The Host Unknown Podcast - Episode 207 - The Raw! Live! Uncut! Episode
Episode Date: November 5, 2024No notes this week - Andy had ONE job... Come on! Like and bloody well subscribe!...
Transcript
Discussion (0)
I've just got... actually... well... I've just got two words to say to you about last week's episode, Joe.
What's that?
What the fuck was that?
That's like five words. Well, in the same way that last week's episode was...
It was a work of art. It was beautiful. And I'm waiting, like, how all the great artists of
history, the geniuses, only truly recognized once they're gone.
only the genius was only truly recognized once they're gone. Great artist to for instance almost walk out halfway through a recording just because the track didn't track.
No that's the diva artist you're confusing me for that's Andy this is me.
Well thankfully we don't have him this week.
Hello, hello, hello. Good morning, good afternoon, good evening and welcome. One and all welcome dear listener to episode...
Gotta find it.
207?
Yep, that's right.
You say it with confidence. Say it with confidence.
It's not a question. You're informing people.
In fairness, we don't have the show notes this week.
But it's like how I said it last week with confidence. 206 and no one was there to correct or argue.
You didn't say it. I think some AI amalgam horror said it last week.
Yes, a horror AI that was more fun to work with than you two.
Look, just because we did what it did, just because it did what it was told, fun to work with than you two.
Look, just because we did what it did, what it was told doesn't mean it was more fun.
Isn't that the fun?
I mean, and I didn't even need to say a safe word or nothing.
It was brilliant.
If you don't have safe words, then you don't have boundaries. That's the best thing.
Okay, anyway, how have you been this week, Jav?
I've been good. I've been good. It's been a quiet week for us, isn't it?
Yeah, yeah, quite on the on the on the front line. Andy's been busy in incidents. You've been busy with your son
graduating and stuff like that, I suppose. Well, Andy's not here because it's half term this
week, isn't it? It is. Well, he sent us a photo of him sitting in a hot tub in a forest,
looking very poor, in fairness. but I think that's because he was
in centre parks.
Yes. And it's just like, I don't know if you've seen it, there's so many people, they've
done these comparison videos and everything and like, if you actually drive, take the
Euro tunnel, drive to Europe, go to the Netherlands and stay in the centre parks or
something equivalent there. It's cheaper than going to the one in Kent.
And you've still got your other kidney.
Yes, exactly. So yeah, I don't think he's... Well, obviously we do the best we can, isn't
it? Yeah, exactly. So bottom line folks, we don't even actually have any show notes.
We're kind of just swinging it, look quite literally swinging it.
No, winging it.
Swinging it is something else.
That's, that's, that's reserved for the weekends.
We are just winging it this week.
By, by bumbling this part, you're giving the impression that we actually even
script our,
how was your week?
Yeah, I know.
Which we don't.
Oh, it's all very carefully written down by the Host Unknown AI.
Yes, yes.
And reviewed by the Host Unknown AI legal team.
So we have multiple checks and balances in place to make sure we don't get sued.
We skate just on the right side of the law.
Yeah.
But host unknown AI is the copilot, Microsoft copilot, and the legal team is the Google one,
whatever that one is.
Yes.
Yes.
Yes.
Funny, funny.
Oh, actually, I did want to share this with you.
So more stories about my back passage behind the house. Yes,
I know. I haven't spoken about that for a while. But at the end, there's two entrances,
one from our road and one from the road behind. But I said, this is the back, back passage.
And the house in the corner, they've just had their old rickety woodshed knocked down and a proper brick built
One being put up and it's really cool. They like a garage like a garage, but it's three rooms
So there's the garage room. There's a little workshop room and there's a little like toilet shower space in there as well
so I was like
Very impressive and the guy is big into motorbikes so he's got so these are
newer newish neighbors they'll only be there a year so I don't know their names
yet but I give it another four years and I'll figure out what that is yeah yeah
he's got a local Christmas card round yeah yeah he's got a commuting bike and he's got a big
touring bike one of those big BMWs and so I was like oh I've got this bike and the look
of kind of disappointment is like he was judging me like oh so you only commute
you don't really do proper biking on like yeah I was like excuse me but yes
but that's not the point the fact that my bike isn't
not only has he got a better bike, not only has he got a better bike,
he's also got a better garage than you.
