The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Sisällön tarjoaa Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
Samanlainen kuin The Host Unknown Podcast
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of "climate tech" with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!
Siirry offline-tilaan Player FM avulla!
))
Episode 144 - The Other Peoples Work Episode
Manage episode 358243180 series 2706360
Sisällön tarjoaa Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
This week in InfoSec (06:13)
With content liberated from the “today in infosec” twitter account and further afield
15th March 2000: The movie "Takedown" was released in France as "Cybertr@que". It is based on the capture of Kevin Mitnick
https://twitter.com/todayininfosec/status/1636083404117557248
16th March 1971: The first computer virus, Creeper, infected computers on the ARPANET, displaying "I'M THE CREEPER : CATCH ME IF YOU CAN." It was named after a villain (the Creeper) from a 1970 episode of "Scooby-Doo, Where Are You!"
https://twitter.com/todayininfosec/status/1636516584394203137
Rant of the Week (13:20)
What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger's customers.
According to America's financial watchdog, the SEC, Blackbaud will cough up the cash - without admitting or denying the regulator's findings - and will cease and desist from committing any further violations.
"Blackbaud is pleased to resolve this matter with the SEC and appreciates the collaboration and constructive feedback from the Commission as the company continually improves its reporting and disclosure policies," Tony Boor, the outfit's chief financial officer, told The Register.
"Blackbaud continues to strengthen its cybersecurity program to protect customers and consumers, and to minimise the risk of cyberattacks in an ever-changing threat landscape," Boor added.
For perspective: the South Carolina-based firm – which provides, among other things, donor management tools to nonprofits – banked $1.1 billion in revenue in 2022, resulting in a $45.4 million loss. This settlement is the least of the biz's concerns, we imagine.
Slap on the wrist
Here's what happened: back in May 2020, Blackbaud experienced a ransomware infection, quietly paid off the crooks, and didn't tell customers about the security breach until July 2020. And when the software company did notify customers, it assured them that the "cybercriminal did not access…bank account information, or social security numbers," according to the SEC order.
By the end of that month, however, the SEC claims that Blackbaud personnel discovered that the miscreants had accessed unencrypted donor bank account information and social security numbers. But the employees allegedly didn't tell senior management about the theft of sensitive customer data because Blackbaud "did not have policies or procedures in place designed to ensure they do so," the court documents say. Make of that what you will.
Billy Big Balls of the Week (23:09)
1st Story (short, follow the link):
Microsoft support 'cracks' Windows for customer after activation fails
In an unexpected twist, a Microsoft support engineer resorted to running an unofficial 'crack' on a customer's Windows PC after a genuine copy of the operating system failed to activate normally. It seems, this isn't the first time either that support professionals have employed such workarounds when under pressure to timely close out support tickets.
A South-Africa based freelance technologist who paid $200 for a genuine copy of Windows 10 was startled to see a Microsoft support engineer "crack" his copy using unofficial tools that bypass the Windows activation process.
2nd Story:
A company who actually followed disclosure requirements (and puts TikTok in the same bucket as Meta and Google):
Cerebral admits to sharing patient data with Meta, TikTok, and Google
Cerebral, a telehealth startup specializing in mental health, says it inadvertently shared the sensitive information of over 3.1 million patients with Google, Meta, TikTok, and other third-party advertisers, as reported earlier by TechCrunch. In a notice posted on the company’s website, Cerebral admits to exposing a laundry list of patient data with the tracking tools it’s been using as far back as October 2019.
The information affected by the oversight includes everything from patient names, phone numbers, email addresses, birth dates, IP addresses, insurance information, appointment dates, treatment, and more. It may have even exposed the answers clients filled out as part of the mental health self-assessment on the company’s website and app, which patients can use to schedule therapy appointments and receive prescription medication.
According to Cerebral, this information got out through its use of tracking pixels, or the bits of code Meta, TikTok, and Google allow developers to embed in their apps and websites. The Meta Pixel, for example, can collect data about a user’s activity on a website or app after clicking an ad on the platform, and even keeps track of the information a user fills out on an online form. While this lets companies, like Cerebral, measure how users interact with their ads on various platforms and track the steps they take afterward, it also gives Meta, TikTok, and Google access to this information, which they can then use to gain insight into their own users.
Industry News (32:43)
UK's New Privacy Bill Could Mean More Work for Firms
Blackbaud Settles $3m Charge Over Ransomware Attack
MI5 Launches New Agency to Tackle State-Backed Attacks
Humans Still More Effective Than ChatGPT at Phishing
Tick APT Group Hacked East Asian DLP Software Firm
Humans Still More Effective Than ChatGPT at Phishing
NCSC Calms Fears Over ChatGPT Threat
UK Joins US, Canada, Others in Banning TikTok From Government Devices
US Government IIS Server Breached via Telerik Software Flaw
Tweet of the Week (40:30)
https://twitter.com/william_whyte/status/1635198775152234496
https://twitter.com/J4vv4D/status/1636055929199140864?s=20
Come on! Like and bloody well subscribe!
