Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech topics in a casual and easy to understand format. the video version of this is available on YouTube
Episodes
Friday Feb 16, 2024
Friday Feb 16, 2024
In this episode, Erich and Javvad talk about the clud leak of military data, a UK data leak at Southern Water, the rise in ransomware victims in 2023 and more!
Stories from the show:
US military notifies 20,000 of data breach after cloud email leak
https://techcrunch.com/2024/02/14/department-defense-data-breach-microsoft-cloud-email/
Southern Water Notifies Customers and Employees of Data Breach
https://www.infosecurity-magazine.com/news/southern-water-notifies-customers/
Ransomware victim numbers rose by 50% in 2023
https://www.csoonline.com/article/1306045/ransomware-victim-numbers-rose-by-50-in-2023.html
Friday Feb 09, 2024
Friday Feb 09, 2024
In this episode, Erich and Javvad discuss the reward being offered for Hive ransomware members, a botnoet of toothbrushes, a breach that left a healthcare provider using LinkedIn as a notifcation platform, and more!
Stories from the show:
Friday Jan 26, 2024
Friday Jan 26, 2024
In this episode, Erich and Javvad discuss the cyberattack targeting UK councils, what might be the Mother of All Breaches (MOAB) with 26 billion records, the NSA buying web browsing data, and more.
Stories from the show:
Cyberattack targeting UK councils causes online disruption
https://uk.style.yahoo.com/cyberattack-targeting-uk-councils-causes-154505162.html?guccounter=1
Mother of all breaches reveals 26 billion records: what we know so far
https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/
US National Security Agency buys web browsing data without warrant, letter shows
https://www.reuters.com/technology/cybersecurity/national-security-agency-buys-web-browsing-data-without-warrant-letter-shows-2024-01-26/
Friday Jan 19, 2024
Friday Jan 19, 2024
In thie episode, Erich and Javvad are talking about the SEC Twitter/x/whateveritis account getting hacked, a vulnerability in Bosch thermostats, the NCA director getting sacked over using personal accounts for sensitive info, and more!
Check us out on LinkedIn, YouTube or as an audio-only podcast on all of your favorite platforms
Some stories from the show:
Have I Been Pwned adds 71 million emails from Naz.API stolen account list
https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-71-million-emails-from-nazapi-stolen-account-list/
Bosch thermostats vulnerable to malware attacks
https://www.scmagazine.com/brief/bosch-thermostats-vulnerable-to-malware-attacks
Senators Want Better SEC Cybersecurity After EFT-Related Hack
https://www.pymnts.com/cybersecurity/2024/senators-want-better-sec-cybersecurity-after-eft-related-hack/
NCA director sacked after WhatsApp and email security breaches
https://www.computerweekly.com/news/366566272/NCA-director-sacked-after-WhatsApp-and-email-security-breaches
Friday Jan 12, 2024
Friday Jan 12, 2024
In this episode, James is guest hosting again, and Erich and him cover some of the most interesting cybersecurity stories of the week.
Did Apple profit from letting scammers demand iTunes gift cards? The courts say it deserves a trial.
O'Hare airport selling lost luggage for less than $10? A Facebook ad says yes!
A water authority in the Pittsburgh-area was attacked by Iran because... they used Israeli-made equipment; more crypto stuff being spread through social media account takovers, this time with a cybersecurity vendor, and more!
Join one of our live streams at 10am Eastern Time to comment
Stories from the show:
States and Congress wrestle with cybersecurity after Iran attacks Pittsburgh-area water authority
https://www.cbsnews.com/pittsburgh/news/states-congress-wrestle-cybersecurity-iran-attacks-aliquippa-water-authority/
Apple agrees to settle lawsuit over iTunes gift card scam
https://www.reuters.com/legal/apple-agrees-settle-lawsuit-over-itunes-gift-card-scam-2024-01-03/
Security Firm Certik’s Account Hijacked to Spread Crypto Drainer
https://www.infosecurity-magazine.com/news/certiks-account-hijacked-crypto/
Scam Claims You Can Buy Unclaimed Luggage From O’Hare For $9.95
https://blockclubchicago.org/2024/01/08/scam-claims-you-can-buy-unclaimed-luggage-from-ohare-for-9-95-but-its-not-true/
Friday Jan 05, 2024
Friday Jan 05, 2024
In this episode, the first of 2024, James McQuiggan fills in for Javvad as we welcome in the new year.
Stories from the show:
Budget cuts take a toll on IT decision makers’ mental health
https://www.helpnetsecurity.com/2024/01/05/it-decision-makers-wellbeing/
Google Chrome starts blocking data tracking cookies
https://www.bbc.com/news/technology-67882315
Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack
https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html
Friday Jan 05, 2024
Friday Jan 05, 2024
In this episode, Erich and Javvad wrap up 2023 with a story about a Florida woman hitting her boyfriend with a Christmas tree, plus they discuss a call center takedown in India that netted arrests of 36 people, and more!
Friday Dec 01, 2023
Friday Dec 01, 2023
In ths episode, Erich and Javvad talk about cyber attacks impacting people buying homes, how cybercriminals are targeting booking.com users, and more hospital outages caused by ransomware.
All of these cybersecurity stories and more!
Stories from the show:
Thousands of house purchases frozen by cyber attack
https://finance.yahoo.com/news/thousands-house-purchases-frozen-cyber-183437339.html
Booking.com hackers increase attacks on customers
https://www.bbc.com/news/technology-67583486
Cyber-attack closes hospital emergency rooms in three US states
https://www.theguardian.com/us-news/2023/nov/28/cyber-attack-us-hospitals-texas-oklahoma-new-mexico
Regulator says stranger entered hospital, treated a patient, took a document ... then vanished
https://www.theregister.com/2023/12/01/nhs_health_board_ticked_off/
Friday Nov 10, 2023
Friday Nov 10, 2023
In this episode, Erich and Javvad talk about using Google Calendar as a C2 channel, how a lack of resources ended the investigation into the EasyJet breach, and more!
Stories from the show:
EasyJet hack investigation abandoned because of ‘limited resources’
https://www.itpro.com/security/data-breaches/limited-resources-scuppers-ico-probe-into-easyjet-breach
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html
Mr. Cooper Responds to Cyberattack: Offering Enhanced Payment Options for Customers
https://ts2.space/en/mr-cooper-responds-to-cyberattack-offering-enhanced-payment-options-for-customers/#google_vignette
Court rules automakers can record and intercept owner text messages
https://therecord.media/class-action-lawsuit-cars-text-messages-privacy
Plastic surgeons hit by hackers
https://www.timesnownews.com/technology-science/plastic-surgery-data-breach-nude-photos-leaked-article-105062693
Friday Oct 06, 2023
Friday Oct 06, 2023
After quite a bit of travel in the last couple of weeks, the dynamic duo is back to chat about recent #cybersecurity stories and more.
In this episode, Erich and Javvad talk about some of the most recent antics from North Korea, including attacks on shipbuilding and aerospace organizations, something called a 'Dual Ransomware Attack', and much more.
Stories from the show:
South Korea accuses North of Phish and Ships attack
https://www.theregister.com/2023/10/05/north_korea_phishing_attack_on_south/
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/
FBI: Crippling 'Dual Ransomware Attacks' on the Rise
https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a