Episodes

  • Episode 195 - The Smashing Unknown Episode

    Episode 195 - The Smashing Unknown Episode
    Jun 10 2024
    This week in InfoSec (11:16)With content liberated from the “today in infosec” twitter account and further afield5th of June 1991, a mere 33 years ago, : Philip Zimmermann sent the first release of PGP to 2 friends, Allan Hoeltje and Kelly Goen, to upload to the Internet. From the man himself, First, I sent it to Allan Hoeltje, who posted it to Peacenet, an ISP that specialized in grassroots political organizations, mainly in the peace movement. Peacenet was accessible to political activists all over the world. Then, I uploaded it to Kelly Goen, who proceeded to upload it to a Usenet newsgroup that specialized in distributing source code. At my request, he marked the Usenet posting as "US only". Kelly also uploaded it to many BBS systems around the country. I don't recall if the postings to the Internet began on June 5th or 6th.It may be surprising to some that back in 1991, I did not yet know enough about Usenet newsgroups to realize that a "US only" tag was merely an advisory tag that had little real effect on how Usenet propagated newsgroup postings. I thought it actually controlled how Usenet routed the posting. But back then, I had no clue how to post anything on a newsgroup, and didn't even have a clear idea what a newsgroup was.After releasing PGP, I immediately diverted my attention back to consulting work, to try to get caught up on my mortgage payments. I thought I could just release PGP 1.0 for MSDOS, and leave it alone for awhile, and let people play with it. I thought I could get back to it later, at my leisure. Little did I realize what a feeding frenzy PGP would set off. Apparently, there was a lot of pent-up demand for a tool like this. Volunteers from around the world were clamoring to help me port it to other platforms, add enhancements, and generally promote it. I did have to go back to work on paying gigs, but PGP continued to demand my time, pulled along by public enthusiasm.I assembled a team of volunteer engineers from around the world. They ported PGP to almost every platform (except for the Mac, which turned out to be harder). They translated PGP into foreign languages. And I started designing the PGP trust model, which I did not have time to finish in the first release. Fifteen months later, in September 1992, we released PGP 2.0, for MSDOS, several flavors of Unix, Commodore Amiga, Atari, and maybe a few other platforms, and in about ten foreign languages. PGP 2.0 had the now-famous PGP trust model, essentially in its present form.It was shortly after PGP 2.0's release that US Customs took an interest in the case. Little did they realize that they would help propel PGP's popularity, helping to ignite a controversy that would eventually lead to the demise of the US export restrictions on strong cryptography.7 June 2009. A mere 15 years ago. Sophos launched its (utterly shit) IT vigilante marketing campaignDress up a British man (who appears to have had a nervous breakdown over a corporate data breach incident) in an orange gimp suit – that will sell security software for sure!At least, that was the plan made by Sophos’s marketing department for its “IT Vigilante” campaign.https://www.youtube.com/watch?v=-gc6sDqofcIhttps://grahamcluley.com/top-five-worst-videos-anti-virus/Other awful videos:Happy birthday Eugene Kaspersky: https://www.youtube.com/watch?v=ujnq188E5-wEugene’s “silent movie”: https://www.youtube.com/watch?v=Ib8UjCQl5sE&t=6s Rant of the Week (22:45)https://www.bbc.co.uk/news/articles/cxee7317kgmoRussian hackers are behind the cyber attack on a number of major London hospitals, according to the former chief executive of the National Cyber Security Centre.Ransomware attacks on the healthcare industry as a whole have increased significantly over the past year. Whaley attributes the uptick to “lives on the line.”“While no sector is invulnerable to these attacks… healthcare providers have proven time and time again that they’re the most willing to pay a ransom following these incidents," Whaley said.“Bad actors know this and smell blood in water,” he added. Whaley pointed out that the rise in state-sponsored cyberattacks combined “with the further digitization of the NHS paints a pretty grim picture for the defensive capabilities of the British healthcare sector… and possibly a warning sign of much larger attacks to come.” Graham's Giant Gonads of the Week (30:51)Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Labhttps://therecord.media/kaspersky-apple-bug-bounty-declinedhttps://securelist.com/trng-2023/Apple has snubbed Russian cybersecurity firm Kaspersky Lab, refusing to shell out a bug bounty for four zero-day vulnerabilities discovered in iPhone software. Targets were infected using zero-click exploits via the iMessage platform, and the malware ran with root privileges, gaining complete control over the device and user data. The twist?The vulnerabilities were used to spy on Kaspersky ...
    Show More Show Less
    49 mins
  • Episode 194

