Episodes

Friday Jan 12, 2024
Friday Jan 12, 2024
In this episode, James is guest hosting again, and Erich and him cover some of the most interesting cybersecurity stories of the week.
Did Apple profit from letting scammers demand iTunes gift cards? The courts say it deserves a trial.
O'Hare airport selling lost luggage for less than $10? A Facebook ad says yes!
A water authority in the Pittsburgh-area was attacked by Iran because... they used Israeli-made equipment; more crypto stuff being spread through social media account takovers, this time with a cybersecurity vendor, and more!
Join one of our live streams at 10am Eastern Time to comment
Stories from the show:
States and Congress wrestle with cybersecurity after Iran attacks Pittsburgh-area water authority
https://www.cbsnews.com/pittsburgh/news/states-congress-wrestle-cybersecurity-iran-attacks-aliquippa-water-authority/
Apple agrees to settle lawsuit over iTunes gift card scam
https://www.reuters.com/legal/apple-agrees-settle-lawsuit-over-itunes-gift-card-scam-2024-01-03/
Security Firm Certik’s Account Hijacked to Spread Crypto Drainer
https://www.infosecurity-magazine.com/news/certiks-account-hijacked-crypto/
Scam Claims You Can Buy Unclaimed Luggage From O’Hare For $9.95
https://blockclubchicago.org/2024/01/08/scam-claims-you-can-buy-unclaimed-luggage-from-ohare-for-9-95-but-its-not-true/

Friday Jan 05, 2024
Welcome to 2024!
Friday Jan 05, 2024
Friday Jan 05, 2024
In this episode, the first of 2024, James McQuiggan fills in for Javvad as we welcome in the new year.
Stories from the show:
Budget cuts take a toll on IT decision makers’ mental health
https://www.helpnetsecurity.com/2024/01/05/it-decision-makers-wellbeing/
Google Chrome starts blocking data tracking cookies
https://www.bbc.com/news/technology-67882315
Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack
https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html

Friday Jan 05, 2024
Wrapping up 2023 with a call center takedown and more!
Friday Jan 05, 2024
Friday Jan 05, 2024
In this episode, Erich and Javvad wrap up 2023 with a story about a Florida woman hitting her boyfriend with a Christmas tree, plus they discuss a call center takedown in India that netted arrests of 36 people, and more!

Friday Dec 01, 2023
Booking.com users targeted, home purchases stopped and hospitals shut down!
Friday Dec 01, 2023
Friday Dec 01, 2023
In ths episode, Erich and Javvad talk about cyber attacks impacting people buying homes, how cybercriminals are targeting booking.com users, and more hospital outages caused by ransomware.
All of these cybersecurity stories and more!
Stories from the show:
Thousands of house purchases frozen by cyber attack
https://finance.yahoo.com/news/thousands-house-purchases-frozen-cyber-183437339.html
Booking.com hackers increase attacks on customers
https://www.bbc.com/news/technology-67583486
Cyber-attack closes hospital emergency rooms in three US states
https://www.theguardian.com/us-news/2023/nov/28/cyber-attack-us-hospitals-texas-oklahoma-new-mexico
Regulator says stranger entered hospital, treated a patient, took a document ... then vanished
https://www.theregister.com/2023/12/01/nhs_health_board_ticked_off/

Friday Nov 10, 2023
Friday Nov 10, 2023
In this episode, Erich and Javvad talk about using Google Calendar as a C2 channel, how a lack of resources ended the investigation into the EasyJet breach, and more!
Stories from the show:
EasyJet hack investigation abandoned because of ‘limited resources’
https://www.itpro.com/security/data-breaches/limited-resources-scuppers-ico-probe-into-easyjet-breach
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html
Mr. Cooper Responds to Cyberattack: Offering Enhanced Payment Options for Customers
https://ts2.space/en/mr-cooper-responds-to-cyberattack-offering-enhanced-payment-options-for-customers/#google_vignette
Court rules automakers can record and intercept owner text messages
https://therecord.media/class-action-lawsuit-cars-text-messages-privacy
Plastic surgeons hit by hackers
https://www.timesnownews.com/technology-science/plastic-surgery-data-breach-nude-photos-leaked-article-105062693

