Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech topics in a casual and easy to understand format. the video version of this is available on YouTube
Episodes
Friday Oct 08, 2021
Friday Oct 08, 2021
In this episode, Javvad makes fun of Erich for his current state of mental exhaustion due to National CyberSecurity Awareness Month, the Facebook outage and incident response tips are discussed, the ramifications of the Twitch breach are covered and an interesting, but maybe not so useful, method of pulling data from an air-gapped system is covered. All of this and more!
Remember to Like, Share and Subscribe!
Stories from the show:
Understanding How Facebook Disappeared from the Internet:
https://blog.cloudflare.com/october-2021-facebook-outage/
Security experts have given advice following the Twitch data breach:
https://www.nme.com/news/gaming-news/security-experts-have-given-advice-following-the-twitch-data-breach-3064855
Twitch source code and creator payouts part of massive leak:
https://www.theverge.com/2021/10/6/22712250/twitch-hack-leak-data-streamer-revenue-steam-competitor
LANtenna Attacks Exploit Air-Gapped Networks Via Ethernet:
https://www.bankinfosecurity.com/lantenna-attacks-exploit-air-gapped-networks-via-ethernet-cables-a-17688
Friday Oct 01, 2021
Friday Oct 01, 2021
In this episode, Javvad really messes up the intro, but finally finds his grove as they discuss the stroy about the Group-IB CEO being charged with Treason by Russia, The DDoS attack on Bandwidth, A very specific vulnerability with iPhones and Visa cards and how YouTube is going to remove all vaccine misinformation from the platform.
All of this and more!
Like, share and subscribe!
Stories from the show:
Top Russian Cybersecurity CEO Charged with Treason:
https://www.govinfosecurity.com/top-russian-cybersecurity-ceo-charged-treason-a-17644
Bandwidth Hit with DDoS Attack, Dealing with Service Disruptions:
https://www.channelfutures.com/security/bandwidth-hit-with-ddos-attack-dealing-with-service-disruptions
Security experts urge iPhone users to remove Visa as a transport card via Apple Pay:
https://uk.news.yahoo.com/security-experts-urge-iphone-users-234037124.html
YouTube to remove all anti-vaccine misinformation:
https://www.bbc.com/news/technology-58743252
Show Contents:
00:00 - 02:04 Javvad ruins the Intro
02:04 - 06:56 Treason or just business?
06:56 - 12:52 DDoS and the Bandwidth attack
12:52 - 22:49 Transporting with Visa
22:49 - 22:17 YouTube removing anti-vaxx misinformation
22:17 - 27:30 Outro
Friday Sep 24, 2021
Friday Sep 24, 2021
In this episode, Erich channels his deep inner anger about some government follies that have impacted individuals and organizations alike. Javvad mostly nods along for effect.
Remember to Like, Share and Subscribe!
Stories from the show:
FBI Withholding Kaseya Ransomware Decryption Key Had ‘No Bearing’ on REvil:
https://www.channelfutures.com/security/fbi-withholding-kaseya-ransomware-decryption-key-had-no-bearing-on-revil
Four months on from a sophisticated cyberattack, Alaska's health department is still recovering:
https://www.zdnet.com/article/four-months-on-from-sophisticated-cyber-attack-alaskas-health-services-is-still-recovering/
Investigation launched after MoD email blunder:
https://www.computerweekly.com/news/252506972/Investigation-launched-after-MoD-email-blunder
Friday Sep 17, 2021
Friday Sep 17, 2021
Erich Kron is out this week so the award-winning Host Unknown stepping in and took matters into their own hands.
Follow host unknown on hostunknown.tv @hostunknowntv
Listen to the host unknown podcast on your favourite podcast player
Stories from the show:
‘Significant threat’: cyber attacks increasingly targeting Australia’s critical infrastructure
https://www.theguardian.com/technology/2021/sep/15/significant-threat-cyber-attacks-increasingly-targeting-australias-critical-infrastructure
Microsoft: Windows 10 2004 reaches end of service in December
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-2004-reaches-end-of-service-in-december/
HP patches severe OMEN driver privilege escalation vulnerability
https://www.zdnet.com/article/hp-patches-omen-driver-privilege-escalation-vulnerability/
Apple Issues Emergency Fix for NSO Zero-Click Zero Day
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/
Over 60 million wearable, fitness tracking records exposed via unsecured database
https://www.zdnet.com/article/over-60-million-records-exposed-in-wearable-fitness-tracking-data-breach-via-unsecured-database/
Follow host unknown on hostunknown.tv
Listen to the host unknown podcast on your favourite podcast player
Friday Sep 10, 2021
Friday Sep 10, 2021
In this episode, Javvad messes up by starting the recording early, then hem and Erich discuss a new threat from a ransomware gang about dumping data if the victim calls the cops, the REvil servers mysteriously being resurrected from the dead, claiming a ransomware payment as a tax deduction and a whole bunch of VPN passwords being stolen.
All of this and more, in this episode of The Jerich Show (complete with a reworked logo)
Remember to Like, Share and Subscribe!
