The Host Unknown Podcast - 220 - The Frequent Flyer Frustrations Episode
Episode Date: May 21, 2025As always we will bring you today in infosec, a rant, admire a billy big ball move, talk about industry news, and bring you a tweet or alternatively suitable social media post of the week.Hey, it's ha...rd enough Thom being off that I have to edit and publish this, I need to find an AI to write the notes for me. Love you all, Javvad... now go an subscribe! Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
It's like I took two flights across Europe and all I got was 20 tier points from BA.
It's shocking.
At this rate I need to do like about a hundred flights just to get anywhere near silver.
Funny you say, you can actually get silver with 50 flights.
Can you?
Yes.
Yes you can, yes.
So actually, yeah, so this is the thing right, so either you need to spend seven and a half
grand in total, not including taxes to get to silver. Or, yeah, 50 flights on BA metal. And this is something they
originally tried to take away. It's not well known of it. It's always been there. But it's considered
one of these perks for cabin crew and airline staff. And so when BA removed that as a feature,
all the unions said okay well that sounds
like a change in working conditions to us so let's get around a table and talk about it and then BA
silently put it back in so if you do want your silver status just take 50 flights on BA Metal
yes it is written there on my app it says 47 flights left to uh
It is written there on my app. It says 47 flights left to... Ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah, ah depends on the flight obviously it depends on the flight
can we get on with this
hello hello hello good morning good afternoon good evening from wherever you are join us
and welcome welcome one and all to episode 220. Although I've also got one in the
bag that I haven't edited yet so we could go out of sync again. Wait, you've not been publishing?
No I haven't in fact as I said before someone else is going to have to do the editing for the
next six months. I'm a bit busy. My weeks and my weekends are all busy now.
I like how you're busy six months ahead.
Like, oh, I've got plans.
I've got plans, especially after listening to you two last week.
You didn't listen to us last week.
All right. All right.
I've got the cliff notes, but it's enough.
It's enough.
I mean, does anybody listen to us?
Hey, Siri, summarize this. Summarize these show notes for me.
Exactly. That's exactly it. Anyway, talking of summaries, Jav, how are you?
I'm good. I'm good. It was a busy week. I was in, it was like two days, two different
European cities. It's like Stockholm, no like Copenhagen and Stockholm and then back.
But then I was talking to Eric, my colleague from the States earlier, he goes like, yeah,
but traveling to different countries, you literally probably just traveled the distance
of Florida in that.
And I said, yeah, probably.
Absolutely.
Absolutely.
It's like going from Miami to Orlando.
Yeah, yeah, but it was a good time.
You know, the weather's nice, so you go out and everyone's in a better mood.
And there's a certain aesthetic in the Nordic region, which it just makes you smile.
Was it tall and blonde?
It's, I'm just, it's more like the colours of the flag.
And in fairness Andy,
everybody's tall.
To you. But, you know...
I say that as the tallest member
of this trio.
Out of five-foot-seven.
So... how was that?
He's squeezing in an extra inch now. I don't know where that's coming from.
We should call this the short thing podcast
You know, I read something about that and they're like you take a guy's biggest insecurity
That they height
Simply adding the word King to it does not make it right. It's like
I'm a small dick king. Yeah, exactly.
Or, oh, you're my fat queen.
Or like, you know, it just doesn't make it right.
No.
No, it doesn't.
It doesn't.
But, yeah.
And also, you hear about all the dating sites.
You know, men over inflate their height, and women very often say six foot or over.
Yeah, but then women lie about their weight, though. It wasn't at the same study, it says that men
always lie about their height, women lie about their weight.
I don't... why not just tell the truth? I mean, it's ridiculous, absolutely ridiculous.
Anyway, let's move on to you, uh, born princes.
Yes, princes, we're not even kings!
Yes, but...
We've got a lot of work to do. princes. Yes, princes, we're not even inks. Yes, talking about our lying and heighten stuff and
weight. Adi, how have you been? I never lie about my weight. That's true, we've got the receipts in
fairness. I do, what was there was something, I don't know it was you, Jav, you did something the other
day when you're talking about me.
