It's 5:05! Daily cybersecurity and open source briefing

Contributors from Around the World

“It’s 5:05!'' is a daily audio news cast highlighting security and open source stories from around the world. We filter for the real cybersecurity and open source stories in the news, so you won't have to. Each day, a global team of journalists contribute stories they found interesting in their daily research from the previous 24 hours. We present them to you in an easy to listen to format, making the resources available at the end of each episode so you can do a deep dive on stories you find of interest. read less
NewsNews

Episodes

Episode #304: Edwin Kwan: Google Chrome Safety Check Feature Enhancements; Shannon Lietz: EU CRA: Win  | Lose | Draw; Olimpiu Pop: Year in Review: Ukraine and the cyberwar; Marcel Brown: This Day in Tech History
Dec 29 2023
Episode #304: Edwin Kwan: Google Chrome Safety Check Feature Enhancements; Shannon Lietz: EU CRA: Win | Lose | Draw; Olimpiu Pop: Year in Review: Ukraine and the cyberwar; Marcel Brown: This Day in Tech History
Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 31st, 1999. The world waits in anticipation of the year 2000 and the potential disasters that might be brought about by the Y2K bug. Just for fun, I set up my home with a remote control to turn off all the lights in my house and the TV our friends would be watching at our New Year's Eve party. Seconds after midnight, I pushed the remote control in my pocket, and everything went out. There were definitely a few people in my house that night who thought the apocalypse had come.Edwin Kwan: One of the features of Chrome Safety Check is that it will check if any saved passwords have been compromised. In addition, users will receive alerts in the Chrome menu about flagged dangerous extensions, outdated Chrome versions, or disabled safe browsing.Shannon Lietz: For the last couple of years, the EU has been talking about how it might address some of the cybersecurity issues that are plaguing its economy. As part of this, addressing the 189 pages of a potential act to come, it's hard to look at it and be both excited and petrified at the same time. There's lots to think about. Olimpiu Pop: In 2023, the cyber warfare aspect of the Ukraine war provided concrete examples of both resilience and evolving nature of cyber threats. Ukrainian cyber defenses, although not unbreakable, effectively countered a variety of Russian cyber attacks
Episode #303: Edwin Kwan: Chrome Users Infected via Fake VPNs in Video Game Torrents; Ian Garrett: 6 Key Aspects of SEC Rules for Data Breaches; Olimpiu Pop: Cybersecurity Legislation (CRA, US Legislation); Marcel Brown: This Day in Tech History
Dec 28 2023
Episode #303: Edwin Kwan: Chrome Users Infected via Fake VPNs in Video Game Torrents; Ian Garrett: 6 Key Aspects of SEC Rules for Data Breaches; Olimpiu Pop: Cybersecurity Legislation (CRA, US Legislation); Marcel Brown: This Day in Tech History
Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 28th, 1895. The world's first projected movie screening takes place at the Salon Indien du Grand Café in Paris, France. 33 people attend at the admission price of 1 franc each to view 10 films at about 50 seconds each.Edwin Kwan: Three malicious Chrome extensions disguised as VPNs infected approximately 1. 5 million users. The extensions - netPlus, netSafe, and netWin - were distributed through an installer hidden in pirated copies of popular video games like Grand Theft Auto and Assassin's Creed.Ian Garrett:  New Year, New Data Breach Disclosure Rules issued by the U. S. Securities and Exchange Commission to reshape the cybersecurity landscape for publicly owned companies. Recently, starting on December 18th, these companies must now comply with the stringent rules requiring them to disclose material cyber incidents within 96 hours.Olimpiu Pop: The EU Cybersecurity Schemes, born from the EU Cybersecurity Act, are being developed for different industry categories such as ICT, Cloud services and 5G networks, and will consist of a comprehensive set of rules, technical requirements, standards and evaluation procedures for certification.
