Episode 195 - The Smashing Unknown Episode
This week in InfoSec (11:16)With content liberated from the “today in infosec” twitter account and further afield5th of June 1991, a mere 33 years ago, : Philip Zimmermann sent the first release of PGP to 2 friends, Allan Hoeltje and Kelly Goen, to upload to the Internet. From the man himself, First, I sent it to Allan Hoeltje, who posted it to Peacenet, an ISP that specialized in grassroots political organizations, mainly in the peace movement. Peacenet was accessible to political activists all over the world. Then, I uploaded it to Kelly Goen, who proceeded to upload it to a Usenet newsgroup that specialized in distributing source code. At my request, he marked the Usenet posting as "US only". Kelly also uploaded it to many BBS systems around the country. I don't recall if the postings to the Internet began on June 5th or 6th.It may be surprising to some that back in 1991, I did not yet know enough about Usenet newsgroups to realize that a "US only" tag was merely an advisory tag that had little real effect on how Usenet propagated newsgroup postings. I thought it actually controlled how Usenet routed the posting. But back then, I had no clue how to post anything on a newsgroup, and didn't even have a clear idea what a newsgroup was.After releasing PGP, I immediately diverted my attention back to consulting work, to try to get caught up on my mortgage payments. I thought I could just release PGP 1.0 for MSDOS, and leave it alone for awhile, and let people play with it. I thought I could get back to it later, at my leisure. Little did I realize what a feeding frenzy PGP would set off. Apparently, there was a lot of pent-up demand for a tool like this. Volunteers from around the world were clamoring to help me port it to other platforms, add enhancements, and generally promote it. I did have to go back to work on paying gigs, but PGP continued to demand my time, pulled along by public enthusiasm.I assembled a team of volunteer engineers from around the world. They ported PGP to almost every platform (except for the Mac, which turned out to be harder). They translated PGP into foreign languages. And I started designing the PGP trust model, which I did not have time to finish in the first release. Fifteen months later, in September 1992, we released PGP 2.0, for MSDOS, several flavors of Unix, Commodore Amiga, Atari, and maybe a few other platforms, and in about ten foreign languages. PGP 2.0 had the now-famous PGP trust model, essentially in its present form.It was shortly after PGP 2.0's release that US Customs took an interest in the case. Little did they realize that they would help propel PGP's popularity, helping to ignite a controversy that would eventually lead to the demise of the US export restrictions on strong cryptography.7 June 2009. A mere 15 years ago. Sophos launched its (utterly shit) IT vigilante marketing campaignDress up a British man (who appears to have had a nervous breakdown over a corporate data breach incident) in an orange gimp suit – that will sell security software for sure!At least, that was the plan made by Sophos’s marketing department for its “IT Vigilante” campaign.https://www.youtube.com/watch?v=-gc6sDqofcIhttps://grahamcluley.com/top-five-worst-videos-anti-virus/Other awful videos:Happy birthday Eugene Kaspersky: https://www.youtube.com/watch?v=ujnq188E5-wEugene’s “silent movie”: https://www.youtube.com/watch?v=Ib8UjCQl5sE&t=6s Rant of the Week (22:45)https://www.bbc.co.uk/news/articles/cxee7317kgmoRussian hackers are behind the cyber attack on a number of major London hospitals, according to the former chief executive of the National Cyber Security Centre.Ransomware attacks on the healthcare industry as a whole have increased significantly over the past year. Whaley attributes the uptick to “lives on the line.”“While no sector is invulnerable to these attacks… healthcare providers have proven time and time again that they’re the most willing to pay a ransom following these incidents," Whaley said.“Bad actors know this and smell blood in water,” he added. Whaley pointed out that the rise in state-sponsored cyberattacks combined “with the further digitization of the NHS paints a pretty grim picture for the defensive capabilities of the British healthcare sector… and possibly a warning sign of much larger attacks to come.” Graham's Giant Gonads of the Week (30:51)Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Labhttps://therecord.media/kaspersky-apple-bug-bounty-declinedhttps://securelist.com/trng-2023/Apple has snubbed Russian cybersecurity firm Kaspersky Lab, refusing to shell out a bug bounty for four zero-day vulnerabilities discovered in iPhone software. Targets were infected using zero-click exploits via the iMessage platform, and the malware ran with root privileges, gaining complete control over the device and user data. The twist?The vulnerabilities were used to spy on Kaspersky employees.Kaspersky politely enquired whether it could be rewarded for finding the vulnerabilities used in the espionage campaign - known as Operation Triangulation.Kaspersky claims it was a "highly sophisticated" attack, so intricate it needed 13 bullet points to explain.Russia, not one to be outdone in the drama department, accused the U.S. and Apple of colluding to spy on Russian diplomats. Apple, of course, vehemently denied these allegations.It's like Eastenders.Amidst all this chaos, the U.S. and Russia are engaged in a geopolitical staring contest, with Apple caught in the crossfire. Apple, being an American company, has taken a stand against Russia's actions in Ukraine, suspending sales and removing apps. It's a bit like a tech giant trying to play peacemaker in a playground brawl.Kaspersky, meanwhile, has its own history with the U.S. government, having been banned from government use due to security concerns. It's a classic case of "guilty by association."So, will Kaspersky continue to report bugs to Apple despite the lack of reward? Only time will tell.Speaking to Russian-language media agency RTVI, Kaspersky’s research head Dmitry Galov said that typically cybersecurity companies like Kaspersky nominated a charity to receive the funds from the Apple Bug Bounty program instead of collecting the revenue itself. He added that although Kaspersky was confident the attacker was state-sponsored, he and his research team did not have the technical data needed to identify which state may have been behind the attack.A spokesperson for Kaspersky did not respond to whether it had nominated a charity when initially contacting Apple, nor whether the company’s refusal to issue a bounty would affect its decision to disclose vulnerabilities discovered in the future. Industry News (40:23)London Hospitals Cancel Operations Following Ransomware IncidentEmailGPT Exposed to Prompt Injection Attacks#Infosec2024: CISOs Need to Move Beyond Passwords to Keep Up With Security Threats#Infosec2024: Ransomware Ecosystem Transformed, New Groups “Changing the Rules”Security Flaws Found in Popular WooCommerce Plugin#Infosec2024: Collaboration is Key to an Effective Security Culture#Infosec2024: AI Red Teaming Provider Mindgard Named UK's Most Innovative Cyber SMEFBI Warns of Rise in Work-From-Home ScamsAccount Takeovers Outpace Ransomware as Top Security Concern Tweet of the Week (44:27)https://x.com/dakacki/status/1798882732203803070
Come on! Like and bloody well subscribe!