Podcast: The Jerich Show

The Jerich Show Episode 67 – Cisco joins the present, Pegasus is blacklisted, Squidcrypto and more

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 67 - Cisco joins the present, Pegasus is blacklisted, Squidcrypto and more
Loading
/

In this episode Javvad and Erich discuss Cisco’s decision to remover hard-coded credentials and SSH keys… finally, the US ban on Pegasus spyware, a Squid Game themed cryptocoin robbery, and parents being threatened after building a school app. 

Stories from the show:

Cisco fixes hard-coded credentials and default SSH key issues:
https://www.bleepingcomputer.com/news/security/cisco-fixes-hard-coded-credentials-and-default-ssh-key-issues/

US Bans Trade With Pegasus Spyware Maker:
https://threatpost.com/pegasus-spyware-blacklisted-us/175999/

Squid Game crypto token collapses in apparent scam:
https://www.bbc.co.uk/news/business-59129466

These Parents Built a School App. Then the City Called the Cops:
https://www.wired.com/story/sweden-stockholm-school-app-open-source/

The Jerich Show Episode 66 – Groovy Revenge, NRA Gets Hacked, Iran… Out of Gas, and More!

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 66 - Groovy Revenge, NRA Gets Hacked, Iran... Out of Gas, and More!
Loading
/

This week, Erich and Javvad discuss some of the latest cybersecurity stories, including the NRA hack, North Korea is going after security vendors in supply chain attacks, some Iranian gas pumps are taken offline by a cyber attack and the Groove ransomware gang wants revenge on the US for taking down REvil, and is enlisting other gangs to focus their attacks there.

All of this and more! 

Remember to Like, Share and Subscribe!

Stories from the show:

NRA Hacked:
https://www.cbsnews.com/news/nra-hack-ransomware-gang-grief-russia/

North Korea is Hacking Supply Chains:
https://thehackernews.com/2021/10/latest-report-uncovers-supply-chain.html

Iran… Out of Gas:
https://www.bleepingcomputer.com/news/security/iranian-gas-stations-out-of-service-after-distribution-network-hacked/

Groove Wants Revenge:
https://www.bleepingcomputer.com/news/security/groove-ransomware-calls-on-all-extortion-gangs-to-attack-us-interests/

 

The Jerich Show Episode 65 – Presentation Fails, Telecom Targets, a Breach Admittance and More!

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 65 - Presentation Fails, Telecom Targets, a Breach Admittance and More!
Loading
/

In this episode, Erich and Javvad talk about their fails during presentations, Accenture finally admits it’s data was breached, telecoms are targeted by China, the UK bans Huawei from the 5Gs bad actors steal cookies from content creators, and a whole lot more!

Remember to Like, Subscribe and Share!

 

Stories from the show:

Accenture confirms data breach after August ransomware attack:
https://www.bleepingcomputer.com/news/security/accenture-confirms-data-breach-after-august-ransomware-attack/

Huawei ban: UK to impose early end to use of new 5G kit:
https://www.bbc.com/news/business-55124236

Potential Chinese hackers targeting telecommunications companies:
https://thehill.com/policy/cybersecurity/577440-potential-chinese-hackers-targeting-telecommunications-companies

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts:
https://thehackernews.com/2021/10/hackers-stealing-browser-cookies-to.html

The Jerich Show Episode 64 – Ransomware Without the Encryption, Flight School Hijinx and More!

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 64 - Ransomware Without the Encryption, Flight School Hijinx and More!
Loading
/

In this episode, Erich and Javvad discuss the weekly hot infosec topics, including ransomware without the encryption, angry ex-employees turned insider threat at a flight school, “super” passwords to not use, and whether or not “It was a deepfake” is the new, “The dog ate my homework”. 

All of this and more!

Remember to like, subscribe and share!