Episode #302: Edwin Kwan: Developers Ignore Critical Flaw in Apache Struts 2 Framework; Hillary Coover: The Quantum Computing Revolution and Global Security; Olimpiu Pop: 2023 in Review: AI Legislation; Marcel Brown: This Day in Tech History
Dec 27 2023
Episode #302: Edwin Kwan: Developers Ignore Critical Flaw in Apache Struts 2 Framework; Hillary Coover: The Quantum Computing Revolution and Global Security; Olimpiu Pop: 2023 in Review: AI Legislation; Marcel Brown: This Day in Tech History
Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 27th, 1968. Apollo 8 splashes down in the Pacific Ocean, ending the first manned orbit of the moon. When the spacecraft hit the water, the parachutes dragged it over and left it upside down. Because they were being buffeted by 10 foot swells, astronaut Frank Borman actually got sick and vomited. Welcome back to Earth, Frank.Edwin Kwan: A critical remote code execution vulnerability in the Apache Struts 2 framework is reportedly being ignored by developers, leaving approximately 80 percent of recent Strut downloads exposed to the flaw. The severity of the vulnerability, rated as 9. 8 out of 10 in CVSS, arises from a logic bug in the File Upload feature.Hillary Coover: Quantum computers operate on subatomic particle properties, enabling them to perform complex calculations and process information at unparalleled speeds compared to today's computers. However, a current challenge is the instability of qubits, the key processing units in quantum computers, which limits their ability to decrypt substantial amounts of data.Olimpiu Pop:  In 2023, the European Union made significant strides in AI legislation with the introduction of the EU AI Act. This groundbreaking legislation, agreed upon on December 9, 2023, is the world's first dedicated law on AI and sets a global precedent.
Episode #301: Edwin Kwan: Critical Vulnerability Threatens SSH Security; Hillary Coover: National Grid Removes China-Based Supplier's Components; Ian Garrett: Ransomware Evolves to Extortionware Threat; Olimpiu Pop: 2023 in Review: Cybersecurity and the Supply Chain; Marcel Brown: This Day in Tech History
Dec 26 2023
Episode #301: Edwin Kwan: Critical Vulnerability Threatens SSH Security; Hillary Coover: National Grid Removes China-Based Supplier's Components; Ian Garrett: Ransomware Evolves to Extortionware Threat; Olimpiu Pop: 2023 in Review: Cybersecurity and the Supply Chain; Marcel Brown: This Day in Tech History
Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 25th, 1990. Merry Christmas, everyone. Tim Berners Lee, a British scientist working at the European Organization for Nuclear Research, otherwise known as CERN, along with his associate, Robert Kaliau, were operating the first web server, info.cern.Ch, and first web browser slash editor, World Wide Web, which were reportedly able to communicate over the internet by this date.Edwin Kwan: A groundbreaking attack named Terrapin has been uncovered posing a significant threat to the security of the SSH secure shell protocol. What sets Terrapin apart is its ability to undermine cryptographic SSH protections that were previously considered to be immune to such attacksHillary Coover: Britain's National Grid is taking steps to remove components provided by a subsidiary of China-backed Nari Technology from its electricity transmission network due to concerns about cybersecurity. Ian Garrett: Cyber criminals in their quest to maximize disruption and ransom demands are evolving their strategies. A notable example is the ransomware group gang known as BlackCat, which recently employed a novel extortion tactic. This incident is the first of its kind, and likely a precursor to future trends in cyber extortion.Olimpiu Pop:  In 2023, cybersecurity and supply chain issues evolved significantly. Software supply chain attacks, especially targeting open source software libraries, saw a dramatic increase. The growing reliance on open source software, under the pressure of rapid development cycles, made these libraries prime targets for exploitation.
