The Host Unknown Podcast - Episode 198

Episode Date: July 15, 2024

This week in InfoSec  (10:28)10th July 1999 - Cult of the Dead Cow (cDc) member DilDog debuted the program Back Orifice 2000 (BO2k) at DEF CON 7. It was the successor to Back Orifice, released by cDc... a year prior. DilDog proclaimed it "a remote administration tool for corporate America".https://twitter.com/todayininfosec/status/18111336060159836809th July 1981 - The game that launched two of the most famous characters in video game history is released for sale. Donkey Kong was created by Nintendo, a Japanese playing card and toy company turned fledgling video game developer, who was trying to create a hit game for the North American market. Unable at the time to acquire a license to create a video game based on the Popeye character, Nintendo decides to create a game mirroring the characteristics and rivalry of Popeye and Bluto. Donkey Kong is named after the game’s villain, a pet gorilla gone rogue. The game’s hero is originally called Jumpman, but is retroactively renamed Mario once the game becomes popular and Nintendo decides to use the character in future games.Due to the similarity between Donkey Kong and King Kong, Universal Studios sued Nintendo claiming Donkey Kong violated their trademark. Kong, however, is common Japanese slang for gorilla. The lawsuit was ruled in favor of Nintendo. The success of Donkey Kong helped Nintendo become one of the dominant companies in the video game market. Rant of the Week (15:55)Palestinians say Microsoft unfairly closing their accountsPalestinians living abroad have accused Microsoft of closing their email accounts without warning - cutting them off from crucial online services.They say it has left them unable to access bank accounts and job offers - and stopped them using Skype, which Microsoft owns, to contact relatives in war-torn Gaza.Microsoft says they violated its terms of service - a claim they dispute. Billy Big Balls of the Week (27:39)Scalpers Work With Hackers to Liberate Ticketmaster's ‘Non-Transferable’ TicketsA lawsuit filed in California by concert giant AXS has revealed a legal and technological battle between ticket scalpers and platforms like Ticketmaster and AXS, in which scalpers have figured out how to extract “untransferable” tickets from their accounts by generating entry barcodes on parallel infrastructure that the scalpers control and which can then be sold and transferred to customers.By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removing the anti-scalping restrictions put on the tickets by Ticketmaster and AXS. 'Gay furry hackers' breach conservative US think tank behind Project 2025A collective of self-described "gay furry hackers" have released 2GB of data lifted from the Heritage Foundation, the conservative think-tank behind Project 2025 - a set of proposals that would bring the USA closer to being an authoritarian state.The hacktivist group, known as SiegedSec, has been running a campaign it calls "OpTransRights," targeting (mostly government) websites to disrupt efforts to enact or enforce anti-trans and anti-abortion laws. Industry News (33:26)10 Billion Passwords Leaked on Hacking ForumCrypto Thefts Double to $1.4 Billion, TRM Labs FindsRussia Blocks VPN Services in Information CrackdownTicketmaster Extortion Continues, Threat Actor Claims New Ticket LeakCyber-Attack on Evolve Bank Exposed Data of 7.6 Million CustomersMost Security Pros Admit Shadow SaaS and AI UseRussian Media Uses AI-Powered Software to Spread DisinformationSmishing Triad Targets India with Fraud SurgeFraud Campaign Targets Russians with Fake Olympics Tickets Tweet of the Week (41:18)https://x.com/dennishegstad/status/1810044171765645568 Come on! Like and bloody well subscribe!

Transcript
Discussion (0)
Starting point is 00:00:00 So, who was best man at Graeme's wedding? Had to have been Mr Langford, surely. No, no, no, he had a very small wedding apparently. It was literally like the two of them and their kids and that was it. Wow. I was snubbed, snubbed I was. Did you at least send him the neck massager that we got? Yes, that we got yes
Starting point is 00:00:25 that we got that we got god I'm still waiting for the money from you two if you say it's from us
Starting point is 00:00:35 sorry the jingle's playing I can't hear you sorry what you're breaking up you're listening to the host unknown podcast You're listening to the Host Unknown Podcast.