No, I do like my garage.
It's nice.
It's like I've got two big rooms.
Does it have a shower and a toilet?
You know what?
When I was getting it built,
the builder, he was a nice guy,
and he kept saying, you know,
you should really think about getting
a little wet room put in there.
I was like, you know what,
it's just gonna eat into the space.
It's just across the garden is the house
and the toilet's right there downstairs.
It won't be an issue.
10 years on, it's an issue.
It's an issue, spoiler alert, it's an issue.
You know, weak bladders and all, but speaking of weak bladders how's your week Tom? Yes uh yep very true very true yes good it's
been a quiet week like I said you know what what I guess without Andy just flooding us with memes
and stuff this week but uh um yeah been a quiet week I can definitely feel a sort of tick down
for the end of my tenure and my current job getting ready for the next one
so I've only got three weeks left so just a few key jobs to do and then it's
just make sure everything doesn't blow up. What else? What else? Bought a new laptop.
Made the schoolboy mistake of buying a new laptop from Apple the week before Apple releases new laptops.
So a little bit disappointed.
It's alright. You know what? The way things are, no matter when you buy a laptop from Apple or device,
it's always a week earlier before
you release something new anyway so don't beat yourself too much. And hey bottom line I'm talking
to you on it now so it's not too bad you know it's obviously working um and oh I've been doing some
Christmas shopping I'm sorting out all my stockings for for friends and family
I'm doing seven stockings this year can you believe? Wow since you've ended up
with more family. I know feels like it. So yeah TK Maxx is my friend at the moment
But aside from that, not a lot else. I'm sure we see what we've got coming up for you this week.
Well, actually, we're not entirely sure.
We do have a little bit of this week in Infosec.
Got a couple of stories there,
which Javel will take us through.
We do have a rant of the week,
which is about the mouse,
and somebody who's gonna go at the mouse. We do have a Billy Big Bulls of the week which is about the mouse and somebody who's gonna you know go at the
mouse we do have a Billy Big Bulls of the week which I understand is also
about the mouse and then we have industry news which brings us the latest
and greatest security news stories from around the globe which we're just gonna
wing when we haven't even got these written down and I'm pretty sure we don't have a
tweet of the week but you never know we might have something before we finish but it's unlikely because I can
see Jav not looking for a tweet of the week right now so no no okay no tweet of the week anyway shall
we move swiftly on yes we shall and it is time for our favorite part of the show, it's the part of the show that we like to call
Yes welcome to today in Infosec the part of the show that takes you back to yesteryear.
I don't have the notes in front of me so I'm trying...
I had this thing in my mind...
Yeah, you were doing really well until you said, I don't have the notes in front of me.
Yeah, 2013.
A mere...
Oh, hang on, hang on.
How many years ago was
11
Years ago. Yep. That's right
Yahoo
launched its bug bounty
via an announcement on
tumblr
You sure it wasn't Friends Reunited?
No.
So people who are younger kids, they probably don't know what Yahoo is, they don't know
what a Tumblr is.
They probably all know what a Bug Bounty is.
No, the Tumblr is the Batman's Batmobile.
Yes, that's the one.
That's the one.
From the Christian Bell store.
Yes.
Batman.
Not one of the other 50 million reboots
that it keeps getting in live and animated form.
From the second best Batman.
Who was the best?
It's controversial, but I think it was Ben Affleck.
It's not controversial because I for once actually agree with you. I actually really
really liked Ben Affleck as the Batman. The physicality of him. The physicality,
the way he moved. I thought was excellent. I just didn't, well he just didn't get the good story.