You pointed to a picture of me when I was carrying a bit more around the midsection and you said, um,
I was I look wealthy in the Asian sense of the word or something. Yeah, you know, like sumo sumo wrestlers are considered wealthy. Yeah, that's right. That's right
Yes, I think in in china, it's like a belly is considered a sign of wealth.
And sort of old school India as well, right? You know? Yeah. Oh, exactly. That's the, uh, yeah, that's the kind of compliment.
Polynesian islands.
Samoan. Yeah.
Samoan. Yeah. You're looking very Samoan today, Andy.
My Samoan high chief.
Yeah. That's right.
Other than that, a relatively exciting week for me.
I've just been...
An inexciting week. I'm sure that actually means something different to unexciting.
Does it? I don't know, grammar's not my thing, innit?
You need your grammar out of this.
I went to school to get educated and today I use it. You need your grandma out of this.
I went to school to get educated and today I use it.
I use it in it.
In it.
Oh wow.
Throwback to Ali G.
Talking of Ali G. Mr. L.
Mr. L.
L-Baloozer.
Ali G sounds gangster. Tommy L just sounds like, I don't know, some...
Some right-wing...
Yeah, exactly.
Low-level drug-dealing right-wing fascist.
Great.
Fantastic.
Yeah, well, it's described you perfectly.
Yeah, and talking of down-the-hill right-wing fascists, yes, I'm very good.
Like Jav, I was travelling.
I was in Madrid for three days. Nice, what's the weather like out there? It was good on the first two
days in fact I got a little bit of a tar, a bit of a farmer's tan. Oh Jesus don't show us your
chest. I know, a tiffy, look at that. Well yeah I am wearing my pink hairy jumper with the two vests so
but um, with the two vests, with the two buttons what am I talking about?
So yeah we went out for a little sort of tapas walk in the evening on Tuesday which was really
nice but really hot. Tapas? Yeah yeah that's exactly it was it was it was tasted wonderful
and then came back to sunny Reading for a day so a bit of a downfall but yeah back today. So I've not slept in my bed twice in the last
seven days. Yeah, it feels like it. And then like Jav, I'm off to Stockholm on Monday.
So Tom, when you went to Madrid you sent us a picture. It was really, it took me such a long
time to figure out what that picture was but it was actually you sitting really far in the back of the plane.
At the back of the plane, I know right?
That was, it was just so important, you know what, on the way back on Wednesday night, I was the last one off the plane.
For God's sake.
Did you have to wait for a wheelchair or something? The aisle chair that they bring up.
The assistants, special assistants.
It was a couple of guys in high vis with like a long stretcher thing.
I don't know what it's for.
But, yeah, god, I was literally right in the back corner.
But hey ho, it was fine.
How the mighty have fallen.
Oh, I know, right?
I know.
I remember when you used to be a king.
I was a business... They would when you used to be a king. I was a business occasional
first class king. They would bring you champagne, upgrade you at the gate, welcome back Mr Langford.
I know. Here's your champagne. I know. And all you had to do was give a little shout
out on Twitter, thank you again British. You're welcome Mr Langford that would say. Always
a pleasure having you on board.
Absolutely.
It was. I was at RSA with Tom one year and we were in the lounge.
Well, Tom got me into the lounge because he had status and whatever.
And I got you through security as well.
He got me through security as well.
And after that, you started getting pulled over for secondary screening every time.
But as we're boarding, oh, Mr Langford, please stop here. Oh, you need to turn left now.
And you Mr Mallet, yeah, that was it.
You brokeie, keep going.
And now I'm right here falling.
And now I'm like, who are you? What? Just get to the back in your group four and five. Yeah. So how far are you? I know we keep getting back to BA now.
How far are you from lifetime gold?
I am two... well, under the old schema...
You will never attain it now.
No, I know. I was...
Under the old schema.
...30,000 avios to get to lifetime gold and I had 21,000.
Tear points you mean?
Yeah, tear points. Yeah, sorry.
Yeah, you needed 30,000 lifetime tear points, got to 21,000.
Should have done what that guy done, like, just before they switched.
He just spent like, you know, 20 grand.
The problem is, they switched before I sold my
house. Well that's what loans are for. Didn't have any money?
