Episode 36 - IT'S CHRIIIISTMAAAAS! episode artwork

EPISODE · Dec 11, 2020 · 1H 9M

Episode 36 - IT'S CHRIIIISTMAAAAS!

from The Host Unknown Podcast · host Thom Langford, Javvad Malik, Andrew Agens

This might be the last episode of the week, but that doesn't mean we scraped the barrel (except maybe for The Little People, but Jav has had a written warning for that already). Andy misunderstands the concept of "this week in infosec" and Thom tries to hold it together while juggling his newly acquired career in the security industry.Your usual tasty festive treats this week are:This Week in InfosecLiberated from the “today in infosec” twitter account:5th December 2013: Troy Hunt launched the site "Have I Been Pwned? (HIBP)". At launch, passwords from the Adobe, Stratfor, Gawker, Yahoo! Voices, and Sony Pictures breaches were indexed. Today? The identification of 10.5 billion compromised accounts.https://twitter.com/todayininfosec/status/1335020238765744129?s=208th December 2020: December 8, FireEye, a well-known security firm, announced that they had experienced a security incident that involved the theft of  FireEye Red Team tools – the date of the incident was not revealed. Reportedly, evidence suggests that the compromise may have been carried out by a Russian nation-state threat actor “with top-tier offensive capabilities.” Per the blog post announcing the hack and authored by FireEye CEO Kevin Mandia, it appears that the attackers were also interested in the details related to FireEye customers that are government agencies. FireEye has engaged the FBI for this investigation.https://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html Tweet of the Weekhttps://twitter.com/GrazianoDennis/status/1336796234120646662?s=20 Billy Big Balls3 Reasons Scientists Endure Social Media Trolls And Attackshttps://www.forbes.com/sites/marshallshepherd/2020/12/06/3-reasons-scientists-endure-social-media-trolls-and-attacks/?sh=668e1fb8424c Industry News#WebSummit: Nick Clegg Claims Internet Needs Accountability, Not RulesRansomware Set for Evolution in Attack Capabilities in 20212020: The Most Vulnerable Year Yet?Thales and Google Cloud Partner for External Encryption Key Management#BHEU: Collision of Cyber-Communities Creating Tension and Risk#BHEU: Focus on Security Fundamentals, Not Adversarial SophisticationData Loss Reports to ICO Increase Once Again#BHEU: North Korea’s Cyber-Offense Strategy Evolving to Focus on International Economic Targets Jav's industry NewsNear three in ten of workers furloughed feel less loyal to their employer post-furloughBusiness Executives’ Logins Sold on Russian Hacking Forum; Accounts Can Be Used for BEC ScamsPower banks could infect your smartphone with malwareExperts On Clop Ransomware Attacking Retail Giant E-LandCredential Stuffing Attack Targeted Spotify, Affecting More Than 300,000 AccountsSouth Korean retail giant E-Land Retail suffers Clop ransomware attack Rant of the WeekA new lawsuit brought by one of Apple’s oldest foes seeks to force the iPhone maker to allow alternatives to the App Store, the latest in a growing number of cases that aim to curb the tech giant’s power.The lawsuit was filed on Thursday by the maker of Cydia, a once-popular app store for the iPhone that launched in 2007, before Apple created its own version. The lawsuit alleges that Apple used anti-competitive means to nearly destroy Cydia, clearing the way for the App Store, which Cydia’s attorneys say has a monopoly over software distribution on iOS, Apple’s mobile operating system.https://www.washingtonpost.com/technology/2020/12/10/cydia-apple-lawsuit/https://twitter.com/ihackbanme/status/1337079701756493825?s=20 The Little PeopleDon't go there. Seriously, just skip ahead. Look Back on the YearJanuary:Travelex: Travelex services were pulled offline following a malware infection. The company itself and businesses using the platform to provide currency exchange services were all affected.February:Estée Lauder: 440 million internal records were reportedly exposed due to middleware security failures. March:Marriott: The hotel chain suffered a cyberattack in which email accounts were infiltrated. 5.2 million hotel guests were impacted. April:Nintendo: Nintendo said 160,000 users were impacted by a mass account hijacking account caused by the NNID legacy login system.May:EasyJet: The budget airline revealed a data breach exposing data belonging to nine million customers, including some financial records.Blackbaud: The cloud service provider was hit by ransomware operators who hijacked customer systems. The company later paid a ransom to stop client data from being leaked online.June:University of California SF: The university paid a $1.14 million ransom to hackers in order to save COVID-19 research.July:MGM Resorts: A hacker put the records of 142 million MGM guests online for sale.August:Experian, South Africa: Experian's South African branch disclosed a data breach impacting 24 million customers. September:NS8: The CEO of the cyberfraud startup was accused of defrauding investors out of $123 million.October:Dickey's: The US barbeque restaurant chain suffered a point-of-sale attack between July 2019 and August 2020. Three million customers had their card details later posted online. November:Manchester United: Manchester United football club said it was investigating a security incident impacting internal systems.Fake Zoom invite cripples Aussie hedge fund with $8m hitDecember:FireEye: FireEye disclosed a cyberattack, suspected to be the work of a nation-state group. The cybersecurity firm said the hack resulted in penetration tools being stolen. The Dead DonkeyMicrosoft discloses fewest vulnerabilities in a month since JanuaryDescription: Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of vulnerabilities in any Patch Tuesday since January. There are only 10 critical vulnerabilities as part of this release, while there are two moderate-severity exploits, and the remainder are considered "important." Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs.https://blog.talosintelligence.com/2020/12/microsoft-patch-tuesday-dec-2020-.html Come on! Like and bloody well subscribe!