Starting point is 00:00:52 Hello, hello, hello. Good morning, good afternoon, good evening from wherever you are joining us. And welcome, welcome one and all to episode 198. 202! Of the Host Unknown Podcast. Welcome one and all. Welcome gentlemen. 202! I think episode for me on this podcast yes only next week and then I will be off for about three or four weeks on my big summer vacation where are you going
Starting point is 00:01:31 USA USA you go for a month yeah about three and a half weeks taking the whole family with me what well you could you know there is a thing called the internet you could still join in every Friday lunchtime your time yeah no I don't think so I mean you pretty much turn up Well, you know, there is a thing called the internet. You can still join in every Friday lunchtime your time.
Starting point is 00:01:47 Yeah, no, I don't think so. I mean, you pretty much turn up at Friday lunchtime anyway, right? So there's no difference. Yeah, yeah, yeah, exactly. Oh, wow. Wow, so the whole family, how many states are you going to? I don't know what the states... Or is it just Florida? Are you house hunting in Florida?
Starting point is 00:02:02 Is that what it is? No, no, no, no, no, no. So I've got... It's New York, Washington, Norfolk, Virginia, because I've got a conference at the Sands Conference. I'm speaking there. So I'm slipping that in between my travels. Oh, well, that's one flight paid for. No, no, it's not.
Starting point is 00:02:19 No, it's actually paying for the entire trip because it's a business expense. And then, yeah, a couple of weeks in florida after that nice nice nice we're gonna see you on one of those big airboats shooting alligators hell yeah i'm gonna get me a gator yeah i'll bring you both back some some alligator skin boots and belts and ties and everything that works yeah baby they might be riddled with bullet holes because i might have been get too excited with the guns but you know it's the thought that counts especially a rifle not an uzi nah go big or go home talk about big andy how are you hey i'm not doing too bad i do
Starting point is 00:03:10 do i did listen back to last week's podcast and i was very clearly distracted uh for which i apologize i had a lot of work to get done during last week's podcast as you know um and this that was literally the only break i had in the day uh just which you didn't fully take which i well you know you can't i'm just too efficient right it's you know it's probably work work above everything else you know me yeah i'm a yeah i'm a hard worker um no but this week it's been uh yeah it's been busy but it's been good. And you know what? Last night, I actually went to a spin class. What? A what?
Starting point is 00:03:48 It was a spin class where you literally go in a room with 39 other people. So there's 40 people in a room. So 39 women and you. Probably 37 women and me and two other guys. Yeah, and it's actually hard work. It is. I did not give it the credit. I did not respect it.
Starting point is 00:04:11 I did not give it its due respect until I actually got there and did it. No, I actually went with one of the people I work with and got in there, and it was a lot harder than i suspected but a great fun the instructor was very good he's very supportive very uh passionate like all good vibes yeah so you're but uh you're on an adrenaline and cortisone high at the moment uh no because uh when i was walking my dog this morning i was like you know do you know what? My legs aren't working. I will not be going back to that class. I said I'd give it a try,
Starting point is 00:04:50 but I will not be going back. It's crazy. It's crazy. You're right. These things look so easy. Like, oh, they're just on a stationary bicycle or something. And then you go there and know it is the furthest thing from a stationary activity that you could ever imagine and you know what was even more embarrassing is that on the back of the bike they have um weights um they're
Starting point is 00:05:13 two kilo weight oh yeah right so either cindy crawford oh my god yeah and you know this front he says you know does anyone need to swap their weights or anything and i'm thinking like what am i going to do with two kilos i mean i carry more than that in my pocket anyway so like halfway through you sort of you cycle gently because you're clipped in like your feet you're actually clipped onto the bikes it's not like you know you get off and stretch uh so they do like a little sort of break in in the middle and uh you pick up the weights that attach to the back of the um bike and you're supposed to just do, like, reps, like lift them up. And I'm like, well, you know, this is like four kilos total.