Excuses. Talking of excuses let's see what we've got coming up today before it
really does turn out into the Bitchin BA podcast. This week in InfoSec is an episode of
the non-PC show Rends. Rant of the Week asks if the state of AI is in disarray. Billy Big Bulls
delivers fakes, ghosts and phantoms and all within 30 minutes. Industry News relates some great
security news stories from around the world and Tweet of the Week is a Freudian alliterative slip up.
So let's move on to our favourite part of the show. It's the part of the show that
we like to call...
This Week in InfoSec
This week is that part of the show where we take a trip down InfoSec memory lane with content liberated
from the stain, InfoSec Twitter account and further afield.
And today our first story is a very tenuous link to true InfoSec events.
When just a mere 22 years ago in the Friends episode, the one in Barbados, Ross Gellar's laptop was
infected by the Cornicova worm when Chandler Bing checked his email on it and opened an
email claiming to contain nude images of tennis player Anna Cornicova.
And what's great about this is the version of the worm in that episode was far more malicious
than the real thing, as it apparently deleted Ross's entire hard drive including his speech on paleontology when it was
open and moreover the computer was a powerbook g4 with which this windows targeting malware would
not have been compatible but obviously we know that hollywood does have creative license yeah
and max don't get viruses.
Excellent, I've seen the adverts man.
Yeah, exactly.
Alas, that was a very tenuous link.
I appreciate that, but this was thrown together very quickly.
Sorry, that dip was from which week?
So just a quick sidebar.
Do you know how old Anna Kornikova is now?
Actually I don't know. 46. 43. You're
very close Tom. In my mind I was like she must be only 33 or something. Must be like
late 20s now. Yeah. Well what is it they say, I'm at the age now where a MILF is just a
woman my age with kids. Oh dear. And apparently she's still married to Enrique Iglesias from the year
2001 which is a very long marriage for celebrities. Yeah definitely for celebrities as well. And
they're both sort of like you know heartthrobs in their own. Yeah. They're both cult following.
That's right. Wow. Well our second story takes us back a mere 28 years to the 11th of May 1997, when
IBM's Deep Blue made chess history and Garry Kasparov very grumpy. So after getting smoked
forward to in a match the year before, IBM went away, gave Deep a serious upgrade and then came back swinging so the machine could now crunch 200 million positions per second and
that's not a typo that is 200 million back in 1997 and you could almost hear
the circuits humming checkmate as after six games two wins for Deep Blue one for
Kasparov and three draws.
In the final game, the machine pounced, Kasparov crumbled and history was made.
It was the first time a reigning world chess champion had lost a full match to a computer.
So I can't get away from the feeling that the IBM engineers took Deep Blue back, got
out some spanners and beat it until
it got better.
So apparently, and I don't know where I read this, so it might be one of those...
Do you know, I know what you're going to say, and I can tell you where you got it from.
You got it from Tom's story at this time last year, when I did the same story last year,
and Tom talked about hearing about this.
But alas, I'll let you continue because
everyone's got memory like us, right? No one's going to remember. I won't draw attention to it.
You know what this is like? It's like the time when some guy, he edited his own Wikipedia entry
to say he was the foremost expert on something. Then he done an interview with the New York Times and they
referenced that Wikipedia entry. Or they used that as a base to say he's the foremost expert
on this. And then he went back and edited Wikipedia to say the New York Times quotes
him as the foremost expert on this thing. So that's how our stories are evolving. But
back to the point, the story that now we're going to present as fact is
apparently the way that Deep Blue beat him is they introduced random pauses
into the calculations that made Kasparov feel like, I'm getting ahead, I'm making it think
and lulled him into a false sense of security.
And I like that story.
I remember that now. Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha every few episodes and laugh about it.
Very good. Very good.
Thank you, Andy, for...
This week in InfoSode.
People who prefer other security podcasts are statistically more likely to eject USB devices safely.
For those who live life dangerously,
you're in good company with the award-winning
Host Unknown podcast.
Before I forget, let's move swiftly on.
Listen up!
Rent of the week.
It's time to motherf***ing rage.
All right, so unlike most weeks, or I'd say actually every week, unlike every week,
I'm not particularly prepared for this rant. I don't think I've even read the story yet.
So, but, normally I get the notes days ahead, do some research of my own,
type in some of my own notes, you know, all that sort of stuff.
