The Host Unknown Podcast - Episode 130 - The Jingle Free Episode
Episode Date: November 25, 2022This week in InfoSec (11:48)With content liberated from the “today in infosec” twitter account and further afield24th November 1998: AOL announces it will buy Netscape CommunicationsAOL announces ...it will buy Netscape Communications in a stock-for-stock deal worth approximately $4.2 billion. At the time it was considered a good move by AOL and Netscape to merge forces to better compete with Microsoft in the browser and Internet provider markets. However, Microsoft’s dominance in the personal computer market could not be stopped and the Netscape browser lost almost all market share to Internet Explorer. In 2003 Microsoft settled a monopoly lawsuit with AOL (then merged with Time Warner) for $750 million over the loss of value of Netscape. AOL itself, once a dominant Internet Service Provider, slowly lost their subscriber base with the evolution of broadband Internet in the 2000’s and operates primarily as a media conglomerate, although their dial-up service still subscribes approximately 2 million users as of 2013. In 2015 that went up to 2.1 million but is now reported to be in the thousands. 21st November 2017: It was reported that Uber had concealed a massive hack that exposed data of 57m users and drivers 13 months previously Rant of the Week (17:17)Tax filing websites have been sending users’ financial information to FacebookMajor tax filing services such as H&R Block, TaxAct, and TaxSlayer have been quietly transmitting sensitive financial information to Facebook when Americans file their taxes online, The Markup has learned.The data, sent through widely used code called the Meta Pixel, includes not only information like names and email addresses but often even more detailed information, including data on users’ income, filing status, refund amounts, and dependents’ college scholarship amounts. The information sent to Facebook can be used by the company to power its advertising algorithms and is gathered regardless of whether the person using the tax filing service has an account on Facebook or other platforms operated by its owner Meta. Billy Big Balls of the Week (25:37)Meta links US military to fake social media influence campaignsIn its latest quarterly threat report, Meta said it had detected and disrupted influence operations originating in the US, and it calls out those it believes are responsible: the American military.Meta said it picked up on three major covert influence operations on its platforms in the third quarter of the year, the first of which originated in the United States.Meta previously reported on secretive influence ops being performed by the US in August, but didn't specify anything about its observations at the time outside of saying they originated within the country.Now, however, the social media giant is getting more specific. "Although the people behind this operation attempted to conceal their identities and coordination, our investigation found links to individuals associated with the US military," Meta said in the report [PDF]. Police text 70,000 victims in UK's biggest anti-fraud operationDetectives have begun contacting 70,000 people suspected of being victims of a sophisticated banking scam.The Metropolitan Police is sending text messages to mobile phone users it believes spoke with fraudsters pretending to be their bank.Met Commissioner Sir Mark Rowley described an "enormous endeavour" in gathering evidence after the discovery of an online fraud network.There have been more than 100 arrests so far, and one man has been charged.People who receive a text message in the next 24 hours will be directed to the Action Fraud website to register their details as officers build cases against suspects.The scam involved fraudsters calling people at random, pretending to be a bank and warning of suspicious activity on their account.They would pose as employees of banks including Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, NatWest, Nationwide and TSB.The fraudsters would then encourage people to disclose security information and, through technology, they may have accessed features such as one-time passcodes to clear accounts of funds.As many as 200,000 people in the UK may have been victims of the scam, police said, with victims losing thousands of pounds, and in one case £3m. Industry News (32:27)Experts Warn Threat Actors May Abuse Red Team Tool NighthawkUK Privacy Tsar Defends Controversial Enforcement StrategyMeta Removes Pro-US Accounts in Middle East and Central AsiaPanaseer Launches Guidance on Security Controls Ahead of EU's New LegislationRussian DDoS Briefly Downs European Parliament SiteUK Cops Lead Action Against Fraud Site that Made £100m+Cyber Essentials Scheme Set for April 2023 UpdateSonder confirms data breach, documents and other PII potentially compromisedSharkBot Malware Found in Android File Manager Apps With Thousands of Downloads Tweet of the Week (40:45)https://twitter.com/TheCollierJam/status/1595388389972496386 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
christ it's early who whose idea was it to do it this early this week
not mine apologies i do have a lot to get through and it was either let you clowns run the show
without me which i just cannot inflict on our listeners anymore or we do it early curse you and
not wishing to starve and not wishing to be homeless with your day job and everything.
You're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning. Emphasis on the morning. Good afternoon, good evening from wherever you are joining us.