Episode #300: Edwin Kwan: SMTP Smuggling ByPasses Email Security Controls; Hillary Coover: Researchers Seek to Unmask Hackers Through Code Analysis and AI; Marcel Brown: This Day in Tech History; Katy Craig: CISO Accountability: Framework for Compliance; Trac Bannon: CISO Accountability: The buck stops… where?; Olimpiu Pop: CISO Accountability: Compliance is not Security
Dec 22 2023
Episode #300: Edwin Kwan: SMTP Smuggling ByPasses Email Security Controls; Hillary Coover: Researchers Seek to Unmask Hackers Through Code Analysis and AI; Marcel Brown: This Day in Tech History; Katy Craig: CISO Accountability: Framework for Compliance; Trac Bannon: CISO Accountability: The buck stops… where?; Olimpiu Pop: CISO Accountability: Compliance is not Security
Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 22nd, 1882. Edward Johnson, an associate of Thomas Edison, has walnut sized bulbs made specifically for him to wire his Christmas tree with electric light. The eighty red, white, and blue bulbs formed the first set of electric Christmas tree lights in history.Edwin Kwan: A recently discovered SMTP smuggling technique is allowing cyber attackers to sidestep email security protocols, posing a significant threat to organizations. The techniques exploit zero-day flaws in messaging servers, allowing attackers to send malicious emails with fake sender addresses.Hillary Coover: In an effort to combat cybercrime, U. S. government researchers are embarking on a 30 month project to investigate whether computer code used in cyberattacks can reveal clues about the hackers behind them.Katy Craig: The SEC's legal action against the former CISO of SolarWinds is a justified step towards greater accountability in corporate cybersecurity. It highlights the need for individuals in charge to diligently comply with federal safeguards and rules and to report incidents.Trac Bannon: The charges against Joe Sullivan and Timothy Brown have dramatic ramifications for industry. There is the increased scrutiny of CSOs and CISOs. The precedent is set for personal accountability for both cybersecurity practices and disclosures. This means corporate security officers face scrutiny and legal responsibilities similar to CFOs and their responsibility for financial disclosures.Olimpiu Pop: Whether we like it or not, we are at war. The CISO should stop preaching, and transform their slides into actions . Actions, translatable into automated tools that cannot be circumvented or ignored. More than that, as CISO, you should be the north star in terms of ethical conduct.
Episode #298: Edwin Kwan: Ubiquiti User Accounts Suffer Data Breach; Katy Craig: Xfinity Acknowledges 36 Million Customer Accounts Breached; Hillary Coover: L.L. Bean's Surprising Stance on Data Privacy; Marcel Brown: This Day in Tech History
Dec 20 2023
Episode #298: Edwin Kwan: Ubiquiti User Accounts Suffer Data Breach; Katy Craig: Xfinity Acknowledges 36 Million Customer Accounts Breached; Hillary Coover: L.L. Bean's Surprising Stance on Data Privacy; Marcel Brown: This Day in Tech History
Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 20th, 1996. In a surprise move at the time, Apple Computer announces their intention to purchase Steve Jobs' company, NeXT, and bring Steve Jobs on board as an advisor to CEO Gil Amelio. Along with the leadership of future CEO Steve Jobs, the resurgence of Apple in the 2000s, and the emergence of the new world of technology can be traced back to this major event in technology history. Hillary Coover: In Maine's data privacy debate, L.L. Bean has surprisingly aligned with global tech giants, highlighting the power of local national business alliances in shaping legislation. This unusual alliance between a family-owned retailer and tech giants illustrates the complexity of the national data privacy law debate, primarily occurring at the state level.Edwin Kwan: Ubiquiti users were reporting last week that they were seeing other people's notification and had access to their devices. The incident was first reported on Reddit, where a user received a notification from UniFi ProTech, including an image from someone else's security camera.Katy Craig: Today we're discussing a significant cyber security incident. Xfinity has recently experienced a major data breach, potentially impacting around 36 million customers . Compromised data includes usernames, hashed passwords, the last four digits of social security numbers, security questions, birthdates, and contact details.
Episode #297: Edwin Kwan, My Personal Experience with SMS Impersonation Scams; Hillary Coover, Europe Probes Elon Musk's X Over Disinformation Handling; Ian Garrett, Cybersecurity, Artificial Intelligence, and Nuclear weapons, Oh my!
Dec 19 2023
Episode #297: Edwin Kwan, My Personal Experience with SMS Impersonation Scams; Hillary Coover, Europe Probes Elon Musk's X Over Disinformation Handling; Ian Garrett, Cybersecurity, Artificial Intelligence, and Nuclear weapons, Oh my!
