This Week in InfoSec

Liberated from the “today in infosec” Twitter account

6th May 1995: Chris Lamprecht (aka "Minor Threat") became the first person banned from the Internet. He received a 70 month sentence for money laundering...and was banned from the Internet until 2003.

https://www.wired.com/1997/12/twice-removed-locked-up-and-barred-from-net/

https://twitter.com/todayininfosec/status/1257862817371156480

7th May 2004: 18-year-old German computer science student Sven Jaschan was arrested for writing the Sasser worm and the NetSky worm. One of Jaschan's friends had informed Microsoft that Jaschan had created the worm.

https://en.m.wikipedia.org/wiki/Sasser_(computer_worm)

https://twitter.com/todayininfosec/status/1390689536670420998

9th May 1990: Operation Sundevil was revealed in a press release. It was a US Secret Service crackdown on "illegal computer hacking activities." Raids occurred in ~15 cities, resulting in a measly 3 arrests.

https://twitter.com/todayininfosec/status/1259301463102074880

The Hacker Crackdown audiobook https://boingboing.net/2008/01/13/podcast-of-bruce-ste.html  

Rant of the Week

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway

Colonial Pipeline's operators reportedly paid $5m to regain control of their digital systems and get the pipeline pumping oil following last week's ransomware infection.

News of the payoff was broken by Bloomberg – which not only cited anonymous sources but also mocked other news outlets' anonymous sources for saying earlier this week that the American pipeline operator would never pay the ransom.

https://www.theregister.com/2021/05/13/colonial_pipeline_ransom/

https://twitter.com/KimZetter/status/1392923544753872896

Colonial Pipeline hackers apologize, promise to ransom less controversial targets in future

https://www.theverge.com/2021/5/10/22428996/colonial-pipeline-ransomware-attack-apology-investigation

Colonial Pipeline was looking to hire a cybersecurity manager before the ransomware attack shut down operations

https://www.theregister.com/2021/05/13/colonial_pipeline_hiring_cybersecurity_manager/

 Billy Big Balls of the Week

Hackers Are Having a Field Day With AirTags

Just two weeks after their release, several hackers and security researchers are tearing Apple’s AirTags apart and finding some issues with them.

https://www.vice.com/en/article/pkbpa7/hackers-are-having-a-field-day-with-airtags

Industry News

Misconfigured Database Exposes 200K Fake Amazon Reviewers

Ransomware Takes Down East Coast Fuel Pipeline

University Cancels Exams After Cyber-Attack

Staff Bonus was “Crass” Phishing Simulation

Germany Bans Facebook from Processing WhatsApp Data

AXA to Stop Reimbursing Ransom Payments

More Domestic Abuse Cases Involve Tech

Home Working Parents and Young Adults Are Most Risky IT Users

Biden Executive Order Mandates Zero Trust and Strong Encryption

Tweet of the Week

https://twitter.com/browninfosecguy/status/1392503491042611202

Olaf Hartong @olafhartong: FreemiumBackups

Iain Cyto @IainCyto: Surprise Pen Test Posse.

Biteater @illustrioushefe: WindowsOffender

David Shipley @davidshipley: Trailer Park Crypto Boys

Adrian @Nutritionist_AP: RanSomewhere

Old Navy Dude next @ DEFCON & HIMMS @0ldNavyDude: Ransom McRansomface

Come on! Like and bloody well subscribe!