EPISODE · Feb 3, 2023 · 50 MIN
Episode 138 - The Good Furniture Guide Episode
from The Host Unknown Podcast · host Phil, Thom Langford, Javvad Malik, Andrew Agnês
This week in InfoSec (11:52)With content liberated from the “today in infosec” twitter account and further afield31st January 1995: AT&T and VLSI Protect Against EavesdroppingAT&T Bell Laboratories and VLSI Technology announce plans to develop strategies for protecting communications devices from eavesdroppers. The goal would be to prevent problems such as insecure cellular phone lines and Internet transmissions by including security chips in devices.30th January 1982: First Computer Virus WrittenRichard Skrenta writes the first PC virus code, which is 400 lines long and disguised as an Apple II boot program called “Elk Cloner“. Rant of the Week (18:22)Anker finally comes clean about its Eufy security camerasFirst, Anker told us it was impossible. Then, it covered its tracks. It repeatedly deflected while utterly ignoring our emails. So shortly before Christmas, we gave the company an ultimatum: if Anker wouldn’t answer why its supposedly always-encrypted Eufy cameras were producing unencrypted streams — among other questions — we would publish a story about the company’s lack of answers.It worked.In a series of emails to The Verge, Anker has finally admitted its Eufy security cameras are not natively end-to-end encrypted — they can and did produce unencrypted video streams for Eufy’s web portal, like the ones we accessed from across the United States using an ordinary media player.But Anker says that’s now largely fixed. Every video stream request originating from Eufy’s web portal will now be end-to-end encrypted — like they are with Eufy’s app — and the company says it’s updating every single Eufy camera to use WebRTC, which is encrypted by default. Reading between the lines, though, it seems that these cameras could still produce unencrypted footage upon request.That’s not all Anker is disclosing today. The company has apologized for the lack of communication and promised to do better, confirming it’s bringing in outside security and penetration testing companies to audit Eufy’s practices, is in talks with a “leading and well-known security expert” to produce an independent report, is promising to create an official bug bounty program, and will launch a microsite in February to explain how its security works in more detail.Those independent audits and reports may be critical for Eufy to regain trust because of how the company has handled the findings of security researchers and journalists. It’s a little hard to take the company at its word! Billy Big Balls of the Week (31:34)FBI says it ‘hacked the hackers’ of a ransomware service, saving victims $130 millionThe Department of Justice announced this week that FBI agents successfully disrupted Hive, a notorious ransomware group, and prevented $130 million worth of ransom campaigns that targets no longer need to consider paying. While claiming the Hive group has been responsible for targeting over 1,500 victims in over 80 countries worldwide, the department now reveals it had infiltrated the group’s network for months before working with German and Netherlands officials to shut down Hive servers and websites this week.“Simply put, using lawful means, we hacked the hackers,” Deputy Attorney General Lisa Monaco remarked during a press conference.The FBI claims that by covertly hacking into Hive servers, it was able to quietly snatch up over 300 decryption keys and pass them back to victims whose data was locked up by the group. US Attorney General Merrick Garland said in his statement that in the last few months, the FBI used those decryption keys to unlock a Texas school district facing a $5 million ransom, a Louisiana hospital that had been asked for $3 million, and an unnamed food services company that faced a $10 million ransom. Industry News (37:32)Thriving Dark Web Trade in Fake Security CertificationsAlmost all Organizations are Working with Recently Breached VendorsGoogle Fi Confirms Data Breach, Hints At Link to T-Mobile HackCity of London on High Alert After Ransomware AttackResearchers Warn of Crypto Scam Apps on Apple App StoreLazarus Group Attack Identified After Operational Security FailWomen in CyberSecurity Calls for Participants for New Measuring Inclusion WorkshopsArnold Clark Confirms Customer Data Compromised in BreachThreat Actors Use ClickFunnels to Bypass Security Services Tweet of the Week (45:41) https://twitter.com/StateOfLinkedIn/status/1621258534062006276 Come on! Like and bloody well subscribe!
What this episode covers
This week in InfoSec reveals the date the the first PC virus code was written Rant of the Week observes Anker go through the seven stages of grief Billy Big Balls is a story of the hunters becoming the hunted Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is a eulogy for all those dedicated employees
NOW PLAYING
Episode 138 - The Good Furniture Guide Episode
No transcript for this episode yet
Similar Episodes
Dec 5, 2025 ·50m
Oct 9, 2025 ·33m
Oct 3, 2025 ·40m
Sep 11, 2025 ·31m
Aug 27, 2025 ·39m
Aug 18, 2025 ·54m