From @Sourced Network Productions, @It's 5:05!, the Podcast , with your daily #cybersecurity and #opensource news headlines. 🎙️ Free access to 280+ episodes of “It’s 5:05!” on your favorite #podcast platforms: bit.ly/505-updatesIn this episode: Marcel Brown: This day in Tech HistoryDecember 19th, 1974. Micro Instrumentation and Telemetry Systems, otherwise known as MITS, begins selling the Altair 8800 microcomputer kit. It is one of the most important computers in history, for it inspired the first generation of entrepreneurs that created the personal computer industry.Edwin Kwan: My Personal Experience with SMS Impersonation ScamsI was recently targeted by an SMS impersonation scam. The scammer was impersonating someone I know who's from the US and a text message came from a US number. I don't have this person's mobile number saved, so replied thinking it might be him. It became obvious fairly quickly that it was a scam, Hillary Coover: Europe Probes Elon Musk's X Over Disinformation Handling Elon Musk's social media platform, X, formerly known as Twitter, is facing an official investigation in Europe regarding its handling of illegal content and disinformation. The European Commission has initiated a formal infringement proceeding against X under the Digital Services Act.Ian Garrett: Cybersecurity, Artificial Intelligence, and Nuclear weapons, Oh my!Cybersecurity, artificial intelligence, and nuclear weapons. Do we have an update for you? The 2024 National Defense Authorization Act, or NDAA, is a crucial piece of annual legislation for U. S. military funding. The NDAA was passed with a focus on various cybersecurity concerns.🎙️ Free access to 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: bit.ly/505-updates#newspodcast
Episode #296: Edwin Kwan: 38% of Apps Still Exposed to Log4J Vulnerability; Katy Craig: Is My Phone Spying on Me?; Hillary Coover: Foreign Geographic Software Poses National Security Threats; Marcel Brown: This Day in Tech History
Dec 18 2023
Episode #296: Edwin Kwan: 38% of Apps Still Exposed to Log4J Vulnerability; Katy Craig: Is My Phone Spying on Me?; Hillary Coover: Foreign Geographic Software Poses National Security Threats; Marcel Brown: This Day in Tech History
Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 17th, 1903. Orville and Wilbur Wright make their famous first controlled and sustained flights with a heavier than air, powered aircraft. Orville made the very first flight, which lasted about 12 seconds. Edwin Kwan: It's been almost three years since the critical Log4j vulnerability was disclosed. Despite patches being available shortly after vulnerability disclosure, many organizations persistently use vulnerable versions. There are still approximately 38% of applications using vulnerable versions of the Apache Log4j library. Hillary Coover: China raised concerns about the potential compromise of sensitive data, particularly in crucial sectors like the military, due to the use of foreign geographic information software. The Ministry of State Security has urged security departments to conduct thorough investigations to prevent further breaches. Katy Craig: A marketing company, CMG Local Solutions, recently claimed it could access people's private conversations through their device microphones for targeted advertising. This claim raises some serious red flags.
Special Report: POV Friday - Four Opinions on the EU AI Act.
Dec 17 2023
Special Report: POV Friday - Four Opinions on the EU AI Act.
From Sourced Network Productions, It's 5:05!, the Podcast , with a special report on the EU AI Act. It’s Point of View Friday, featuring Trac Bannon, Katy Craig, Shannon Leitz, and Olimpiu Pop, with their perspectives on the release of the EU AI Act. We’ll start with Katy Craig.Katy Craig: Today, we’re diving into a significant milestone in AI regulation: the European Union’s recent passing of the AI Act. This legislation is set to shape how AI is used across industries, but it also raises questions about potential, unintended consequences.Trac Bannon: The EU is taking the global lead when it comes to AI governance. In the US, there are many discussions and hearings happening about AI policy at different levels of the government, but nothing cohesive and nothing comprehensive.Shannon Lietz: It’s an interesting time to be looking at AI, using AI, and trying to make sense of what it could mean for you. The question is, which use cases is it most well suited for? And are the producers of AI capabilities such as OpenAI and its competitors actually looking at which use cases should be allowed? Which ones are allowed to be adopted?Olimpiu Pop: The EU AI Act, with all its ups and downs, is the first one in the world, and it will be the baseline. Can the slow legislative apparatus keep pace with the lightning speed of AI tech space?🎙️ Free access to 280+ episodes of “It’s 5:05!” on your favorite #podcast platforms: bit.ly/505-updates
