Épisodes

  • Episode 225: The finding a job episode

    Episode 225: The finding a job episode
    Jul 10 2025

    27th June 2007: Live Free or Die Hard was released. Cop John McClane partners with hacker Matt Farrell to stop cyberterrorists trying to take down the US's infrastructure. Traceroute (1337!) is used to find the ringleader's location, then McClane kills him by shooting HIS OWN shoulder.

    https://x.com/todayininfosec/status/1938731279937057144

    1st July 2003: California's data breach notification law went into effect. California became the first US state to require disclosure of breaches of personal information.
    https://x.com/todayininfosec/status/1940220561080332760

    Meta calls €200M EU fine over pay-or-consent ad model 'unlawful'

    Meet Soham Parekh, the engineer burning through tech by working at three to four startups simultaneously

    https://x.com/nickvangilder/status/1940110830085054891

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    48 min
  • Episode 224: Where we argue about Cyber Essentials

    Episode 224: Where we argue about Cyber Essentials
    Jun 30 2025

    17th June 1995: Spyglass goes public

    World Wide Web software producer Spyglass Inc. went public, the year after it had begun distributing its Spyglass Mosaic software, an early browser for navigating the Web. With previous year's earnings at $7 million, Spyglass was founded by students at the Illinois Supercomputing Center, which also inspired Netscape Communications Corp.

    https://www.computerhistory.org/tdih/june/27/#spyglass-goes-public

    26th June 1989: Robert Tappan Morris (who released the Morris worm in 1988) became the first person to be indicted under the US's Computer Fraud and Abuse Act (CFAA), enacted by Congress 3 years earlier. He was later sentenced to three years of probation and fined $10,050

    https://x.com/todayininfosec/status/1938292354965770278

    Visiting students can't hide social media accounts from Uncle Sam anymore

    Meta’s AI training on copyrighted content is ‘fair use’, US judge says

    https://x.com/filip_dragovic/status/1937932750415086010

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    48 min
  • Episode 223: The never-ending train journey episode

    Episode 223: The never-ending train journey episode
    Jun 19 2025

    11th June 1986: Ferris Bueller's Day Off was released. https://x.com/todayininfosec/status/1932838235102716317

    13th June 1994: A Russian hacker group led by Vladimir Levin stole $10.7 million from Citibank via X.25, in what was the first international bank robbery over a network to be made public. Levin was caught in London in 1995 and sentenced in the US to 3 years in prison in 1998. https://x.com/todayininfosec/status/1933504310643773697

    “Localhost tracking” explained. It could cost Meta 32 billion.

    Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

    Industry News

    #Infosec2025: Top Six Cyber Trends CISOs Need to Know

    Half of Mobile Users Now Face Daily Scams

    Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud

    Hands-On Skills Now Key to Landing Your First Cyber Role

    Phishing Alert as Erie Insurance Reveals Cyber “Event”

    Europol Says Criminal Demand for Data is “Skyrocketing”

    NIST Publishes New Zero Trust Implementation Guidance

    Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

    European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

    Tweet of the week

    https://bsky.app/profile/brianhonan.bsky.social/post/3lrilyd7rpk2m

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    44 min
  • Episode 222: The Curious Case of the Oxford Comma Episode

    Episode 222: The Curious Case of the Oxford Comma Episode
    May 30 2025
    1. 26th May 1995: Realizing his company had missed the boat in estimating the impact and popularity of the Internet, Microsoft CEO Bill Gates issues a memo titled, “The Internet Tidal Wave,” which signaled the company’s focus on the global network. In the memo, Gates declared that the Internet was the “most important single development” since the IBM personal computer — a development that he was assigning “the highest level of importance.” Still, it is curious why it took someone who was regarded as a technology “innovator” so long to realize this.

    https://thisdayintechhistory.com/05/26/bill-gates-internet-tidal-wave/

    1. 30th May 1996: AT&T Announces Video Phone Call System. AT&T held a meeting to announce a system that would allow personal computers to make and receive video phone calls over standard telephone lines. In years of efforts by AT&T and others to find success in the technology, the AT&T system made use of Intel's Pentium processors and compression software to allow both video and audio information to share a phone line rather than a high-capacity ISDN, T-1, or T-3 line.

    https://www.computerhistory.org/tdih/may/30/#att-announces-video-phone-call-system

    Security outfit SentinelOne's services back online after lengthy outage

    OpenAI model modifies shutdown script in apparent sabotage effort

    https://bsky.app/profile/robmesure.bsky.social/post/3lqcn6kq5oc26

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    46 min
  • Episode 221: The Was Jav On the BBC? Episode

    Episode 221: The Was Jav On the BBC? Episode
    May 27 2025

    Irish privacy watchdog OKs Meta to train AI on EU folks' posts

    Judge allows Delta's lawsuit against CrowdStrike to proceed with millions in damages on the line

    https://x.com/fesshole/status/1925815219655233765?s=46&t=1-Sjo1Vy8SG7OdizJ3wVbg

    And of course... can't NOT mention: https://www.bbc.co.uk/iplayer/episode/m002d2lh/inside-the-high-street-cyberattacks

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    46 min
  • 220 - The Frequent Flyer Frustrations Episode

    220 - The Frequent Flyer Frustrations Episode
    May 21 2025

    As always we will bring you today in infosec, a rant, admire a billy big ball move, talk about industry news, and bring you a tweet or alternatively suitable social media post of the week.