Starting point is 00:05:49 It's been nothing. But the way he does it, you come halfway up. You have to break it up. You can't just go straight up, straight down. Well, blow me down if that didn't wear me out. I was like, oh, my God, I cannot lift these weights. And it had, like, yeah everyone else all these other women like hardcore like you know pouncing it like you know cycling super fast lifting these
Starting point is 00:06:12 weights and i'm like oh my god these weights aren't going up what is going on uh so i was suitably humbled uh last night great great so morning, your legs aren't working and probably your arms aren't working? Well, so my arms recovered relatively quickly because it wasn't difficult. Well, it used to be that kind of competitive task, right? Yeah, more in different directions, though, right? But no, it's the fact that you couldn't just go straight up and down. You literally had to go half up half down
Starting point is 00:06:46 half up half down half but doing it to the beat as well and like you know you know you are your own man you didn't have to listen to him yeah exactly well do you know he was actually saying that a lot is that you know go at a pace that's comfortable for you but then it's like keep to the beat one two it's also the social pressure when you're surrounded by everyone who seems to be able to do this without breaking a sweat i know it really was like that the first three minutes i was dripping with sweat and the way the the light sort of flashed it so every time it flashed on my head it was like you know clearly glistening um yeah it wasn't until like you know the 30 minute markening. Yeah, it wasn't until, like, you know, the 30-minute mark that women started
Starting point is 00:07:26 tying their hair back. You know what I mean? And there's me, like, almost dead. I just wanted to get out of there, to be honest. It was quite embarrassing. Damn, damn. But talking of embarrassing, Tom, how are you doing? Yes, very good, very good.
Starting point is 00:07:44 I'm just trying to think what I've done I finished another Lego model over over the weekend last weekend that was good fun the June Ornithopter
Starting point is 00:07:52 it's brilliant that was it was good I'm trying to think if I've done anything else of any interest oh I deliberately
Starting point is 00:08:00 missed the football on Wednesday what yeah I was I was watching watched the film. It was far more interesting. No, no. No film could have been more interesting than the game on Wednesday.
Starting point is 00:08:11 He had everything in it. I didn't need to watch it. I didn't need to watch it. I got all the scores from the guy upstairs. I knew exactly when they scored and exactly when we scored. Oh, now it's we scored. Yeah, but come on. Just because I don't like the football,
Starting point is 00:08:34 I don't like the sport where everybody runs around pretending not to be hurt. It's still England, right? That's fine, but I just don't watch it. I find it quite a dull sport to watch you know I'll tell you what I I'm with you with the theatrics and I it frustrates me so for a longest time I mean I don't really watch club football or the you know the premier league or anything but ever since my kids my two boys they started playing fifa on the playstation and they got to know all the players yeah they're really into football and as a social activity it is brilliant
Starting point is 00:09:12 especially my youngest he's like so funny he's like jumps up he's only seven he's like you idiot you should pass to you should pass to walker and foot forward to sucker and he should cross it on and harry kane he calls harry kane a donkey i don't know where he learned that from but he's like come on donkey score it's like you're such a donkey oh that's brilliant well i mean you know each to their own right it's it's certainly not my game obviously there are plenty you know there's one or two other people who do enjoy football obviously but what a great way to um you way to spend time with your kids, though, is to enjoy something, a joint activity like that.
Starting point is 00:09:50 Yeah. It's a shame it's football, but you've got to take your small wins where you can. A bit like England, really. So, talking of small wins, shall we see what we've got coming up for you this week? This week in InfoSec talks about the gorilla in the room.
Starting point is 00:10:08 Rant of the week is asking whose side is Microsoft on? Bully Big Balls is about furry scalpers. Industry News brings the latest and greatest security news stories from around the globe. And Tweet of the Week is irony epitomised. So let's move on to our favourite part of the show, shall we? It's time for... This Week in InfoSec. It is that part of the show where we take a trip down InfoSec memory lane
Starting point is 00:10:43 with content liberated from the Today in InfoSec Twitter account and further afield. And today our first story takes us back a mere 25 years to the 10th of July 1999 when Cult of the Dead Cow member Dildog debuted the program Back Orifice 2000 at DEFCON 7. And this was the successor to Back Orifice, released by CDC a year prior, where Dildog proclaimed it a remote administration tool for corporate America. And these were good signs. I was there in Vegas 25 years ago when this was released, believe it or not.
Starting point is 00:11:23 Were you in the room when he announced it? I was in the room when he announced it. The place was rammed. It was absolutely rammed. It was... Wow. Yeah, it was good. This was before they sold out, obviously, you know, went too commercial.
Starting point is 00:11:38 But I mean, even then, the crowds were huge. But you could literally turn up on the day and you queued up to get your tickets on the day, right? But I do then remember coming back and there were lots of people that were sort of actually genuinely installing this on their networks and using it as a remote administration tool um you know just unbelievably and it took about i don't know it must be about six months i think before mcafee started blocking because everyone used mcafee back then in the corporate right um before mcafee started actually recognizing it as a virus and actually blocking it but you know even to the original back office um you know you'd simply deploy it and just eject people's cd trays that was almost exclusively what it was used for yeah
Starting point is 00:12:21 did they hand out floppy disks for you to take copies away with you? No, it was all CDs. And I can't remember if it was this one or the previous one, but there was a whole batch of them that actually had a virus on them accidentally.