Stories From the Show:
Ransomware gang threatens to leak data if victim contacts FBI, police:
https://www.bleepingcomputer.com/news/security/ransomware-gang-threatens-to-leak-data-if-victim-contacts-fbi-police/
Hit by a ransomware attack? Your payment may be deductible:
https://www.independent.co.uk/news/hit-by-a-ransomware-attack-your-payment-may-be-deductible-irs-fbi-pms-washington-ransomware-b1868907.html
REvil ransomware's servers mysteriously come back online:
https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/
Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices:
https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html
Show Contents:
00:00 - 01:42 Javvad Messes Up the Intro
01:42 - 07:17 Ragnar Locker Threats if the Victim Calls the Cops or Negotiators
07:17 - 09:02 Is Your Ransom Payment a Tax Deduction?
09:02 - 15:32 REvil Servers Raise Their Ugly Heads Again
15:32 - 20:42 VPN Accounts Leaked From Fortigate Devices
20:42 - 20:50 Outro
Friday Sep 03, 2021
Friday Sep 03, 2021
It's been a couple of weeks, but Javvad and Erich are back from a little break and far more grumpy than you might assume. That's OK, because, as evidenced by the stories, they are grumpy because nobody fixed the internet while they were gone.
Check out what they are so grumpy about and don't forget to Like, Share and Subscribe!
Stories from the show:
Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms:
https://thehackernews.com/2021/08/attackers-can-remotely-disable-fortress.html
Scam artists are recruiting English speakers for business email campaigns:
LockBit gang leaks Bangkok Airways data, hits Accenture customers:
https://www.bleepingcomputer.com/news/security/lockbit-gang-leaks-bangkok-airways-data-hits-accenture-customers/
Twitter creates 'Safety Mode' to temporarily block accounts caught insulting users:
https://www.zdnet.com/article/twitter-creates-safety-mode-to-temporarily-block-accounts-caught-insulting-users/
Thursday Aug 12, 2021
Thursday Aug 12, 2021
In this episode, Erich reminisces about Blackhat and DEFCON, comparing past years to 2021 and Javvad and him discuss some crazy news stories, including one where a cyber thief actually returns $260 million and a new UK governement software that adds a button to report emails to the 'Ministry of Phishy Things', or some such government entity.
Don't forget to Like, Subscribe and Share for more fun looks at very serious topics.
Stories from the show:
Cryptocurrency heist hacker returns $260m in funds:
https://www.bbc.com/news/business-58180692
New one-click button will flag dodgy emails directly to cyber experts:
https://news.sky.com/story/new-one-click-button-will-flag-dodgy-emails-directly-to-cyber-experts-12379104
Flight attendant interview video:
https://www.youtube.com/watch?v=XFoXmnBuLw0
Show Contents:
00:00 - 1:00 Intro
01:00 - 13:30 Blackhat and DEFCON recap
13:30 - 18:27 Cryptocurrency heist hacker returns $260m in funds
18:27 - 28:49 New one-click button will flag dodgy emails directly to cyber experts
28:49 - 30:39 Smelling like regret (https://www.youtube.com/watch?v=XFoXmnBuLw0)
30:39 - 31:04 Outro
Friday Aug 06, 2021
Friday Aug 06, 2021
In this quick daily recap, Erich and Javvad talk about the closing day of Black Hat and the start of DEFCON, conference speaking and much more.
Thursday Aug 05, 2021
Thursday Aug 05, 2021
In this episode, Javvad and Erich discuss the first day at Black Hat 2021. They discuss the low attendance at Black Hat, the topics and big vendors at the show and other observations from the show.
In addition they discuss a ransomware attack on a school, a huge amount of data leaked by a mystery company, security issues with a hotel capsule, and more.
Look out for more updates from Vegas this year!
Like, share and subscribe!
Stories from the show:
Report: Over 63 Million US Citizens Exposed in Massive Data Leak:
https://www.vpnmentor.com/blog/report-onemorelead-leak/
Isle of Wight schools hit by ransomware attack:
https://www.bbc.com//uk-england-hampshire-58078670
Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms:
https://threatpost.com/security-bugs-takeover-capsule-hotel/168376/
Friday Jul 30, 2021
Friday Jul 30, 2021
This week Anna Collard, founder of Popcorn Training and an all around brillant person, talks through the stories of the week and shares her experience taking a doodle, and turining it into a great company. You don't want to miss it!
Like, subscribe and share!
About Anna:
LinkedIn: https://www.linkedin.com/in/anna-collard-606817/
Twitter: @AnnaCollard3
Stories from the show:
Majority of employees take cybersecurity shortcuts, despite knowing risks:
https://www.securitymagazine.com/articles/95722-majority-of-employees-take-cybersecurity-shortcuts-despite-knowing-risks
Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam:
https://www.theregister.com/2021/07/27/youtube_channel_tech_scam/
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower:
https://www.computerweekly.com/news/252504531/ICO-ends-its-involvement-in-dispute-between-NatWest-Bank-and-data-breach-whistleblower
South Africa port operations halted and workers reportedly put on leave after major cyberattack:
https://www.cnbc.com/2021/07/27/transnet-halts-port-operations-in-south-africa-after-major-cyberattack.html
Show Content:
00:00 - Intro
02:52 - Majority of employees take cybersecurity shortcuts, despite knowing risks
10:16 - Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam
18:35 - ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower
26:02 - South Africa port operations halted and workers reportedly put on leave after major cyberattack
33:50 - Anna talks about starting Popcorn Training
43:07 - Tech sector and the value of professional relationships in South Africa
48:53 - What people can do better to communicate
54:18 - What is next for Anna
56:34 - Outro