It's April 5th, 2024, and time for your weekly cybersecurity and open-source news updates. We have news updates from Trac Bannon in Camp Hill, Pennsylvania, Julie Chatman in Washington, DC, Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, and Olimpiu Pop in Transylvania, Romania. We'll start with Julie ChatmanResources and 300+ episodes, all free, all ungated:https://505updates.com/

It's March 29th, 2024 and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is around low-code/no-code solutions and their implications. Today we have perspectives from Julie Chatman in Washington, DC, Katy Craig in San Diego, California, Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwan in Sydney, Australia, and Olimpiu Pop reporting from KubeCon Paris.We'll start with Katy Craig.Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's March 15th, 2024, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is around the recent Cybersecurity and Infrastructure Security Agency hack, and it's suspected perpetrators and implications. We have perspectives from Julie Chatman in Washington, D.C., Katy Craig in San Diego, California, Trac Bannon in Camp Hill, Pennsylvania, and Olimpiu Pop from Transylvania, Romania. We also have a couple of interviews from last month's, AFCEA cybersecurity conference held in San Diego, California.We'll start with Katy Craig.Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's March 8th, 2024, International Women's Day, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is around the risk of backdoored AI. We have perspectives from Julie Chatman in Washington, D.C., Katy Craig in San Diego, California, Trac Bannon in Camp Hill, Pennsylvania, and Olimpiu Pop from Transylvania, Romania. We also have a couple of news stories at the end, and some interviews from the annual AFCEA conference held in San Diego, California last month.We'll start with Julie Chatman.Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's March 1st, 2024 and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is around the anticipation of advancements in quantum computing and the massive overhauls of technology taking place. We have perspectives from Trac Bannon in Camp Hill, Pennsylvania, Olimpiu Pop from Transylvania, Romania, and Katy Craig in San Diego, California. We'll start with Trac Bannon.Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's February 23rd, 2024 and time for point of view Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is around the increasing threat of deepfakes to democracies worldwide. We have perspectives from Trac Bannon in Camp Hill, Pennsylvania, Olimpiu Pop from Transylvania, Romania, Hillary Coover in Washington, DC, and Katy Craig in San Diego, California. We'll start with Katie Craig.Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's February 16th, 2024 and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is the Securities and Exchange Commission's change in cybersecurity disclosure rules. We have perspectives today from Trac Bannon in Camp Hill, Pennsylvania, Olimpiu Pop from Transylvania, Romania, and Katy Craig in San Diego, California. We'll start with Trac Bannon Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's February 9, 2024 and time for Point of View Friday where we cover a single topic from multiple perspectives. Today's point of discussion is the recent large-scale Microsoft breach. We have perspectives from Trac Bannon in Camp Hill, Pennsylvania, Olimpiu Pop in Transylvania, Romania and Shannon Lietz in San Diego, California. We'll start with Katy Craig also in San Diego, connecting the dots between the HPE breach and Microsoft. Resources and 300+ episodes, all free, all ungated:https://505updates.com/

It's January 12th, 2024, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today's point of discussion is what does the future look like for AI and cyber legislation? We have perspectives from Edwin Kwan in Sydney, Australia, Trac Bannon and Camp Hill, Pennsylvania, Olympia Pop from Transylvania, Romania. We'll begin with Shannon Lietz in San Diego, California on the Win, Lose or Draw when considering cyber legislation. Resources and 300+ episodes, all free, all ungated:https://505updates.com/

From @Sourced Network Productions, It's 5:05!, the Podcast , with your daily cybersecurity and opensource news headlines. 🎙️ Free, ungated access to 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: bit.ly/505-updatesIt’s January 5, 2024, and time for Point of View Friday, where we cover a single topic from multiple perspectives. Today’s point of discussion is “What does the near future look like for AI, what should you consider when utilizing AI for your personal use or business solution?”Today’s contributors are Trac Bannon from Camp Hill Pennsylvania, Olimpiu Pop from Transylvania Romania, Shannon Lietz from San Diego California, and Edwin Kwan from Sydney Australia.We’ll start with Edwin’s thoughts on an algorithm that can give a thumbs up or down to your job application. 🎙️ Free access to 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: bit.ly/505-updates#newspodcast #PoVFriday

Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 31st, 1999. The world waits in anticipation of the year 2000 and the potential disasters that might be brought about by the Y2K bug. Just for fun, I set up my home with a remote control to turn off all the lights in my house and the TV our friends would be watching at our New Year's Eve party. Seconds after midnight, I pushed the remote control in my pocket, and everything went out. There were definitely a few people in my house that night who thought the apocalypse had come.Edwin Kwan: One of the features of Chrome Safety Check is that it will check if any saved passwords have been compromised. In addition, users will receive alerts in the Chrome menu about flagged dangerous extensions, outdated Chrome versions, or disabled safe browsing.Shannon Lietz: For the last couple of years, the EU has been talking about how it might address some of the cybersecurity issues that are plaguing its economy. As part of this, addressing the 189 pages of a potential act to come, it's hard to look at it and be both excited and petrified at the same time. There's lots to think about. Olimpiu Pop: In 2023, the cyber warfare aspect of the Ukraine war provided concrete examples of both resilience and evolving nature of cyber threats. Ukrainian cyber defenses, although not unbreakable, effectively countered a variety of Russian cyber attacks

Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 28th, 1895. The world's first projected movie screening takes place at the Salon Indien du Grand Café in Paris, France. 33 people attend at the admission price of 1 franc each to view 10 films at about 50 seconds each.Edwin Kwan: Three malicious Chrome extensions disguised as VPNs infected approximately 1. 5 million users. The extensions - netPlus, netSafe, and netWin - were distributed through an installer hidden in pirated copies of popular video games like Grand Theft Auto and Assassin's Creed.Ian Garrett:  New Year, New Data Breach Disclosure Rules issued by the U. S. Securities and Exchange Commission to reshape the cybersecurity landscape for publicly owned companies. Recently, starting on December 18th, these companies must now comply with the stringent rules requiring them to disclose material cyber incidents within 96 hours.Olimpiu Pop: The EU Cybersecurity Schemes, born from the EU Cybersecurity Act, are being developed for different industry categories such as ICT, Cloud services and 5G networks, and will consist of a comprehensive set of rules, technical requirements, standards and evaluation procedures for certification.

Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 27th, 1968. Apollo 8 splashes down in the Pacific Ocean, ending the first manned orbit of the moon. When the spacecraft hit the water, the parachutes dragged it over and left it upside down. Because they were being buffeted by 10 foot swells, astronaut Frank Borman actually got sick and vomited. Welcome back to Earth, Frank.Edwin Kwan: A critical remote code execution vulnerability in the Apache Struts 2 framework is reportedly being ignored by developers, leaving approximately 80 percent of recent Strut downloads exposed to the flaw. The severity of the vulnerability, rated as 9. 8 out of 10 in CVSS, arises from a logic bug in the File Upload feature.Hillary Coover: Quantum computers operate on subatomic particle properties, enabling them to perform complex calculations and process information at unparalleled speeds compared to today's computers. However, a current challenge is the instability of qubits, the key processing units in quantum computers, which limits their ability to decrypt substantial amounts of data.Olimpiu Pop:  In 2023, the European Union made significant strides in AI legislation with the introduction of the EU AI Act. This groundbreaking legislation, agreed upon on December 9, 2023, is the world's first dedicated law on AI and sets a global precedent.

Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 25th, 1990. Merry Christmas, everyone. Tim Berners Lee, a British scientist working at the European Organization for Nuclear Research, otherwise known as CERN, along with his associate, Robert Kaliau, were operating the first web server, info.cern.Ch, and first web browser slash editor, World Wide Web, which were reportedly able to communicate over the internet by this date.Edwin Kwan: A groundbreaking attack named Terrapin has been uncovered posing a significant threat to the security of the SSH secure shell protocol. What sets Terrapin apart is its ability to undermine cryptographic SSH protections that were previously considered to be immune to such attacksHillary Coover: Britain's National Grid is taking steps to remove components provided by a subsidiary of China-backed Nari Technology from its electricity transmission network due to concerns about cybersecurity. Ian Garrett: Cyber criminals in their quest to maximize disruption and ransom demands are evolving their strategies. A notable example is the ransomware group gang known as BlackCat, which recently employed a novel extortion tactic. This incident is the first of its kind, and likely a precursor to future trends in cyber extortion.Olimpiu Pop:  In 2023, cybersecurity and supply chain issues evolved significantly. Software supply chain attacks, especially targeting open source software libraries, saw a dramatic increase. The growing reliance on open source software, under the pressure of rapid development cycles, made these libraries prime targets for exploitation.

Free, ungated access to all 300+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 22nd, 1882. Edward Johnson, an associate of Thomas Edison, has walnut sized bulbs made specifically for him to wire his Christmas tree with electric light. The eighty red, white, and blue bulbs formed the first set of electric Christmas tree lights in history.Edwin Kwan: A recently discovered SMTP smuggling technique is allowing cyber attackers to sidestep email security protocols, posing a significant threat to organizations. The techniques exploit zero-day flaws in messaging servers, allowing attackers to send malicious emails with fake sender addresses.Hillary Coover: In an effort to combat cybercrime, U. S. government researchers are embarking on a 30 month project to investigate whether computer code used in cyberattacks can reveal clues about the hackers behind them.Katy Craig: The SEC's legal action against the former CISO of SolarWinds is a justified step towards greater accountability in corporate cybersecurity. It highlights the need for individuals in charge to diligently comply with federal safeguards and rules and to report incidents.Trac Bannon: The charges against Joe Sullivan and Timothy Brown have dramatic ramifications for industry. There is the increased scrutiny of CSOs and CISOs. The precedent is set for personal accountability for both cybersecurity practices and disclosures. This means corporate security officers face scrutiny and legal responsibilities similar to CFOs and their responsibility for financial disclosures.Olimpiu Pop: Whether we like it or not, we are at war. The CISO should stop preaching, and transform their slides into actions . Actions, translatable into automated tools that cannot be circumvented or ignored. More than that, as CISO, you should be the north star in terms of ethical conduct.

Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Edwin Kwan:  A former cloud engineer at a bank was terminated for violating company policies, including inappropriate laptop use. After he was fired, the employee went home and used a company issued laptop to launch attacks on the bank's network. Hillary Coover: Database management company MongoDB is currently investigating a security incident that has led to the exposure of some customer information. Certain corporate systems were compromised, containing customer names, phone numbers, email addresses, and other unspecified customer account metadata. For one customer, system logs were accessed. Ian Garrett: Microsoft recently released their Digital Defense Report of 2023, which provides crucial insights into the evolving cybersecurity landscape. Let's jump into the 10 essential insights of cybersecurity from the report.

Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 20th, 1996. In a surprise move at the time, Apple Computer announces their intention to purchase Steve Jobs' company, NeXT, and bring Steve Jobs on board as an advisor to CEO Gil Amelio. Along with the leadership of future CEO Steve Jobs, the resurgence of Apple in the 2000s, and the emergence of the new world of technology can be traced back to this major event in technology history. Hillary Coover: In Maine's data privacy debate, L.L. Bean has surprisingly aligned with global tech giants, highlighting the power of local national business alliances in shaping legislation. This unusual alliance between a family-owned retailer and tech giants illustrates the complexity of the national data privacy law debate, primarily occurring at the state level.Edwin Kwan: Ubiquiti users were reporting last week that they were seeing other people's notification and had access to their devices. The incident was first reported on Reddit, where a user received a notification from UniFi ProTech, including an image from someone else's security camera.Katy Craig: Today we're discussing a significant cyber security incident. Xfinity has recently experienced a major data breach, potentially impacting around 36 million customers . Compromised data includes usernames, hashed passwords, the last four digits of social security numbers, security questions, birthdates, and contact details.

