Episode 163 - The Sombre Episode episode artwork

EPISODE · Aug 4, 2023 · 52 MIN

Episode 163 - The Sombre Episode

from The Host Unknown Podcast · host Andrew Agnēs, Thom Langford, Javvad Malik

This week in InfoSec (11:56)With content liberated from the “Today in Infosec” Twitter account and further afield4th August 1998: Microsoft published a critical security bulletin MS98-010, titled 'Information on the "Back Orifice" Program'.  Microsoft Security Bulletin MS98-010 - Criticalhttps://twitter.com/todayininfosec/status/1423037189714219020   27th July 2000: In security bulletin MS00-047, Microsoft thanked PGP's COVERT Labs and Sir Dystic of Cult of the Dead Cow for reporting NetBIOS vulnerabilities Patch Available for 'NetBIOS Name Server Protocol Spoofing' Vulnerabilityhttps://twitter.com/todayininfosec/status/1287934373019385861 Rant of the Week (18:31)Brit healthcare body rapped for WhatsApp chat sharing patient dataStaff at NHS Lanarkshire - which serves over half a million Scottish residents - used WhatsApp to swap photos and personal info about patients, including children's names and addresses.Following a probe, the UK Information Commissioner's Office (ICO) has now issued a heavily redacted official reprimand to the organization, which oversees three hospitals plus clinics and more across rural and urban Lanarkshire in the Central Lowlands of Scotland. It said a group chat created in March 2020 – just as the UK government issued the first COVID lockdown – was in breach of Article 58 of the UK GDPR.Information was shared between 26 staff for more than two years – from 1 April 2020 to 25 April 2022 – over hundreds of entries within the WhatsApp group that included adult and child patients' names, plus hundreds of patients' phone numbers, many dates of birth, and at least 28 home addresses, "15 images, three videos, and four screenshots." Some of this info included clinical information, and therefore "special category" data in breach of Article 9 of the UK GDPR.Yes, on their actual work phones, using software provided via NHS portal.The staffers were using copies of WhatsApp downloaded directly via NHS Lanarkshire's portal on their work phones, it emerged, but someone, whose name was redacted, was added to the group "in error." That "unauthorised individual" was given access to "four students' names and student numbers, one child's name, and two children's names and addresses."The ICO noted that since WhatsApp stated it was an encrypted platform, staff thought it would be secure. This, the watchdog said, "demonstrates that information governance expectations regarding WhatsApp were not understood by staff involved in the WhatsApp Group." Billy Big Balls of the Week (31:21)[The fact the government doesn’t even try to hide what they do and gaslight the country by saying it would be the worst intelligence failure of their time is a BBB move to me - but I’ll let Jav decide 😀]White House: Losing Section 702 spy powers would be among 'worst intelligence failures of our time'The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year.Section 702 of the Foreign Intelligence Surveillance Act (FISA) allows the American government to monitor electronic communications of foreign persons outside of the United States [PDF], and people they confer with, including US persons. While it's supposed to be used as an intelligence tool — to prevent terrorist attacks or track down similar targets — it's also at times abused to conduct warrantless snooping on Americans including protesters, campaign donors, and elected officials.The controversial law, introduced in 2008, is up for renewal at the end of the year, and the US intelligence community has been frantically lobbying to keep these surveillance powers. FBI Director Chris Wray said last week that Section 702 data was responsible for "97 percent of our raw technical reporting on cyber actors."Now the White House has thrown its weight behind its intel services, arguing that curbing the legislation or letting it drop would be "one of the worst intelligence failures of our time."Despite unanimously recommending that Congress renew Section 702, the PIAB's report [PDF] does acknowledge that "complacency, a lack of proper procedures, and the sheer volume of Section 702 activity led to FBI's inappropriate use" of the surveillance powers to query US persons Industry News  (37:04)NHS Staff Reprimanded For WhatsApp Data SharingCanon Inkjet Printers Expose Wi-Fi ThreatAI-Enhanced Phishing Driving Ransomware SurgeHundreds of Citrix Endpoints Compromised With WebshellsCocaine Smugglers that Posed as PC Sellers JailedHumans Unable to Reliably Detect Deepfake SpeechMenlo Leverages Advanced Technology to Combat Surging Browser ThreatsMicrosoft Teams Targeted in Midnight Blizzard Phishing AttacksHacktivist Collective “Mysterious Team Bangladesh” Revealed Noteworthy mention: Security Serious Unsung Heroes Awards 2023 Open for Nominations Tweet of the Week (47:23)https://twitter.com/Sheriffie/status/1686864006160711680 Come on! Like and bloody well subscribe!

This week in InfoSec talks about orifices Rant of the Week discusses personal data in group chats Billy Big Balls asks you to think of the poor US government Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week is some career advice

NOW PLAYING

Episode 163 - The Sombre Episode

0:00 52:09

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Big Old Life: Heather Blackbird interviews people on planet earth. Heather Blackbird loves asking questions. This podcast is a learning experience. Join me, Heather Blackbird, as I talk to people about their lives. Frequency of new episodes is a little all over the place and I'm learning as I go. Big Old Life is a small way of talking about the vastness of life, one person at a time. If you are reading this or found this podcast it's probably because someone you know gave you a link to it. :) Explicit Tales Of A Superstar DJ The Insomniac Spun seemingly out of nowhere from her complacent life in the corporate world, turned seemingly overnight from 16-Hour shift work and into the life of a literally starving artist and working musician, The Protagonist navigates her supposed rise to fame and superstardom on a journey through spiritual awakening, coming-of-age, and intimate self-realization--guided by an omnipresent force and equipped with the power of love, magic, and music. {Enter The Multiverse.} [The Festival Project] The Festival Project, Inc.™ is a multidimensional multimedia platform which encompasses exploratory and artistic social personifications and expressions on cosmic theory, spirituality, growth, health & wellness, philosophy and theoretic dynamics in entertainment such as music, design, film, television, radio, dance and festival culture, art, fashion, literature, and science. The Festival Project™ and its subsidiary Non-Profit, The Collective Complex © aims to challenge modern artistic and philosop Explicit Bitcoin Is Dead Trey Carson Welcome to Bitcoin is Dead, the ultimate Bitcoin variety show where host Trey takes you on a journey through the ever-evolving world of Bitcoin. Each episode brings new personalities, fascinating locations, and insightful conversations with politicians, educators, and innovators shaping the future of Bitcoin. Whether you're a seasoned Bitcoiner or just starting your journey, tune in for thought-provoking discussions, unique perspectives, and a deep dive into the ideas and people driving the Bitcoin revolution. Explicit The Sacred +Profane Podcast nephtaragrace The Sacred + Profane Podcast is a provocative conversation dedicated to cementing a better future for all. We specialize in unpacking the nuances of what is considered sacred and profane, particularly focusing on sex, death, and all that pertains to the circle of life. Our aim in focusing on such ”taboo” subject matter is to demystify what is unconscious, bring to light what has been known for centuries as ”the occult,” and empower the rapid transformation that is occurring on the Planet. Explicit

Frequently Asked Questions

How long is this episode of The Host Unknown Podcast?

This episode is 52 minutes long.

When was this The Host Unknown Podcast episode published?

This episode was published on August 4, 2023.

What is this episode about?

This week in InfoSec (11:56)With content liberated from the “Today in Infosec” Twitter account and further afield4th August 1998: Microsoft published a critical security bulletin MS98-010, titled 'Information on the "Back Orifice"...

Can I download this The Host Unknown Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!