 

Stories from the show:

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware:
https://threatpost.com/rapid-attacks-extort-ransomware/175445/

Woman, 26, is arrested ‘for hacking into Florida flight training school’s system and tampering with airplane information, including clearing some aircraft with maintenance issues for takeoff’: Cops say attack was in retaliation after father was fired:
https://www.newsbreak.com/news/2400876442542/woman-26-is-arrested-for-hacking-into-florida-flight-training-school-s-system-and-tampering-with-airplane-information-including-clearing-some-aircraft-with-maintenance-issues-for-takeoff-cops-say-attack-was-in-retaliation-after-father-was-fired

Superman, Not to Rescue: Passwords With Superhero Names Are Most Hacked:
https://www.news18.com/news/buzz/superman-not-to-rescue-passwords-with-superhero-names-are-most-hacked-4317128.html

Fraudsters Cloned Company Director’s Voice In $35 Million Bank Heist, Police Find:
https://www.forbes.com/sites/thomasbrewster/2021/10/14/huge-bank-fraud-uses-deep-fake-voice-tech-to-steal-millions/?sh=18cc26697559

The Jerich Show Episode 63 – The Facebook Thing, a Twitchy Hack, Airgapped Pwnage and More

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 63 - The Facebook Thing, a Twitchy Hack, Airgapped Pwnage and More
Loading
/

In this episode, Javvad makes fun of Erich for his current state of mental exhaustion due to National CyberSecurity Awareness Month, the Facebook outage and incident response tips are discussed, the ramifications of the Twitch breach are covered and an interesting, but maybe not so useful, method of pulling data from an air-gapped system is covered. All of this and more!

 

Remember to Like, Share and Subscribe!

 

Stories from the show:

Understanding How Facebook Disappeared from the Internet:
https://blog.cloudflare.com/october-2021-facebook-outage/

Security experts have given advice following the Twitch data breach:
https://www.nme.com/news/gaming-news/security-experts-have-given-advice-following-the-twitch-data-breach-3064855

Twitch source code and creator payouts part of massive leak:
https://www.theverge.com/2021/10/6/22712250/twitch-hack-leak-data-streamer-revenue-steam-competitor

LANtenna Attacks Exploit Air-Gapped Networks Via Ethernet:
https://www.bankinfosecurity.com/lantenna-attacks-exploit-air-gapped-networks-via-ethernet-cables-a-17688

The Jerich Show Episode 62 – Russian Treason, DDoS attacks, Visa Vulns on an iPhone and More

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 62 - Russian Treason, DDoS attacks, Visa Vulns on an iPhone and More
Loading
/

In this episode, Javvad really messes up the intro, but finally finds his grove as they discuss the stroy about the Group-IB CEO being charged with Treason by Russia, The DDoS attack on Bandwidth, A very specific vulnerability with iPhones and Visa cards and how YouTube is going to remove all vaccine misinformation from the platform.

All of this and more! 

Like, share and subscribe!

Stories from the show:

Top Russian Cybersecurity CEO Charged with Treason:
https://www.govinfosecurity.com/top-russian-cybersecurity-ceo-charged-treason-a-17644

Bandwidth Hit with DDoS Attack, Dealing with Service Disruptions:
https://www.channelfutures.com/security/bandwidth-hit-with-ddos-attack-dealing-with-service-disruptions

Security experts urge iPhone users to remove Visa as a transport card via Apple Pay:
https://uk.news.yahoo.com/security-experts-urge-iphone-users-234037124.html

YouTube to remove all anti-vaccine misinformation:
https://www.bbc.com/news/technology-58743252

 

Show Contents:
00:00 – 02:04 Javvad ruins the Intro
02:04 – 06:56 Treason or just business?
06:56 – 12:52 DDoS and the Bandwidth attack
12:52 – 22:49 Transporting with Visa
22:49 – 22:17 YouTube removing anti-vaxx misinformation
22:17 – 27:30 Outro

The Jerich Show Episode 61 – Raging Against the Machine

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 61 - Raging Against the Machine
Loading
/

In this episode, Erich channels his deep inner anger about some government follies that have impacted individuals and organizations alike. Javvad mostly nods along for effect. 

Remember to Like, Share and Subscribe! 

Stories from the show:

 

FBI Withholding Kaseya Ransomware Decryption Key Had ‘No Bearing’ on REvil:
https://www.channelfutures.com/security/fbi-withholding-kaseya-ransomware-decryption-key-had-no-bearing-on-revil

Four months on from a sophisticated cyberattack, Alaska’s health department is still recovering:
https://www.zdnet.com/article/four-months-on-from-sophisticated-cyber-attack-alaskas-health-services-is-still-recovering/

Investigation launched after MoD email blunder:
https://www.computerweekly.com/news/252506972/Investigation-launched-after-MoD-email-blunder

 

The Jerich Show Episode 60 – Hostile Takeover

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 60 - Hostile Takeover
Loading
/

Erich Kron is out this week so the award-winning Host Unknown stepping in and took matters into their own hands. 

