Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech topics in a casual and easy to understand format. the video version of this is available on YouTube
Episodes
Friday Sep 01, 2023
Friday Sep 01, 2023
In this episode, Erich and Javvad discuss the takedown of the Qakbot botnet, an attack on the Polish train system, the Forever 21 breach, which impacts more than 500k people, and much more.
Stories from the show:
https://www.bleepingcomputer.com/news/security/classiscam-fraud-as-a-service-expands-now-targets-banks-and-251-brands/
Classiscam fraud-as-a-service expands, now targets banks and 251 brands
FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown
https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown
Poland investigates cyber-attack on rail network
https://www.bbc.com/news/world-europe-66630260
Forever 21 Data Breach: Personal Details of Over 500,000 Customers, Employees Compromised
https://www.techtimes.com/articles/295813/20230831/forever-21-data-breach-personal-details-over-500-000-customers.htm
Friday Aug 25, 2023
Friday Aug 25, 2023
Erich and Javvad are back after taking a couple of weeks off to vacation and to attend BSides Las Vegas, Blackhat and DEFCON. In this episode they talk about the conference and what has been happening in the cyber world for the past couple of weeks
Stories from the show:
Danish cloud host says customers ‘lost all data’ after ransomware attack
https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/
Cybercriminals turn to AI to bypass modern email security measures
https://www.helpnetsecurity.com/2023/08/23/ai-enabled-email-threats/
TP-Link smart bulbs can let hackers steal your WiFi password
https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
https://www.bbc.co.uk/news/technology-60864283
Friday Aug 04, 2023
Friday Aug 04, 2023
In this episode, Erich and Javvad talk about the upcoming BSides Las Vegas, Black Hat and DEFCON conferences, NHS sharing data via WhatsApp, the #cyber skills gap, and much more
Stories from the show:
Humans Unable to Reliably Detect Deepfake Speech
https://www.infosecurity-magazine.com/news/humans-detect-deefake-speech/
NHS Staff Reprimanded For WhatsApp Data Sharing
https://www.infosecurity-magazine.com/news/nhs-staff-reprimanded-whatsapp/
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/
Hacktivist Collective “Mysterious Team Bangladesh” Revealed
https://www.infosecurity-magazine.com/news/mysterious-team-bangladesh-revealed/
Report outlines causes of cyber security skills gap
https://www.publicsectorexecutive.com/articles/report-outlines-causes-cyber-security-skills-gap
Friday Jul 28, 2023
Friday Jul 28, 2023
In this episode, Erich and Javvad discuss current #cybersecurity stories including the attack on a cardiac services vendor, an attack on a Tampa hospital and some new SEC rules around breaches.
All this and more!
Stories from the show:
Security Incident Impacts CardioComm’s Operations
https://www.infosecurity-magazine.com/news/security-incident-cardiocomm/
Tampa General Hospital Data Breach Impacts 1.2 Million Patients
https://www.infosecurity-magazine.com/news/tampa-hospital-data-breach/
Friday Jul 21, 2023
Friday Jul 21, 2023
Today morning Erich and Javvad recount their experiences with the famed hacker and colleague Kevin Mitnick, chat about a Ukrainian takedown netting 150k SIM cards, concernes over the Frenchies plan to use AI to surveil the Paris olympics, Microsoft deciding that allowing access to security logs, without a fee, is good, and much more from the world of #cybersecurity.
Stories from the show:
Kevin Mitnick passed away at 59
https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668
French Assembly passes bill allowing police to remotely activate phone cameras and microphones for surveillance
https://www.engadget.com/french-assembly-passes-bill-allowing-police-to-remotely-activate-phone-cameras-and-microphones-for-surveillance-210539401.html
Paris 2024 Olympics: Concern over French plan for AI surveillance
https://www.bbc.co.uk/news/world-europe-66122743
Under CISA pressure, err collaboration, Microsoft makes cloud security logs available for free
https://www.theregister.com/2023/07/20/under_cisa_spressures_collaboration_microsoft/
Ukraine takes down massive bot farm, seizes 150,000 SIM cards
https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/
Friday Jul 14, 2023
Friday Jul 14, 2023
In this episode Erich and Javvad talk about the US government email hack, an ethical hacker gone rogue, Ruskies tempting diplomats with a cheap car, and more #cybersecurity stories from this week.