    Episode 194
    Jun 3 2024

    This week in InfoSec (07:29)

    With content liberated from the “today in infosec” twitter account and further afield

    28th May: 2014: LulzSec hacker Hector Monsegur, known as Sabu, was sentenced and released the same day on time served for his role in a slew of high-profile cyberattacks. He had served 7 months in prison after his arrest.

    https://x.com/todayininfosec/status/1795228730735886650

    25th May 2018: The General Data Protection Regulation (GDPR) in the European Union (EU) to strengthen and unify data protection became effective - just over 2 years after it was adopted by the EU.

    https://twitter.com/todayininfosec/status/1794461551534936503

    Rant of the Week (18:34)

    Bing outage shows just how little competition Google search really has

    Bing, Microsoft's search engine platform, went down in the very early morning 23rd May. That meant that searches from Microsoft's Edge browsers that had yet to change their default providers didn't work. It also meant that services relying on Bing's search API—Microsoft's own Copilot, ChatGPT search, Yahoo, Ecosia, and DuckDuckGo—similarly failed.

    If dismay about AI's hallucinations, power draw, or pizza recipes concern you—along with perhaps broader Google issues involving privacy, tracking, news, SEO, or monopoly power—most of your other major options were brought down by a single API outage this morning. Moving past that kind of single point of vulnerability will take some work, both by the industry and by you, the person wondering if there's a real alternative.

    Billy Big Balls of the Week (26:56)

    IT worker sued over ‘vengeful’ cyber harassment of policeman who issued a jaywalking ticket


    In an ongoing civil lawsuit, an IT worker is accused of launching a "destructive cyber campaign of hate and revenge" against a police officer and his family after being issued a ticket for jaywalking.

    Industry News (34:44)

    Check Point Urges VPN Configuration Review Amid Attack Spike

    Courtroom Recording Software Vulnerable to Backdoor Attacks

    New North Korean Hacking Group Identified by Microsoft

    Internet Archive Disrupted by Sustained and “Mean” DDoS Attack

    Advance Fee Fraud Targets Colleges With Free Piano Offers

    US-Led Operation Takes Down World’s Largest Botnet

    First American Reveals Data Breach Impacting 44,000 Individuals

    Europol-Led Operation Endgame Hits Botnet, Ransomware Networks

    BBC Pension Scheme Breached, Exposing Employee Data

    Tweet of the Week (47.14)

    https://twitter.com/DebugPrivilege/status/1795823939631067165

    Come on! Like and bloody well subscribe!
    Show More Show Less
    51 mins
  • Episode 193 - The "At Last!" Episode