But this time we're in a bit of a rush. So this might be quite
short. But at last week's Cyber UK in Manchester, where Jav and I were actually, weren't we?
It was distinctly average, if I'm honest. The Lancaster University Professor Peter Garragon
faced a room of 200 senior security folks.
He asked who had banned generative AI tools.
Three hands out of 200 went up.
He then asked who truly understood the security controls behind their shiny new AI deployments.
Not a single hand.
Zero.
And apparently that's the state of leadership
guarding our official systems.
The question I have though is, did he ask how many of you
have actually deployed AI?
Maybe it was only three, who knows.
Well, it's kind of hard to not deploy it,
because it's baked into nearly everything these days anyway.
Or actively banned it, in fairness.
Yeah, it's a bit of a false question, really. It's a w-. Or actively banned it in fairness.
It's a bit of a false question, really.
It's a w- well, no, it's not.
Not at all.
People could be attending to see if it's worth switching on.
Well, no, if you have Office 360 or Microsoft 365,
CoPilot is there.
It's on.
Well, it can be disabled at the enterprise level by the admin, right?
Yes, it can. Yes, it can.
Just because you haven't.
Just because your security people aren't on the ball.
I don't care about the others.
It's everywhere. There's Gemini in Google.
Even if you open a WhatsApp and there there's a little AI meta there.
Meta AI.
Well, that well-known corporate communication tool, WhatsApp.
You'd be surprised.
Oh.
Just because you...
I know how much it's used, whether or not it's an official communications app for the
organization is another matter.
Well, if you go to Latin America or actually large parts of Africa, exclusively do business over whatsapp. That is very true, that is very
true. Anyway stop interrupting. So the UK's National Cyber Security Centre didn't
mince words either, its BRASH report warns there's a realistic possibility
that by 2027 sophisticated attackers will punch straight through insecure AI rollouts and hit critical
infrastructure. AI-powered vulnerability hunting is already turning weeks to exploit into days and the gap is closing fast.
So here's another thing I've got an issue with. The NCSC, oh is it the head of the NCSC?
I can't remember his name. He did a thing and he basically said
There are two biggest things you have to worry about, China and AI.
It's like, really?
Really?
Is it really that?
Or is it just the politicians saying that to get clout?
Is China our biggest issue, cybersecurity issue in the world right now?
Or is it the fact that things like MITRE CVE are being purposefully defunded. Is it the fact that people are being
persecuted for doing their jobs in the US and actually undermining entire
vendors? We've got other issues. Anyway, I've ranted about everything because I also think
it's absolutely correct here that it's a big crack
People don't understand the tooling of their AI deployments. So I just pissed off all around today. So
It is time you need a break man. I do I take a pause from editing the podcast for six months and
Right, I think I do know what that's that's really that's a really nice offer I think that's exactly what I'm gonna do given that last week's
episode came out really quite quickly in the week before was episode hasn't come
out yet so yeah so it's all rounds it's just a little bit I'm just really a
little bit pessimistic about this that's I think the phrase that the phrase I
used is let's stop the cargo cult rush to bolt
LLMs onto everything.
Nail the basics, test the controls, then maybe press go.
The downside to that is that the criminals are not doing it and they are just rolling
the thing out.
They don't have general counsels.
They don't have CEOs who are worried about risks to their business or whatever.
They're just doing it.
And as I often say, the attackers are attacking us at machine speed and we're responding
at the speed of Dave in the sock at two o'clock in the morning while he tries to manage this
stuff.
So we're damned if we do and damned if we don't at the moment, it would seem.
But the NCSC's remedy is follow existing supply chain guidance now. Great. So
make a really big problem an even bigger problem. And updated AI security advice is dropping
throughout 2025. Well, where was it two years ago when we all needed it? Anyway.
I'm still not sure who the audience of this talk was, because at the end when
they go, let's stop the cargo cult rush to bolt LLMs onto everything, is that speaking
to manufacturers of tech products, developers?
Because that's not something, you know.
That's not the audience.
That's not the audience.
If you're just a, if you're the enterprise see-saw and you're buying these things, you
can't dictate what spot you have some control of what's used or not.
But then that's completely different audience from the average user who just wants to get their job done.
And they say, oh, here's a nice AI.
It will transcribe all my notes into a, into a presentation or, or, or meeting minutes or what have you.
