Episode 116 - Thom Can't Work The Buttons episode artwork

EPISODE · Aug 12, 2022 · 50 MIN

Episode 116 - Thom Can't Work The Buttons

from The Host Unknown Podcast · host Javvad Malik, Thom Langford, Andrew. Agnēs

This Week in InfoSecWith content liberated from the “today in infosec” twitter account and further afield10th August 1988: 34 years ago today, Dade Murphy aka Zero Cool crashed 1507 computers, causing a 7 point drop in the NY stock exchange. He was 11 and his family was fined $45,000. He was banned from touching a computer until he turned 18.https://twitter.com/hakluke/status/15572420864238714886th August 2014: A hacker announced the theft of 40 GB of data from the maker of FinFisher spyware, then leaked the price list, client list, and more.A Hacker Claims to Have Leaked 40GB of Docs on Government Spy Tool FinFisherTop gov't spyware company hacked; Gamma's FinFisher leakedhttps://twitter.com/todayininfosec/status/115895644924810854411th August 2015: A day after Oracle CSO Mary Ann Davidson posted a blog titled "No, You Really Can’t", security community blowback caused Oracle to remove the post.No, you really can’t (Wayback Machine)Oracle has this Modest Proposal, via its CSOhttps://twitter.com/todayininfosec/status/1293374259637768194 Rant of the WeekMeta's chatbot says the company 'exploits people'Meta's new prototype chatbot has told the BBC that Mark Zuckerberg exploits its users for money.Meta says the chatbot uses artificial intelligence and can chat on "nearly any topic".Asked what the chatbot thought of the company's CEO and founder, it replied "our country is divided and he didn't help that at all".Meta said the chatbot was a prototype and might produce rude or offensive answers."Everyone who uses Blender Bot is required to acknowledge they understand it's for research and entertainment purposes only, that it can make untrue or offensive statements, and that they agree to not intentionally trigger the bot to make offensive statements," said a Meta spokesperson.The chatbot, called BlenderBot 3, was released to the public on Friday.The programme "learns" from large amounts of publicly available language data. Billy Big Balls of the WeekBackground:  Twilio discloses data breach after SMS phishing attack on employees"On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend."The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data."The company also revealed the attackers gained access to its systems after tricking and stealing credentials from multiple employees targeted in the phishing incident.To do that, they impersonated Twilio's IT department, asking them to click URLs containing "Twilio," "Okta," and "SSO" keywords that would redirect them to a Twilio sign-in page clone.​The SMS phishing messages baited Twilio's employees into clicking the embedded links by warning them that their passwords had expired or were scheduled to be changed.BBB: Cloudflare: Someone tried to pull the Twilio phishing tactic on us too.  Cloudflare says it was subject to a similar attack to one made on comms company Twilio last week, but in this case it was thwarted by hardware security keys that are required to access applications and services.Twilio reported a breach after employees received phishing text messages claiming to be from the company's IT department. These fooled them into logging into a fake web page designed to look like Twilio's own sign-in page, using pretexts such as claiming they needed to change their passwords. The attackers were then able to use credentials supplied by the victims to log into the real site.According to Cloudflare, it recorded a very similar incident late last month, which could suggest the two attacks may have originated from the same attacker or group.Detailing the incident on its blog, the content delivery network claimed that no Cloudflare systems were compromised, but said it was "a sophisticated attack targeting employees and systems in such a way that we believe most organizations would be likely to be breached." Industry NewsMeta Takes Action Against Cyber Espionage Operations Targeting Facebook in South AsiaNumber of Firms Unable to Access Cyber-Insurance Set to DoubleSmishing Attack Led to Major Twilio BreachHealth Adviser Fined After Illegally Accessing Medical RecordsUS Treasury Sanctions Virtual Currency Mixer For Connections With Lazarus GroupPredator Pleads Guilty After Targeting Thousands of Girls OnlineCyber-criminals Shift From Macros to Shortcut Files to Hack Business PCs, HP ReportsDeathStalker's VileRAT Continues to Target Foreign and Crypto ExchangesSuspected $3m Romance Scammer Extradited to Japan Tweet of the Weekhttps://twitter.com/mttaggart/status/1557399523575508993 Come on! Like and bloody well subscribe!

This week in InfoSec talks about repressive governments weapon of choice long before Pegasus Rant of the Week is another big tech chatbot in the wild Billy Big Balls demonstrates why defence-in-depth really can save you some pain Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is an infosec dad joke

NOW PLAYING

Episode 116 - Thom Can't Work The Buttons

0:00 50:43

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Big Old Life: Heather Blackbird interviews people on planet earth. Heather Blackbird loves asking questions. This podcast is a learning experience. Join me, Heather Blackbird, as I talk to people about their lives. Frequency of new episodes is a little all over the place and I'm learning as I go. Big Old Life is a small way of talking about the vastness of life, one person at a time. If you are reading this or found this podcast it's probably because someone you know gave you a link to it. :) Explicit Tales Of A Superstar DJ The Insomniac Spun seemingly out of nowhere from her complacent life in the corporate world, turned seemingly overnight from 16-Hour shift work and into the life of a literally starving artist and working musician, The Protagonist navigates her supposed rise to fame and superstardom on a journey through spiritual awakening, coming-of-age, and intimate self-realization--guided by an omnipresent force and equipped with the power of love, magic, and music. {Enter The Multiverse.} [The Festival Project] The Festival Project, Inc.™ is a multidimensional multimedia platform which encompasses exploratory and artistic social personifications and expressions on cosmic theory, spirituality, growth, health & wellness, philosophy and theoretic dynamics in entertainment such as music, design, film, television, radio, dance and festival culture, art, fashion, literature, and science. The Festival Project™ and its subsidiary Non-Profit, The Collective Complex © aims to challenge modern artistic and philosop Explicit Bitcoin Is Dead Trey Carson Welcome to Bitcoin is Dead, the ultimate Bitcoin variety show where host Trey takes you on a journey through the ever-evolving world of Bitcoin. Each episode brings new personalities, fascinating locations, and insightful conversations with politicians, educators, and innovators shaping the future of Bitcoin. Whether you're a seasoned Bitcoiner or just starting your journey, tune in for thought-provoking discussions, unique perspectives, and a deep dive into the ideas and people driving the Bitcoin revolution. Explicit The Sacred +Profane Podcast nephtaragrace The Sacred + Profane Podcast is a provocative conversation dedicated to cementing a better future for all. We specialize in unpacking the nuances of what is considered sacred and profane, particularly focusing on sex, death, and all that pertains to the circle of life. Our aim in focusing on such ”taboo” subject matter is to demystify what is unconscious, bring to light what has been known for centuries as ”the occult,” and empower the rapid transformation that is occurring on the Planet. Explicit

Frequently Asked Questions

How long is this episode of The Host Unknown Podcast?

This episode is 50 minutes long.

When was this The Host Unknown Podcast episode published?

This episode was published on August 12, 2022.

What is this episode about?

This Week in InfoSecWith content liberated from the “today in infosec” twitter account and further afield10th August 1988: 34 years ago today, Dade Murphy aka Zero Cool crashed 1507 computers, causing a 7 point drop in the NY stock exchange. He was...

Can I download this The Host Unknown Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!