    Episode 193 - The "At Last!" Episode
    May 27 2024
    This week in InfoSec (11:36) With content liberated from the “today in infosec” twitter account and further afield17th May 2015: CNN published their article on a statement Cybersecurity Consultant, Chris Roberts had publicly made on Twitter a month earlier. There were lots of accusations made regarding Chris Roberts' actions hacking into computer systems while a passenger on multiple airline flights. Did he actually cause a plane to fly sideways? Maybe? But it's not like he made it fly upside down.FBI: Hacker claimed to have taken over flight’s engine controlshttps://twitter.com/todayininfosec/status/1791214444980080724 26th May 1995: Gates Declares Internet "Most Important Single Development"Realising his company had missed the boat in estimating the impact and popularity of the Internet, Microsoft Corp. CEO Bill Gates issued a memo titled, "The Internet Tidal Wave," which signaled the company's renewed focus on that arena. In the memo, Gates declared that the Internet was the "most important single development" since the IBM personal computer -- a development that he was assigning "the highest level of importance”.https://1995blog.com/2020/05/25/25-years-on-bill-gates-internet-tidal-wave-memo-a-seminal-document-of-the-unfolding-digital-age/ Rant of the Week (18:00)Giving Windows total recall of everything a user does is a privacy minefieldMicrosoft's Windows Recall feature is attracting controversy before even venturing out of preview.Like so many of Microsoft's AI-infused products, Windows Recall will remain in preview while Microsoft refines it based on user feedback – or simply gives up and pretends it never happened.The principle is simple. Windows takes a snapshot of a user's active screen every few seconds and dumps it to disk. The user can then scroll through the archive of snapshots to find what were doing some time back, or query an AI system to recall past screenshots by text. Billy Big Balls of the Week (28:58)Hacker Breaches Scam Call Center, Warns Victims They've Been ScammedA hacker claims to have breached a scam call center, stolen the source code for the company’s tools, and emailed the company’s scam victims.The hack is the latest in a long series of vigilante actions in which hackers take matters into their own hands and breach or otherwise disrupt scam centers. A massively popular YouTube community, with creators mocking their targets, also exists around the practice. Industry News (34:17)Authorities Arrest $100m Incognito Drugs Market SuspectAI Seoul Summit: 16 AI Companies Sign Frontier AI Safety CommitmentsUK Government in £8.5m Bid to Tackle AI Cyber-ThreatsMastercard Doubles Speed of Fraud Detection with Generative AIPSNI Faces £750,000 Data Breach Fine After Spreadsheet LeakGitHub Fixes Maximum Severity Flaw in Enterprise ServerNational Records of Scotland Data Breached in NHS Cyber-AttackNVD Leaves Exploited Vulnerabilities UncheckedMicrosoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day Tweet of the Week (41:59)https://twitter.com/gcluley/status/1792881296907043217Two for one:https://twitter.com/mer__edith/status/1793888092321202634 Come on! Like and bloody well subscribe!
    Show More Show Less
    48 mins
  • Episode 192 - The Unedited Episode

    Episode 192 - The Unedited Episode
    May 8 2024

    This week in InfoSec

    With content liberated from the “today in infosec” twitter account and further afield

    27th April 2012: The Information Commissioner's Office (ICO) in the UK issued its first-ever data breach fine to an NHS (National Health Service) organisation, fining Aneurin Bevan Health Board in Wales £70,000.

    https://www.digitalhealth.net/2012/04/first-nhs-fine-issued-by-ico/

    Rant of the Week

    Dropbox dropped the ball on security, haemorrhaging customer and third-party info

    Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.

    The attack, detailed in a regulatory filing, impacted Dropbox Sign – a service it bills as an "eSignature solution [that] lets you send, sign, and store important documents in one seamless workflow, without ever leaving Dropbox." So basically a DocuSign clone.

    The filing states that management became aware of the incident last week – on April 24 – and "immediately activated our cyber security incident response process to investigate, contain, and remediate the incident."

    That effort led to the discovery that "the threat actor had accessed data related to all users of Dropbox Sign, such as emails and usernames, in addition to general account settings."

    Billy Big Balls of the Week

    Chinese government website security is often worryingly bad, say Chinese researchers

    Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.

    The researchers concluded the investigation has uncovered "pressing security and dependency issues" that may not have a quick fix.

    "Despite thorough analyses, practical solutions to bolster the security of these systems remain elusive," wrote the researchers. "Their susceptibility to cyber attacks, which could facilitate the spread of malicious content or malware, underscores the urgent need for real-time monitoring and malicious activity detection."

    The study also highlights the need for "stringent vetting and regular updates" of third-party libraries and advocates "a diversified distribution of network nodes, which could substantially augment system resilience and performance."

    The study will likely not go down well in Beijing, as China's government has urged improvements to government digital services and apps often issues edicts about improving cybersecurity.

