Top infosec trends in the social media spotlight this week
The Japanese minister in charge of cybersecurity stunned the infosec world this week after admitting that he’d “never used a computer”.
Yoshitaka Sakurada, 68, who’s also in charge of the 2020 Tokyo Olympics, told a parliamentary committee that he asked his secretaries and officials to handle anything that might involve the internets.
Appearing before a parliamentary committee, Sakurada seemed to misunderstand a question about the vulnerability of Japan’s power grid to malware.
The minister responded that malware that USB was “basically never used” in the utility systems. Lawmakers laughed nervously at his replies, AP reports.
Perhaps the Japanese – supposedly like the British, at least according to Brexiteer Michael Gove – have had enough of experts, others noted.
Elsewhere, the merits of two free security testing tools were aired during an entertaining – if one-sided – Twitter dust-up this week.
Somdev Sangwan (@s0md3v), the developer of XSStrike, dissed the merits of KNOXSS and other tools is a style more reminiscent of a bantamweight boxer than a security coder.
Eye-opening claims by Sangwan attached to the release of XSStrike v3 that it was time to “Throw away your paid tools, this is some God level shit” rang the bell on the first round of the scrap.
Twitter user LiveOverflow mischievously suggested that XSStrike should go toe-to-toe with KNOXSS, a rival tool.
@knoxss_me and its Brazilian developer @BruteLogic, avoided been sucked into the fight even after Sangwan questioned its “ring readiness”.
Once the dust had settled, Sangwan had the grace to come back and apologise for going off on one.
Verified Twitter accounts from retailer Target and Google’s G-Suite were hacked this week in the latest phase of an ongoing Bitcoin scam that has become a scourge of the social media platform of late.
Compromised accounts are used to post fictitious promos for a supposed Bitcoin giveaway by inventor Elon Musk that are actually designed to trap the credulous into handing over e-money to fraudsters.
Writer Adam Raymond attracted interest on Medium with a post on the five most prevalent cyberscams doing the rounds.
The post covers CEO scams (AKA Business Email Compromise), sextortion, voicemail phishing (vishing), and SMSishing (SMS-based phishing), as well as the questionable protection offered by RFID-shielding wallets.
Raymond’s post goes onto offer advice on countermeasures which, in the case of RFID wallets, translates in a simple “don’t bother”.
Security researcher David Buchanan managed to elevate proceedings by squeezing the complete works of Shakespeare into one tweet.
No, Twitter hasn’t radically expanded the 280-character limit to updates on the microblogging platform. Instead, Buchanan managed to fit 1.3 million words that make up the complete works of the bard into a single tweet by packing it into the metadata of an associated image – a form of steganography.
Tech developer Foone Turing (@Foone) this week got into trouble when he encoded a amp-video for Rick Astley’s ‘Never Gonna Give You Up’ in a tiny 1.4 MB file - small enough to fit on a floppy disc.
After he uploaded a link to this content – surely the ultimate Rickroll – Foone was slapped down with a DMCA copyright violation notice from Universal Music.
He refused to take this interference lying down.
In these fractious times, in the midst of Brexit, surely this is a sentiment we can all get behind.