Starting point is 00:12:36 There was. And I can't remember if it was this one or the previous year. I get confused. I used to drink a lot in those days. Ironically enough, I didn't at those days but you know what i must have been uh well clearly it was 25 years ago i must have been what seven years old exactly vegas when you're seven years old well it's actually true i think in 99 they
Starting point is 00:13:02 must have defcon 7 would have been the alexander park hotel um because it was one of the only non-gambling hotels i think well so people under 21 could attend um if i recall correctly i do get my years mixed up um but it is either that or six i forget but alas i said one time i stayed in Vegas, I stayed at a non-gambling hotel. Okay. Yeah, not much. I'm not even a gambler. Did you also have a dry bar?
Starting point is 00:13:34 No. But alas, our second story takes us back a mere 43 years to the 9th of July 1981 and this is to the game that launched two of the most famous characters in video game history when it was released for sale and Donkey Kong was created by Nintendo a Japanese playing card and toy company, fledging video game developer who was trying to create a hit game for the North American market. So unable to acquire a license to create a video game based on the Popeye character, Nintendo decided to create a game mirroring the characteristics and rivalry of Popeye and Bluto. And so Donkey Kong, who was named after the game's villain,
Starting point is 00:14:26 eye and blue toe um and so donkey kong who's named after the game villain was a pet gorilla gone rogue and the game's hero was originally called jump man but then is retroactively renamed to mario once the game became popular and nintendo decided to use a character in future games so just a mere 43 years ago yeah and so funny enough that due to the similarity between Donkey Kong and King Kong, when it was released, Universal Studios actually sued Nintendo claiming that Donkey Kong violated their trademark. No way. Yeah, but it turns out that Kong is actually
Starting point is 00:14:58 a common Japanese slang for gorilla. So the lawsuit was ruled in favour of Nintendo. And Donkey is a common name for... Who is it? Lionel Messi? No, Kane. I don't know. There's two football names, I've just... There are only two I know. Excellent. Thank you.
Starting point is 00:15:46 This week in InfoSort. Excellent. Thank you. dangerously you're in good company with the award-winning host unknown podcast all right let's move on shall we it is time for listen up rent of the week it sounds a mother rage uh there's a choice of two here, but I thought I'd take the serious one, which is, well, it's going to be a bit challenging to get all serious about this. So the headline is, Palestinians say Microsoft is unfairly closing their accounts.
Starting point is 00:16:18 So as we know, there's a little, a little, well, what do we call it? A conflict between Israel and Gaza at the moment. It's not great. And communications, as we know, is really key during times like this, especially if you're trying to get in contact with families and loved ones and friends, etc., who are living in effectively a war zone. Now, we're not going to touch on the politics of
Starting point is 00:16:46 this as such but nonetheless it's fair to say Gaza is a war zone, it is under siege and there is a vast amount of chaos and destruction going on there. So for many Palestinians who live abroad and or who were out of the country when the conflict started, it's imperative that they can can make calls and that they can get through to to their loved ones. And one of the key ways that they have found that is very resilient and successful in doing this, is using Skype, Microsoft Skype. Now, literally until this week, I thought Skype had gone. But apparently, no, you can still buy Skype. I thought it was all Teams now, but there you go. But you can buy, you can pay for a Skype service, which allows you to call internationally,
Starting point is 00:17:44 allows you to call real phone numbers, etc. And a number of Palestinians, significant numbers of Palestinians, are using this service in order to call their loved ones. Because it allows them to call actual phone numbers from Skype. It allows it to do it very cheaply. And it still also connects even when the internet in Gaza is cut off. So it allows them to call mobile numbers, etc. Incredibly important for people to find out what's going on with their friends and family. However, a large number of expat Palestinians have had their Skype and entire Microsoft accounts suspended.
Starting point is 00:18:35 The whole account? The whole account. Not just Skype, the whole account? No, the whole account. The whole account, which includes, you know, their Hotmail accounts, for instance, which includes their Hotmail accounts, for instance, includes their Hotmail accounts, which their Skype is connected to. And they've had their accounts suspended for basically violating the terms of service, but Microsoft have not stated exactly what terms of the service have been violated and have been told that there is no appeal and there's no ability to get this back.
