videodrome

We’re kicking things off in the new year with a returning guest, Mr. Bil Herd. He was the principal engineer on the Commodore Plus/4, C16/116, C264, C364, and the Commodore 128. Come join us at our usual location, the Alderwood United Church, 44 Delma Dr., Etobicoke ON, M8W 4N6, Canada.

The meeting takes place on Thursday, January 11, 2024 at 7:30PM ET. If you’re unable to attend in person, please join us online via the Zoom link below. Thanks for attending!

Join Zoom Meeting https://us02web.zoom.us/j/88059151457?pwd=RTEzUWM5bnc4cFpjVjZBYXNEMElEZz09

Meeting ID: 880 5915 1457 Passcode: 274933

In the past, cybercriminals often operated with the motive to "do it for lulz," engaging in malicious activities purely for the sake of amusement or creating chaos. Today, they’re driven by profit, transforming into rational business entities seeking scalable, repeatable processes for a steady income. This change in motivation has made predicting their behavior somewhat easier, as their actions are now grounded in strategic objectives rather than unpredictable whims.

In 2024, we expect the ransomware threat will continue taking an opportunistic turn—a trend that we first highlighted in 2022, gained momentum throughout 2023 (marked by multiple advisories, culminating in the ongoing CitrixBleed exploitation), and is projected to reach maturity this year.

Every so often someone needs to create a more or less permanent internal identifier in their system every person's account. Some of the time they look at how authentication systems like OIDC return email addresses among other data and decide that since pretty much everyone is giving them an email address, they'll use the email address as the account's permanent internal identification.

As the famous saying goes, now you have two problems.