Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech topics in a casual and easy to understand format. the video version of this is available on YouTube
Episodes
Friday May 19, 2023
Friday May 19, 2023
In this episode Erich and Javvad discuss the weekly stories in #cybersecurity, including the Tik Tok ban in Montana, insured organizations are more likely to be ransomware victims, OpenAI CEO calls for slowing and more!
Stories from the show:
TikTok: Montana to become first US state to ban app on personal devices
https://www.bbc.com/news/business-65630201
Insured companies more likely to be ransomware victims, sometimes more than once
UK Pension Scheme: Members Should Assume Capita Data Theft
https://www.infosecurity-magazine.com/news/pension-scheme-members-capita-data/
Sam Altman: CEO of OpenAI calls for US to regulate artificial intelligence
https://www.bbc.com/news/world-us-canada-65616866
Upstart encryption app walks back privacy claims, pulls from stores after probe
Friday May 12, 2023
Friday May 12, 2023
In this episode, Javvad and Erich recover from a crazy April and early May, but are back live to chat about some top cyber stories.
Stories from the show:
Deconstructing a Cybersecurity Event
https://www.dragos.com/blog/deconstructing-a-cybersecurity-event/
European Parliament points to Morocco as ‘possibly’ responsible for Pegasus spying
https://thediplomatinspain.com/en/2023/05/european-parliament-points-to-morocco-as-possibly-responsible-for-pegasus-spying/
India to send official whassup to WhatsApp after massive spamstorm
https://www.theregister.com/2023/05/12/india_whatsapp_spam_privacy_demands/
HP Firmware update blocks 3rd party ink
https://twitter.com/dcuthbert/status/1656926678096986112?s=20
NCSC and ICO Dispel Incident Reporting Myths
https://www.infosecurity-magazine.com/news/ncsc-ico-dispel-incident-reporting/
Bad Bots Now Account For 30% of All Internet Traffic
https://www.infosecurity-magazine.com/news/bad-bots-now-comprise-30-of-all/
Ransomware payments nearly double in one year
https://www.theguardian.com/technology/2023/may/10/ransomware-payments-nearly-double-in-one-year
Millions of mobile phones come pre-infected with malware, say researchers
https://www.theregister.com/2023/05/11/bh_asia_mobile_phones/
Friday Apr 14, 2023
Friday Apr 14, 2023
In this episode, Erich and Javvad talk about the Ruskies hacking Ukrainian coffe shop cameras, FTX's 'cybersecurity' (quotes are on purpose), Latitude Financial's decision not to pay and the FUD around juice jacking. All of this and more #cybersecurity news and information.
Stories from the show:
Russian hackers ‘target security cameras inside Ukraine coffee shops’
https://www.theguardian.com/world/2023/apr/11/russian-hackers-target-security-cameras-inside-ukraine-coffee-shops
PSA: Public Phone Charging Ports Are Malware Magnets
https://www.pcmag.com/news/psa-public-phone-charging-ports-are-malware-magnets
FTX's Cybersecurity Was Hilariously Bad
https://gizmodo.com/ftx-sam-bankman-fried-cybersecurity-hacking-crypto-1850321150
Latitude Financial Refuses to Pay Ransom
https://www.infosecurity-magazine.com/news/latitude-financial-refuses-to-pay/
Friday Apr 07, 2023
Friday Apr 07, 2023
In thie episode, Erich and Javvad chat about the latest news in #cybersecurity, including another data breach thanks to Uber, IT folks being pressured into silence, UK drops the ball on crime records, and Telegram is replacing (or augmenting) marketplaces. All of this and more #infosec news!
Don't forget to like and subscribe
Stories from the show:
IT and security pros pressured to keep quiet about data breaches
https://www.helpnetsecurity.com/2023/04/06/pressure-keeping-breaches-confidential/
Uber suffers another data breach after law firm’s servers attacked
https://www.siliconrepublic.com/enterprise/uuber-data-breach-driver-info-stolen-law-firm-genova-burns
Travel visa delays after UK’s crime records office hit by cyber ‘incident’
https://www.standard.co.uk/news/uk/travel-visa-delays-nz-australia-us-acro-cybersecurity-police-certificates-data-breach-b1072351.html
Telegram now the go-to place for selling phishing tools and services
https://www.bleepingcomputer.com/news/security/telegram-now-the-go-to-place-for-selling-phishing-tools-and-services/
Takedown of notorious hacker marketplace selling your identity to criminals
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-notorious-hacker-marketplace-selling-your-identity-to-criminals
Friday Mar 31, 2023
Friday Mar 31, 2023
In this episode, Erich and Javvad discuss how ChatGPT is being used to commit crimes, a phishing gang bust by Ukrainian cops and some rather staggering (and suspicious) ransomware stats. All this and more live at 10am Eastern.