Starting point is 00:19:14 What this has done is that people, therefore the Palestinians living in foreign countries, have lost, in some cases, up to 15 years of their email. lost, in some cases, up to 15 years of their email. They've been unable to access bank accounts, online accounts, job offers, any kind of important communication because their email address is effectively dead. They're not allowed to, you know, you can only change account details when you've got access to your original account, right? So this is causing not only huge amounts of inconvenience locally, but a huge amount of, well, despair, really, as they're not even able to now contact their families. as they're not even able to now contact their families.
Starting point is 00:20:14 So they all think they've been effectively tarred with the same brush when it comes to they think they were wrongly thought to have ties to Hamas, who Israel is claiming to fight and is designated as a terrorist organisation by many countries. But all of them obviously deny that they've got any of these links. They're civilians. They've got no political backgrounds. Just want to check on our families. Microsoft are not responding when they asked if they were suspected they had ties to Hamas. suspect if they had ties to Hamas.
Starting point is 00:20:49 It said that spokesman said that it did not block calls or ban users based on calling region or destination. But blocking in Skype can occur in response to suspected fraudulent activity. But it does seem to be a little bit, and this is all at face value, obviously. This is an evolving story that I'm sure we'll hear, that will fill out even more. But I'm sure more will come out here, but it does seem that this is very much just targeted at Palestinians who are just trying to contact homes. And the fact that it's cutting off entire email addresses seems draconian at the very least. Now, this is not just, you know, coming from someone who has been summarily banned without
Starting point is 00:21:37 cause for, without giving any reason and without any avenue for appeal from TikTok after a week. That was frustrating enough to be banned from your entire email account that you've been using for most of your adult life and now effectively cut off from your family in a war-torn district must be absolutely, well, just awful, dreadful. So I think Microsoft needs to step up here and be a little bit more clear, at least to the individuals, exactly what terms of service they violated here. Because to be cut off without any kind of reason
Starting point is 00:22:22 and being left in the dark here is just going to cause a huge amount of emotional damage here. So, yeah, Microsoft, do better is all I can say. So, I kind of agree with your rant. I think you're just way too subdued in it, though. So rather than Microsoft do better, I'd say like, fuck you, Microsoft. You're messing with individuals here and their livelihoods potentially. And like you said, their contact with their loved ones. Now,
Starting point is 00:22:57 I understand when conflict happens, you can do stuff at a government level or what have you. So, you know, if the US doesn't like russia they can ban kaspersky and i'm not saying that's right but it's done at a nation level at a government level or what have you but when you're just like because someone might be living in america who's got a great granddad who lives in russia and they want to call them and because of that you now suddenly put them on the on the communist list and you effectively ban them from everything and anything. That is just like going back to like literally like those Cold War days and what have you. Just anyone you suspect who might have even been sympathetic towards, you know, or because they've got relatives and what have you.
Starting point is 00:23:38 And the fact that this just goes to show how much disproportionate power we've handed over to a few mega tech corps in the world. And they can do literally anything. And this is that point where we're at where one click, two clicks, and boom, that's it. You're gone. Your whole online identity can be removed. You can effectively be gagged. Your bank account's frozen and all sorts of thing and there's no due process around this i mean i would understand if law
Starting point is 00:24:09 enforcement had gone to microsoft or someone you know in the us no that's the point well again yeah they need to be better they need to like you know be more transparent about it as to what the process is and what's my point because we don't know the full story here yeah but we don't we need to but in like i'm not saying it's right or anything but it's a free service right microsoft the term no this is a subscription service the skype part is yeah but your actual hotmail account and all of that that's all free right i mean but i would be annoyed because obviously if you're still using a hotmail in this day and age it's a very old account right and so there's a lot of stuff in there yeah um but mike like to say that they need to come clean and and say you know why they're doing it it's uh well they do i think i think you you know everything is tied to an email account
Starting point is 00:25:04 these days you know everything you sign up for you know, everything is tied to an email account these days. You know, everything. You sign up for your garden waste collection, it's through an email. You want to log into your email, you know, you want any account and you forgot the password. You want to log on to your email, it's an email. Yeah, I know, I know. And like, well... and uh uh uh well i mean if this was you know 15 years ago for instance when email just was not as prevalent having an email closed was would be a big inconvenience at best now it's almost life changing yeah exactly exactly and like the story i, covers this, like people have applied for jobs. Now they can't get, you know, in touch with them. They've got a profile set up on their, you know, Facebook or their other social media.