Stories from the show:
Fewer Than 100 Scammers Responsible For Global Email Extortion
https://www.infosecurity-magazine.com/news/fewer-100-scammers-global-email/
Chinese Hackers Gained Access To Some U.S. Government Emails, Microsoft Says
https://www.forbes.com/sites/siladityaray/2023/07/12/chinese-hackers-gained-access-to-some-us-government-emails-microsoft-says/?sh=5f49e30c2a37
Russian hackers lured diplomats in Ukraine with cheap BMW ad
https://www.reuters.com/world/europe/russian-hackers-lured-embassy-workers-ukraine-with-an-ad-cheap-bmw-2023-07-12/
Cybersecurity professional accused of stealing $9M in crypto
https://techcrunch.com/2023/07/11/cybersecurity-professional-charged-for-stealing-9-million-in-crypto/?guccounter=1
Number of email-based phishing attacks surges 464%
https://www.helpnetsecurity.com/2023/07/10/evolving-cyberattack-landscape/
Indian developer fired 90 percent of tech support team, outsourced the job to AI
https://www.theregister.com/2023/07/13/dukaan_ai_support_replacement/
Friday Jun 30, 2023
Friday Jun 30, 2023
In this episode Erich and Javvad discuss the issues with the Anatsa malware being spread on the Google Play store, the issue Siemens Energy has with MOVEit and pilot data being lost in a breach. This and much more!
Stories from the show:
‘Anatsa’ malware targets banking users in US, UK and Central Europe
https://siliconangle.com/2023/06/27/anatsa-malware-targets-banking-users-us-uk-central-europe/
Siemens Energy confirms data breach after MOVEit data-theftattack
https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/
Pilot data of American Airlines and Southwest stolen in data breach
https://www.csoonline.com/article/643352/pilot-data-of-american-airlines-and-southwest-stolen-in-data-breach.html
Friday Jun 23, 2023
Friday Jun 23, 2023
In this episode we discuss the new Apple 0-day, the Lousiana MVD losing info on millions of licensed drivers in the state, and more #cybersecurity stories!
Stories from the show:
Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari
https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html
Every Louisiana driver’s license holder exposed in colossal cyber-attack
https://www.theguardian.com/us-news/2023/jun/16/louisiana-drivers-license-hack-cyber-attack
FTC accuses DNA testing company of lying about dumping samples
https://www.theregister.com/2023/06/21/dna_testing_company_ftc_complaint/
US Offers $10m Reward For MOVEit Attackers
https://www.infosecurity-magazine.com/news/us-offers-10m-reward-for-moveit/
Friday Jun 02, 2023
Friday Jun 02, 2023
In this episode, Erich and Javvad cover the top #cybersecurity stories of the week including the settlment over Ring and Alexa, and Andriod app that started spying, a dark web data link with RaidForums member info, and much more!
Stories from the show:
Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine
https://www.theregister.com/2023/06/01/ftc_alexa_ring_amazon_settlement/
Most CEOs now see cybersecurity as more important than economic performance
Check your phone: Popular Android app reportedly started spying on users, making recordings
Dark Web Data Leak Exposes RaidForums Members
https://www.infosecurity-magazine.com/news/data-leak-exposes-raidforums/
Government publishes guidelines on cybersecurity
https://www.rte.ie/news/business/2023/0601/1386968-government-publishes-guidelines-on-cybersecurity/
Friday May 26, 2023
Friday May 26, 2023
In this episode, Erich and Javvad talk about Dish breach, an IT worker that piggybacked on a hackers extortion attempt, Googles new .zip and .mov domains, Met's huge $1.3B fine, and much more #cybersecurity news!
Stories from the show:
Dish confirms 300,000 peoples data was exposed in February’s attack
https://www.theregister.com/2023/05/23/dish_networks/
IT Worker Admits Piggybacking on Hacker's Extortion Attempt
https://www.inforisktoday.com/worker-admits-piggybacking-on-hackers-extortion-attempt-a-22142
18-year-old charged with hacking 60,000 DraftKings betting accounts
https://www.bleepingcomputer.com/news/security/18-year-old-charged-with-hacking-60-000-draftkings-betting-accounts/
Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool
https://www.darkreading.com/endpoint/google-zip-mov-domains-social-engineers-shiny-new-tool
Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations
https://www.darkreading.com/endpoint/meta-hit-1-3b-record-breaking-fine-gdpr-violations