And welcome to episode 130.
134.
Of the Host Unknown podcast.
Welcome one and all. Welcome, dear listener.
We hope you're well. We're picking up a few more listeners, you know.
We are.
Yeah, I think we've we've
doubled to about seven or eight now something like that it's it's it really feels like we're
not shouting into the void anymore uh so yeah last week i think was our best stats for the entire
week so thank you uh both of you for for uh not both of you two both of our listeners for joining
us it was well i think the problem is that people joined last week
so they'd gotten used to the previous two weeks when Jav
wasn't here. So actually
it's worth listening to now.
We're going to see if everything
just dips back down below now
because it's like, oh crap, those three monkeys
are back again.
Anyway, how are
we? Jav? Oh, sorry.
No, forget it.
Dan, this is great.
This is great.
I was going to say great radio, great podcast stuff.
You know, being interrupted and then being told, oh, it doesn't matter.
It's so very British.
So, Jav, how are you?
Good, good.
So very British.
So, Jav, how are you?
Good, good.
This week has been good because yesterday and today the US is off doing turkey stuffings or something like that.
That's so right.
So because most of my colleagues are based in the US, Inbox has been quiet and I've caught up on work unlike some other people oh really
oh dear Andy what about you how have you been this week uh good busy I'm a bit of a bottleneck
at work as um everything's coming to me and uh yeah less output than input I've got more stuff
coming in and going out it's uh much like my diet of old so are you constantly shaking hands with the consequence of your actions every morning
exactly well well well of it isn't the consequences of my own actions or inaction as the case may be
we've all had weeks like that we've all had weeks like that feels like a month like that though
yeah to andy's
boss you know in fairness he you know we barely see him since he he started working for you very
very busy he's always always says he's got something else to do um i don't know maybe
it's just you and me jeff who knows i don't know his wife was posting on on instagram the other
day saying how she misses her husband.
His new job has him travelling out and about all the time.
Oh, I thought you were going to say his new job has him faking his own death. Yes.
His wife saying, in memory of my husband.
Yeah.
Anyway, Tom, how was your week?
Moving swiftly on. uh yeah very good uh in london virtual
week uh i'm actually staying over tonight as well into the weekend uh because i was invited out to
some awards ceremony um uh not not nothing to do with me per se i was i was somebody's plus one
which i thought, brilliant.
So I'll stay over in London.
That would be lovely.
You know, get the old monkey suit out and bow tie and stuff
and all that sort of thing.
And it turns out that it's not an evening event.
It's an afternoon event.
Ridiculous.
Who does an awards thing in the afternoon?
Who does an awards thing in the afternoon?
And also, who invites, invites you know somebody is there plus
one without knowing the times of the of the uh of the event right in my defense i thought it was an
evening so nonetheless uh we are we will be catching up on the edgeware roads tonight andy
because we know you're too busy we know you're working so um but uh yeah we'll be catching up for some dinner on the Edgeware Road tonight which which uh is uh the highlight of my
week so you've been in London all week and then you uh you asked me 10 minutes ago whether I'm
free for dinner tonight whilst I'm at home well in fairness Jav did throw this at me uh fairly
recently so uh yeah three weeks ago.
And I was going to say, it's not going to be the highlight of my week.
The highlight of my week was seeing my son last night
and we went to the cinema and had dinner and it was fantastic.
Wow, that's a positive note to end on.
I know, I know.
A positive and uncynical note.
So, talking of positive and uncynical note. So talking of positive and uncynical, shall we see what we've got coming up for you today?
This week in InfoSec talks about legendary brands in the industry.
Rant of the Week exposes more meta shithousery.
Billy Big Balls is a story about Uncle Sam doing it wrong.
Industry News brings us the latest great security news stories from around the world.
And Tweet of the Week is an industry term you may not be using correctly.
There's a lot of shithousery going on in the social media platforms, isn't there?
Well, I think most of it...
Meta, Twitter...
Well, I don't know.
I mean, Meta's gone under the radar because of people on Twitter complaining so much.
That's right. It's still just as bad at Meta. It's just that it's worse on Twitter.
What I find really funny is on Mastodon and other places, people are referring to Twitter as the bird site.
The burb site, that's right. The burbsite, yeah. And everyone's just calling it that.
And it reminds me of someone that breaks up
and then they refer to their ex as the dickhead
or something like that.
They never refer to them by their name ever again.
