This week in InfoSec (07:14)

With content liberated from the “today in infosec” twitter account and further afield

12th November 2000 Microsoft Declares Tablets Are the Future

Bill Gates demonstrates a functional prototype of a Tablet PC. Microsoft claims “the Tablet PC will represent the next major evolution in PC design and functionality.” However, the Tablet PC initiative never really took off and it wasn't until Apple introduced the iPad in 2010 that tablet computing was widely adopted.

17th November 2018: US President Donald Trump signed a bill into law, approving the creation of the Cybersecurity and Infrastructure Security Agency (CISA). The bill was the CISA Act.

Trump signs bill that creates the Cybersecurity and Infrastructure Security Agency

https://twitter.com/todayininfosec/status/1328528180500717568

Rant of the Week (18:44)

Germany says nein to Qatari World Cup spyware, err, apps

World Cup apps from the Qatari government collect more personal information than they need to, according to Germany's data protection agency, which this week warned football fans to only install the two apps "if it is absolutely necessary." Also: consider using a burner phone.

The two apps are Ehteraz, a Covid-19 tracker from the Qatari Ministry of Public Health, and Hayya from the government's Supreme Committee for Delivery & Legacy overseeing the Cup locally, which allows ticket holders entry into the stadiums and access to free metro and bus transportation services.

Norway's data protection agency, meanwhile, this week said it was "alarmed by the extensive access the apps require" and warned that Qatari authorities likely use the apps to monitors' users location, in addition to snooping through personal data.

See also: World Cup apps pose a data security and privacy nightmare

Billy Big Balls of the Week (29:05)

Australia to 'stand up and punch back' against cyber crims

Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus.

The aggressive posture was expressed in the announcement of a "Joint standing operation" that will see the Australian Federal Police and the Australian Signals Directorate (Australia's GCHQ/NSA analog) run a team with a mission "to investigate, target and disrupt cyber-criminal syndicates with a priority on ransomware threat groups."

Minister for Home Affairs and Cyber Security Clare O'Neil said the operation will "scour the world, hunt down the criminal syndicates and gangs who are targeting Australia in cyber-attacks, and disrupt their efforts."

"This is Australia standing up and punching back," she said during an interview on local political talking heads program Insiders. "We are not going to sit back while our citizens are treated like this and allow there to be no consequences for that."

O'Neill said the operation will "for the first time [be] offensively attacking these people."

Industry News (36:10)

T: Google to Pay $392m in Landmark Privacy Case

A: Billbug Targets Government Agencies in Multiple Asian Countries

J: Euro Authorities Warn World Cup Fans Over Qatari Apps

T: Majority of Companies Reduce Cybersecurity Staff Over Holidays

A: Chinese Spy Gets 20 Years for Aviation Espionage Plot

J: US: Iranian Hackers Breached Government with Log4Shell

T: More Than Half of Black Friday Spam Emails Are Scams

A: Hundreds of Amazon RDS Snapshots Discovered Leaking Users' Data

J: Zeus Botnet Suspected Leader Arrested in Geneva

Tweet of the Week (43:30)

https://twitter.com/attritionorg/status/1593487371819192321

https://twitter.com/SoVeryBritish/status/1592554974432866306

Come on! Like and bloody well subscribe!