Page de couverture de The Host Unknown Podcast

The Host Unknown Podcast

Auteur(s): Host Unknown Thom Langford Andrew Agnes Javvad Malik
Écouter gratuitement

  • Résumé

  • Host Unknown is the unholy alliance of the old, the new and the rockstars of the infosec industry in an internet-based show that tries to care about issues in our industry. It regularly fails. With presenters that have an inflated opinion of their own worth and a production team with a pathological dislike of them (or “meat puppets” as it often refers to them), it is with a combination of luck and utter lack of good judgement that a show is ever produced and released. Host Unknown is available for sponsorship, conferences, other web shows or indeed anything that pays a little bit of money to keep the debt collectors away. You can contact them at contact@hostunknown.tv for details
    All rights reserved - Hands Off!
    Voir plus Voir moins
Épisodes
  • Episode 195 - The Smashing Unknown Episode

    Episode 195 - The Smashing Unknown Episode
    Jun 10 2024
    This week in InfoSec (11:16)With content liberated from the “today in infosec” twitter account and further afield5th of June 1991, a mere 33 years ago, : Philip Zimmermann sent the first release of PGP to 2 friends, Allan Hoeltje and Kelly Goen, to upload to the Internet. From the man himself, First, I sent it to Allan Hoeltje, who posted it to Peacenet, an ISP that specialized in grassroots political organizations, mainly in the peace movement. Peacenet was accessible to political activists all over the world. Then, I uploaded it to Kelly Goen, who proceeded to upload it to a Usenet newsgroup that specialized in distributing source code. At my request, he marked the Usenet posting as "US only". Kelly also uploaded it to many BBS systems around the country. I don't recall if the postings to the Internet began on June 5th or 6th.It may be surprising to some that back in 1991, I did not yet know enough about Usenet newsgroups to realize that a "US only" tag was merely an advisory tag that had little real effect on how Usenet propagated newsgroup postings. I thought it actually controlled how Usenet routed the posting. But back then, I had no clue how to post anything on a newsgroup, and didn't even have a clear idea what a newsgroup was.After releasing PGP, I immediately diverted my attention back to consulting work, to try to get caught up on my mortgage payments. I thought I could just release PGP 1.0 for MSDOS, and leave it alone for awhile, and let people play with it. I thought I could get back to it later, at my leisure. Little did I realize what a feeding frenzy PGP would set off. Apparently, there was a lot of pent-up demand for a tool like this. Volunteers from around the world were clamoring to help me port it to other platforms, add enhancements, and generally promote it. I did have to go back to work on paying gigs, but PGP continued to demand my time, pulled along by public enthusiasm.I assembled a team of volunteer engineers from around the world. They ported PGP to almost every platform (except for the Mac, which turned out to be harder). They translated PGP into foreign languages. And I started designing the PGP trust model, which I did not have time to finish in the first release. Fifteen months later, in September 1992, we released PGP 2.0, for MSDOS, several flavors of Unix, Commodore Amiga, Atari, and maybe a few other platforms, and in about ten foreign languages. PGP 2.0 had the now-famous PGP trust model, essentially in its present form.It was shortly after PGP 2.0's release that US Customs took an interest in the case. Little did they realize that they would help propel PGP's popularity, helping to ignite a controversy that would eventually lead to the demise of the US export restrictions on strong cryptography.7 June 2009. A mere 15 years ago. Sophos launched its (utterly shit) IT vigilante marketing campaignDress up a British man (who appears to have had a nervous breakdown over a corporate data breach incident) in an orange gimp suit – that will sell security software for sure!At least, that was the plan made by Sophos’s marketing department for its “IT Vigilante” campaign.https://www.youtube.com/watch?v=-gc6sDqofcIhttps://grahamcluley.com/top-five-worst-videos-anti-virus/Other awful videos:Happy birthday Eugene Kaspersky: https://www.youtube.com/watch?v=ujnq188E5-wEugene’s “silent movie”: https://www.youtube.com/watch?v=Ib8UjCQl5sE&t=6s Rant of the Week (22:45)https://www.bbc.co.uk/news/articles/cxee7317kgmoRussian hackers are behind the cyber attack on a number of major London hospitals, according to the former chief executive of the National Cyber Security Centre.Ransomware attacks on the healthcare industry as a whole have increased significantly over the past year. Whaley attributes the uptick to “lives on the line.”“While no sector is invulnerable to these attacks… healthcare providers have proven time and time again that they’re the most willing to pay a ransom following these incidents," Whaley said.“Bad actors know this and smell blood in water,” he added. Whaley pointed out that the rise in state-sponsored cyberattacks combined “with the further digitization of the NHS paints a pretty grim picture for the defensive capabilities of the British healthcare sector… and possibly a warning sign of much larger attacks to come.” Graham's Giant Gonads of the Week (30:51)Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Labhttps://therecord.media/kaspersky-apple-bug-bounty-declinedhttps://securelist.com/trng-2023/Apple has snubbed Russian cybersecurity firm Kaspersky Lab, refusing to shell out a bug bounty for four zero-day vulnerabilities discovered in iPhone software. Targets were infected using zero-click exploits via the iMessage platform, and the malware ran with root privileges, gaining complete control over the device and user data. The twist?The vulnerabilities were used to spy on Kaspersky ...
    Voir plus Voir moins
    49 min
  • Episode 194

    Episode 194
    Jun 3 2024

    This week in InfoSec (07:29)

    With content liberated from the “today in infosec” twitter account and further afield

    28th May: 2014: LulzSec hacker Hector Monsegur, known as Sabu, was sentenced and released the same day on time served for his role in a slew of high-profile cyberattacks. He had served 7 months in prison after his arrest.

    https://x.com/todayininfosec/status/1795228730735886650

    25th May 2018: The General Data Protection Regulation (GDPR) in the European Union (EU) to strengthen and unify data protection became effective - just over 2 years after it was adopted by the EU.

    https://twitter.com/todayininfosec/status/1794461551534936503

    Rant of the Week (18:34)

    Bing outage shows just how little competition Google search really has

    Bing, Microsoft's search engine platform, went down in the very early morning 23rd May. That meant that searches from Microsoft's Edge browsers that had yet to change their default providers didn't work. It also meant that services relying on Bing's search API—Microsoft's own Copilot, ChatGPT search, Yahoo, Ecosia, and DuckDuckGo—similarly failed.

    If dismay about AI's hallucinations, power draw, or pizza recipes concern you—along with perhaps broader Google issues involving privacy, tracking, news, SEO, or monopoly power—most of your other major options were brought down by a single API outage this morning. Moving past that kind of single point of vulnerability will take some work, both by the industry and by you, the person wondering if there's a real alternative.

    Billy Big Balls of the Week (26:56)

    IT worker sued over ‘vengeful’ cyber harassment of policeman who issued a jaywalking ticket


    In an ongoing civil lawsuit, an IT worker is accused of launching a "destructive cyber campaign of hate and revenge" against a police officer and his family after being issued a ticket for jaywalking.

    Industry News (34:44)

    Check Point Urges VPN Configuration Review Amid Attack Spike

    Courtroom Recording Software Vulnerable to Backdoor Attacks

    New North Korean Hacking Group Identified by Microsoft

    Internet Archive Disrupted by Sustained and “Mean” DDoS Attack

    Advance Fee Fraud Targets Colleges With Free Piano Offers

    US-Led Operation Takes Down World’s Largest Botnet

    First American Reveals Data Breach Impacting 44,000 Individuals

    Europol-Led Operation Endgame Hits Botnet, Ransomware Networks

    BBC Pension Scheme Breached, Exposing Employee Data

    Tweet of the Week (47.14)

    https://twitter.com/DebugPrivilege/status/1795823939631067165

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    51 min
  • Episode 193 - The "At Last!" Episode

    Episode 193 - The "At Last!" Episode
    May 27 2024
    This week in InfoSec (11:36) With content liberated from the “today in infosec” twitter account and further afield17th May 2015: CNN published their article on a statement Cybersecurity Consultant, Chris Roberts had publicly made on Twitter a month earlier. There were lots of accusations made regarding Chris Roberts' actions hacking into computer systems while a passenger on multiple airline flights. Did he actually cause a plane to fly sideways? Maybe? But it's not like he made it fly upside down.FBI: Hacker claimed to have taken over flight’s engine controlshttps://twitter.com/todayininfosec/status/1791214444980080724 26th May 1995: Gates Declares Internet "Most Important Single Development"Realising his company had missed the boat in estimating the impact and popularity of the Internet, Microsoft Corp. CEO Bill Gates issued a memo titled, "The Internet Tidal Wave," which signaled the company's renewed focus on that arena. In the memo, Gates declared that the Internet was the "most important single development" since the IBM personal computer -- a development that he was assigning "the highest level of importance”.https://1995blog.com/2020/05/25/25-years-on-bill-gates-internet-tidal-wave-memo-a-seminal-document-of-the-unfolding-digital-age/ Rant of the Week (18:00)Giving Windows total recall of everything a user does is a privacy minefieldMicrosoft's Windows Recall feature is attracting controversy before even venturing out of preview.Like so many of Microsoft's AI-infused products, Windows Recall will remain in preview while Microsoft refines it based on user feedback – or simply gives up and pretends it never happened.The principle is simple. Windows takes a snapshot of a user's active screen every few seconds and dumps it to disk. The user can then scroll through the archive of snapshots to find what were doing some time back, or query an AI system to recall past screenshots by text. Billy Big Balls of the Week (28:58)Hacker Breaches Scam Call Center, Warns Victims They've Been ScammedA hacker claims to have breached a scam call center, stolen the source code for the company’s tools, and emailed the company’s scam victims.The hack is the latest in a long series of vigilante actions in which hackers take matters into their own hands and breach or otherwise disrupt scam centers. A massively popular YouTube community, with creators mocking their targets, also exists around the practice. Industry News (34:17)Authorities Arrest $100m Incognito Drugs Market SuspectAI Seoul Summit: 16 AI Companies Sign Frontier AI Safety CommitmentsUK Government in £8.5m Bid to Tackle AI Cyber-ThreatsMastercard Doubles Speed of Fraud Detection with Generative AIPSNI Faces £750,000 Data Breach Fine After Spreadsheet LeakGitHub Fixes Maximum Severity Flaw in Enterprise ServerNational Records of Scotland Data Breached in NHS Cyber-AttackNVD Leaves Exploited Vulnerabilities UncheckedMicrosoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day Tweet of the Week (41:59)https://twitter.com/gcluley/status/1792881296907043217Two for one:https://twitter.com/mer__edith/status/1793888092321202634 Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    48 min
Gestion et leadership Économie Comédie et humour
Voir plus Voir moins

Ce que les auditeurs disent de The Host Unknown Podcast

Moyenne des évaluations de clients

Évaluations – Cliquez sur les onglets pour changer la source des évaluations.

Évaluations sur Audible.ca

Évaluations sur Amazon.ca
Il n'y a pas encore de critiques pour ce titre.