So Christian Bale got the best story arc. He did. The trilogy was unmatched.
Yeah, definitive Batman films I think. Yeah, yeah. I'm so glad you know my heart stopped
for a second. I thought you were going to say Robert Pattinson and at that point I was
literally going to hit end and like walk off this show. Yeah, but you see I do like Robert
Pattinson and I like the direction it's going in. It's grittier, it's a little bit more based in reality, etc.
But he's not comic book.
And I think Ben Affleck made the best rendition of the comic book Batman.
Yes, I've never really been into comics.
I've never read comics.
I've never got anything to compare it to in that regard.
Right.
And I think the Batman was a visual feast.
Yes.
And the sound design in the cinema, if you saw it in the cinema, was epic. But it was like almost three hours of depression.
It was just a bit too gritty, a bit too sombre. There was no levity, there
was no yes moments or anything. It was just very...
It wasn't a superhero film. You could have taken the characters out and it would have
been a good film, nonetheless,
but it just happened to be around the Batman and Catwoman.
You know, there was a good breakdown I saw,
and this is how everyone knows
we're going completely off topic here.
There's a good breakdown they done,
and they said the director and everything,
they also done seven,
and they done a comparison of seven with the Batman.
And it's like two partners working together,
the older, wiser one, the younger rookie-ish sort of one.
And the way it's framed and the way the story arc goes,
it was very, very similar.
You start to see all the similarities there.
And I think to your point, it could have been any film without wearing the mask and it
would have still worked. And I say that about the first Joker movie, I haven't
seen the second one, yeah I have no real intention of seeing that. I really enjoyed it,
I have to say. The second one? Once you get over the fact that it's a musical,
you accept the fact that it's a musical, and you accept the fact that it's a musical,
and also if you pay attention,
there's some really interesting, poignant points in there.
In fact, one of the last scenes,
most people miss the detail in the background.
That's because they've left the cinema by then.
Well, yes, but like everything.
Oh, and you know know I really enjoyed it and
I'm not a musical fan. But anyway the first Joker I thought it could have been a movie
about anyone and their mental decline in society and it would have been a great film anyway.
It was a taxi driver wasn't it? Yeah yeah much, yes. But I still maintain the movie Nightcrawler with
Jake Gyllenhaal is a better movie than the first Joker. Similar tortured characters with
a bit of like a not so good outlook on life but I really like that movie. Anyway, back
to the Tumblr. Yes, anyway if you've just joinedler yes welcome to host unknowns movie review no it's like the
it all started off from the word tumbler and we say andy's the one that's like adhd i know right
i know right i mean you can tell this is a podcast by two middle-aged men can't you it's just like yes yes following some random thoughts that ends
up at batman well it it's like a flow chart if you follow it it either ends in batman or these
pesky kids these days there's nothing in between i don't think so what would have happened in my day
What would have happened in my day? Yeah.
Okay, okay, okay.
So Young launched the Bug Bounty Program and it was informal and people were awarded t-shirts
afterwards.
And that was it.
And you know, afterwards now it's $250 to 15k per bug and in 2024
It's about
$100 to 15k so, you know, they've kind of like gone down a bit on their lower
Well, yeah, who's not exactly, you know top of the
Top of the internet companies at the moment right?
Yeah yeah yeah true and I did have a second second story because I found this fascinating
a because it's from 1929 a mere 90 95 years I think.
95 years, I think.
The US cryptanalytic org, the black chamber, AKA the cipher bureau, closed after 10 years of operation.
It was headed by Herbert O. Yardley.
Herbert, oh, Yardley. Herbert? Oh, Yardley.
The sentence ended with the
worst of what I thought.
Oh dear.
It was headed by Herbert O
Yardley throughout its existence
and primary mission was to break
the diplomatic communications of other
nations. So it was a bit
like NSA pre
the NSA. So the question is why was it
closed and the State Department decided to just stop funding it and the army
didn't want to bear the full cost. And then there's another in it's I assume
this take from an FAQ on the page did the public know about the org? Not exactly.