I see also there's been a lot of resurrection
of the fail whale, which was the early,
you know, when Twitter was in its infancy and
over capacity yeah and they had problems the fail whale came out which i thought you know
and it only recently struck me of course we have not been seeing that for such a long time you know
when i first joined twitter and i know you guys were on there before me when i first joined to
what 2010 20 2010 i think it might you know it happened
you know not infrequently you know but it was there but yeah we hadn't seen it for years and
now of course everybody's talking about the farewell referring to twitter as a whole you know
yeah so yeah no the funniest one was um there was one of the the volunteer admins on Mastodon posted a picture of the farewell and said, like, I'll be honest here.
As a humble instance admin receiving all kinds of DMs and emails, the abuse, it says, reports folks on our instance grew from 60 users to 22,000 in the span of two weeks.
Committing about six to eight hours every day knowing i
have other commitments like a day job and other things burning the candle on both ends um please
save some space for my patients well if it isn't the consequences of my own action
well i don't know i don't think individually they didn't sort of say hey everybody twitter's
failing come over to my instance that has only got 60 people on you know i think infosec.exchange
went from is it 120 um uh users to 30 000 in the in a space of a couple of weeks so you know when
you've got 120 active users on your platform and you're managing that, that's pretty cool. That's quite straightforward.
You don't expect to go from 120,000 to 30,000 in two weeks, do you, really?
Well, it depends if they're built to scale, if I'm honest.
But then again, why are they built to scale?
Why would they build to scale?
What do you want for the site?
Do you actually want more people or are they
just happy having a little chat room because they might as well set up a what i think they
i think they wanted the latter if i'm honest i think you know yeah we want to scale but not
speed we want to sort of we want to slow down on a discord server then sit on a discord if they
wanted that they would have limited new signups or something like that yeah so i've been there
like in the early well in the early, what,
in the early noughties when Friends Reunited.
Do you remember that site?
Yeah, yeah.
I worked for a place that had launched basically
the equivalent across Europe and Mexico of all places,
called Posado.
Wasn't it Friends Reunited and Marriages Revisited?
Yeah.
And yeah, no, I'm not going to say that.
I'll get in trouble.
But yeah, I mean, back then we had issues
where we could not buy servers fast enough, right?
You know, we just couldn't.
But the cloud these days takes all that pain away.
As long as your application and day space is built to scale,
you're able to just add capacity
on demand yeah we couldn't do that in the early noughties we literally there was a two week delay
and you know we're spending 25k on like database servers just to get these quad processors to
process stuff but yeah i don't know if you've got the cash for it you're absolutely right but a lot
of these places haven't they just set these things up as hobby service.
Well, you know what?
Go on Discord.
Yeah.
Why are you setting up this thing?
You're setting it up because you want to get a small community of people together.
You're not looking to add tens of thousands of people.
No.
Private Slack channel.
Yeah.
Yeah.
I mean, you know what?
It's like it's really easy to sit there and complain and bitch and moan.
Oh, Twitter isn't doing this fast enough or Facebook. All of a sudden, now you're faced with a tenth of the problem they have.
And all of a sudden it's like, oh, this is a lot harder. Hey, we're all friends here. Let's try and be patient.
And, you know, and everyone's like, no, we're used to free services and having good service.
And everyone's like, no, we're used to free services and having good service.
Suck it up.
They weren't advertising for people to join them.
People were saying, let's go there.
Well, do you know what?
They were back in 2016 or 2017.
Yeah.
They definitely were trying to steal people from Twitter.
So forgive them for their five-year-old out of date growth campaign.
Well, I think they just gave up at the time
because they realised they'd never be able to compete with
Twitter. No, they couldn't.
Of course they couldn't. But now Twitter's going down
the burb tubes.
People aren't leaving. People are saying they're leaving
but no one's leaving.
The thing is, they are
leaving but they're not deleting their accounts.
How many times have you seen the hashtag
like delete Facebook
over the years? How many times? Every six months hashtag like delete Facebook? Over the years.
How many times?
Every six months, hashtag delete Facebook.
I don't know because I'm not on Facebook.
Yes, you are.
No, I'm not.
Oh, God, not again.
Not again.
Oh, you bastards.
You bastards.
Right, we're definitely moving on now.
We're definitely moving on to what was my favourite part of the show,
but the guy who does this part is now a dick to me.
It's time for...
This Week in InfoSec.
It is that part of the show where we take a stroll down InfoSec memory lane
with content liberated from the Today in InfoSec Twitter account and further afield.
