Episode 165 - The Don't Screw It Up Episode

This week in InfoSec (10:17)With content liberated from the “today in infosec” twitter account and further afield29th August 1990: The British Computer Misuse Act Goes into Effect  One of the earliest laws anywhere designed to address computer fraud, the Act resulted from a long debate in the 1980s over failed prosecutions of hackers -- in one well-publicised case, two men hacked into a British Telecom computer leaving messages in the Duke of Edinburgh's private mailbox.Archive of historic BT 'email' hack preserved24th August 1993: Perhaps the most famous lawsuit in technology history is decided for Microsoft. Apple claimed that Microsoft’s Windows violated their copyrights on the “visual displays” of the Macintosh. The judge in the case ruled that most of the claims were covered by a 1985 licensing agreement. Other claims were not violations of copyright due to the “merger doctrine”, which basically states that ideas can not be copyrighted. This paved the way for Microsoft to develop Windows 95, which imitated the Macintosh even more so than previous versions of Windows.Today in Apple history: Tide turns against Apple in war with Microsoft Rant of the Week (16:57)X wants permission to start collecting your biometric data and employment historyX, the platform previously known as Twitter, is expanding the amount of data it collects on users. The social network has updated its privacy policy to include carveouts for “biometric information” and “employment history,” as spotted by Bloomberg.“Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes,” the privacy policy reads. It doesn’t include any details on what kind of biometric information this includes — or how X plans to collect it — but it typically involves fingerprints, iris patterns, or facial features.X Corp. was named in a proposed class action lawsuit in July over claims that its data collection violates the Illinois Biometric Information Privacy Act. The lawsuit alleges that X “has not adequately informed individuals” that it “collects and/or stores their biometric identifiers in every photograph containing a face” that’s uploaded to the platform. Billy Big Balls of the Week (27:28)Classiscam fraud-as-a-service expands, now targets banks and 251 brandsThe "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.Like a ransomware-as-a-service operation, this Telegram-based operation recruits affiliates who use the service's phishing kits to create fake ads and pages to steal money, credit card information, and, more recently, banking credentials.Group-IB has published new information on the operation today, reporting that Classiscam has made $64.5 million in combined earnings from scamming users of classifieds sites and stealing their money and payment card details.The number of targeted brands has also grown from 169 brands last year to 251 this year, and there are now 393 criminal gangs targeting users in 79 countries, coo