192 jaksoa
Jaa
Manage episode 358243180 series 2706360
Sisällön tarjoaa Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik. Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
This week in InfoSec (06:13)
With content liberated from the “today in infosec” twitter account and further afield
15th March 2000: The movie "Takedown" was released in France as "Cybertr@que". It is based on the capture of Kevin Mitnick
https://twitter.com/todayininfosec/status/1636083404117557248
16th March 1971: The first computer virus, Creeper, infected computers on the ARPANET, displaying "I'M THE CREEPER : CATCH ME IF YOU CAN." It was named after a villain (the Creeper) from a 1970 episode of "Scooby-Doo, Where Are You!"
https://twitter.com/todayininfosec/status/1636516584394203137
Rant of the Week (13:20)
What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger's customers.
According to America's financial watchdog, the SEC, Blackbaud will cough up the cash - without admitting or denying the regulator's findings - and will cease and desist from committing any further violations.
"Blackbaud is pleased to resolve this matter with the SEC and appreciates the collaboration and constructive feedback from the Commission as the company continually improves its reporting and disclosure policies," Tony Boor, the outfit's chief financial officer, told The Register.
"Blackbaud continues to strengthen its cybersecurity program to protect customers and consumers, and to minimise the risk of cyberattacks in an ever-changing threat landscape," Boor added.
For perspective: the South Carolina-based firm – which provides, among other things, donor management tools to nonprofits – banked $1.1 billion in revenue in 2022, resulting in a $45.4 million loss. This settlement is the least of the biz's concerns, we imagine.
Slap on the wrist
Here's what happened: back in May 2020, Blackbaud experienced a ransomware infection, quietly paid off the crooks, and didn't tell customers about the security breach until July 2020. And when the software company did notify customers, it assured them that the "cybercriminal did not access…bank account information, or social security numbers," according to the SEC order.
By the end of that month, however, the SEC claims that Blackbaud personnel discovered that the miscreants had accessed unencrypted donor bank account information and social security numbers. But the employees allegedly didn't tell senior management about the theft of sensitive customer data because Blackbaud "did not have policies or procedures in place designed to ensure they do so," the court documents say. Make of that what you will.
Billy Big Balls of the Week (23:09)
1st Story (short, follow the link):
Microsoft support 'cracks' Windows for customer after activation fails
In an unexpected twist, a Microsoft support engineer resorted to running an unofficial 'crack' on a customer's Windows PC after a genuine copy of the operating system failed to activate normally. It seems, this isn't the first time either that support professionals have employed such workarounds when under pressure to timely close out support tickets.
A South-Africa based freelance technologist who paid $200 for a genuine copy of Windows 10 was startled to see a Microsoft support engineer "crack" his copy using unofficial tools that bypass the Windows activation process.
2nd Story:
A company who actually followed disclosure requirements (and puts TikTok in the same bucket as Meta and Google):
Cerebral admits to sharing patient data with Meta, TikTok, and Google
Cerebral, a telehealth startup specializing in mental health, says it inadvertently shared the sensitive information of over 3.1 million patients with Google, Meta, TikTok, and other third-party advertisers, as reported earlier by TechCrunch. In a notice posted on the company’s website, Cerebral admits to exposing a laundry list of patient data with the tracking tools it’s been using as far back as October 2019.
The information affected by the oversight includes everything from patient names, phone numbers, email addresses, birth dates, IP addresses, insurance information, appointment dates, treatment, and more. It may have even exposed the answers clients filled out as part of the mental health self-assessment on the company’s website and app, which patients can use to schedule therapy appointments and receive prescription medication.
According to Cerebral, this information got out through its use of tracking pixels, or the bits of code Meta, TikTok, and Google allow developers to embed in their apps and websites. The Meta Pixel, for example, can collect data about a user’s activity on a website or app after clicking an ad on the platform, and even keeps track of the information a user fills out on an online form. While this lets companies, like Cerebral, measure how users interact with their ads on various platforms and track the steps they take afterward, it also gives Meta, TikTok, and Google access to this information, which they can then use to gain insight into their own users.
Industry News (32:43)
UK's New Privacy Bill Could Mean More Work for Firms
Blackbaud Settles $3m Charge Over Ransomware Attack
MI5 Launches New Agency to Tackle State-Backed Attacks
Humans Still More Effective Than ChatGPT at Phishing
Tick APT Group Hacked East Asian DLP Software Firm
Humans Still More Effective Than ChatGPT at Phishing
NCSC Calms Fears Over ChatGPT Threat
UK Joins US, Canada, Others in Banning TikTok From Government Devices
US Government IIS Server Breached via Telerik Software Flaw
Tweet of the Week (40:30)
https://twitter.com/william_whyte/status/1635198775152234496
https://twitter.com/J4vv4D/status/1636055929199140864?s=20
Come on! Like and bloody well subscribe!
192 jaksoa
Kaikki jaksot
×
Tervetuloa Player FM:n!
Player FM skannaa verkkoa löytääkseen korkealaatuisia podcasteja, joista voit nauttia juuri nyt. Se on paras podcast-sovellus ja toimii Androidilla, iPhonela, ja verkossa. Rekisteröidy sykronoidaksesi tilaukset laitteiden välillä.
Samanlainen kuin The Host Unknown Podcast
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of "climate tech" with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!
Siirry offline-tilaan Player FM avulla!