Episode #295: Edwin Kwan: Apple Beta Testing Stolen Device Protection Feature; Marcel Brown: This Day in Tech History; Katy Craig: EU AI Act: Significant Milestone in AI Regulation; Trac Bannon: EU AI Act: Does it Leave U.S. in the Dust?; Shannon Lietz: EU AI Act: Win, Lose, or Draw?; Olimpiu Pop: EU AI Act: A Baseline for Regulation
Dec 15 2023
Episode #295: Edwin Kwan: Apple Beta Testing Stolen Device Protection Feature; Marcel Brown: This Day in Tech History; Katy Craig: EU AI Act: Significant Milestone in AI Regulation; Trac Bannon: EU AI Act: Does it Leave U.S. in the Dust?; Shannon Lietz: EU AI Act: Win, Lose, or Draw?; Olimpiu Pop: EU AI Act: A Baseline for Regulation
Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 16, 2003. The CAN SPAM Act of 2003 is signed into United States law. Passed in an attempt to control the growing deluge of junk email, the law's effectiveness is dubious at best. Especially considering political spam is exempt from the law.Edwin Kwan: Apple will soon be introducing a stolen device protection feature, which is aimed at enhancing security if an iPhone is stolen, particularly in scenarios where thieves obtain the device passcode. Katy Craig: Today, we're diving into a significant milestone in AI regulation: the European Union's recent passing of the AI Act. This legislation is set to shape how AI is used across industries, but it also raises questions about potential, unintended consequences. Trac Bannon: The EU is taking the global lead when it comes to AI governance. In the US, there are many discussions and hearings happening about AI policy at different levels of the government, but nothing cohesive and nothing comprehensive. Olimpiu Pop: The EU AI Act, with all its ups and downs, is the first one in the world, and it will be the baseline. Can the slow legislative apparatus keep pace with the lightning speed of AI tech space?Shannon Lietz: It's an interesting time to be looking at AI, using AI, and trying to make sense of what it could mean for you. The question is, which use cases is it most well suited for? And are the producers of AI capabilities such as OpenAI and its competitors actually looking at which use cases should be allowed? Which ones are allowed to be adopted?
Episode #294: Edwin Kwan: Over 50% Insider Attacks Involve Privilege Elevation Exploits; Katy Craig: Malware Deployment Strategy against Adobe ColdFusion; Ian Garrett: Where Will Cyber Leaders Focus on AI in 2024; Marcel Brown: This Day in Tech History
Dec 14 2023
Episode #294: Edwin Kwan: Over 50% Insider Attacks Involve Privilege Elevation Exploits; Katy Craig: Malware Deployment Strategy against Adobe ColdFusion; Ian Garrett: Where Will Cyber Leaders Focus on AI in 2024; Marcel Brown: This Day in Tech History
Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 14th, 1902. The cable ship Silvertown begins laying the first Transpacific telegraph cable from San Francisco, destined for Honolulu, Hawaii. On January 1st, 1903, the connection between Hawaii and San Francisco was established.Edwin Kwan: A research study based on data from January 2021 to April 2023 shows a rise in insider threats, with 55% relying on privilege escalation exploits and the remaining 45% introducing risk by downloading or misusing offensive tools.Katy Craig:  In June 2023, cybersecurity incidents shook the digital landscape  as threat actors exploited a vulnerability in Adobe ColdFusion. The attackers executed a calculated malware deployment strategy. They exploited the Adobe ColdFusion vulnerability to introduce malware, including a remote access Trojan using HTTP POST commands.Ian Garrett: AI has emerged at the forefront of cybersecurity megatrends for 2024. An overwhelming 93% of respondents anticipate Generative AI, like ChatGPT, impacting their business strategies within the next 5 years, with 89% already incorporating AI into their R&D efforts.
