This week in InfoSec (12:47)

With content liberated from the “today in infosec” twitter account and further afield

22nd March 2018: The city of Atlanta announced it was victim to a ransomware attack. The attackers demanded $51,000 worth of bitcoin to release the encrypted data, but Atlanta didn't pay the ransom. Whether or not to pay ransom isn't a simple or easy matter, but this proved to be expensive. 

https://twitter.com/todayininfosec/status/1638513067259510786

21st March 2001: SMBRelay and SMBRelay2 were released by Sir Dystic at the @lantacon convention in Atlanta, Georgia. The tools were developed to carry out SMB man-in-the-middle attacks on Windows machines.

SMBRelay

https://twitter.com/todayininfosec/status/1638327435434291201  

Rant of the Week (19:43)

https://twitter.com/keewa/status/1638853767448735744

Billy Big Balls of the Week (29:08)

Journalist opens USB letter bomb in newsroom

Journalists across Ecuador have been targeted by explosive devices sent through the post.

One presenter, Lenin Artieda, was injured when he opened the envelope in the middle of the newsroom.

He said the explosive device looked like a USB drive. He plugged it into his computer and it detonated.

The Ecuadorean attorney-general's department confirmed it had opened a terrorism investigation into the letters on Monday.

It did not name the specific news outlets targeted. However, at least five different organisations across Ecuador were sent the letters.

The government has condemned the attacks, describing freedom of expression as "a right that must be respected".

"Any attempt to intimidate journalism and freedom of expression is a loathsome action that should be punished with all the rigour of justice," it said in a statement.

The interior minister, Juan Zapata, said the devices were all sent from the same town. Three were sent to media outlets in Guayaquil and two to the capital, Quito.

While Mr Artieda was injured by the device, others sent through the post failed to explode or were never opened.

Police carried out a controlled detonation of one of the devices sent to TC Television, prosecutors confirmed.

From 2017, Mr Self Destruct v1

Industry News (36:51) 

Ferrari Reveals Data Breach Ransom Attack

Just 1% of Dot-Org Domains Are Fully DMARC Protected

BreachForums Shuts Down After Admin's Arrest

Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts

UK Government Sets Out Vision for NHS Cybersecurity

New Post-Exploitation Attack Method Found Affecting Okta Passwords

China-Aligned "Operation Tainted Love" Targets Middle East Telecom Providers

UK Parliament Bans TikTok from its Network and Devices

IRS Phishing Emails Used to Distribute Emotet

Tweet of the Week (44:52)

https://twitter.com/evacide/status/1638957449909788672

Come on! Like and bloody well subscribe!