Site Map - skip to main content

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes every weekday Monday through Friday.
This page was generated by The HPR Robot at


hpr4081 :: The Oh No! News.

Sgoti gives us some moral panic ridden pearl clutching nonsense.

<< First, < Previous, , Latest >>

Thumbnail of Some Guy On The Internet
Hosted by Some Guy On The Internet on Monday, 2024-03-25 is flagged as Clean and is released under a CC-BY-SA license.
Oh No News, Threat analysis, QNAP. 6.
The show is available on the Internet Archive at: https://archive.org/details/hpr4081

Listen in ogg, spx, or mp3 format. Play now:

Duration: 00:12:06

Privacy and Security.

In this open series, you can contribute shows that are on the topic of Privacy and Security

The Oh No! news.

Oh No! News is Good News.

  • TAGS: Oh No News, Threat analysis, QNAP

Threat analysis; your attack surface.

Relevance of the published data volume.

The data package published on the darknet comprised around 1.3 million files. Once the data had been downloaded, the NCSC took the lead in systematically categorising and triaging all documents relevant to the Federal Administration. The results showed that the volume of data relevant to the Federal Administration comprised around 65,000 documents, or approximately 5% of the total published data set. The majority of these files belonged to Xplain (47,413) with a share of over 70%; around 14% (9,040) belonged to the Federal Administration. Around 95% of the Federal Administration’s files belonged to the administrative units of the Federal Department of Justice and Police (FDJP): the Federal Office of Justice, Federal Office of Police, State Secretariat for Migration and the internal IT service centre ISC-FDJP. With just over 3% of the data, the Federal Department of Defence, Civil Protection and Sport (DDPS) is slightly affected and the other departments are only marginally affected in terms of volume.

Proportion of sensitive data.

Sensitive content such as personal data, technical information, classified information and passwords was found in around half of the Federal Administration's files (5,182). Personal data such as names, email addresses, telephone numbers and postal addresses were found in 4,779 of these files. In addition, 278 files contained technical information such as documentation on IT systems, software requirement documents or architectural descriptions, 121 objects were classified in accordance with the Information Protection Ordinance and 4 objects contained readable passwords.

Xplain filed a criminal complaint after the incident, provided the authorities with all the necessary information and cooperated with them in investigating and limiting the damage. We rebuilt the entire IT infrastructure in accordance with the recommendations of the National Cyber Security Center (NCSC) and replaced the external operators. An external audit of the infrastructure and processes was completed in November. The NCSC subsequently wrote an assessment of the audit. The Federal Council's strategy crisis team on data leaks (PSC-D) took note of the report.

A threat actor is creating fake Skype, Google Meet, and Zoom meetings, mimicking these popular collaboration applications to spread various commodity malware that can steal sensitive data from both Android and Windows users.


  • Additional Information.
    • What is a "Data Breach"? A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so.
    • What is "Malware"? Malware (a portmanteau for malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy.
    • What is a "Payload"? In the context of a computer virus or worm, the payload is the portion of the malware which performs malicious action; deleting data, sending spam or encrypting data. In addition to the payload, such malware also typically has overhead code aimed at simply spreading itself, or avoiding detection.
    • What is "Phishing"? Phishing is a form of social engineering where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim.
    • Social engineering (security) In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.
    • What is "Information Security" (InfoSec)? Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management.
      • Information Security Attributes: Confidentiality, Integrity and Availability (C.I.A.). Information Systems are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell administrators, users and operators how to use products to ensure information security within the organizations.
    • What is "Risk management"? Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
    • What is a "Vulnerability" (computing)? Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware.
    • What is an "Attack Surface"? The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure.
    • What is an "Attack Vector"? In computer security, an attack vector is a specific path, method, or scenario that can be exploited to break into an IT system, thus compromising its security. The term was derived from the corresponding notion of vector in biology. An attack vector may be exploited manually, automatically, or through a combination of manual and automatic activity.
    • What is "Standardization"? Standardization is the process of implementing and developing technical standards based on the consensus of different parties that include firms, users, interest groups, standards organizations and governments. Standardization can help maximize compatibility, interoperability, safety, repeatability, or quality. It can also facilitate a normalization of formerly custom processes.
    • What is a "Replay attack"? A replay attack is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. Another way of describing such an attack is: "an attack on a security protocol using a replay of messages from a different context into the intended (or original and expected) context, thereby fooling the honest participant(s) into thinking they have successfully completed the protocol run."
    • What is a "Man-in-the-middle attack"? In cryptography and computer security, a man-in-the-middle, ..., attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.
    • What is "Transport Layer Security" (TLS)? Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.
    • What is a "Handshake" (computing)?. In computing, a handshake is a signal between two devices or programs, used to, e.g., authenticate, coordinate. An example is the handshaking between a hypervisor and an application in a guest virtual machine.
    • What is Security theater? The practice of taking security measures that are considered to provide the feeling of improved security while doing little or nothing to achieve it.


Comments

Subscribe to the comments RSS feed.

Comment #1 posted on 2024-03-25 12:50:34 by Trey

Pearl clutching

Great to hear another episode of Oh No! news. Keep up the awesome work.

Comment #2 posted on 2024-03-25 12:50:46 by hpr listener

Unnecessary insult

It is noticed that SGOTI continues to use the open nature of HPR to insert insults into shows toward those expressing legitimate criticism of judgemental past statements he has made.

Comment #3 posted on 2024-03-26 14:51:45 by Ken Fallon

@hpr listener

You appear to have an issue with SGOTI. Rather than hash it out in the comments can you please contact the Janitors - admin@hpr of if you prefer an independent ear, then the auditors@hpr.

Comment #4 posted on 2024-03-26 23:14:05 by Some Guy on the Internet

Desperately, with white knuckles, clutching pearls.

I sit at my desk, clutching my pearls with bated breath, listening for the soothing sound of “Good Heavens!” to calm me during these moral panic ridden times. Thank you Trey.

Comment #5 posted on 2024-03-27 17:09:49 by Henrik Hemrin

/e/OS - an open source Android alternative

Regarding Android: I use /e/OS as operating system on my daily mobile phone. https://e.foundation/

/e/OS is based on LineageOS, which in turn is based on Adroid Open Source Platform (AOSP). /e/OS is an (almost) deGoogled version of Android.

In general, /e/OS works well for me. But still, some apps do not work fully or not at all. So unfortunately I need a backup phone for some purposes. Not unlikely are issues related to microG which replaces Google services, but cannot mimic it in every detail. Despite issues, I enjoy to use an alternative to the very non-free softwares iOS and Google-Android.

Comment #6 posted on 2024-03-28 21:32:07 by Kevin O'Brien

Good Show

I always enjoy The Oh No! News

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback
Your Name/Handle:
Title:
Comment:
Anti Spam Question: What does the letter P in HPR stand for?
Are you a spammer?
Who is the host of this show?
What does HPR mean to you?