It was disguised as a New York commercial code company
and actually conducted some commercial business.
So no, they didn't at all.
No, no, they didn't.
Part three is probably like what happened
to the company afterwards.
It morphed into Enron.
So, you know.
But yeah, you know, I had no idea about the,
I'd never heard about the, the cipher bureau,
black chamber or Herbert O.
The black chamber.
I mean, that sounds like, you know,
the illuminati if ever I've heard of it, right?
Yeah, it's basically black mirror before the black mirror.
So.
Yeah, exactly.
Yeah, I thought it was interesting.
Yeah, anyway, thank you, Geoff, for this week's...
This week in InfoCert.
We're not lazy when it comes to researching stories.
No.
We're just energy efficient.
Like and subscribe to the Host Unknown podcast for more ESG adjacent tips.
All right, let's move swiftly on to our next item.
It's Batman of the Week.
No, Rant of the Week.
Listen up! Rant of the Week.
And this week's Batman of the Week is of course,
I'm trying to think of another one, Michael Keaton.
He was also another really good one. Anyway, so, Rantzowicz. So, the title reads
Fired Disney Staffer
Accused of Hacking Menu
To Add Profanity
Wingdings. Oh, this humanity.
And Removes Allergen
Info. So, this chap
Michael Schurr
He was an ex-Disney
employee. He'd been fired, but his access was not revoked.
So what can you do to Disney that would really hurt it?
Well, I guess he thought that going after their reputation was probably the best thing.
So his job, and this seems like a very specific job
but maybe that's what happens when you're in something as large as Disney,
his job was a menu production manager and he was fired from his role in June
for what the complaint notes was unspecified misconduct. The dismissal was contentious and was not considered to be
amicable according to the court documents. So what this guy did, he allegedly went into action
almost immediately after his termination and by early July, this is all this year as well,
so this has all happened very quickly, was said to have used his work
credentials, here's the kicker, which still functioned after his termination, I think we know why this might be the rant,
to access the menu creation system Disney contracted another company to create and change all the fonts in the system to Wingding symbols.
Oh, the humanity.
Now we're laughing at this point. This is the least of his crime.
I mean, changing everything to Wingdings.
Now that might seem to be a little bit, you know, petulant, a little bit funny in some cases, as your menus now
look like you're actually swearing at people, you know, if you've ever read, you know, comics
or anything with those sorts of speech bubbles in. But what happened was, rather than just
replacing characters, he actually replaced fonts. So the fonts were renamed by the threat
actor to maintain the name of the original font,
but the actual characters appeared as symbols. What it meant was, when it was launched, the
menu creator application reached out to the configuration files to achieve what it believed
to be the correct font, and instead it retrieved the altered font files. As a result of this change,
all the menus within the database were unusable because the font changes propagated throughout the database.
And then the changes subsequently knocked the system offline for a couple of weeks.
Just by changing it. I mean this guy knew what he was doing. Let's face it.
He must have known that by doing this it's gonna take it out for a couple of this is like he probably went in lightly emmies and I have a very specific set of skills
Yeah, I have a very specific set of fonts
Yeah, exactly. I can go off any menu system in the world
Yeah, exactly
It requires backup restoration to fix. Two weeks though. Two weeks.
Now, these are the lesser of his crimes.
Because this is somebody basically graffitiing the front of the office or throwing cow dung at the windows of Disney or whatever.
It's illegal, it's caused a bit of damage, but
you know, nobody died, right? But what he also did, in addition to the font changes,
Shah also allegedly used his credentials to download menus waiting to be printed and altered
them to redirect menu QR codes to a website urging visitors to boycott Israel over its
invasion of Gaza. So again, you know, this specific action, nobody died, but you know,
it's not exactly what you can certainly see why Disney would be a bit annoyed over this
because it doesn't matter what your opinion is over you know Israel and Gaza either side it's
just a horrible situation all around and many companies as you can imagine don't want to touch
it with a barge pole for many you know for many reasons however it does get worse most critically
However, it does get worse. Most critically, Shah is also accused of having downloaded menus and altered them to eliminate allergen information, suggesting foods were safe when they weren't.