It's the last episode of the year as Host Unknown's contractual duties draw to a close. This weeks episode brings you your regular podcasty delectables: This week in Infosec Tweet of the Week Billy Big Balls Rant of the week Industry News Will we have a Little people today? We also look back at some of the notable events of the year

NOW PLAYING

Episode 36 - IT'S CHRIIIISTMAAAAS!

0:00 1:09:46

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Big Old Life: Heather Blackbird interviews people on planet earth. Heather Blackbird loves asking questions. This podcast is a learning experience. Join me, Heather Blackbird, as I talk to people about their lives. Frequency of new episodes is a little all over the place and I'm learning as I go. Big Old Life is a small way of talking about the vastness of life, one person at a time. If you are reading this or found this podcast it's probably because someone you know gave you a link to it. :) Explicit Tales Of A Superstar DJ The Insomniac Spun seemingly out of nowhere from her complacent life in the corporate world, turned seemingly overnight from 16-Hour shift work and into the life of a literally starving artist and working musician, The Protagonist navigates her supposed rise to fame and superstardom on a journey through spiritual awakening, coming-of-age, and intimate self-realization--guided by an omnipresent force and equipped with the power of love, magic, and music. {Enter The Multiverse.} [The Festival Project] The Festival Project, Inc.™ is a multidimensional multimedia platform which encompasses exploratory and artistic social personifications and expressions on cosmic theory, spirituality, growth, health & wellness, philosophy and theoretic dynamics in entertainment such as music, design, film, television, radio, dance and festival culture, art, fashion, literature, and science. The Festival Project™ and its subsidiary Non-Profit, The Collective Complex © aims to challenge modern artistic and philosop Explicit Bitcoin Is Dead Trey Carson Welcome to Bitcoin is Dead, the ultimate Bitcoin variety show where host Trey takes you on a journey through the ever-evolving world of Bitcoin. Each episode brings new personalities, fascinating locations, and insightful conversations with politicians, educators, and innovators shaping the future of Bitcoin. Whether you're a seasoned Bitcoiner or just starting your journey, tune in for thought-provoking discussions, unique perspectives, and a deep dive into the ideas and people driving the Bitcoin revolution. Explicit The Sacred +Profane Podcast nephtaragrace The Sacred + Profane Podcast is a provocative conversation dedicated to cementing a better future for all. We specialize in unpacking the nuances of what is considered sacred and profane, particularly focusing on sex, death, and all that pertains to the circle of life. Our aim in focusing on such ”taboo” subject matter is to demystify what is unconscious, bring to light what has been known for centuries as ”the occult,” and empower the rapid transformation that is occurring on the Planet. Explicit

Frequently Asked Questions

How long is this episode of The Host Unknown Podcast?

This episode is 1 hour and 9 minutes long.

When was this The Host Unknown Podcast episode published?

This episode was published on December 11, 2020.

What is this episode about?

This might be the last episode of the week, but that doesn't mean we scraped the barrel (except maybe for The Little People, but Jav has had a written warning for that already). Andy misunderstands the concept of "this week in infosec" and Thom...

Can I download this The Host Unknown Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!