    Industry News

    Google Blocks 2.3 Million Apps From Play Store Listing

    Disinformation: EU Opens Probe Against Facebook and Instagram Ahead of Election

    NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms

    Lawsuits and Company Devaluations Await For Breached Firms

    UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA

    REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison

    Security Breach Exposes Dropbox Sign Users

    Indonesia is a Spyware Haven, Amnesty International Finds

    North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts

    Tweet of the Week

    https://twitter.com/summer__heidi/status/1783829402574639187

    Come on! Like and bloody well subscribe!
    Show More Show Less
    49 mins
  • Episode 191 - This One's For The Boomers

    Episode 191 - This One's For The Boomers
    Apr 29 2024
    This week in InfoSec (07:04)With content liberated from the “today in infosec” twitter account and further afield23rd April 2005: The first video uploaded to YouTube, “Me at the zoo,” is posted on April 23, 2005 at 8:27 PM by co-founder Jawed Karim. For now being a piece of history, the video is actually pretty dumb.Note to future entrepreneurs: what you do may be for posterity. Choose wisely.22nd April 1988: 1988: The VIRUS-L email mailing list was created and moderated by Ken van Wyk while he was working at Lehigh University. It was the first electronic forum dedicated to discussing computer viruses.https://twitter.com/todayininfosec/status/1782424224348446910 Rant of the Week (13:21)Ring dinged for $5.6M after, among other claims, rogue insider spied on 'pretty girls'The FTC today announced it would be sending refunds totaling $5.6 million to Ring customers, paid from the Amazon subsidiary's coffers.The windfall stems from allegations made by the US watchdog that folks could have been, and were, spied upon by cybercriminals and rogue Ring workers via their Ring home security cameras.The regulator last year accused Ring of sloppy privacy protections that allowed the aforementioned spying to occur or potentially occur.Specifically, the FTC formally charged Ring with "compromising its customers' privacy by allowing any employee or contractor to access consumers' private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers' accounts, cameras, and videos." Billy Big Balls of the Week (21:41)Cops cuff man for allegedly framing colleague with AI-generated hate speech clipBaltimore police have arrested Dazhon Leslie Darien, the former athletic director of Pikesville High School (PHS), for allegedly impersonating the school's principal using AI software to make it seem as if he made racist and antisemitic remarks.Darien, of Baltimore, Maryland, was subsequently charged with witness retaliation, stalking, theft, and disrupting school operations. He was detained late at night trying to board a flight at BWI Thurgood Marshall Airport. Security personnel stopped him because the declared firearm he had with him was improperly packed and an ensuing background check revealed an open warrant for his arrest.He is quoted as saying “Arse cock pussy”. 😀"On January 17, 2024, the Baltimore County Police Department became aware of a voice recording being circulated on social media," said Robert McCullough, Chief of Baltimore County Police, at a streamed press conference today. "It was alleged the voice captured on the audio file belong to Mr Eric Eiswert, the Principal at the Pikesville High School. We now have conclusive evidence that the recording was not authentic. Industry News (30:51)Quishing Attacks Jump Tenfold, Attachment Payloads HalveAlarming Decline in Cybersecurity Job Postings in the USNCSC Announces PwC’s Richard Horne as New CEONSA Launches Guidance for Secure AI DeploymentEnd-to-End Encryption Sparks Concerns Among EU Law EnforcementFifth of CISOs Admit Staff Leaked Data Via GenAIUS Congress Passes Bill to Ban TikTokOnline Banking Security Still Not Up to Par, Says Which?Ring to Pay Out $5.6m in Refunds After Customer Privacy Breach Tweet of the Week (38:56)https://twitter.com/KimZetter/status/1783556843798671591 Come on! Like and bloody well subscribe!
    Show More Show Less
    44 mins
  • Episode 190 - The Very Serious Episode