Stories from the show:
Belgian intelligence puts Huawei on its watchlist
https://www.politico.eu/article/belgian-intelligence-huawei-watchlist-espionage-china-eu-nato/
Cybercrime, fraud using ChatGPT on the rise, says Europol
https://www.scmagazine.com/brief/cybercrime/cybercrime-fraud-using-chatgpt-on-the-rise-says-europol
Survey finds that almost three quarters of organizations were hit by a successful ransomware attack in 2022
https://www.continuitycentral.com/index.php/news/technology/8361-survey-finds-that-almost-three-quarters-of-organizations-were-hit-by-a-successful-ransomware-attack-in-2022
Ukrainian Police Bust Multimillion-Dollar Phishing Gang
https://www.infosecurity-magazine.com/news/ukrainian-police-bust-phishing/
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
https://thehackernews.com/2023/03/fake-chatgpt-chrome-browser-extension.html
Friday Mar 17, 2023
Friday Mar 17, 2023
In this episode Erich and Javvad Microsoft cracking windows, what it costs when you cover up a ransomware attack, medical info being shared with social media giants, and much more! Check us out at 10am Eastern Time
Stories from the show:
What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
https://www.theregister.com/2023/03/10/sec_blackbaud_3m_penalty/
Microsoft support 'cracks' Windows for customer after activation fails
https://www.bleepingcomputer.com/news/security/microsoft-support-cracks-windows-for-customer-after-activation-fails/
Cerebral admits to sharing patient data with Meta, TikTok, and Google
https://www.theverge.com/2023/3/11/23635518/cerebral-patient-data-meta-tiktok-google-pixel
Humans Still More Effective Than ChatGPT at Phishing
https://www.infosecurity-magazine.com/news/humans-more-effective-chatgpt/
Dole doesn’t expect to recover full costs of ransomware attack
https://www.cybersecuritydive.com/news/dole-recovery-ransomware-attack/644445/
Cyber attack affecting Gloucester museum's system one year on
https://www.bbc.com/news/uk-england-gloucestershire-64917275
Friday Mar 10, 2023
Friday Mar 10, 2023
In this episode Erich and Javvad disucss the Acer hack, a story where a Russian cybercrime gang dumped naked pics of cancer patients when a hospital wouldn't pay the ransom, and how an old version of Plex lead to the latest LastPass hack.
All this and more
Show Notes:
'THE' Video:
A Facebook message that sparked hope
https://www.youtube.com/watch?v=-OH99CFzhFM
Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
https://www.theregister.com/2023/03/08/acer_confirms_server_breach/
LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
https://thehackernews.com/2023/03/lastpass-hack-engineers-failure-to.html
Russian hackers post NAKED photos of Pennsylvania cancer patients receiving treatment to dark web
https://www.dailymail.co.uk/news/article-11833591/Russian-hackers-post-NAKED-photos-Pennsylvania-cancer-patients-hospital-refused-ransom.html
Friday Mar 03, 2023
Friday Mar 03, 2023
In this episode Erich Javvad discuss important #cybersecurity stories including... Lastpass... again, the U.S. Marshals get pwned by #ransomware, and much more.
Stories from the show:
U.S. Marshals Service suffers 'major' security breach
https://www.nbcnews.com/politics/politics-news/major-us-marshals-service-hack-compromises-sensitive-info-rcna72581
LastPass says employee’s home computer was hacked and corporate vault taken
https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/
Salesforce to sweat assets
https://www.theregister.com/2023/03/02/salesforce_q4_fy_2023/
Hacker leaks alleged Activision employee data on cybercrime forum
https://www.bleepingcomputer.com/news/security/hacker-leaks-alleged-activision-employee-data-on-cybercrime-forum/
Friday Feb 24, 2023
Friday Feb 24, 2023
In this episode, Erich and Javvad discuss the hack of NameCheap's email, which was used to send phishing emails, how Godaddy has been breached for years, accidental WhatsApp account takeovers and more.
Stories from the show:
NameCheap's email hacked to send Metamask, DHL phishing emails
https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/
How a women’s ‘disdain for email guff’ stopped a Putin hack six years on
https://www.independent.co.uk/news/uk/home-news/russia-ukraine-email-putin-hack-b2280580.html
GoDaddy: Hackers stole source code, installed malware in multi-year breach
https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/
Accidental WhatsApp account takeovers? It's a thing
https://www.theregister.com/2023/02/21/accidental_whatsapp_account_takeover/
European Commission bans TikTok on staff devices
https://www.bbc.co.uk/news/technology-64743991
Friday Feb 10, 2023
Friday Feb 10, 2023
In this episode, Erich and Javvad discuss the weeks top cybersecurity issues and stories, including the Reddit hack, a top US cybersecurity diplomat's persona Twitter getting pwned, talk about a VMware 0-day and Weee! dealing witha not-so-fun breach.
All of this and more live on Linkedin, Facebook, Twitch and YouTube!
Don't forget to like and subscribe
Stories from the show:
The Top U.S. Cybersecurity Diplomat's Personal Twitter Account Was Hacked
https://www.forbes.com/sites/petersuciu/2023/02/06/the-top-us-cybersecurity-diplomats-personal-twitter-account-was-hacked/?sh=3918883d4d7e
VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree
https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html
Weee! grocery service confirms data breach, 1.1 million affected
https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/
Reddit: We had a security incident. Here’s what we know.
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/