• Episode 213 - The So Many Technical Issues Episode

  • Apr 25 2025
  • Length: 52 mins
  • Podcast

Episode 213 - The So Many Technical Issues Episode

Listen for free

View show details

  • Summary

  • This week in InfoSec (10:26)With content liberated from the “today in infosec” twitter account and further afield1st April 1998: Hackers changed the MIT home page to read "Disney to Acquire MIT for $6.9 Billion".https://x.com/todayininfosec/status/1907094503552336134 1st April 2004: The now ubiquitous Gmail service is launched as an invitation-only beta service. At first met with skepticism due to it being launched on April Fool’s Day, the ease of use and speed that Gmail offered for a web-based e-mail service quickly won converts. The fact that Gmail was invitiation-only for a long time helped fueled a mystique that those who had a Gmail address were hip and uber-cool. Those of us who are actually hip and uber-cool didn’t mind, of course, as those types of things don’t bother hip and uber-cool people. https://thisdayintechhistory.com/04/01/gmail-launched/ Rant of the Week (14:07)Kink and LGBT dating apps exposed 1.5m private user images onlinehttps://www.bbc.co.uk/news/articles/c05m5m5v327oResearchers have discovered nearly 1.5 million pictures from specialist dating apps – many of which are explicit – being stored online without password protection, leaving them vulnerable to hackers and extortionists.Anyone with the link was able to view the private photos from five platforms developed by M.A.D Mobile: kink sites BDSM People and Chica, and LGBT apps Pink, Brish and Translove.These services are used by an estimated 800,000 to 900,000 people.M.A.D Mobile was first warned about the security flaw on 20 January but didn't take action until the BBC emailed on Friday.They have since fixed it but not said how it happened or why they failed to protect the sensitive images. Billy Big Balls of the Week (24:00)Oracle's masterclass in breach comms: Deny, deflect, repeatThere have been some disclosure stinkers in the past. Back in 2016, The Reg discovered that Yahoo! had taken a few years to disclose security snafus that occured in 2013 and 2014, for example. These days we often see organizations simply choose not to publicly address their issues. A quick self-referral to the regulators and some letters sent directly to those affected pass as the bare minimum, and while these organizations won't get any Brownie points for transparency, the approach doesn't tend to invite too much in the way of long-lasting criticism either.When Oracle issued its flat-out denial of the first breach allegations that surfaced from cybercrime forums, it seemed like it was yet another wannabe big-time scriptkiddie making false claims for clout.To make matters worse, Oracle seemingly tried to swerve any flak with some careful semantics. Its original denial stated: "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data."Infosec experts Kevin Beaumont and Jake Williams later both claimed that Oracle appears to have used the Internet Wayback Machine's archive exclusion process to remove evidence about the intrusion. Industry News (33:25)Google to Switch on E2EE for All Gmail UsersICO Apologizes After Data Protection Response SnafuNorth Korea's Fake IT Worker Scheme Sets Sights on EuropeRoyal Mail Investigates Data Breach Affecting SupplierStripe API Skimming Campaign Unveils New Techniques for TheftOver Half of Attacks on Electricity and Water Firms Are DestructiveAmateur Hacker Leverages Russian Bulletproof Hosting Server to Spread MalwareCrushFTP Vulnerability Exploited Following Disclosure IssuesMajor Online Platform for Child Exploitation Dismantled Tweet of the Week (41:25)https://x.com/MalwareJake/status/1907416667052786110 Come on! Like and bloody well subscribe!
    Show more Show less
Show more Show less
adbl_web_global_use_to_activate_webcro768_stickypopup

What listeners say about Episode 213 - The So Many Technical Issues Episode

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available