Friday Oct 06, 2023
North Korea antics, dual ransomware, router firmware compromise and more!
Friday Oct 06, 2023
Friday Oct 06, 2023
After quite a bit of travel in the last couple of weeks, the dynamic duo is back to chat about recent #cybersecurity stories and more.
In this episode, Erich and Javvad talk about some of the most recent antics from North Korea, including attacks on shipbuilding and aerospace organizations, something called a 'Dual Ransomware Attack', and much more.
Stories from the show:
South Korea accuses North of Phish and Ships attack
https://www.theregister.com/2023/10/05/north_korea_phishing_attack_on_south/
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/
FBI: Crippling 'Dual Ransomware Attacks' on the Rise
https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a

Friday Sep 01, 2023
Cyber attack on Polish trains, Qakbot takedown, Forever 21 breach and more!
Friday Sep 01, 2023
Friday Sep 01, 2023
In this episode, Erich and Javvad discuss the takedown of the Qakbot botnet, an attack on the Polish train system, the Forever 21 breach, which impacts more than 500k people, and much more.
Stories from the show:
https://www.bleepingcomputer.com/news/security/classiscam-fraud-as-a-service-expands-now-targets-banks-and-251-brands/
Classiscam fraud-as-a-service expands, now targets banks and 251 brands
FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown
https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown
Poland investigates cyber-attack on rail network
https://www.bbc.com/news/world-europe-66630260
Forever 21 Data Breach: Personal Details of Over 500,000 Customers, Employees Compromised
https://www.techtimes.com/articles/295813/20230831/forever-21-data-breach-personal-details-over-500-000-customers.htm

Friday Aug 25, 2023
Post BSides LV/BlackHat/DEFCON and cyberstories of the week
Friday Aug 25, 2023
Friday Aug 25, 2023
Erich and Javvad are back after taking a couple of weeks off to vacation and to attend BSides Las Vegas, Blackhat and DEFCON. In this episode they talk about the conference and what has been happening in the cyber world for the past couple of weeks
Stories from the show:
Danish cloud host says customers ‘lost all data’ after ransomware attack
https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/
Cybercriminals turn to AI to bypass modern email security measures
https://www.helpnetsecurity.com/2023/08/23/ai-enabled-email-threats/
TP-Link smart bulbs can let hackers steal your WiFi password
https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
https://www.bbc.co.uk/news/technology-60864283

Friday Aug 04, 2023
Friday Aug 04, 2023
In this episode, Erich and Javvad talk about the upcoming BSides Las Vegas, Black Hat and DEFCON conferences, NHS sharing data via WhatsApp, the #cyber skills gap, and much more
Stories from the show:
Humans Unable to Reliably Detect Deepfake Speech
https://www.infosecurity-magazine.com/news/humans-detect-deefake-speech/
NHS Staff Reprimanded For WhatsApp Data Sharing
https://www.infosecurity-magazine.com/news/nhs-staff-reprimanded-whatsapp/
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/
Hacktivist Collective “Mysterious Team Bangladesh” Revealed
https://www.infosecurity-magazine.com/news/mysterious-team-bangladesh-revealed/
Report outlines causes of cyber security skills gap
https://www.publicsectorexecutive.com/articles/report-outlines-causes-cyber-security-skills-gap

Friday Jul 28, 2023
A cardiac event, Tampa hospital breach, SEC releases new rules, and more!
Friday Jul 28, 2023
Friday Jul 28, 2023
In this episode, Erich and Javvad discuss current #cybersecurity stories including the attack on a cardiac services vendor, an attack on a Tampa hospital and some new SEC rules around breaches.
All this and more!
Stories from the show:
Security Incident Impacts CardioComm’s Operations
https://www.infosecurity-magazine.com/news/security-incident-cardiocomm/
Tampa General Hospital Data Breach Impacts 1.2 Million Patients
https://www.infosecurity-magazine.com/news/tampa-hospital-data-breach/