Starting point is 00:25:54 It's all tied to an email. Everything. It's just I mean, Andy should know more than anything. He's got so many accounts out there that he can't log on to because he's forgotten the password and he doesn't have the email account either now for it and you know i don't have the email account that yeah and there's actually a couple of identities and really solid clean identities which are all tied to a domain that i gave up um you have the recovery address to those domain and all these identities that like yahoo accounts funny enough hotmail accounts um all Hotmail accounts. I know the passwords, and it tells me, yes, it's a password, but you have to verify. And one goes to a pay-as-you-go number I no longer have, and the other option is the email address, which I don't have.
Starting point is 00:26:35 So it's, hey, what are you going to do? Lost those accounts. And the third one is an ex-of-kin who you're no longer on speaking terms with. So that's, yeah no i do understand that frustration obviously i'm not sitting in a war-torn country so i can't empathize you know to that level it's this this i think i've got minor inconveniences that's the part of this that really you know i think sort of hurts the most is there is real human suffering at the end of it. And I think it's, you know, Microsoft is being, is insulated from that
Starting point is 00:27:07 and is frankly not joining the dots. But anyway, that was Rant of the Week. We're not lazy when it comes to researching stories. Nope. We're just energy efficient. Like and subscribe to the host unknown podcast for more esg adjacent tips right jav over to you all right so after tom uh as usual brings us down i'm going to lift us all up not with one but two billy big balls of the week um so uh oh my god i can see on the screen uh listeners it's like
Starting point is 00:27:59 andy's and tom are both like one of them pointing at their watch, the other one's doing the speed it up motion, so I would not take a long time on these. Okay. Scalpers work with hackers to liberate, liberate, I say, Ticketmaster's non-transferable tickets. Billy Big Balls
Starting point is 00:28:19 of the week. No, that was not the end of my Billy Big Balls. Oh, for guys that think that... I just had to. I just had to. Yeah. No, you didn't have to. You know, it's like, we're already short on time. But anyway.
Starting point is 00:28:37 So there's a technical battle and a legal one going on between ticket scalpers and platforms like Ticketmaster and AXS, in which the hackers have figured out how to extract untransferable tickets from their accounts and generating entry barcodes on parallel infrastructure that the scalpers control and which can be sold and transferred to customers. So they reverse engineered how Ticketmaster and make their electronic tickets and how to regenerate it.
Starting point is 00:29:13 So this is really great because it's like a classic hacker story. It's not that they're robbing Ticketmaster. It's like people have bought the tickets and now they can't resell them or they have to go through a ticket master platform and pay another whatever 20 30 for for that privilege so you know if if i've bought a ticket and i want to say oh i can't go tom here you go you take it it's like why should i have to pay 20 for that um exactly it's like so i like it because it's like one of those you know defcon early defcon day stories where like hey stick it to the man
Starting point is 00:29:53 and uh you know so highlighting putting a spotlight on poor business practices that ticketmaster are known for as well. They're known for adding service charge, convenience charge, printing charge, e-ticket charge, blah, blah, blah. Exactly, exactly. So that was that. I thought that was really, really cute. And the second story, which I'll jump onto quickly, is another story of sticking it to the man in more ways than one as gay furry hackers breach the conservative u.s think tank behind project 2025 um so it's the heritage foundation and they have plans which um like Donald Trump favour, and their plans include sweeping reforms to consolidate executive power,
Starting point is 00:30:52 reinforce Christian values across the government and society, and removing funding for climate change. The Heritage Foundation is a staunchly conservative view of many items. It's against abortion, LGBT rights and funding for Ukraine, while also rejecting the scientific consensus on climate change. You know, so the gay, furry hackers, they thought, well, we're not having that. And they've released two gigabytes of data lifted from the heritage foundation and a set of proposals that would bring the usa closer to being an authoritarian state and again i thought this was a really like you know have you read the
Starting point is 00:31:39 transcripts between the hackers and some of the representatives from project 2025 i'm i'm i'm efficient in my story so no they're vile as in the the hackers are like hey you know this is what we've done and this is why i've done it and and the um the people they're talking with the executives they're talking with one of them says well we're going to take you down so you're going to get ass-raped in jail this time next year and blah, blah, blah. It's horrific. It's absolutely vile. Good Christian values.