And this week we have gone much further afield as I've dug up some old stories taking you back 24 years to the 24th of November 1998
when AOL announced it would buy Netscape Communications.
Now they are two named legends of the industry that you probably don't hear about that much anymore.
So AOL announced it would buy Netscape Communications in a deal worth $4.2 billion.
Can you believe that?
Whoa.
And at the time it was actually considered a good
move by aol like it was considered a bargain um so for aol and netscape to merge forces to better
compete with microsoft in the browser market um of all things can you believe someone would spend
4.2 billion to compete with the internet explorer um however microsoft dominance in the pc market
could not be stopped and netscape sadly lost almost all of its market share to internet explorer
um and it was just mere five years later that microsoft actually settled a monopoly lawsuit
with aol who had by this time been acquired by time warn Warner. And they settled that lawsuit over the $750 million value of Netscape,
which they believe had lost because Microsoft's obviously
pre-packaging Internet Explorer with all Windows operating systems.
So, you know, AOL wants itself a dominant Internet service provider,
you know, begun slowly losing its subscriber base.
However, and this was, you know begun slowly losing its subscriber base um however and this was you know as broadband um came about i think we've spoken before about how aol used to send out all
these cds with like you know 200 hours like the best marketing campaign ever uh in the world you
know to sign up all these users but um looking at this story i didn't realize it was actually as recent as 2013.
AOL still had over 2 million dial-up users, subscribers to their service in 2013,
which I know, as I say, it's actually like nine years ago.
That's because they were all in Ohio, though, weren't they?
Probably, yeah.
Some of them in Backwoods State. That's because they're all in Ohio, though, weren't they? Probably, yeah. Some other backward state.
And the crazy thing was...
It's Thanksgiving.
It's supposed to be nice.
They're not going to be listening.
Oh, yeah.
Because they love celebrating the British out there, don't they?
So, yeah, we went from 2 million users in 2030.
Actually, it went up to 2.1 million in 2015.
But as of the latest figures uh from 2021 it's now reported to be in the uh thousands rather than millions uh in terms of people that still using
aol dial-up accounts wow wow but yeah legends of the game like names you don't hear anymore but
i remember like creating the original website.
Everyone had the Netscape Now icon on their site with the spinning.
When Netscape navigated gold loaded up, it took about five minutes.
God, I remember Netscape.
I really do.
Fantastic.
Watching those images download one line at a time.
Yeah, exactly. And it didn't support the
blink tag either which yeah it wasn't the blink tag i was downloading
anyway moving swiftly on our second story takes us back a mere five years to the 21st of november
2017 uh when it was actually reported that uber had concealed a massive hack that exposed data of 57 million users and drivers, although they disclosed it on the 21st of November 2017, the hack had actually occurred 13 months previously in the October of 2016.
and this is the story of the CSO who then contacted the hackers and paid the ransom but made them sign papers saying that it was a bug bounty and you know they weren't actually hacked
therefore didn't need to disclose the data had been compromised and yeah that had played out
I think it's just until you know a couple of months ago when um you know he was up in court uh on these charges and you
know half the community saying oh it's not fair the cso gets blamed for hacks and all this kind
of stuff whereas um skating over the fact he's not being blamed for the company being hacked
he's been blamed for attempting to cover it up yeah from from lying to the to the authorities
right yeah but uh yeah a lot happens in a short space of time.
Indeed.
Excellent.
Thank you very much, Andy, for this week's...
This week in InfoServe.
Sketchy presenters, weak analysis of content
and consistently average delivery.
Like and subscribe now. Right. Right, let's move on, shall we, to my favourite part of the show,
the part of the show that I will call...
Listen up!
Rant of the Week.
It's time for Mother F***ing Rage.
And this one.
This one.
Do you know one thing?
Because it's Thanksgiving,
let's think about our American friends and brethren over the pond.
And something they always like to talk about is the fact that everything over there is better.
It's better run.
Bigger.
They're bigger.
They've got freedom.
You know, they've got the ability to do whatever they want.
And, you know, what's been going on the last few years has kind of poked a few holes in that.
Well, here's another one for you.
So the headline reads, tax filing websites have been sending users financial information to, guess who?
Facebook. Yay!
So in the US, unlike in most other countries, you have to buy third party tax filing software in order to file your taxes or do it entirely manually without any kind of help whatsoever.
So, you know, there are no there are no sort of public services available per se on this.
It all has to be through a third party. So unlike here, if you do your tax return, yes, you can use third party software.
But the HMRC's website will also allow you to fill everything in.
