The one and only Andy (13:10)

With content liberated from the “today in infosec” twitter account and further afield

2nd March 2013: Evernote announced that it had reset 50 million users' passwords after hackers accessed users' email addresses and hashed passwords. 

https://twitter.com/todayininfosec/status/1631302952395710467

1st March 1988: The MS-DOS boot sector virus "Ping-Pong" was discovered at the Politecnico di Torino (Turin Polytechnic University) in Italy.

Ping Pong Virus

https://twitter.com/todayininfosec/status/1630965727128612864  

Rant of the Week (19:18)

News Corp outfoxed by IT intruders for years

The miscreants who infiltrated News Corporation's corporate IT network spent two years in the media monolith's system before being detected early last year.

The super-corp, which owns The Wall Street Journal, New York Post, UK publications including The Sunday Times, and a broad array of other entities around the world, first reported the intrusion in February 2022, saying the snoops got into email accounts and gained access to employees' data and business documents.

A year later, according to a four-page letter sent to employees, News Corp executives said the unidentified cybercriminals likely first gained access to a company system as early as February 2020, and then got into "certain business documents and emails from a limited number of its personnel's accounts in the affected system."

Both News Corp and Mandiant – the now-Google-owned cybersecurity house brought in to investigate the intrusion – said the attackers likely were nation-state players linked to China with the aim of gathering intelligence.

Billy Big Balls of the Week (28:16)

Salesforce banks savings by sweating tech infrastructure for an extra year

CRM giant Salesforce has decided to sweat its infrastructure for an extra year, and make employees wait the same period before giving them new PCs.

News of the company's decision to live with old tech came in the SaaS supremo's Q4 2023 earnings call, during which CFO Amy Weaver told investors "Our guidance includes slightly under one-half points of benefit due to a depreciation change to the useful life of certain equipment by one year effective February 1st. For our infrastructure-related equipment, this changed the useful life from approximately four to five years. And for IT employee equipment, this changed from approximately three to four years."

Salesforce is not the only tech giant to have decided its hardware can last longer: Microsoft last year extended the life of some servers to six years, while Google has stretched the life of servers to four years and is happy running some five year old networking kit.

Salesforce's operations aren't as extensive as the hyperscalers, but this is still bad news for the hardware industry. It shows a major player is entirely happy running mission-critical workloads on older kit for longer without the usual upgrade cycle.

Industry News (36:35)

Keylogger on Employee Home PC Led to LastPass 2022 Breach

US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit

Attacker Breakout Time Drops to Just 84 Minutes

Google Workspace Adds Client-Side Encryption to Gmail and Calendar

ICO Calls for Review into Private Message Use by Ministers

Russian Government Bans Foreign Messaging Apps

WH Smith Discloses Cyber-Attack, Company Data Theft

White House Launches National Cybersecurity Strategy

API Security Flaw Found in Booking.com Allowed Full Account Takeover

BBC Tik tok https://www.bbc.co.uk/news/technology-64797355

Tweet of the Week ( 

https://twitter.com/mtanji/status/1631314289397997572

Come on! Like and bloody well subscribe!