As the complaint notes, this could have had deadly consequences. And something that Disney
is already familiar with with having had exactly this
someone died in there in there oh it was a doctor wasn't it I don't know whether it was a doctor
and wasn't this the it was somebody who died and the wife was going after compensation but because
they'd signed up to Disney Plus they had no rest, they couldn't go after, in legal, they had to settle out of court or something like that.
Yeah, that's right, that's right. Because they signed up to Disney Plus, even though somebody had died in one of the restaurants.
Yeah, exactly. So, to a certain extent, couldn't have happened to a nicer company.
But yeah, what Shaw was doing, somebody could have died from this, right?
If they had not spotted this change as well.
So this is a very deliberate act and, well, although it didn't and he was caught,
it could have resulted in some very serious consequences
and he would have been the direct cause of the death of someone.
So, not great at all. So overall it really does
in a place where you think that you know really you know not much harm can be done, what's the
worst that could happen, nobody died etc. Well even a menu creator which seems again oddly specific But even a menu creator can can have dire consequences for your company if you don't remove their access when they're terminated
Fundamental fundamental
Yeah, yeah, that's my right
This reminds me of a bad see Steven Seagal sequel to like under siege
You know like we're in the first one is like I'm in the first one he was like, I'm just the chef.
And this could be just, I'm just the menu creator.
I'm just the menu creator.
Yeah, but this is just poor, poor...
Particular set of skills and fonts and...
Yeah, yeah.
But this is just poor, poor like management overall.
Poor hygiene.
You don't change the passwords.
You don't want it to... Who's accessing files, you don't have a control over your third party, you don't
have control over anything. It just seems like it was... and for a company as
big as Disney I'm very very surprised. It's bad enough that when somebody
leaves on good terms and is therefore very unlikely to do anything, it's bad
enough when you
delay the account deletion process or the account suspension process.
And even though in those instances the risk is very low, right?
In a non-amicable termination, the guy's access should have been revoked
while he was in the meeting room having his meeting
about being fired not three days later or whatever um that's very very poor you know it's a high risk
uh or at least a significantly higher risk of something happening. So appalling. So one thing I'm really interested
to know is how many people who are in a job that they may not be entirely satisfied with
fantasize about doing this kind of stuff. Because I don't think this is something that happens
as you're walking out the door. It's something that's been stewing or brewing inside for a long
time. Yeah. And you think, you you know what this is what I'll do to
them to really hit them where it hurts. Yeah and I think this has been a
long time coming. He thought about to move so quickly from June to July to
doing this, he's already had a plan in his mind. Yeah, yeah. So you're moving in three weeks.
Oh, I got a story.
I'm just asking the questions.
Yeah. In which case, my answer is...
Rant of the Week
If good security content were bottled like ketchup, this podcast would be the watery
juice which comes out when you don't shake properly.
In a niche of our own, you're listening to the award-winning Host Unknown Podcast. Okay, now time for...
Today's Billy Big Balls is actually one of the ballsyest things that, you know, stories
in a while.
And it's a proper David vs Goliath.
This is like one of those ones, and you're not on TikTok,
but a lot of people have been doing the remix
of like the, they've been adding the,
you know, from Deadpool and Wolverine,
at the end they've got the like a prayer choir mix.
Yeah.
And they've been putting that over epic battle scenes
or from video games or movies and stuff.
And the caption is normally like,
women normally say they want to die peacefully
surrounded by their loved ones.
And men want to die like,
and it's just like one person taking on a whole army
or like Captain America, you know,
about to battle Thanos or Batid and Bruce
just before the portals all open
or all that kind of stuff.