Follow host unknown on hostunknown.tv @hostunknowntv
Listen to the host unknown podcast on your favourite podcast player

 

Stories from the show: 
‘Significant threat’: cyber attacks increasingly targeting Australia’s critical infrastructure
https://www.theguardian.com/technology/2021/sep/15/significant-threat-cyber-attacks-increasingly-targeting-australias-critical-infrastructure

Microsoft: Windows 10 2004 reaches end of service in December
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-2004-reaches-end-of-service-in-december/

HP patches severe OMEN driver privilege escalation vulnerability
https://www.zdnet.com/article/hp-patches-omen-driver-privilege-escalation-vulnerability/

Apple Issues Emergency Fix for NSO Zero-Click Zero Day
https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Over 60 million wearable, fitness tracking records exposed via unsecured database
https://www.zdnet.com/article/over-60-million-records-exposed-in-wearable-fitness-tracking-data-breach-via-unsecured-database/

 

Follow host unknown on hostunknown.tv
Listen to the host unknown podcast on your favourite podcast player

The Jerich Show Episode 59 – No Cops or the Data gets Dumped, Cybercrime as a Tax Deduction and More

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 59 - No Cops or the Data gets Dumped, Cybercrime as a Tax Deduction and More
Loading
/

In this episode, Javvad messes up by starting the recording early, then hem and Erich discuss a new threat from a ransomware gang about dumping data if the victim calls the cops, the REvil servers mysteriously being resurrected from the dead, claiming a ransomware payment as a tax deduction and a whole bunch of VPN passwords being stolen.

All of this and more, in this episode of The Jerich Show (complete with a reworked logo)

Remember to Like, Share and Subscribe!

 

Stories From the Show:

Ransomware gang threatens to leak data if victim contacts FBI, police:
https://www.bleepingcomputer.com/news/security/ransomware-gang-threatens-to-leak-data-if-victim-contacts-fbi-police/

Hit by a ransomware attack? Your payment may be deductible:
https://www.independent.co.uk/news/hit-by-a-ransomware-attack-your-payment-may-be-deductible-irs-fbi-pms-washington-ransomware-b1868907.html

REvil ransomware’s servers mysteriously come back online:
https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices:
https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html

Show Contents:
00:00 – 01:42  Javvad Messes Up the Intro
01:42 – 07:17 Ragnar Locker Threats if the Victim Calls the Cops or Negotiators
07:17 – 09:02 Is Your Ransom Payment a Tax Deduction?
09:02 – 15:32 REvil Servers Raise Their Ugly Heads Again
15:32 – 20:42 VPN Accounts Leaked From Fortigate Devices
20:42 – 20:50 Outro

The Jerich Show Episode 58 – Returned From a Break: AKA the Curmudgeon Episode

The Jerich Show Podcast
The Jerich Show Podcast
The Jerich Show Episode 58 - Returned From a Break: AKA the Curmudgeon Episode
Loading
/

It’s been a couple of weeks, but Javvad and Erich are back from a little break and far more grumpy than you might assume. That’s OK, because, as evidenced by the stories, they are grumpy because nobody fixed the internet while they were gone. 

Check out what they are so grumpy about and don’t forget to Like, Share and Subscribe!

Stories from the show:

Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms:
https://thehackernews.com/2021/08/attackers-can-remotely-disable-fortress.html

Scam artists are recruiting English speakers for business email campaigns:

https://www.zdnet.com/article/scam-artists-are-recruiting-english-speakers-for-business-email-campaigns

LockBit gang leaks Bangkok Airways data, hits Accenture customers:
https://www.bleepingcomputer.com/news/security/lockbit-gang-leaks-bangkok-airways-data-hits-accenture-customers/

Twitter creates ‘Safety Mode’ to temporarily block accounts caught insulting users:
https://www.zdnet.com/article/twitter-creates-safety-mode-to-temporarily-block-accounts-caught-insulting-users/