Episode #293: Edwin Kwan: Messenger and Facebook: Default End to End Encryption; Hillary Coover: Campaign Targets Taiwan Elections with Stolen Identities and Disinformation; Katy Craig: North Korea’s Lazarus Still Exploiting Log4j; Marcel Brown: This Day in Tech History
Dec 13 2023
Episode #293: Edwin Kwan: Messenger and Facebook: Default End to End Encryption; Hillary Coover: Campaign Targets Taiwan Elections with Stolen Identities and Disinformation; Katy Craig: North Korea’s Lazarus Still Exploiting Log4j; Marcel Brown: This Day in Tech History
Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 16, 2016. After a long delay, Apple finally releases their new wireless earbuds, the Apple AirPods. Within two years, they became Apple's most popular accessory, and today are some of the most popular and well recognized earbuds in the market. Hillary Coover: A covert campaign dating back to May 2022 is distorting conversations about Taiwan's upcoming elections. The Graphika report exposes hundreds of fake social media accounts on Facebook, TikTok, and YouTube. While the perpetrators remain unidentified, the operation favored a pro-China political party in Taiwan, while criticizing its main rival.Katy Craig: Two years after the infamous Log4j vulnerability came to light, North Korean hackers are still exploiting this flaw in widespread cyberattacks. These attacks fall under the wide-reaching activities of the Lazarus umbrella, a term for the various North Korean government hacking operations.Edwin Kwan: Meta has announced the rollout of default end-to-end encryption for personal messages and calls on Messenger and Facebook. The rollout will take several months to complete globally, prompting users to set up recovery methods when their chats are upgraded.
Episode #292: Edwin Kwan: 5Ghoul Vulnerabilities Affecting Most 5G Smart Phones; Katy Craig: P2PInfect: Evolving to Target Routers and IoT Devices; Ian Garrett: That Job Candidate Might Be a Hacker; Mark Miller: This Day in Tech History
Dec 12 2023
Episode #292: Edwin Kwan: 5Ghoul Vulnerabilities Affecting Most 5G Smart Phones; Katy Craig: P2PInfect: Evolving to Target Routers and IoT Devices; Ian Garrett: That Job Candidate Might Be a Hacker; Mark Miller: This Day in Tech History
Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Mark Miller: December 12th, 1980. Apple computer holds their initial public offering selling 4.6 million shares at $22 per share, and turning more than 40 Apple employees and investors into instant millionaires. Edwin Kwan: A set of 14 security vulnerabilities named "5Ghoul" has been discovered in the firmware implementation of 5G mobile network modems from major chipset vendors like MediaTek and Qualcomm. The flaw impacts USB and IoT modems along with hundreds of smartphone models running Android and iOS.Katy Craig: Cybersecurity researchers from Cato Security Labs have uncovered a new variant of P2PInfect compiled for the MIPS architecture used widely in routers and IoT devices. This latest version indicates the botnet's expanding capability is in reach. Ian Garrett: Now hackers are applying to jobs? TA4557, a threat actor active since 2018, is evolving its strategy to directly target recruiters with malicious URLs. Once the recruiter responds, TA4557 replies with a URL linking to a website controlled by the threat actor, posing as the candidate's resume.
Episode #291: Edwin Kwan: Critical Vulnerabilities Affect Multiple Atlassian Products; Hillary Coover: Russian Deepfake: Celebrities Used in Disinformation Against Ukraine; Mark Miller: Gemini: A fake it till you make it demo by Google; Marcel Brown: This Day in Tech History
Dec 11 2023
Episode #291: Edwin Kwan: Critical Vulnerabilities Affect Multiple Atlassian Products; Hillary Coover: Russian Deepfake: Celebrities Used in Disinformation Against Ukraine; Mark Miller: Gemini: A fake it till you make it demo by Google; Marcel Brown: This Day in Tech History
Free, ungated access to all 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 11th, 2008. Google releases the first stable, public version of their new web browser, Chrome. By 2013, Chrome had bypassed Microsoft's Internet Explorer and Mozilla Firefox to become the most popular web browser in the world, and is still considered so today.Edwin Kwan: Atlassian has issued an email warning customers of four critical vulnerabilities, each rated 9.0 or higher. Confluence, Jira, and Bitbucket servers, as well as companion apps for macOS are affected. Hillary Coover: Every piece of content you put online is at risk of being manipulated. Microsoft's recent cybersecurity research revealed that Russian propagandists employed a deceptive strategy to manipulate at least seven Western celebrities, including Elijah Wood and Priscilla Presley.Mark Miller: Well, that was a real train wreck, wasn't it? It looks as if Gemini's launch video jumped the shark. Let's take a step back as VP of research Oreo Venules responds by getting called out for faking the video.