    Episode 190 - The Very Serious Episode
    Apr 15 2024
    This week in InfoSec (08:49)With content liberated from the “today in infosec” twitter account and further afield7th April 1969: Steve Crocker, a graduate student at UCLA and part of the team developing ARPANET, writes the first “Request for Comments“. The ARPANET, a research project of the Department of Defense’s Advanced Research Projects Agency (ARPA), was the foundation of today’s modern Internet. RFC 1 defined the design of the host software for communication between ARPANET nodes. This host software would be run on Interface Message Processors or IMPs, which were the precursor to Internet routers. The “host software” defined in RFC 1 would later be known as the Network Control Protocol or NCP, which itself was the forerunner to the modern TCP/IP protocol the Internet runs on today.https://thisdayintechhistory.com/04/07/rfc-1-defines-the-building-block-of-internet-communication/7th April 2014: The Heartbleed Bug was publicly disclosed. The buffer over-read vulnerability had been discovered by Neel Mehta and later privately reported to the OpenSSL project, which patched it the next day. The vulnerability was inadvertently introduced into OpenSSL 2 years prior.https://twitter.com/todayininfosec/status/1777136463882183076 Rant of the Week (17:09)OpenTable is adding your first name to previously anonymous reviewsRestaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names.OpenTable notified members of this new policy change today in emails to members who had previously left a review on the platform, stating the change was made to provide more transparency."At OpenTable, we strive to build a community in which diners can help other diners discover new restaurants, and reviews are a big part of that," reads the OpenTable email seen by BleepingComputer."We've heard from you, our diners, that trust and transparency are important when looking at reviews.""To build on the credibility of our review program, starting May 22, 2024, OpenTable will begin displaying diner first names and profile photos on all diner reviews. This update will also apply to past reviews. Billy Big Balls of the Week (26:36)Lloyds Bank axes risk staff after executives complain they are a ‘blocker’Lloyds Banking Group plans to cut jobs in risk management after an internal review found the function was a “blocker to our strategic transformation”. The restructuring was outlined in a memo last month from Lloyds’ chief risk officer Stephen Shelley, who said two-thirds of executives believed risk management was blocking progress while “less than half our workforce believe intelligent risk-taking is encouraged”. The lender was “resetting our approach to risk and controls”, Shelley said in the memo, seen by the Financial Times, adding that “the initial focus is on non-financial risks”. Industry News (33:55)T: Famous YouTube Channels Hacked to Distribute InfostealersA: US Federal Data Privacy Law Introduced by LegislatorsJ: Foreign Interference Drives Record Surge in IP TheftT: Half of UK Businesses Hit by Cyber-Incident in Past Year, UK Government FindsA: US Claims to Have Recovered $1.4bn in COVID FraudJ: Women Experience Exclusion Twice as Often as Men in CybersecurityT: Threat Actors Game GitHub Search to Spread MalwareA: Data Breach Exposes 300k Taxi Passengers’ InformationJ: Apple Boosts Spyware Alerts For Mercenary Attacks Tweet of the Week (52:08)https://x.com/ErrataRob/status/1778536622163984590 Come on! Like and bloody well subscribe!
    Show More Show Less
    55 mins
  • Episode 189 - The Something Something Band Something Something Together Episode

    Episode 189 - The Something Something Band Something Something Together Episode
    Apr 8 2024
    This week in InfoSec (06:10)With content liberated from the “today in infosec” twitter account and further afield3rd April 2011: Email marketing and loyalty program management company Epsilon reported a data breach of names and email addresses of numerous companies' customers, totaling at least 60 million records. Dozens of companies were impacted, including Kroger, Walgreens, Verizon, and Chase.https://twitter.com/todayininfosec/status/1775598288277835996 1st April 1995: US President Bill Clinton and Russian President Boris Yeltsin announced a pact to exchange their personal PGP keys and to make the technology available to all citizens worldwide. (April Fools' Day)https://twitter.com/todayininfosec/status/1774994645053010184 Rant of the Week (13:06)William Wragg honey trap scandal is ‘extremely troubling’ says ministerExplosive revelations that a senior Conservative MP leaked colleagues’ phone numbers to a man he had met on the gay dating app Grindr are “very serious”, a minister has warned, amid questions over whether the MP will face sanctions.Vice chairman of the 1922 committee William Wragg admitted he sent the numbers after becoming concerned about the power the recipient had over him since he had sent intimate pictures of himself.Treasury minister Gareth Davies said the situation was “incredibly troubling and very serious” but maintained that Mr Wragg would keep the party whip while the incident is being investigated. Billy Big Balls of the Week (24:09)Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery StoresAmazon Fresh is moving away from a feature of its grocery stores where customers could skip checkout altogether.Amazon is phasing out its checkout-less grocery stores with “Just Walk Out” technology, first reported by The Information Tuesday. The company’s senior vice president of grocery stores says they’re moving away from Just Walk Out, which relied on cameras and sensors to track what people were leaving the store with.Just over half of Amazon Fresh stores are equipped with Just Walk Out. The technology allows customers to skip checkout altogether by scanning a QR code when they enter the store. Though it seemed completely automated, Just Walk Out relied on more than 1,000 people in India watching and labeling videos to ensure accurate checkouts. The cashiers were simply moved off-site, and they watched you as you shopped.On Wednesday, GeekWire reported that Amazon Web Services is cutting a few hundred jobs in its Physical Stores Technology team, according to internal emails. The layoffs will allegedly impact portions of Amazon’s identity and checkout teams. Industry News (29:46)Dataset of 73 Million AT&T Customers Linked to Dark Web Data BreachFirms Must Work Harder to Guard Children’s Privacy, Says UK ICOThreat Actor Claims Classified Five Eyes Data TheftLeicester Council Confirms Confidential Documents Leaked in Ransomware AttackJackson County IT Systems Hit By Ransomware AttackLockBit Scrambles After Takedown, Repopulates Leak Site with Old BreachesChina Using AI-Generated Content to Sow Division in US, Microsoft FindsWiz Discovers Flaws in GenAI Models Enabling Customer Data TheftChinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities Tweet of the Week (35:58)https://twitter.com/belldotbz/status/1776187040813441272 Come on! Like and bloody well subscribe!
    Show More Show Less
    40 mins
  • Episode 188 The Don't Mention The Name Episode

