Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech topics in a casual and easy to understand format. the video version of this is available on YouTube
Episodes
Friday Jun 02, 2023
Friday Jun 02, 2023
In this episode, Erich and Javvad cover the top #cybersecurity stories of the week including the settlment over Ring and Alexa, and Andriod app that started spying, a dark web data link with RaidForums member info, and much more!
Stories from the show:
Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine
https://www.theregister.com/2023/06/01/ftc_alexa_ring_amazon_settlement/
Most CEOs now see cybersecurity as more important than economic performance
Check your phone: Popular Android app reportedly started spying on users, making recordings
Dark Web Data Leak Exposes RaidForums Members
https://www.infosecurity-magazine.com/news/data-leak-exposes-raidforums/
Government publishes guidelines on cybersecurity
https://www.rte.ie/news/business/2023/0601/1386968-government-publishes-guidelines-on-cybersecurity/
Friday May 26, 2023
Friday May 26, 2023
In this episode, Erich and Javvad talk about Dish breach, an IT worker that piggybacked on a hackers extortion attempt, Googles new .zip and .mov domains, Met's huge $1.3B fine, and much more #cybersecurity news!
Stories from the show:
Dish confirms 300,000 peoples data was exposed in February’s attack
https://www.theregister.com/2023/05/23/dish_networks/
IT Worker Admits Piggybacking on Hacker's Extortion Attempt
https://www.inforisktoday.com/worker-admits-piggybacking-on-hackers-extortion-attempt-a-22142
18-year-old charged with hacking 60,000 DraftKings betting accounts
https://www.bleepingcomputer.com/news/security/18-year-old-charged-with-hacking-60-000-draftkings-betting-accounts/
Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool
https://www.darkreading.com/endpoint/google-zip-mov-domains-social-engineers-shiny-new-tool
Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations
https://www.darkreading.com/endpoint/meta-hit-1-3b-record-breaking-fine-gdpr-violations
Friday May 19, 2023
Friday May 19, 2023
In this episode Erich and Javvad discuss the weekly stories in #cybersecurity, including the Tik Tok ban in Montana, insured organizations are more likely to be ransomware victims, OpenAI CEO calls for slowing and more!
Stories from the show:
TikTok: Montana to become first US state to ban app on personal devices
https://www.bbc.com/news/business-65630201
Insured companies more likely to be ransomware victims, sometimes more than once
UK Pension Scheme: Members Should Assume Capita Data Theft
https://www.infosecurity-magazine.com/news/pension-scheme-members-capita-data/
Sam Altman: CEO of OpenAI calls for US to regulate artificial intelligence
https://www.bbc.com/news/world-us-canada-65616866
Upstart encryption app walks back privacy claims, pulls from stores after probe
Friday May 12, 2023
Friday May 12, 2023
In this episode, Javvad and Erich recover from a crazy April and early May, but are back live to chat about some top cyber stories.
Stories from the show:
Deconstructing a Cybersecurity Event
https://www.dragos.com/blog/deconstructing-a-cybersecurity-event/
European Parliament points to Morocco as ‘possibly’ responsible for Pegasus spying
https://thediplomatinspain.com/en/2023/05/european-parliament-points-to-morocco-as-possibly-responsible-for-pegasus-spying/
India to send official whassup to WhatsApp after massive spamstorm
https://www.theregister.com/2023/05/12/india_whatsapp_spam_privacy_demands/
HP Firmware update blocks 3rd party ink
https://twitter.com/dcuthbert/status/1656926678096986112?s=20
NCSC and ICO Dispel Incident Reporting Myths
https://www.infosecurity-magazine.com/news/ncsc-ico-dispel-incident-reporting/
Bad Bots Now Account For 30% of All Internet Traffic
https://www.infosecurity-magazine.com/news/bad-bots-now-comprise-30-of-all/
Ransomware payments nearly double in one year
https://www.theguardian.com/technology/2023/may/10/ransomware-payments-nearly-double-in-one-year
Millions of mobile phones come pre-infected with malware, say researchers
https://www.theregister.com/2023/05/11/bh_asia_mobile_phones/
Friday Apr 14, 2023
Friday Apr 14, 2023
In this episode, Erich and Javvad talk about the Ruskies hacking Ukrainian coffe shop cameras, FTX's 'cybersecurity' (quotes are on purpose), Latitude Financial's decision not to pay and the FUD around juice jacking. All of this and more #cybersecurity news and information.
Stories from the show:
Russian hackers ‘target security cameras inside Ukraine coffee shops’
https://www.theguardian.com/world/2023/apr/11/russian-hackers-target-security-cameras-inside-ukraine-coffee-shops
PSA: Public Phone Charging Ports Are Malware Magnets
https://www.pcmag.com/news/psa-public-phone-charging-ports-are-malware-magnets
FTX's Cybersecurity Was Hilariously Bad
https://gizmodo.com/ftx-sam-bankman-fried-cybersecurity-hacking-crypto-1850321150
Latitude Financial Refuses to Pay Ransom
https://www.infosecurity-magazine.com/news/latitude-financial-refuses-to-pay/
Friday Apr 07, 2023
Friday Apr 07, 2023
In thie episode, Erich and Javvad chat about the latest news in #cybersecurity, including another data breach thanks to Uber, IT folks being pressured into silence, UK drops the ball on crime records, and Telegram is replacing (or augmenting) marketplaces. All of this and more #infosec news!
