It's 5:05! Daily cybersecurity and open source briefing Contributors from Around the World

Free, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown: December 3rd, 2001. Inventor Dean Kamen unveils the Segway self-balancing battery-powered vehicle on the TV show Good Morning America. The Segway uses computers and motors in its base to keep itself upright while the user is riding it. While the original Segway was not considered a commercial success, it definitely became a familiar icon of personal transportation.
Edwin Kwan: Security researchers revealed a vulnerability in Zoom that allowed the unauthorized access of service accounts. The vulnerability enabled hackers to claim a Zoom Room's service account, gaining invisible access to team chat, whiteboards, and other applications.
Hillary Coover: As we approach peak shopping season, it's crucial to consider measures to protect yourself from online fraud. One effective tool is the use of virtual credit cards. Here are a few frequently asked questions to get you all set up.
Katy Craig: Security researchers have unveiled "LogoFAIL," a set of vulnerabilities in the Unified Extensible Firmware Interface (UEFI), used by various firmware vendors. These flaws, found in firmware image-parsing libraries, pose a significant risk to a wide range of consumer and enterprise devices from major manufacturers.

Free, ungated access to all 285+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown: December 1st, 1996. America Online launches a new subscription plan offering their subscribers unlimited dial up internet access for $19.95 a month. Previously, AOL charged $9.95 a month for 5 hours of usage. The new plan brought in over 1 million new customers to AOL within weeks, and daily usage doubled among subscribers, to a whole 32 minutes per day.
Edwin Kwan: Apple has urgently released security updates to address two zero day vulnerabilities that were actively being exploited. These vulnerabilities impact iPhones, iPads, and Mac devices.
Katy Craig: CISA and the United Kingdom's National Cyber Security Centre jointly released guidelines for secure AI system development, developed in cooperation with 21 other agencies and ministries from across the world, including all members of the group of seven major industrial economies.
Trac Bannon: The CISA AI Roadmap is a comprehensive, whole of agency plan. They've aligned it with the U. S. National AI Strategy. The roadmap has lines of effort to promote the beneficial uses of AI, enhance cybersecurity capabilities, and improve protection of AI systems from cyber based threats. One specific example that I find particularly valuable is the emphasis on secure by design principles in AI adoption.
Olimpiu Pop: UK's Cyber Security Agency provided guidelines, and they invite you to act securely while developing your AI system. They mostly refer to general software development practices. Practices that the industry is trying to impose without much success for years now.

Free, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown: November 30th, 2009. Book retailer Barnes Noble releases their first Nook eReader to compete with the highly successful Amazon Kindle, released two years earlier.
Edwin Kwan: Are we sharing too much on LinkedIn? Daniel Barbosa from WeLiveSecurity recently published an article on the potential risks associated with the wealth of personal information shared on LinkedIn, which is the world's largest professional social network.
Katy Craig: MITRE, a government-funded research organization, is leading an ambitious project to map the security vulnerabilities in artificial intelligence (AI) systems. Recognizing the critical nature of AI security, international cyber defense agencies have called for enhanced security practices throughout the AI system lifecycle.
Ian Garrett: Is investing in cybersecurity hot or not? It turns out it depends who you're asking, because there's a huge divide between the private and public markets.

Free, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown:  November 29th, 1972. Atari introduces their first product, Pong, which would become the world's first commercially successful video game. Nolan Bushnell installed the game at Andy Capp's Tavern in Sunnyvale, California on this day. There were 10,000 machines installed within four months.
Edwin Kwan: In 2023, Australians suffered over $400 million in losses due to scams. The actual figure is believed to be much higher considering under reporting. Australian banks have yielded to pressure from consumer groups and pledged to enhance efforts against scams by implementing technology to block transfers to suspicious accounts.
Hillary Coover: As more and more cocaine is sneaking into Europe, big ports like Rotterdam and Antwerp are facing cybercrime aiding smuggling operations. In a shocking expose, the intricate web of criminal infiltration into Europe's major ports is revealed.
Katy Craig: Google's latest cybersecurity forecast presents a concise yet comprehensive look at the emerging cyber landscape for 2024. This report from Google underlines the urgent need for advanced AI-integrated cybersecurity measures to combat these evolving threats and safeguard digital ecosystems in 2024 and beyond.

Free, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown: November 28, 1948. Just in time for the Christmas shopping season, 57 units of the first commercial instant camera, the Polaroid Land Camera Model 95, go on sale at the Jordan Marsh Department Store in Boston. Polaroid believed that 57 units would be enough to last through Christmas.
Edwin Kwan: Open Source Blender Project is being targeted by Distributed Denial of Service attacks resulting in site outages. The attacks have severely disrupted operations, making it difficult to process legitimate connection requests. Despite continuous efforts by the administrators, attempts to block attackers' IP ranges were unsuccessful.
Katy Craig: In a landmark collaboration, the United States and the United Kingdom have jointly issued comprehensive guidelines to strengthen the security and integrity of artificial intelligence, or AI, systems. This crucial document is directed at AI system providers, including those using both in-house and external models and APIs.
Ian Garrett: Microsoft has announced the deprecation of Defender Application Guard for Office and the Windows Security Isolation APIs. These tools were integral in securing Microsoft 365 apps by creating a secure sandbox for files from untrusted sources. Microsoft's decision to deprecate Defender Application Guard for Office has significant implications for organizations and IT professionals.

Free, ungated access to all 280+ episodes of “It’s 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You’re welcome to 𝗿𝗲𝗽𝗼𝘀𝘁 if your followers will find this of value.
The stories we’re covering today.
Marcel Brown: November 27, 1995. Nearly six months to the day after Bill Gates sent his Internet Tidal Wave memo recognizing the importance of the Internet, and only three months after releasing version 1.0, Microsoft releases Internet Explorer 2.0 for Windows 95 and Windows NT 3.5.
Edwin Kwan: Three critical vulnerabilities have been reported to affect OwnCloud, exposing users to potential data breaches. One of these flaws, with a maximum severity score, exposes administrator passwords and mail server credentials.
Hillary Coover: Despite the widespread belief that private browsing can secure better prices during online shopping, it turns out that Incognito mode doesn't deliver on this promise. All private browsing modes do is erase your search history from the device and prevent the browser from using cookies to track your activity across sites.
Katy Craig: The Pentagon is racing against time and technology in its ambitious Replicator initiative, aiming to deploy thousands of AI-enabled autonomous vehicles by 2026. This strategic push is to keep pace with China's rapid advancements in military technology.