Right over there, you've got to use one of these third parties.
And so there's lots of these tax filing services.
H&R Block, Tax Act, Tax Slayer are just three of them.
And what they've been doing is quietly transmitting sensitive financial information to Facebook
when Americans file their taxes online.
Nice.
Can you believe that?
Your tax information, so it's probably your social security number,
date of birth, address, name, maiden name,
any other kind of person identifies how much you earn, how it's taxed, what contributions you make,
what other incomes you have, et cetera, et cetera, et cetera.
You know, huge amounts of stuff.
And this data has been sent through some widely used code
called the Metapixel.
I'm guessing, I have no idea what the hell that is.
They don't even hide it.
No, no, exactly, exactly.
They could at least have called it the the hell that is. They don't even hide it. No, no, exactly. Exactly.
They could at least have called it the NotMetaPixel.
Call it the ApplePixel and really throw them off the stage. The ApplePixel, yeah, that's right.
Nothing to see here, folks.
Not us at all.
But it's information of names, email addresses,
but often much more detailed information.
Users' income, filing status, refund amounts,
dependents' college scholarship amounts, I'm guessing, you know,
student loan payments or all that sort of thing.
Allowing Facebook to power its advertising algorithms, you know,
and gather the stuff and get this,
even if the person who has used that tax filing service
doesn't have an account on Facebook.
So that old adage of the only database that's bigger in Facebook,
bigger than the Facebook users database,
is the database of people that aren't on Facebook.
It's true.
Didn't it refer to like the shadow database or something?
Yeah.
Yeah. That's right.
That's right.
Shadow.
Yeah.
Cause it can,
yeah.
And cause this happened when people got freaked out when they sign up to
Facebook,
they upload one picture and then all of a sudden Facebook says,
Hey,
look,
yeah.
Do you want to tag yourself in all these other people's pictures because this is you yeah yeah because they do actively
encourage people to tag you can actually insert names whether those people are on facebook or not
can't he yeah yeah but you know i mean for me the funniest thing about all of this is uh you know
the u.s government still complains about TikTok and data being sent to China.
Yeah, exactly, exactly.
As long as the data stays in the US, we're all good.
I tell you what, we're going to have to call you
the white knight of TikTok.
You know, whenever anything about the US comes up,
it's like, and yet the US government complains about TikTok.
I got no issue with that.
As long as we're consistent.
Well, yes.
If you want to complain about something,
complain about it,
but don't sort of think that everything's good
in your own backyard.
Yeah.
No, I get it.
I totally get it.
Like the BBC and the coverage of Qatar.
We're not going down that road this week.
I thought that they didn't cover the opening ceremony and stuff like that.
And they did talk about the issues that were going on in Qatar.
But I don't know because I'm not following it.
No, but that's exactly the point.
It's like how they do with TikTok.
It's really easy to blame someone else and then ignore some of your own problems
and take the mighty road.
That's the issue here.
It's not necessarily the topics, but it's like, to Andy's point,
if you want to complain about something, be consistent,
apply the same standard to yourself and to others.
If you're going to be a dick, be a consistent dick.
Exactly.
Yeah.
Yeah, I wasn't referring to you then, Andy, believe it or not.
So despite this forced jollity here this is outrageous how are facebook
i mean how much are facebook paying these companies for a start are these companies even
clearly stating not just in some fine print somewhere but are they clearly stating that
that your data is going to be transferred to Facebook.
I think you only actually have to do that if people are based in, what,
California and four other states at the moment, don't you?
The US data protection laws are so... That's the COPPA Act, isn't it?
No, the CC...
Whatever, yeah.
The California...
Yeah.
I'm sure it's the Copper Act,
because there's two that sound like copper.
One is about children, and one is about data,
or general data, as it were.
CCPA.
CCPA.
California Consumer Privacy Act.
Yes, that's the one, yes.
Okay, okay, fair enough.
Well, yeah, yeah, yeah.
Oh, but then actually, if I recall,
that doesn't actually apply to government institutions.
They're excluded from it.
So depending on whether these tax companies
can claim some association with government.
Or Facebook.
I mean, let's face it, they'll do fucking anything, won't they?
That's a very, very thin, tenacious link.
Yeah.
Oh, no, we had somebody who once worked at USPS,
so we're part of the federal government.
So, yeah, just appalling, absolutely appalling.
And the fact that this is being done so brazenly.
And the thing that gets me, and this is just before I close,
the thing that gets me is that why is this not a much bigger deal?