Starting point is 00:32:10 Good Christian values, exactly. So did the gay furry hacker saying, why are you threatening me with a good time? Well, precisely, for a start. But interestingly, the hackers in this instance maintain the moral high ground, believe it or not. Easily believable with that. With the Republicans, yeah.
Starting point is 00:32:29 Yeah, exactly. I mean, Trump's had, what, four wives? He's got three different baby mums or whatever. It's like good Christian values, right? That's it. That they want to restore to America. USA. USA.
Starting point is 00:32:43 Oh, dear me. Billy Big Balls of the week 30% nostalgic 30% ranty 30% ballsy and 30% terrible at maths. You're listening to the award-winning Post Unknown Podcast.
Starting point is 00:33:12 Well, since we're running out of it, Andy, what time is it? It is that time of the show where we take, no, where we head over to our news sources over at the InfoSec PA Newswire, who have been very busy bringing us the latest and greatest security news from around the globe. You had two jobs, Andy. Two jobs. Industry news.
Starting point is 00:33:34 Ten billion passwords leaked on hacking forum. Industry news. Crypto theft doubled to $1.4 billion. TRM Labs finds. Industry news. Russia blocks VPN services in information crackdown. Industry news. Ticketmaster extortion continues.
Starting point is 00:33:55 Threat actor claims new ticket leak. Industry news. Cyber attack on Evolve Bank exposed data of 7.6 million customers. Industry news. Most security pros admit Shadow, SAAS and AI use. Industry news. Russian media uses AI-powered software to spread disinformation. Industry news.
Starting point is 00:34:28 Smishing triad targets India with forged surge. Industry news. Fraud campaign targets Russians with fake Olympic tickets. Industry news. And that was this week's... Industry news. Huge if true. Huge if true. Huge.
Starting point is 00:34:51 Jeff, how do you pronounce S-A-A-S again? Do you want to just like... You know what? I was looking at that and I was just thinking in my mind. So first I was looking at it and I was thinking S-A-A-S. And then I thought, oh, you know, sass, like if you pronounce it how it's spelled, S-A-S, it's like sass, which actually in Urdu or Hindi
Starting point is 00:35:15 means mother-in-law. So... All of this went through your head in the split second before you before you yeah exactly the word enunciated it that's right oh dear so uh this is a story that actually almost three quarters of cyber security professionals have used unsanctioned apps including ai in the past year and back orifice and back orifice. And back orifice. But you know what?
Starting point is 00:35:46 It's most acknowledged data loss, lack of visibility and control in data breaches as a top risk of using unauthorised tools, but they continue to use them. Well, yeah, because we're professionals. We know what we're doing. Indeed. Yeah, those rules are for everyone else, not us.
Starting point is 00:36:03 Yeah, not those stupid users who haven't got a clue what they're doing you know what go back 20 years the same arguments were being used oh no they're using google oh no you're using the world wide web well do you remember there used to be a google desktop app uh google search so it would index everything on your desktop and you could find files and stuff that was fantastic that was i used to use Lookout, which was for Outlook specifically. That was before Outlook would run an index and a search capability. Okay. It was a great little app called Lookout.
Starting point is 00:36:38 Did that attach onto the side of your Rolodex? Yeah, it was a little small man. He used to fit through and look at things and every time i had a calendar appointment he used to go bingley bongley beep it's time for it's a scan all the business cards or was it more like mr tom bingley bingley no no i wasn't racist that's how you used to roll that's how you used to roll uh i the you know the russians banning the vpn services and information crackdown which is fine i'm shocked they haven't done that already but i know right
Starting point is 00:37:13 but then apple have been criticized because they've been facilitating they've blocked all vpn services in russia from their app stores so apple have got a form of doing this haven't they when the go i think the the saudi government ban like threaten them with something because like they want to be in the market right they want yeah yeah rich russians to buy their iphone so um i think you know apple apple looking at purely as a financial decision not i thought so many companies pulled out of russia completely i thought apple was one of them, but obviously not. Well, didn't we do a story about how all these car manufacturers had pulled out of the market, but then almost one of their neighbours,
Starting point is 00:37:53 like Belarus, sales to Belarus has shot through the roof. Yeah, true, very true. Yeah, so there's ways there. I don't know. But I am surprised that Apple are not already, or weren't previously blocking that stuff. Yeah. But they've also blocked VoIP services, by the looks of it.