    Episode 188 The Don't Mention The Name Episode
    Apr 1 2024

    This week in InfoSec (07:32)

    With content liberated from the “today in infosec” twitter account and further afield

    20th March 2007: Dragos Ruiu announced the first Pwn2Own contest, which was held that April in Vancouver, Canada. The contest is still being held today - and in fact Pwn2Own Vancouver 2024 started today.

    https://twitter.com/todayininfosec/status/1770592695255249038

    16th March 1971: The first computer virus, Creeper, infected computers on the ARPANET, displaying "I'M THE CREEPER : CATCH ME IF YOU CAN." It was named after the Creeper - a villain from a 1970 episode of the TV series "Scooby-Doo, Where Are You!"

    https://twitter.com/todayininfosec/status/1768973007555375317

    Rant of the Week (14:29)

    Majority of Americans now use ad blockers

    More than half of Americans are using ad blocking software, and among advertising, programming, and security professionals that fraction is more like two-thirds to three-quarters.

    According to a survey of 2,000 Americans conducted by research firm Censuswide, on behalf of Ghostery, a maker of software to block ads and online tracking, 52 percent of Americans now use an ad blocker, up from 34 percent according to 2022 Statista data.

    Billy Big Balls of the Week (23:01)


    Execs in Japan busted for winning dev bids then outsourcing to North Koreans

    Two executives were issued arrest warrants in Japan on Wednesday, reportedly for charges related to establishing a business that outsourced work to North Korean IT engineers.

    At least one of the individuals – a 53 year old named Pak Hyon-il – is a South Korean national. His alleged accomplice, 42-year old Toshiron Minomo, is Japanese and once worked for Hyon-il, according to local media.

    Pak served as president of Fuchu-based IT firm ITZ, while Minomo was the head of Fukuyama-based Robast.

    Industry News (29:09)

    UK Blames China for 2021 Hack Targeting Millions of Voters' Data

    Fake Ozempic Deals on the Rise as Experts Warn of Phishing Scams

    Portugal Forces Sam Altman's Worldcoin to Stop Collecting Biometric Data

    Only 5% of Boards Have Cybersecurity Expertise, Despite Financial Benefits

    UK Law Enforcers Arrest 400 in Major Fraud Crackdown

    Chinese Hackers Target ASEAN Entities in Espionage Campaign

    NHS Trust Confirms Clinical Data Leaked by “Recognized Ransomware Group”

    US Treasury Urges Financial Sector to Address AI Cybersecurity Threats

    CISA Launches New Cyber Incident Reporting Rules for US Defense Contractors

    Tweet of the Week (40:52)

    https://twitter.com/bettersafetynet/status/1773626490384511113

    Come on! Like and bloody well subscribe!
    Show More Show Less
    47 mins