And there's a certain sign that kind of like,
it's a very like, you know, there's this
romanticized noble way to die on your sword against the undefeatable enemy. And this is what
this story this week's story reminds me of. A fallen hero with giant balls to take on,
none other than Disney after he was wrongfully terminated.
And I know obviously, allegedly, okay, Legals just asked me to throw in the word allegedly there.
He was wrongfully, allegedly terminated by Disney, but he was a menu creator.
And if you, if you, there's one set of people you don't mess with, it's menu creators.
They have many skills. They have many skills.
So he saw and you know what if Disney had just done their job he wouldn't have had an in but
he saw that he still had access to accounts after he was terminated wrongfully allegedly
and he went in and he changed fonts to Wingdings and that little change alone
brought down the sister for two weeks. It was beautiful.
Are we short stories this week?
It's just two sides to the same coin my friend, two sides to the same coin.
So, you know, you're probably already familiar with the story because it's huge news and
I think he deserves it.
Yeah, it feels very recent, very, very new in my mind.
But yeah, that for me was the big billy balls taking on the mouse, knowing it won't end
well for him.
It's going, do you know what I like about
you doing this story is it's back to form
of you backing the criminal.
I love it.
Wow.
See, you're the kind of person that would be
ratting out the rebellion just to appease the emperor.
Like you are like...
I'm an imperial officer, no doubt about it.
Christ, I want to live in, I don't know, you know,
in a spaceship with modern lines and good uniforms.
I don't want to be, you know, having a hyperdrive unit that fails constantly
and I have to hit it with a with a wookie wrench to make it work
That's that's just not living. I want to live in a modern
It's not it's not constantly at the fear of death
No, no, I'll live in a Death Star safe as houses. This is why you're not a Billy Big Balls person
This is why you're just like play it safe
I want to land on a planet,
not knowing if I can get off again
and spoon with a Wookie all night and just like...
If you're going to spoon with a Wookie,
you'll definitely get off again.
Yeah. Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha Very good. I think we went a little bit off track on this one.
You think? Just a little bit. Just a little bit.
That was this week's...
Billy Big Balls of the Week. If good security content were bottled like ketchup, this podcast would be the watery
juice which comes out when you don't shake properly.
In a niche of our own, you're listening to the award winning, Host Unknown Podcast.
So Jav, without the notes in front of you, and after 2066 episodes what time is it? Technically it's 202
episodes so like you know I had it with 206 I would have had this down to a T
but it is that time of the show where we head over to the InfoSecPA Newswire to
bring you all the latest and greatest news from around the world. Very very
good.
Industry News.
I had something for this, wait.
Yeah, I know, I know.
All right, what have we got? Oh!
New Zhugu fishing kit targets US, other countries with mascot.
Industry News
Misconfigured Git configurations targeted in emerald whale attack.
INDUSTRIE News
Canadian government data stolen by Chinese hackers. INDUSTRIE News
North Korean hackers collaborate with Play Ransomware.
INDUSTRIE News
Government sector suffers 236% surge in malware attacks.
INDUSTRIE News
Over 80% of US small businesses have been breached.
Lightspeed cash plug-in vulnerability poses admin access risk.
Updated fake call malware targets mobile devices with vishing.
Apple rolls out major security update to patch macOS and iOS vulnerabilities.
CESA launches first international cyber security plan.
Over half of US country, county websites could be spoofed.
Midnight Blizzard spearfishing campaign targets thousands with odd AP files.
How long do you think we could get away with this before they notice that we're still
just talking?
I don't know, but this is a lot easier than trying to fill time with Tweet of the Week.
But I'm not even sure we've got a Tweet of the week. IN THE STREAM NEWS. But I'm not even sure we've got a tweet of the week.
IN THE STREAM NEWS.
That's Andy's fault for being in a hot tub in the forest somewhere.
IN THE STREAM NEWS.
But now it looks like he's the one that holds the show together and it's not, it's not I
tell you.
IN THE STREAM NEWS.
Fake news, fake news, fake news. Huge if true.