Don't forget to like and subscribe
Stories from the show:
IT and security pros pressured to keep quiet about data breaches
https://www.helpnetsecurity.com/2023/04/06/pressure-keeping-breaches-confidential/
Uber suffers another data breach after law firm’s servers attacked
https://www.siliconrepublic.com/enterprise/uuber-data-breach-driver-info-stolen-law-firm-genova-burns
Travel visa delays after UK’s crime records office hit by cyber ‘incident’
https://www.standard.co.uk/news/uk/travel-visa-delays-nz-australia-us-acro-cybersecurity-police-certificates-data-breach-b1072351.html
Telegram now the go-to place for selling phishing tools and services
https://www.bleepingcomputer.com/news/security/telegram-now-the-go-to-place-for-selling-phishing-tools-and-services/
Takedown of notorious hacker marketplace selling your identity to criminals
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-notorious-hacker-marketplace-selling-your-identity-to-criminals
Friday Mar 31, 2023
Friday Mar 31, 2023
In this episode, Erich and Javvad discuss how ChatGPT is being used to commit crimes, a phishing gang bust by Ukrainian cops and some rather staggering (and suspicious) ransomware stats. All this and more live at 10am Eastern.
Stories from the show:
Belgian intelligence puts Huawei on its watchlist
https://www.politico.eu/article/belgian-intelligence-huawei-watchlist-espionage-china-eu-nato/
Cybercrime, fraud using ChatGPT on the rise, says Europol
https://www.scmagazine.com/brief/cybercrime/cybercrime-fraud-using-chatgpt-on-the-rise-says-europol
Survey finds that almost three quarters of organizations were hit by a successful ransomware attack in 2022
https://www.continuitycentral.com/index.php/news/technology/8361-survey-finds-that-almost-three-quarters-of-organizations-were-hit-by-a-successful-ransomware-attack-in-2022
Ukrainian Police Bust Multimillion-Dollar Phishing Gang
https://www.infosecurity-magazine.com/news/ukrainian-police-bust-phishing/
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
https://thehackernews.com/2023/03/fake-chatgpt-chrome-browser-extension.html
Friday Mar 17, 2023
Friday Mar 17, 2023
In this episode Erich and Javvad Microsoft cracking windows, what it costs when you cover up a ransomware attack, medical info being shared with social media giants, and much more! Check us out at 10am Eastern Time
Stories from the show:
What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
https://www.theregister.com/2023/03/10/sec_blackbaud_3m_penalty/
Microsoft support 'cracks' Windows for customer after activation fails
https://www.bleepingcomputer.com/news/security/microsoft-support-cracks-windows-for-customer-after-activation-fails/
Cerebral admits to sharing patient data with Meta, TikTok, and Google
https://www.theverge.com/2023/3/11/23635518/cerebral-patient-data-meta-tiktok-google-pixel
Humans Still More Effective Than ChatGPT at Phishing
https://www.infosecurity-magazine.com/news/humans-more-effective-chatgpt/
Dole doesn’t expect to recover full costs of ransomware attack
https://www.cybersecuritydive.com/news/dole-recovery-ransomware-attack/644445/
Cyber attack affecting Gloucester museum's system one year on
https://www.bbc.com/news/uk-england-gloucestershire-64917275
Friday Mar 10, 2023
Friday Mar 10, 2023
In this episode Erich and Javvad disucss the Acer hack, a story where a Russian cybercrime gang dumped naked pics of cancer patients when a hospital wouldn't pay the ransom, and how an old version of Plex lead to the latest LastPass hack.
All this and more
Show Notes:
'THE' Video:
A Facebook message that sparked hope
https://www.youtube.com/watch?v=-OH99CFzhFM
Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
https://www.theregister.com/2023/03/08/acer_confirms_server_breach/
LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
https://thehackernews.com/2023/03/lastpass-hack-engineers-failure-to.html
Russian hackers post NAKED photos of Pennsylvania cancer patients receiving treatment to dark web
https://www.dailymail.co.uk/news/article-11833591/Russian-hackers-post-NAKED-photos-Pennsylvania-cancer-patients-hospital-refused-ransom.html
Friday Mar 03, 2023
Friday Mar 03, 2023
In this episode Erich Javvad discuss important #cybersecurity stories including... Lastpass... again, the U.S. Marshals get pwned by #ransomware, and much more.
Stories from the show:
U.S. Marshals Service suffers 'major' security breach
https://www.nbcnews.com/politics/politics-news/major-us-marshals-service-hack-compromises-sensitive-info-rcna72581
LastPass says employee’s home computer was hacked and corporate vault taken
https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/
Salesforce to sweat assets
https://www.theregister.com/2023/03/02/salesforce_q4_fy_2023/
Hacker leaks alleged Activision employee data on cybercrime forum
https://www.bleepingcomputer.com/news/security/hacker-leaks-alleged-activision-employee-data-on-cybercrime-forum/