The Jerich Show Podcast

In this episode, Erich and Javvad discuss how ChatGPT is being used to commit crimes, a phishing gang bust by Ukrainian cops and some rather staggering (and suspicious) ransomware stats. All this and more live at 10am Eastern.

Stories from the show:

Belgian intelligence puts Huawei on its watchlist
https://www.politico.eu/article/belgian-intelligence-huawei-watchlist-espionage-china-eu-nato/

Cybercrime, fraud using ChatGPT on the rise, says Europol
https://www.scmagazine.com/brief/cybercrime/cybercrime-fraud-using-chatgpt-on-the-rise-says-europol

Survey finds that almost three quarters of organizations were hit by a successful ransomware attack in 2022
https://www.continuitycentral.com/index.php/news/technology/8361-survey-finds-that-almost-three-quarters-of-organizations-were-hit-by-a-successful-ransomware-attack-in-2022

Ukrainian Police Bust Multimillion-Dollar Phishing Gang
https://www.infosecurity-magazine.com/news/ukrainian-police-bust-phishing/

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
https://thehackernews.com/2023/03/fake-chatgpt-chrome-browser-extension.html

In this episode Erich and Javvad Microsoft cracking windows, what it costs when you cover up a ransomware attack, medical info being shared with social media giants, and much more! Check us out at 10am Eastern Time

Stories from the show:

What happens if you 'cover up' a ransomware infection? For Blackbaud, a $3m charge
https://www.theregister.com/2023/03/10/sec_blackbaud_3m_penalty/ 

Microsoft support 'cracks' Windows for customer after activation fails
https://www.bleepingcomputer.com/news/security/microsoft-support-cracks-windows-for-customer-after-activation-fails/ 

Cerebral admits to sharing patient data with Meta, TikTok, and Google
https://www.theverge.com/2023/3/11/23635518/cerebral-patient-data-meta-tiktok-google-pixel 

Humans Still More Effective Than ChatGPT at Phishing
https://www.infosecurity-magazine.com/news/humans-more-effective-chatgpt/ 

Dole doesn’t expect to recover full costs of ransomware attack
https://www.cybersecuritydive.com/news/dole-recovery-ransomware-attack/644445/ 

Cyber attack affecting Gloucester museum's system one year on
https://www.bbc.com/news/uk-england-gloucestershire-64917275 

In this episode Erich and Javvad disucss the Acer hack, a story where a Russian cybercrime gang dumped naked pics of cancer patients when a hospital wouldn't pay the ransom, and how an old version of Plex lead to the latest LastPass hack.

All this and more

Show Notes:

'THE' Video:
A Facebook message that sparked hope
https://www.youtube.com/watch?v=-OH99CFzhFM

Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
https://www.theregister.com/2023/03/08/acer_confirms_server_breach/

LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
https://thehackernews.com/2023/03/lastpass-hack-engineers-failure-to.html

Russian hackers post NAKED photos of Pennsylvania cancer patients receiving treatment to dark web
https://www.dailymail.co.uk/news/article-11833591/Russian-hackers-post-NAKED-photos-Pennsylvania-cancer-patients-hospital-refused-ransom.html

In this episode Erich Javvad discuss important #cybersecurity stories including... Lastpass... again, the U.S. Marshals get pwned by #ransomware, and much more.

Stories from the show:

U.S. Marshals Service suffers 'major' security breach
https://www.nbcnews.com/politics/politics-news/major-us-marshals-service-hack-compromises-sensitive-info-rcna72581

LastPass says employee’s home computer was hacked and corporate vault taken
https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/

Salesforce to sweat assets
https://www.theregister.com/2023/03/02/salesforce_q4_fy_2023/ 

Hacker leaks alleged Activision employee data on cybercrime forum
https://www.bleepingcomputer.com/news/security/hacker-leaks-alleged-activision-employee-data-on-cybercrime-forum/ 

In this episode, Erich and Javvad discuss the hack of NameCheap's email, which was used to send phishing emails, how Godaddy has been breached for years, accidental WhatsApp account takeovers and more.

Stories from the show:

NameCheap's email hacked to send Metamask, DHL phishing emails
https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/ 

How a women’s ‘disdain for email guff’ stopped a Putin hack six years on
https://www.independent.co.uk/news/uk/home-news/russia-ukraine-email-putin-hack-b2280580.html 

GoDaddy: Hackers stole source code, installed malware in multi-year breach 
https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/ 

Accidental WhatsApp account takeovers? It's a thing 
https://www.theregister.com/2023/02/21/accidental_whatsapp_account_takeover/ 

European Commission bans TikTok on staff devices
https://www.bbc.co.uk/news/technology-64743991 

In this episode, Erich and Javvad discuss the weeks top cybersecurity issues and stories, including the Reddit hack, a top US cybersecurity diplomat's persona Twitter getting pwned, talk about a VMware 0-day and Weee! dealing witha not-so-fun breach. 