And that was this week's...
Industry News!
Do you know what gets me?
That we're still probably going to get quite a few hundred people listening to this episode.
And? OK, you're welcome.
You're welcome. I mean I know it's not as good as last week's episode but come on this is like I don't know about that. It's a close second. So let's just click on two shall we? Let's see what we've got. Okay. I'm impressed
with your pronunciation of the Zhu Gu fishing kit. I don't know. Well it's probably Zhu
Gao isn't it? That's probably more correct. Probably. Yeah. After all. I don't know what.
After all of that we still can't find something to go on.
Okay, CSUR launches first International Cyber Security...
And you've zoomed in so I can't see it.
Plan.
Okay, so it's an international strategic plan designed to boost international cooperation
in combating cyber threats to critical infrastructure.
This sounds really, really like, I'm sure this has been, this is like, this has been
rebooted more times than the Batman has.
Yeah, honestly, it's just like, oh, we've got a new standard, we've got a new cooperation framework,
we've got a new whatever. There's so many people and units out there doing this kind of stuff.
I don't know what a strategic plan will do. We don't need plans, we need actions.
You're saying we need action plans.
In parliament. Hey hey hey!
Wooo!
Yeah.
Goal three, unify agency coordination of international activities.
Isn't that what Europol and Interpol are supposed to be doing?
Yeah.
It's... well, the CSA is the US, so, you know.
Yeah, so that doesn't surprise me, so.
Let's look at Zhuge Liang.
Since I can.
With mascot.
It targets US and other countries with mascots.
What, is it like a little dog,
or is it one of those pink-haired dogs?
Yeah, yeah.
It's probably like an anime character.
Oh, true. It's quite actually written. Japan and China. Yes, yes. I don't know.
See, now can you pronounce it? It's got it written.
Oh yeah, oh yeah, well I had pronounced it correctly. Yes. So distinctive aspects of the
Zhuge Liang kit include its interactive cartoon mascots and easter egg features.
Basically, they've built Microsoft Clippy.
Wow. Maybe they've just reskinned it. If you just take it off and unmask it, it was Clippy all along.
Hi, it looks like you're trying to distribute a malware.
Yeah, yeah, yeah.
You know, the stories are a bit weak, but I did see a lot of activity
by friend of the show, Ira Winkler.
And he's been. I like Ira.
Ira's a nice guy.
You know, first time I met him him and he was quite nice to me and he goes like,
I'm not normally nice to people, I'm normally an asshole.
Well, funny enough, yeah, when I first met him he was a bit of an asshole.
Yes, yes.
And then we chatted afterwards and it was like, no, he's just one of the nicest guys.
He just wants to, you know, he's a bit sort of inward looking, right?
You know, he's just a, you know.
Sorry, what have you found?
So so so so.
He's been, the last couple of weeks, and I think he was at the IC2 Congress and he's really been talking about the
one million, one billion whatever... Oh, shortage of cyber professionals.
And then so he's been taking a closer look at the report and he's been like, well their own data
shows there's a large number of layoffs and expectations of decline in employment base in the coming years. He's got several posts on it.
Their own study literally say that 65% of companies will have a decrease in entry and junior
level cybersecurity personnel. This is while claiming that there is a critical shortage
of cybersecurity personnel and they intend to solve
the problem by bringing a million entry level people
into the industry.
So it's just like they're talking out
to both sides of their mouth.
On one hand, it's like, oh, everyone needs to become
a member and we'll fill the gap and there's a billion gaps.
But on the other hand, when you look into the detail, it just isn't supportive.
And there's so many posts.
If you go on his LinkedIn, you can see he's been banging on about this a lot.
He's written an open letter to ISE too.
You know, because like also recently their CEO, Claire Rosa, who was just brought in last year,
she's resigned, was asked to resign, I don't know.
So now they just like their Deborah Taylor
who's been there for a while,
she's just been interim CEO.
Oh yeah, I know Deborah, yeah, yeah.
