Digital Podcast

British Airs GDPR Mega Fine, Attacking Outlook for Fun and Profit , and DoH for Bad Guys


Join Now to Share


InfoSec ICU show

Summary: Gerry and Steve discuss a looming $240 Million dollar GDPR non-compliance fine for British Airways for an incident you may not think is GDPR coverable. They follow by talking about how malicious actors are abusing weaknesses in Outlook to establish persistence on corporate systems. Finally they discuss the proliferation of DNS over HTTP to make the Internet a more secure place, and how bad guys are weaponizing it.<br> As always they end with One Cool Thing.<br> <a href="https://podcast.musc.edu/podcast/infosec/e83-infosecicu" target="_blank" rel="noopener noreferrer">Show Notes</a><br> <br> Resources:<br> British Airways GDPR Potential Fine<br> <a href="https://www.theverge.com/2019/7/8/20685830/british-airways-data-breach-fine-information-commissioners-office-gdpr" target="_blank" rel="noopener noreferrer">https://www.theverge.com/2019/7/8/20685830/british-airways-data-breach-fine-information-commissioners-office-gdpr</a><br> Malware using Outlook<br> <a href="https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/" target="_blank" rel="noopener noreferrer">https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/</a><br> DNS over HTTPS for malicious intent<br> <a href="https://www.techspot.com/news/80791-meet-godlua-first-known-malware-leverages-dns-over.html" target="_blank" rel="noopener noreferrer">https://www.techspot.com/news/80791-meet-godlua-first-known-malware-leverages-dns-over.html</a><br> <br> One Cool Thing<br> Cicerone<br> <a href="https://www.cicerone.org/" target="_blank" rel="noopener noreferrer">https://www.cicerone.org/</a><br> <br> TrackThis.link<br> <a href="https://trackthis.link/" target="_blank" rel="noopener noreferrer">https://trackthis.link/</a><br> <br> Contact<br> Email <a href="mailto:infosecicu@musc.edu">infosecicu@musc.edu</a><br> Twitter:<br> <br> * <a href="https://twitter.com/Gerald_Auger" target="_blank" rel="noopener noreferrer">Gerry Auger (@Gerald_Auger)</a><br> * <a href="https://twitter.com/sgcardinal" target="_blank" rel="noopener noreferrer">Steven Cardinal (@sgcardinal)</a><br> <br>