I don't get why this is not such a –
This should be on front page.
Facebook are not stealing your data,
but is taking your data without your explicit approval.
Stealing your data, yes.
Yeah, exactly. they are stealing it and and this again i think this probably will get worse because facebook are getting desperate they lost so much
money since apple started blocking their their trackers and what have you and people had to opt
in um they've lost so much money i think they're going to see probably more of this where they're going to just go
around other avenues and say, where else can we get sensitive data from?
And I think it really needs to be stamped out now and hard.
Otherwise, this is just going to end up everywhere.
Yeah, completely agree.
And that was this week's Rent of the Week.
OK, let's move on, shall we, to Jav's Billy Big Bull's Defender of the Criminals of the Week.
OK, OK, I like how you call me defender of the criminals.
You call me like a right wing, like Fox News anchor.
And I'm just asking the questions.
I am just asking the questions. That's all I do.
And in fact, Andy, can we get a jingle made up?
Billy Big Ball's Defender of the Criminals of the Week.
You know what? For Christmas, I'm going to ask you to send me one of those Tucker Carlson wigs or something,
and then I can sit in my lap.
And the fat suit.
Don't forget the fat suit.
Yeah, yeah, yeah.
I did actually try and get additional jingles made up, but the guy's on holiday.
He's on holiday?
We haven't paid him that much.
I know.
I think he's moonlighting.
What? What? Is six jingles every six months not enough?
I know. Honestly. The audacity of some people is unbelievable.
So, since we were on the topic of meta, let's carry on on the topic of meta.
And they release a quarterly adversarial threat report.
And they go through some findings about basically where there's
covert influence operations that they investigate and remove
for violating their policies against coordinated inauthentic behavior.
CIB.
Which comes after the CIA, I suppose.
Anyway.
Very good.
Yeah, I see the dads in the audience laugh there and no one else did.
Okay, so in their latest November issued quarterly threat report,
Meta said it had detected and disrupted influence operations,
and it calls out people that were involved.
So these involved your usual suspects of Russia and China.
However, the surprising entry on here was about secretive influence of ops being performed by the US.
In particular, they called out the American military. Of course.
If that isn't a Billy Big Walls move,
like, you know, asking for the
US to say, come at me, bro.
I have no idea what it is.
They're probably
feeling safe because they're actually part of
the federal government.
They are. They're actually a higher
division.
They've got higher security
clearance than the military what letter comes before a yeah but you know like just digging
into that these are some rookie numbers like i'll be honest they are some like metro have
obviously spent a lot of time and you know they are solid on their like you know these accounts tied to us military they're
you know not proper accounts or you know low engagement fake that literally 39 facebook
accounts 16 pages two groups and 26 instagram accounts yeah like i have more than that like
and probably higher engagement as well that is pretty pretty, they are rookie numbers, I've got to admit.
So a couple of things spring to mind is, one, you know, okay,
all Facebook bashing aside, at least they've gone ahead and done this,
you know, so, you know.
Yeah.
Good on them for doing it.
However, with those numbers, either it's, you know, that the US government is obviously not carrying out as many of these activities as we thought they were, and they're probably rogue and all that sort of thing.
Or they're just really good at hiding a much bigger problem.
And Facebook's attempts to uncover it has been, you know, well, derisory at best.
cover it has been you know well derisory at best no it's because their biggest asset in in this is an asset called rupert murdoch what if they can spread disinformation directly to the mainstream
media they don't need to do some of these uh oh i see right right yeah yeah yeah why go through
facebook when you can go through the
what is it the new york times or wall street exactly exactly um or it could be a political
move by meta justice point to the u.s government and say you better let us steal some tax information
and you know look the other way while we take some tax information and you look the other way and we'll look the other way at your ops
because we can find them.
But we are going to expose this one department.
Yeah, exactly.
Because we don't like that group of guys.
Yeah, yeah.
Just to put the numbers in perspective,
Russia, they took down 1,633 accounts,
Russia, they took down 1,633 accounts, 703 pages,
one group and 29 accounts on Instagram.
So, yeah.
To be fair, I'd be surprised if there's any government not doing this.
Well, obviously, you know, yeah, they're going to,
the Tories are almost certainly doing it.
In fact, they've had stuff that's been highlighted as, you know, it looks like independent groups, but actually is, you know,
the small princess basically funded by the Tory party or whatever,
you know.
Yeah, of course.
Absolutely.
