university community.
Billy Big Balls of the Week (18:20)
Russia tells citizens to switch off home surveillance because the Ukrainians are coming
Russia's Ministry of Internal Affairs is warning residents of under-siege regions to switch off home surveillance systems and dating apps to stop Ukraine from using them for intel-gathering purposes.
Residents of the Bryansk, Kursk, and Belgorod regions were issued with the warnings amid what seems like Russia being thoroughly rattled by Ukraine's incursion into the country's southwest.
"The enemy is massively identifying IP ranges in our territories and connecting to unprotected video surveillance cameras remotely, viewing everything from private yards to roads and highways of strategic importance," said the ministry, according to Russian newswire Interfax. "In this regard, if there is no urgent need, it is better not to use video surveillance cameras.
"It is highly discouraged to use online dating services. The enemy actively uses such resources for the covert collection of information."
These warnings were just two of many included in a public memo aimed at protecting the identities of high-value Russian individuals, including military personnel, law enforcement agents, and nuclear energy workers.
Industry News (24:51)
Iran Behind Trump Campaign Hack, US Government Confirms
New DNS-Based Backdoor Threat Discovered at Taiwanese University
Most Ransomware Attacks Now Happen at Night
CISA to Get New Headquarters as $524M Contract Awarded
Australia Calls Off Clearview AI Investigation Despite Lack of Compliance
Backdoor in Mifare Smart Cards Could Open Doors Around the World
Security Flaws in UK Political Party Donation Platforms Exposed
Company Fined $1m for Fake Joe Biden AI Calls
FAA Admits Gaps in Aircraft Cybersecurity Rules: New Regulation Proposed
Tweet of the Week (32:19)
https://x.com/anon_opin/status/1826015107857416458?s=46&t=1-Sjo1Vy8SG7OdizJ3wVbg
Come on! Like and bloody well subscribe!
213 епізодів
Manage episode 436524558 series 2706360
This week in InfoSec (06:43)
With content liberated from the “today in infosec” twitter account and further afield
18th August 2004: Text messages sent to promote the video game "Resident Evil: Outbreak" stated "Outbreak: I'm infecting you with t-virus". This scared recipients, who were only about 7% less technologically savvy than mobile phone users today.
https://x.com/todayininfosec/status/1825257955878641888
20th August 2003: Philippe Oechslin shared his technique he called "rainbow tables" during a talk at the 23rd annual crypto conference, Crypto 2003.
It became a popular approach for cracking password hashes. Today it's less widely used due to adoption of practices that reduce its efficacy.
https://x.com/todayininfosec/status/1825865870716870802
Rant of the Week (10:59)
This uni thought it would be a good idea to do a phishing test with a fake Ebola scare
University of California Santa Cruz (UCSC) students may be relieved to hear that an emailed warning about a staff member infected with the Ebola virus was just a phishing exercise.
The message, titled "Emergency Notification: Ebola Virus Case on Campus," went out to the university community on Sunday, August 18. It began, "We regret to inform you that a member of our staff, who recently returned from South Africa, has tested positive for the Ebola virus."
The message went on to say that the university has initiated a contact tracing protocol and asks message recipients to "Please Log In to the Access Information Page for more details" – the very activity phishing messages attempt to encourage in order to capture login credentials.
The simulated attack was similar to an actual phishing message sent on August 1, 2024, as shown on the UCSC Phish Bowl, a collection of real and test phishing attempts.
But the one sent on Sunday was intended to raise awareness of phishing rather than to actually steal information.
In that, it succeeded. The message prompted the UCSC Student Health Center to publish a notice about a "Phishing email with misleading health information."
On Monday, Brian Hall, chief information security officer for UCSC, sent out an apology to the university community.
Billy Big Balls of the Week (18:20)
Russia tells citizens to switch off home surveillance because the Ukrainians are coming
Russia's Ministry of Internal Affairs is warning residents of under-siege regions to switch off home surveillance systems and dating apps to stop Ukraine from using them for intel-gathering purposes.
Residents of the Bryansk, Kursk, and Belgorod regions were issued with the warnings amid what seems like Russia being thoroughly rattled by Ukraine's incursion into the country's southwest.
"The enemy is massively identifying IP ranges in our territories and connecting to unprotected video surveillance cameras remotely, viewing everything from private yards to roads and highways of strategic importance," said the ministry, according to Russian newswire Interfax. "In this regard, if there is no urgent need, it is better not to use video surveillance cameras.
"It is highly discouraged to use online dating services. The enemy actively uses such resources for the covert collection of information."
These warnings were just two of many included in a public memo aimed at protecting the identities of high-value Russian individuals, including military personnel, law enforcement agents, and nuclear energy workers.
Industry News (24:51)
Iran Behind Trump Campaign Hack, US Government Confirms
New DNS-Based Backdoor Threat Discovered at Taiwanese University
Most Ransomware Attacks Now Happen at Night
CISA to Get New Headquarters as $524M Contract Awarded
Australia Calls Off Clearview AI Investigation Despite Lack of Compliance
Backdoor in Mifare Smart Cards Could Open Doors Around the World
Security Flaws in UK Political Party Donation Platforms Exposed
Company Fined $1m for Fake Joe Biden AI Calls
FAA Admits Gaps in Aircraft Cybersecurity Rules: New Regulation Proposed
Tweet of the Week (32:19)
https://x.com/anon_opin/status/1826015107857416458?s=46&t=1-Sjo1Vy8SG7OdizJ3wVbg
Come on! Like and bloody well subscribe!
213 епізодів
Усі епізоди
×Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.