Starting point is 00:38:13 What, Apple or Russia? Russia. Well, yeah, yeah. Yeah. Well, because it's harder to intercept, isn't it? Yeah, but it includes voice messaging on WhatsApp. What? Yeah. Yeah.
Starting point is 00:38:29 Yeah, so my brother-in-law, he lives and works in Dubai. He lives in Sharjah, but he works in Dubai. But we can't call him on WhatsApp. There's another app that my wife's downloaded just to speak to him because it's like, I suppose it's got a backdoor to the... The Saudi government can listen to that one. Yeah, the UAE government can... What about things like FaceTime? Could you use FaceTime? Funny enough, you actually have
Starting point is 00:38:49 to pay extra for FaceTime in the UAE. So when I was transiting through Dubai, I saw an iPhone and it was cheap. A couple of hundred quid cheaper than here. And the guy said, we were talking, I was like, I'm going to take it because why not? It's cheaper. hundred quid cheaper than here uh and the guy said oh you know uh it would talk to us you know
Starting point is 00:39:05 i'm gonna take it because you know why not it's cheaper uh and he said oh just to check he said do you ever do you ever use facetime and i said well yeah he said oh that costs extra but you can only have it if you've got an international passport and i was like what and he said that by default their their phones don't come with facetime uh they're different models um if you want one with facetime that works wow international that's like if you get if you get a toyota corolla say for example in the uk it's like crash tested and everything but if you buy a toyota crow lane like you know pakistan it's like it'll crumble like a like a tin of ghee like as soon as like you know a strong strong wind hits it they make them out of kit kat wrappers yeah exactly but um speaking speaking of
Starting point is 00:39:53 that part of the world um how the turns have tabled uh smishing tri targets ind India with fraud surge. So lots of people in India are getting smishing, like SMS-based phishing. And they're claiming to be from India Post, part of India's Ministry of Communications. But, you know, I thought if anyone knew would know how to spot them, it would be the Indians. But clearly not. It's only going to be a few months before all these Nigerian princes are going to be targeted by all of these attacks.
Starting point is 00:40:34 419 scams. Watch how the hunter becomes the hunted. Yes. Oh dear. Anything else or shall we move on? Let's move it on. Let's move on indeed.
Starting point is 00:40:50 That was this week's Industry News. If good security content were bottled like ketchup, this podcast would be the watery juice which comes out when you don't shake properly.
Starting point is 00:41:04 In a niche of our own you're listening to the award-winning host unknown podcast all right andy take us home with this week's tweet of the week we always play that one twice tweet of the week this week's tweet of the week comes from dennis hestad, who has, it's a visual tweet, so I shall describe it for you. He has taken a screenshot of the New York Times. So clearly he saw a headline that he was interested in, so he clicked through it. Headline simply says, everyone wants your email address. Think twice before sharing it. And when
Starting point is 00:41:44 you click through, it comes up behind a paywall and it says, thanks for reading the Times. Create your free account or log in to continue reading. And then it proceeds to ask for your email address. Yes, it's very meta. Well, the good thing is you could just provide a Hotmail account and then use a Skype call to call Palestine, and then, you know, you won't get any more spam. Well, you won't get any more email address either. Yeah. Damn me.
Starting point is 00:42:18 Excellent. Thank you. That was this week's... Well, we have come barreling into the end of the show as usual Gentlemen, thank you very much for your time today Jan, thank you very much for your wit, wisdom
Starting point is 00:42:37 and erudition this week Yeah, you're welcome And Andy, thank you Stay secure, my friends stay secure you've been listening to the host unknown podcast if you enjoyed what you heard comment and subscribe if you hated it please leave your best insults on our reddit channel worst episode ever r slash smashing security if any episode is going to get us cancelled is this one really hey it's you it's all you man like i stayed well away from anything controversial impersonate you two were the ones that were like
Starting point is 00:43:21 you know ragging on the republic, saying how bad they are and everything and how they got like non-Christian. I'm not going to get cancelled for that. No. I mean, I think that's like where our three US followers are from. Well, you should say hello to them when you're in Florida next month. I will. Yeah.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.