    Hey, it's hard enough Thom being off that I have to edit and publish this, I need to find an AI to write the notes for me. Love you all, Javvad... now go an subscribe!

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    40 min
  • 219 - The Lightweight and Aerodynamic Episode

    219 - The Lightweight and Aerodynamic Episode
    May 12 2025

    Episode 219 of the Host Unknown Podcast covers a wide range of humorous and insightful discussions relating to both technology and personal anecdotes. Key segments include a nostalgic look back at significant moments in InfoSec history, as well as a critique of a poorly-constructed analogy between casino strategies and cybersecurity. The hosts also discuss the misadventures of an AI app that wasn't really AI, cyber insurance claims, the fines against TikTok and NSO Group, and the importance of Cyber Essentials certification. The episode is peppered with casual banter about everyday life and observations, making for an entertaining yet informative listen.

    00:00 Introduction and Initial Banter

    00:57 Podcast Introduction and Missing Guest

    01:29 Wrestling Anecdotes and Technical Difficulties

    03:04 Travel Plans and Airport Preferences

    05:12 Manchester Trip and Quiet Carriage Etiquette

    08:58 InfoSec History: Banned from the Internet

    11:00 InfoSec History: The Love Letter Virus

    14:17 Rant of the Week: Casino Mindset in Security

    18:19 Understanding the Author's Perspective

    19:19 AI Shopping App Scandal

    24:30 Industry News Highlights

    26:00 TikTok's Data Transfer Fine

    29:08 Meta vs. NSO Group 31:40 Cyber Essentials Certification

    35:58 Tweet of the Week

    38:23 Conclusion and Farewell

    Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    40 min
  • Episode 213 - The So Many Technical Issues Episode

    Episode 213 - The So Many Technical Issues Episode
    Apr 25 2025
    This week in InfoSec (10:26)With content liberated from the “today in infosec” twitter account and further afield1st April 1998: Hackers changed the MIT home page to read "Disney to Acquire MIT for $6.9 Billion".https://x.com/todayininfosec/status/1907094503552336134 1st April 2004: The now ubiquitous Gmail service is launched as an invitation-only beta service. At first met with skepticism due to it being launched on April Fool’s Day, the ease of use and speed that Gmail offered for a web-based e-mail service quickly won converts. The fact that Gmail was invitiation-only for a long time helped fueled a mystique that those who had a Gmail address were hip and uber-cool. Those of us who are actually hip and uber-cool didn’t mind, of course, as those types of things don’t bother hip and uber-cool people. https://thisdayintechhistory.com/04/01/gmail-launched/ Rant of the Week (14:07)Kink and LGBT dating apps exposed 1.5m private user images onlinehttps://www.bbc.co.uk/news/articles/c05m5m5v327oResearchers have discovered nearly 1.5 million pictures from specialist dating apps – many of which are explicit – being stored online without password protection, leaving them vulnerable to hackers and extortionists.Anyone with the link was able to view the private photos from five platforms developed by M.A.D Mobile: kink sites BDSM People and Chica, and LGBT apps Pink, Brish and Translove.These services are used by an estimated 800,000 to 900,000 people.M.A.D Mobile was first warned about the security flaw on 20 January but didn't take action until the BBC emailed on Friday.They have since fixed it but not said how it happened or why they failed to protect the sensitive images. Billy Big Balls of the Week (24:00)Oracle's masterclass in breach comms: Deny, deflect, repeatThere have been some disclosure stinkers in the past. Back in 2016, The Reg discovered that Yahoo! had taken a few years to disclose security snafus that occured in 2013 and 2014, for example. These days we often see organizations simply choose not to publicly address their issues. A quick self-referral to the regulators and some letters sent directly to those affected pass as the bare minimum, and while these organizations won't get any Brownie points for transparency, the approach doesn't tend to invite too much in the way of long-lasting criticism either.When Oracle issued its flat-out denial of the first breach allegations that surfaced from cybercrime forums, it seemed like it was yet another wannabe big-time scriptkiddie making false claims for clout.To make matters worse, Oracle seemingly tried to swerve any flak with some careful semantics. Its original denial stated: "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data."Infosec experts Kevin Beaumont and Jake Williams later both claimed that Oracle appears to have used the Internet Wayback Machine's archive exclusion process to remove evidence about the intrusion. Industry News (33:25)Google to Switch on E2EE for All Gmail UsersICO Apologizes After Data Protection Response SnafuNorth Korea's Fake IT Worker Scheme Sets Sights on EuropeRoyal Mail Investigates Data Breach Affecting SupplierStripe API Skimming Campaign Unveils New Techniques for TheftOver Half of Attacks on Electricity and Water Firms Are DestructiveAmateur Hacker Leverages Russian Bulletproof Hosting Server to Spread MalwareCrushFTP Vulnerability Exploited Following Disclosure IssuesMajor Online Platform for Child Exploitation Dismantled Tweet of the Week (41:25)https://x.com/MalwareJake/status/1907416667052786110 Come on! Like and bloody well subscribe!
    Voir plus Voir moins
    52 min