I agree.
There's a lot of stuff out there, but it's no different from the great big
bring your own device debacle that we had in 2000 or the cloud you know shadow IT debacle we had.
Which we still haven't wholly addressed anyway right and it's the same thing we'll never wholly
address this. I mean let's face it that's why three of us have got jobs. Yeah I mean, let's face it, that's why three of us have got jobs. Yeah, yeah. I mean, I think the biggest,
one of the biggest challenges of AI,
so everything like cloud and stuff,
we had all the data leakage issues,
which is still there in AI.
But what we really have is people making decisions
based off what AI has output.
And that I think is where the real challenge lies.
How do we trust what AI is saying?
Like recently we had, what you really should have ranted about is all the
white farmer supremacist or stuff that Grok was spouting the last few days and they found that it was hard coded into Grok
to defend.
I missed that.
Oh my god, that's outrageous.
Actually, it's not outrageous. It's totally
understandable given where Grok has come from. Yes.
And the absolute fucktard that owns it.
That's why China's a threat.
Yes!
That's absolutely right! Exactly!
Because people will get real news out of China.
Yeah.
Yeah. Oh dear. Right, I'm gonna go have a sit down.
Rant of the week.
We're not lazy when it comes to researching stories. We're just energy efficient. Like and subscribe to the
Host Unknown podcast for more ESG adjacent tips. Right, Jab, over to you. for read about the Grok white genocid meltdown and she was quoted in the AP news about it
as well and how it's all like hardcoded into it so if you want to go reference that go
find it that's great.
Billy Big Balls off the week and this is a great story I love it because it combines
all my favourite things food and Indians.
So a former Dudash courier.
Dudash?
Is that a Hindisian first?
Yeah, Doudash. This is Doudash-yard. I like, you know...
Adored... Forgotten how to speak now.
Adored-Korea, 30-year-old Say-chay-tanya?
Reddy? Devagary?
I believe that's the one name off the person.
Come on, Lajav, out of the three of us, right, we're looking at you on how to pronounce this
name properly.
And I think I could do a better job.
Yes.
Well...
It's Say Chitanya Reddy Devagiri.
See, now you just insulted me, like, just by calling, like, Americans and Canadians the
same or New Zealand and Australians the same you
know very different cultures very different backgrounds. Northern England
and southern England are the same. Exactly exactly. North London, South London same.
Oh my god don't even go there right you know. You're two against one Jav you know
that. Yeah anyway Deva Giri from Newport Beach, California has pled guilty to wire fraud conspiracy after
helping skim 2.59 million from the DoorDash platform between 2020 and 21. So within one
year they got 2.59 million and honestly I'm like this is a classic case of why don't you quit while you're ahead.
You know if you'd made half a million just slow it right down or just stop it and then maybe live
off it for a year or two in it. So how did they do it? Devagiri and three friends open waves of
bogus customer and driver accounts. Then they use stolen employee logins to get into Doordash's
internal console. What they did, they pushed expensive orders to their fake drivers, marked
each order delivered and triggered an automatic payout. Then they'd immediately flip the order back to in process, reroute it to another
sham driver and run the loop again. So prosecutors said the one cycle took less than five minutes
and the gang repeated it hundreds of times. So you know, one of the stolen credentials
belonged to a former Doordht staffer who pleaded guilty
to related charge in 23. So the other insider has not been named publicly. So there was some insider
stuff there, but also sounds like some poor account handling. The JML process wasn't there.
Devagiri is a third conspirator to, and he'll be sentenced on 16 September and
faces up to 20 years, 20 years behind bars and a $250,000 fine.
And there's another defendant, Harry Vamsee-Ann, who is still fighting the charge.
So I just found this, again, it's greed that took them over. If they just stuck
to milking a hundred grand or something, it would have been a round accounting error.
No one would have picked it up. Also, as I was reading this before, I thought, I wonder
how much money gets laundered through these kinds of platforms because it's such a great convenient way to
To just like set up all these fake accounts
So the platform is gonna take whatever their 5% cut but that's a very small cut just to yeah
Which I feel like the American candy stores that locked up and then all the barbers that seem to have turned up everywhere
barbers that seem to turn up everywhere. There's no way they're making enough money to pay their rent and business rates.
