Episode 155 - The Really Late Show episode artwork

EPISODE · Jun 9, 2023 · 51 MIN

Episode 155 - The Really Late Show

from The Host Unknown Podcast · host Thom Langford, Andrew Agnês, Javvad Malik

This week in InfoSec (10:21)With content liberated from the “today in infosec” twitter account and further afield8th June 1989: The beta release of the Bourne Again SHell (Bash) was announced as version 0.99. 2 months later Shellshock was introduced into the Bash source code and persisted in subsequent versions for over 25 years.v0.99 release announcementhttps://twitter.com/todayininfosec/status/16664875253203189883rd June 1983: Would You Like to Play a Game?The science fiction film WarGames is released. Notable for bringing the hacking phenomena to the attention of the American public, it ignites a media sensation regarding the hacker sub-culture. The film’s NORAD set is the most expensive ever built at the time at a cost of $1 million dollars. Not widely known is that the movie studio provided the film’s star, Matthew Broderick, with the arcade games Galaga and Galaxian so he could get first-hand experience before shooting the film’s arcade scenes. Rant of the Week (17:16)Barracuda Urges Replacing — Not Patching — Its Email Security GatewaysIt’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.Barracuda tells its ESG owners to 'immediately' junk buggy kit Billy Big Balls of the Week (24:45)US govt now bans TikTok from contractors' work gearBYODALAINGTI (as long as it's not got TikTok installed)The US federal government's ban on TikTok has been extended to include devices used by its many contractors - even those that are privately owned. The bottom line: if some electronics are used for government work, it better not have any ByteDance bits on it. The interim rule was jointly issued by NASA, the Department of Defense and the General Services Administration, which handles contracting for US federal agencies. The change amends the Federal Acquisition Regulation to prohibit TikTok, any successor application, or any software produced by TikTok's Beijing-based parent ByteDance from being present on contractor devices. "This prohibition applies to devices regardless of whether the device is owned by the government, the contractor, or the contractor's employees. A personally-owned cell phone that is not used in the performance of the contract is not subject to the prohibition," the trio said in their update notice published in the Federal Register. The rule would apply to all contracts, even those below the "simplified acquisition threshold" of $250,000, purchases of commercial and off-the-shelf equipment, and commercial services so get ready to wipe those company phones, cloud services providers and MSPs that do business with Uncle Sam. AND British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attackBritish Airways, the BBC, and UK pharmacy chain Boots are among the companies whose data has been compromised after miscreants exploited a critical vulnerability in deployments of the MOVEit document-transfer app.Microsoft reckons the Russian Clop ransomware crew stole the information.British Airways, the BBC, and Boots were not hit directly. Instead, payroll services provider Zellis on Monday admitted its MOVEit installation had been exploited, and as a result "a small number of our customers" – including the aforementioned British trio – had their information stolen.Zellis claims to be the largest payroll and human resources provider in the UK, and its customers include Sky, Harrods, Jaguar, Land Rover, Dyson, and Credit Suisse. In a statement posted on its website, Zellis blamed the MOVEit vulnerability for the security breach, and noted "all Zellis-owned software is unaffected and there are no associated incidents or compromises to any other part of our IT estate." Industry News  (34:33)Clop Ransom Gang Breaches Big Names Via MOVEit FlawFBI Warns of Surge in Deepfake Sextortion AttemptsCisco Counterfeiter Pleads Guilty to $100m SchemeCyber Extortionists Seek Out Fresh Victims in LatAm and AsiaLazarus Group Blamed for Atomic Wallet HeistInterpol: Human Trafficking is Fueling Fraud EpidemicMicrosoft Brings OpenAI Tech to US AgenciesPharmaceutical Giant Eisai Hit By Ransomware IncidentEspionage Attacks in North Africa Linked to "Stealth Soldier" Backdoor Tweet of the Week (43:58)https://twitter.com/elonmusk/status/1666964082363371520https://twitter.com/sawaba/status/1666930930714279942https://www.forbes.com/lists/most-cybersecure-companies/ Come on! Like and bloody well subscribe!

This week in InfoSec takes us back to the time Shell was born again Rant of the Week is a bold strategy to increase sales Billy Big Balls introduces us to BYODALAINGTI Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week advertises an unintended pwn2own competition

NOW PLAYING

Episode 155 - The Really Late Show

0:00 51:26

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Big Old Life: Heather Blackbird interviews people on planet earth. Heather Blackbird loves asking questions. This podcast is a learning experience. Join me, Heather Blackbird, as I talk to people about their lives. Frequency of new episodes is a little all over the place and I'm learning as I go. Big Old Life is a small way of talking about the vastness of life, one person at a time. If you are reading this or found this podcast it's probably because someone you know gave you a link to it. :) Explicit Tales Of A Superstar DJ The Insomniac Spun seemingly out of nowhere from her complacent life in the corporate world, turned seemingly overnight from 16-Hour shift work and into the life of a literally starving artist and working musician, The Protagonist navigates her supposed rise to fame and superstardom on a journey through spiritual awakening, coming-of-age, and intimate self-realization--guided by an omnipresent force and equipped with the power of love, magic, and music. {Enter The Multiverse.} [The Festival Project] The Festival Project, Inc.™ is a multidimensional multimedia platform which encompasses exploratory and artistic social personifications and expressions on cosmic theory, spirituality, growth, health & wellness, philosophy and theoretic dynamics in entertainment such as music, design, film, television, radio, dance and festival culture, art, fashion, literature, and science. The Festival Project™ and its subsidiary Non-Profit, The Collective Complex © aims to challenge modern artistic and philosop Explicit Bitcoin Is Dead Trey Carson Welcome to Bitcoin is Dead, the ultimate Bitcoin variety show where host Trey takes you on a journey through the ever-evolving world of Bitcoin. Each episode brings new personalities, fascinating locations, and insightful conversations with politicians, educators, and innovators shaping the future of Bitcoin. Whether you're a seasoned Bitcoiner or just starting your journey, tune in for thought-provoking discussions, unique perspectives, and a deep dive into the ideas and people driving the Bitcoin revolution. Explicit The Sacred +Profane Podcast nephtaragrace The Sacred + Profane Podcast is a provocative conversation dedicated to cementing a better future for all. We specialize in unpacking the nuances of what is considered sacred and profane, particularly focusing on sex, death, and all that pertains to the circle of life. Our aim in focusing on such ”taboo” subject matter is to demystify what is unconscious, bring to light what has been known for centuries as ”the occult,” and empower the rapid transformation that is occurring on the Planet. Explicit

Frequently Asked Questions

How long is this episode of The Host Unknown Podcast?

This episode is 51 minutes long.

When was this The Host Unknown Podcast episode published?

This episode was published on June 9, 2023.

What is this episode about?

This week in InfoSec (10:21)With content liberated from the “today in infosec” twitter account and further afield8th June 1989: The beta release of the Bourne Again SHell (Bash) was announced as version 0.99. 2 months later Shellshock was introduced...

Can I download this The Host Unknown Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!