And I think like also like they were counsel published and apparently they made a loss
Like five million or something
Well, it probably didn't help when that CEO from a couple of years ago gave himself like a three times salary hike, right? Oh
Yeah, yeah
But I have no idea what's going on.
The whole place is falling apart.
And...
Do you know, not when I first got into security, but, you know, a good few years in, and the
general consensus was you'll always have a job if you're in security.
Yeah.
Yeah.
I'm not sure that's true anymore.
No, no. it's uh, I
Don't think so. I don't think that's true for any
I think it only lasts for a short period of time in any industry and then it's always yeah, it's always gonna like
Changes will come in, you know
so
Yeah, yeah and just like you know, Graham Cluley, you can't be running two podcasts at the same time.
It's back to be equally successful and take all the sponsorship money all the time indefinitely.
Well, and then being Norway and whatever other country, you know, he's been traveling around the world quite dramatically.
That little push for push for that cash grab he did a little while ago
it's definitely yes yes i think i think we should do that as well we should get andy
sit in his hot tub in the in the forest to make a little video saying hosts unknown need some funds
so please sponsor us yeah yeah daddy needs a new mac mini
Yeah, yeah. Daddy needs a new Mac Mini.
And that was this week's... Industry News!
Industry News!
People who prefer other security podcasts are statistically more likely to eject USB devices safely. For those who live life dangerously, you're in good company with the award-winning Host Unknown podcast.
So I've no idea if we've got a Tweet of the Week but let's see what happens when we play the jingle.
Tweet of the Week.
And we always play that one twice.
Tweet of the Week.
This week's Tweet of the Week is by Rick at Rick Derby. That's Rick with a R-I-C, no K in it.
And his tweet simply says, back to being unaware of cyber.
Very confusing stuff.
Because as you know,
October was Cyber Security Awareness Month,
and today as of recording,
it is first of November.
So we are now back to being unaware of cyber.
And I thought that was very clever.
That's fair.
Yeah, I like that.
And nicely found last minute as well. And very topical, very you know immediate. So excellent. That was this week's
Tweet of the Week. Right well I can't believe we've run even with the edits in.
We've run for nearly 40 minutes. Wow. I mean maybe not the most structured of shows. I think
it was beautifully beautifully structured. I think there was a there was a you know it's
it's it's like when you let nature take its course and it and it you know when you see The skepticism of a framework allowed to flourish and grow under nature's gaze.
That is so beautifully said.
I have no idea what it means.
But what I was thinking of is, you know when they show the pictures in Japan after the
nuclear reactor issue?
And so they had to evacuate the whole town. And had to evacuate the whole town and then they showed like a
year later drones flying over you see the the structures are still there but now that nature's grown and
like there's trees and plants and this and there's certain beauty to it. It's a bit like
That's how I how I picture
Yes, so I think if AI were to describe
our podcast in an image that's what it would look like. Bereft of all humanity. Yes.
Oh dear. Well on that note thank you, Jav, so much for, This is gonna be weird, because we don't sign off like this normally.
But anyway, thank you for your wisdom, charisma,
charm, intelligence, and all-round willingness
to just jump in with both feet.
Stay secure, my friends.
Stay secure.
You've been listening to the Host Unknown Podcast. If you enjoyed what you heard, comment and subscribe. you all. Adam West will always hold a place near and dear to my heart as Batman.
Adam West, the rubber shark and a can of shark repellent.
And Burt Wood, let's not forget him.
Who apparently between the two of them screwed their way around Hollywood at the time of
filming of Batman.
Well wouldn't you?
Not at the time of filming Batman, no.
My favourite scenes are all the cameos when they're climbing up the side of the Biblings.
And so it's like, hey, it's Sammy Davis Jr.
Yeah, that's right.
That's right.
Please get back inside, citizen.
Was it always Sammy Davis Jr.?
No, it was different celebs, I think.
That's the one that came to mind because I remembered it was...