From @Sourced Network Productions, @It's 5:05!, the Podcast , with your daily #cybersecurity and #opensource news headlines. 🎙️ Free access to 280+ episodes of “It’s 5:05!” on your favorite #podcast platforms: bit.ly/505-updatesIn this episode: Marcel Brown: This day in Tech HistoryDecember 19th, 1974. Micro Instrumentation and Telemetry Systems, otherwise known as MITS, begins selling the Altair 8800 microcomputer kit. It is one of the most important computers in history, for it inspired the first generation of entrepreneurs that created the personal computer industry.Edwin Kwan: My Personal Experience with SMS Impersonation ScamsI was recently targeted by an SMS impersonation scam. The scammer was impersonating someone I know who's from the US and a text message came from a US number. I don't have this person's mobile number saved, so replied thinking it might be him. It became obvious fairly quickly that it was a scam, Hillary Coover: Europe Probes Elon Musk's X Over Disinformation Handling Elon Musk's social media platform, X, formerly known as Twitter, is facing an official investigation in Europe regarding its handling of illegal content and disinformation. The European Commission has initiated a formal infringement proceeding against X under the Digital Services Act.Ian Garrett: Cybersecurity, Artificial Intelligence, and Nuclear weapons, Oh my!Cybersecurity, artificial intelligence, and nuclear weapons. Do we have an update for you? The 2024 National Defense Authorization Act, or NDAA, is a crucial piece of annual legislation for U. S. military funding. The NDAA was passed with a focus on various cybersecurity concerns.🎙️ Free access to 290+ episodes of “It’s 5:05!” on your favorite podcast platforms: bit.ly/505-updates#newspodcast

Free, ungated access to all 295+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.The stories we’re covering today.Marcel Brown: December 17th, 1903. Orville and Wilbur Wright make their famous first controlled and sustained flights with a heavier than air, powered aircraft. Orville made the very first flight, which lasted about 12 seconds. Edwin Kwan: It's been almost three years since the critical Log4j vulnerability was disclosed. Despite patches being available shortly after vulnerability disclosure, many organizations persistently use vulnerable versions. There are still approximately 38% of applications using vulnerable versions of the Apache Log4j library. Hillary Coover: China raised concerns about the potential compromise of sensitive data, particularly in crucial sectors like the military, due to the use of foreign geographic information software. The Ministry of State Security has urged security departments to conduct thorough investigations to prevent further breaches. Katy Craig: A marketing company, CMG Local Solutions, recently claimed it could access people's private conversations through their device microphones for targeted advertising. This claim raises some serious red flags.

From Sourced Network Productions, It's 5:05!, the Podcast , with a special report on the EU AI Act. It’s Point of View Friday, featuring Trac Bannon, Katy Craig, Shannon Leitz, and Olimpiu Pop, with their perspectives on the release of the EU AI Act. We’ll start with Katy Craig.Katy Craig: Today, we’re diving into a significant milestone in AI regulation: the European Union’s recent passing of the AI Act. This legislation is set to shape how AI is used across industries, but it also raises questions about potential, unintended consequences.Trac Bannon: The EU is taking the global lead when it comes to AI governance. In the US, there are many discussions and hearings happening about AI policy at different levels of the government, but nothing cohesive and nothing comprehensive.Shannon Lietz: It’s an interesting time to be looking at AI, using AI, and trying to make sense of what it could mean for you. The question is, which use cases is it most well suited for? And are the producers of AI capabilities such as OpenAI and its competitors actually looking at which use cases should be allowed? Which ones are allowed to be adopted?Olimpiu Pop: The EU AI Act, with all its ups and downs, is the first one in the world, and it will be the baseline. Can the slow legislative apparatus keep pace with the lightning speed of AI tech space?🎙️ Free access to 280+ episodes of “It’s 5:05!” on your favorite #podcast platforms: bit.ly/505-updates