They normally get six months free rent and six months to pay their business rates in
arrears and bugger off just before. So they're basically open open for free laundered the money
yeah sold the out-of-date sweets but but maybe maybe these people are really
passionate about American candy or cutting people's hair about out-of-date
American candy well it doesn't it's a bit like people who do podcasts for free
they don't ask for money they don't put it on this Peloton or like, you know, early subscribe.
Patreon.
You're Patreon.
What was that?
That was what Gary was going with there.
Imagine people cycling along listening to this.
I mean the jingles, the BPMs just aren't there.
Just for the three of us on Pelotons.
Do you know, I reckon if we did that, this podcast on Pelotons, we could subsidise everything
through OnlyFans.
Right, anyway, thank you, Jab, for this week's...
Billy Big Balls of the Week.
If good security content were bottled like ketchup, this podcast would be the watery
juice which comes out when you don't shake properly.
In a niche of our own, you're listening to the award winning, Host Unknown Podcast.
Andy, I haven't got any time to ask you what time it is.
It's that time of the show where we're here to offer our news sources over at the InfoSecPA
Newswire who have been very busy bringing us the latest and greatest security news from
around the globe.
Oh, I did say we didn't have any time for that.
Industry News
MLS confirms customer data stolen in cyber attack.
Industry News
European vulnerability database launches amid US TVE chaos.
Industry News Hashtag Infosec2025 Ransomware enters post trust ecosystem.
NCAX Cyber Expert says
Industry News
Endemic ransomware prompts NHS to demand supplier action on cyber security.
Industry News to demand supplier action on cyber security. In the stream news.
Dior confirms data breach affecting customer information.
In the stream news.
SAP NetWeaver flaw exploited by ransomware groups and Chinese backed hackers.
In the stream news.
Coinbase offers $20 million bounty to take
down cybercrime ring behind hack.
Industry News Healthcare cyber attacks intensify sector
now prime target.
Industry News US officials impersonated via SMS and voice
deepfakes.
Industry News And that was this week's
Industry News
Huge!
I love Coinbase.
They literally saw that Mel Gibson movie Ransom.
And they're like
Here I've got the 20 million dollars
but it's not for you
but anyone that can bring me the head of the crime syndicate.
That's actually a pretty big balls move, isn't it?
That is, that is.
Are they going to give it to you in Bitcoin though?
That's the risk.
I mean, what are you going to, I mean, that's a lot of money. You could spend that 18 million dollars really quickly.
Yeah. Do you know what, I'm actually just looking at this like this.
The data breach impact. According to Coinbase, the hackers managed to get the following data.
Name, address, phone, email, mass social security, mass bank account numbers and bank identifiers,
government ID images such as driver's license, passport, account data, balance snapshots,
transaction history, limited corporate data including documents, training material and communications available to support
agents. However, the company assured that no passwords were compromised.
Oh, we're all okay then.
Why are they still holding on to, you know, passports? That should be used once for verification.
It should, but it would probably be a KYC. Yeah, but requirement you use it for verification
You hold on to it for six months or whatever and then you might be up to seven years
Yeah
Someone comes back and says this person is like a sanctioned individual or you know, they want a list for non gaming
And you allowed them to trade you have to prove that the documentation
you received at the time how it matched. It just seems to be like a rod for your own back in this
case you know it's opening up but it is but that's why you've got to keep it secure.
Oh I know that I know that. Oh what else have we got lots of retail going on as we know
M&S still I mean they are suffering at the moment.
Couldn't even get my shortbread biscuits the other day. No. I know. What not on the shelves
or do you try normally order online? Not on the shelves. Not good. I mean those bastards. Yeah.
Ruined tea time. There's ransomware and then there's M&S ransomware. Yeah, exactly. This isn't just any ransomware.
The amount of news articles that use that sort of headline, like this isn't just a data breach, it's an M&S data breach.
Really, I've not seen that.
It's just too obvious.
It is, it is.
Which is why we use it.
Yeah, I like how the European Union is like, we've got no confidence in the US government,
let's set up our own vulnerability database.
I mean, it's not surprising, right?
They pull the rug out and it's literally like, we've got a week until it's gone.
And then, oh no, actually we can get funding for another year.