It depends on quite how insidious it is, though, I guess.
Yeah.
Excellent.
Well, I mean Defending criminals
Maybe depending on your definition of
The American
Government but Jeff
Thank you very much for this week's
Billy Big Balls
Of the Week feeling overloaded with actionable information fed up receiving well-researched factual security
content ask your doctor if the host unknown podcast is right for you always read the label
never double dose on episodes side effects may nausea, eye rolling and involuntary swearing in anger.
All right, given quite early, quite how early the hour is today, Andy, what time is it?
It is... And don't say 7.30 by the way.
It's that time of the show where we head over to our news sources over at the InfoSec PA Newswire
who have been very busy bringing us the latest and greatest security news from around the globe.
Industry News.
Experts warn threat actors may abuse red team tool Nighthawk.
Industry News.
UK privacy czar defends controversial enforcement strategy.
Industry News.
Meta removes pro-US accounts in Middle East and Central Asia.
Industry News.
Panacea launches guidance on security controls ahead of EU's new legislation.
Industry News.
Russian DDoS briefly downs European Parliament site.
Industry news. UK Cups lead action against fraud site that made £100 million plus.
Industry news.
Cyber Essential Scheme set for April 2023 update.
Industry news.
Sonder confirms data breach.
Documents and other PII potentially compromised.
Industry news.
ShopBot malware found in Android file manager apps
with thousands of downloads.
Industry news.
And that was this week's...
Industry news.
Huge if true.
Huge.
Huge. Wow. Huge. Huge.
Wow.
What are we looking at here?
Well, Cyber Central Scheme set for 2023 update.
Yeah, looking good.
They maintain that scheme.
Does that mean they're going to be moving to the latest version of Excel
for their spreadsheet?
That's harsh.
That's so harsh.
This is a good standard.
I'm a big fan of this one.
Same, same.
When it's applied in the right areas.
Yes, of course.
Applying it to large companies,
it obviously fails,
but that's not what its target audience is.
No, exactly.
But yeah, so it looks like firmware.
I think some smaller companies
struggle with firmware.
They're going to mandate
that routers and firewall firmware needs to be kept up to date and supported, which I think is smaller companies struggle with firmware. They're going to mandate that routers and firewall firmware need to be
kept up to date and supported, which I think
is a fair shout. Well, yeah, absolutely.
More guidance
on how third-party devices
those
used by subcontractors
or students should be treated.
Malware
protection no longer needs
to be signature-based. um oh so you can use uh next gen
stuff basically yeah yeah because i think that's the thing right you know once we apply these
standards to the letter of the law um yeah no i think it's positive and i think it's good because
they only did an update recently less than two years ago you know so for a standard it does
and at the end of the day it's
raising the bar every time right every yeah it's you know it may be a moving a little bit you know
only a little bit at a time but it's going in the right direction yeah so yeah so what i the story i
i enjoyed on this one is the uh uk privacy's hard defense controversial enforcement strategy and for those
don't know about that that um the the information commissioner said that we there's no point in
fining the government or government in his words it creates a money go round of funds because you
just take out one pocket put it into the other
they're proposing more behind the scenes work so guidance and advice we can offer and and things
like that so so some of the examples like it slashed a proposed 500 000 pound fine uh to just
50 000 after the cabinet office accidentally leaked the addresses of individuals named on the new year's on a list in 2019 and things like that so i get it it makes sense
but then i'm not sure what the alternative is or how you're going to start holding people
accountable they should be able to fire people yeah i reckon they should get like you know a list of ministers they can fire well they do but then they they rehire them like three weeks
later don't they oh yeah that's true eight days yeah yeah because because because the thing is
like you know if you if you find them a million quid well that's money that could have potentially
gone to the nhs right and it's our money in the first place yeah yeah taxpayer money
that's what it all comes down to like oh you could have bought like 50 baby incubators for that money
and that's what we measure everything in these days or ventilators or whatever
baby incubators is that what they call the offices in westminster now yeah
so if you've seen this story about uh experts warned threat actors may abuse red team
tools um so this new tool nighthawk um may soon be leveraged by threat actors no no really so a
publicly available set of tools used by red teamers may be used by the criminals i know it's like a
the no shit sherlock prize it's a bit like kitchen knives could be used by the criminals i know it's like a the no shit sherlock prize it's a bit like
kitchen knives could be used for crime yeah it could be used to stab people
um yeah that's i mean it's a bit of a non non-event that story but um yeah i'm surprised
they uh they raised that in the in in the world of the ble the bleeding obvious yeah so i would say one other
like jeff i don't know if uh you know the uk cops lead action against uh ford site that made 100
million pounds so you actually looked into this story beforehand right do you have anything to uh
any way of summarizing this to save people reading an article like us yeah um so um they police and your interpol
whatever you they're they're trying to like a coordinated um attempt around the world and
they've made over 142 arrests uh of which 100 were in the uk nice Nice. To go after this site, iSpoof site, which grew in 2020.