All of this and more live on Linkedin, Facebook, Twitch and YouTube! 

Don't forget to like and subscribe

Stories from the show:
The Top U.S. Cybersecurity Diplomat's Personal Twitter Account Was Hacked
https://www.forbes.com/sites/petersuciu/2023/02/06/the-top-us-cybersecurity-diplomats-personal-twitter-account-was-hacked/?sh=3918883d4d7e

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree
https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html

Weee! grocery service confirms data breach, 1.1 million affected
https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/

Reddit: We had a security incident. Here’s what we know.
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

In this episode, Erich and Javvad discuss fraud in the UK, the 'Pooping Perpertrator' gets flushed out, a new Russian wiper is spotted and much, much more! 

Join us on LinkedIn to comment live!

Stories from the show:

Over £3.9 BILLION has been lost to fraud and cybercrimes in the last 13 months across the UK 
https://ifamagazine.com/article/over-3-9-billion-has-been-lost-to-fraud-and-cybercrimes-in-the-last-13-months-across-the-uk/

Florida Authorities Arrest ‘The Pooping Perpetrator’ for Burglary After Suspect Jumped Naked into River and was Rescued by Police
https://lawandcrime.com/crime/florida-authorities-arrest-the-pooping-perpetrator-for-burglary-after-suspect-jumped-naked-into-river-and-was-rescued-by-police/?ICID=ref_fark

Hackers use new SwiftSlicer wiper to destroy Windows domains
https://www.bleepingcomputer.com/news/security/hackers-use-new-swiftslicer-wiper-to-destroy-windows-domains/

Insider attacks becoming more frequent, more difficult to detect
https://www.helpnetsecurity.com/2023/01/30/detect-insider-attacks/

Anker finally comes clean about its Eufy security cameras
https://www.theverge.com/23573362/anker-eufy-security-camera-answers-encryption

In this episode, Erich and Javvad discuss the Hive ransomware group takedown, some refund scams, RMM tool attacks and more.

 Stories from the show:

DOJ disrupts major ransomware group
https://www.nbcnews.com/tech/security/doj-disrupts-major-ransomware-group-rcna67627

CISA says federal agencies attacked in refund scam through remote management software
https://therecord.media/cisa-says-federal-agencies-attacked-in-refund-scam-through-remote-management-software/ 

GoTo says hackers stole encrypted backups during November cyberattack
https://therecord.media/goto-says-hackers-stole-encrypted-backups-during-november-cyberattack/

In this episode we discuss the PayPal issue, Nissan's vendor leaking data an org that gets defaced after ignoring vulnerability warnings, and more!

Stories from the show:

Social Security Numbers Stolen in PayPal Cyberattack
https://www.cnet.com/tech/services-and-software/social-security-numbers-stolen-in-paypal-cyber-attack/

Nissan North America data breach caused by vendor-exposed database
https://www.bleepingcomputer.com/news/security/nissan-north-america-data-breach-caused-by-vendor-exposed-database/

ODIN Intelligence website is defaced as hackers claim breach
https://techcrunch.com/2023/01/15/odin-intelligence-website-defaced-sweepwizard/

MailChimp second breach in a year
https://www.theregister.com/2023/01/19/mailchimp_fesses_up_to_2nd/ 

Solaris taken over by  kraken
https://www.bleepingcomputer.com/news/security/illegal-solaris-darknet-market-hijacked-by-competitor-kraken/ 

In this episode we welcome in the new year, chat about the future in 2023, recap Erich's trip to CES, talk about the big news of the last couple of weeks, and more.

Stories from the show:

'No Evidence' of Cyberattack Related to FAA Outage, White House Says
https://www.securityweek.com/no-evidence-cyberattack-related-faa-outage-white-house-says

Guardian Tells Workers Their Data Was Compromised in Ransomware Hack
https://www.bloomberg.com/news/articles/2023-01-11/guardian-tells-staff-their-data-was-accessed-in-ransomware-hack

Royal Mail ransomware attackers threaten to publish stolen data
https://www.theguardian.com/business/2023/jan/12/royal-mail-ransomware-attackers-threaten-to-publish-stolen-data 

Caught on Camera: Group of thieves accidentally break into Alhambra diaper business
https://www.cbsnews.com/losangeles/news/caught-on-camera-group-of-thieves-accidentally-break-into-alhambra-diaper-business/

Don’t answer another online quiz question until you read this
https://consumer.ftc.gov/consumer-alerts/2023/01/dont-answer-another-online-quiz-question-until-you-read