You know, that's the whole George W Bush, fool me once, shame on you, fool me twice, something, something, something.
Shame, yeah, yeah, yeah.
Shame on you again, you know how easily fooled I am.
Yeah, yeah.
Fool me three times, shame on you, I'm obviously a vulnerable person.
You know what, I just like, I have to stand up in his defence now, he now sounds like such an eloquent and like a...
I know!
...proper court together president.
I know! And he's got, when you see him in public he's got that look in his eye like
I wasn't that bad right? I know, I know.
Man, but yeah pulling the rug on the mitre CVE thing it's just, it's in fact talk about
every single soft power bridge that could be burnt has been burnt.
Hmm.
Nobody for a generation I don't think I think it will take a generation for the US to get its
reputation back.
Yeah.
Even if you know Trump is out in the next three years, whatever, there will be that level of distrust
and, you know, we don't need you. Their defense industry is going to go through the floor,
because that's measured in decades anyway, right? So they're just going to lose out overall.
They've just done a good deal with the with the Arab countries,
haven't they? Yeah, they just got a nice new plane as well. Have a little gift. I mean it's
lucky that the President isn't so easily influenced. The President of the Free World isn't so easily
influenced otherwise, you know, there might be accusations of favoritism and corruption.
there might be accusations of favoritism and corruption.
Oh dear, let's move on shall we? That was this week's
Industry News
The host unknown podcast, orally delivering the warm and fuzzy feeling you get when you pee yourself
all right Andy take us home please with tweet of the week and we always play that one twice
tweet of the week and this week's tweet of the week comes from del Cameron del.psky.social
and he is essentially retweeting i don't know what you call it in blue sky yet, but effectively a quote tweet. BS.
BS. Yeah, from FBI Director Cash Patel who said,
We are aware of the recent social media post by former FBI Director James Comey directed
at President Trump. We're in communication with the Secret Service and
Director Curran. Primary jurisdiction is with SS on these matters and we, the FBI, will provide
all necessary support. And so Dale Cameron said the initials for the Secret Service are
USSS not SS for obvious reason. What did James Comey say directed at President Trump?
He posted something on the ground which is like 8647.
Like the number is 8647.
And people have like interpreted that 86 means murder.
So it's like why, you know, like when conspiracies just go up and it's going absolutely wild. Like I don't even know what the original
Message was didn't even see the original message, but I have seen a lot of tweets. This is what 86 means
Planning on murdering. You know, it's like oh jeez guys get a grip. It's like
Did you did you see some of the responses to to this as well?
One guy said uh, it was it was was USS S now SS is appropriate for obvious reasons.
Yeah.
And it's all followed up with an art and I, you know, the fair play.
I think it would be bad ass.
They made the SS into lightning bolts or something like a symbol of their
organization was instantly identifiable.
I mean, the crazy thing is they don't see it.
No. No, they don't. No.
So, you know, this is why it's, there's two things that really come to mind. One is I saw this tweet
by someone the other day. He's saying all those second amendment people who are saying like,
we will rise up against the government if it turns a tyranny, where are you?
Yeah.
people who are saying like we will rise up against the government if it turns a tyranny, where are you? Yeah
And the second thing is like, you know how like you watch what happened during World War two You you watch the rise of Hitler and always the question is like how did people allow this to happen?
And then everyone's like in their mind like if I was there I would have up I would have spoken up against it
I would not have supported it of nor would not have stayed silent. And yet, here we are.
Here you are.
Yeah.
Exactly.
Anyway, that was this week's...
Tweet of the Week.
So we've barreled into the end of the show. Thank you very much, gents.
Jav, thank you. It's been, well, it's been a rare pleasure.
It's rare to see you on this show, yeah.
So thank you for joining us, dear guest.
Frankly, it's been rare to see any of us on this show this year, in fairness, in my defense.
And Andy, thank you, sir.
Stay secure, my friend.
Stay secure my friends. Stay secure. You've been listening to the Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
rslash smashing security.
We got all the way through that without mentioning it was Andy's birthday.
Oh, and actually the week before it is yours as well was
So happy birthday old Ben
You took it to you there, right? Yeah, I'm 34
Fuck you had a tough paper out. He's born on 29th of Feb. That's what