But they believe they're responsible for hundreds of millions of losses.
So it's a major operation in dismantling it.
And as part of this, what the, what the Met have is a,
they,
they took down some servers.
So they have the,
the phone numbers of all these people,
people that were victims or potentially victims.
And one thing they want to do is send a text message to all of them saying
that you've been a victim potentially of a sophisticated banking scam.
Now, so now now they said that everyone's going to get a text message saying hey
exactly i'm not falling for that one again yeah exactly exactly well i was gonna say the other
way around please insert your bank details and we'll tell you if uh how much they took from you
yeah yeah yeah and we can we can give you a refund.
So one of our specially trained officers will be calling you up and like,
just tell him the code on your phone that you've been texted.
From our call centre abroad.
Yes, yes.
Hello, my name is Jonathan.
I'm a police officer investigating.
I'm glad you said that, Jeff.
I would never have gotten away with that.
Yeah, but you do it so well.
You do it even better than me when we're not in the picture.
Oh, dear.
Excellent, folks.
Thank you for this week's...
Industry News.
In 2021, you voted us the most entertaining cybersecurity content amongst our peers.
In 2022, you crowned us the best cybersecurity podcast in Europe.
You are listening to the double award-winning
Host Unknown podcast.
How do you like them apples?
How do you like them apples?
Okay, so let's move on to the final part of the show.
It's time for... Tweet of the Week. And we always play that one
twice. Tweet of the Week. And I shall take us home with this week's Tweet of the Week. It is from
Jamie Collier. And he says he's included a screenshot that he's taken from the Urban
Dictionary. And his commentary says, Just discovered Mandiant has an Urban Dictionary entry.
Fantastic stuff.
Huge if true.
Oh, he's obviously a listener.
Obviously a listener.
Clearly a listener.
And the screenshot,
this Urban Dictionary describes Mandiant as a verb
to litter a report with terms like
advanced persistent,
persistent advanced, advanced advanced threat persistent threat where the country of china is mentioned no less than 20 times
an example of usages we haven't sold anything this year we need to mandiant this report
the best thing about this is this entry was actually inserted or created in April 2013.
So it is 2013.
Wow.
So it's not a new.
I mean, this was peak China, right?
This was Mandiant's peak obsession with China back then.
This is pre-FireEye days.
It is, yeah.
But it was the fellow's name.
Well, it was peak Fire Fire Eye, isn't it?
No, what was the fella's name?
Bajek?
Baitlick?
Richard Baitlick.
Yeah, and the memes of him that used to go around saying it was China.
I'm not saying it was China,
but it was China.
No, he doesn't even start with that. He just says it was China.
He doesn't even caveat anything. There was another meme about, you know, I'm not saying it was aliens, but it was China. No, he doesn't even start with that. He just says it was China. He doesn't even caveat anything.
There was another meme about, you know,
I'm not saying it was aliens, but it was aliens.
Yeah, exactly.
Oh, very good.
Thank you, Andy.
And thank you to our favourite listener at the moment, Jamie Collier.
Tweet of the week.
Well done, chaps.
I think we've made it.
It's just coming up to, what, 8 o'clock?
So, Andy, I think you can start at your duly appointed one hour early
for your work day.
So jolly well done.
Yeah, exactly, on the day job.
Jav, you can go back to bed, obviously.
And I, well, in case you hadn't guessed,
we've had a few issues with some of the jingles today,
so I'm going to be at the editing desk for a little while.
But gentlemen, thank you so much for today.
Jav, thank you, sir.
You're welcome.
And Andy, thank you.
Stay secure, my friend.
Stay secure.
You've been listening to the Host Unknown podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it, please leave your best insults on our Reddit channel.
Worst episode ever.
R slash Smashing Security.
Whew.
So with it being Black Friday,
you're going to buy yourself a new stream deck
so we can all hear the jingles.
So it might work next time.
I know, exactly.
No, I think the ashtrays on this laptop are obviously full,
so I think I might just get a new laptop instead.