Episode 26: Track & Trace: Spreadsheet Happens
First up in today's episode: 16,000 confirmed COVID-19 cases mysteriously go missing from an Excel spreadsheet as part of the UK's 'track and trace' system. We don't like to speculate, but it looks like someone might have been using a legacy version of Excel... But Kev tries hard to stay upbeat about it all.
Experienced fraudsters have made off with $15m from an American company after gaining access to email conversations about a commercial conversation with "surgical precision". Kev talks us through what a 'man in the email' attack – which is what this was – entails and how to mitigate it (spoiler alert: JUST USE 2FA!).
Next, Cisco got hit with a $1.9billion judgement in a security patent lawsuit and the team struggles to pronounce 'Centripetal'. Said impossible-to-pronounce company raised the complaint against Cisco for infringing on four security patents related to encrypted traffic and packet filtering technology them. Of course, Paul is thrilled (we all know his feelings on Webex – and if you don't, you're about to...).
And in this week's 'Hackers could...', we have an absolutely ridiculous (*ahem*) story about hackers locking users into a product called Cellmate – which is a male chastity gadget. Cue much giggling...
***
Excel-ent security:
https://www.theverge.com/2020/10/5/21502141/uk-missing-coronavirus-cases-excel-spreadsheet-error
Man in the email:
https://www.infosecurity-magazine.com/news/experts-warn-of-15-million-global/
Cisco's expensive week:
https://www.networkworld.com/article/3584836/cisco-slapped-with-19-billion-judgement-in-security-patent-lawsuit.html
Cellmate:
https://www.bbc.co.uk/news/technology-54436575
About Cyber Humanity
The podcast taking cybersecurity personally
There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.
These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.
Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity.