Podcast: The Jerich Show

On the Road, Twitter is a Mess, French Hospital Down, and More

The Jerich Show Podcast
The Jerich Show Podcast
On the Road, Twitter is a Mess, French Hospital Down, and More
Loading
/

In this episode, Erich is on the road in Dallas for the Podcast Movement conference, but him and Javvad still take the time out to discuss some major stories on cybersecurity this week. 

Stories from the show:

LastPass developer systems hacked to steal source code
https://www.bleepingcomputer.com/news/security/lastpass-developer-systems-hacked-to-steal-source-code/

Twitter whistleblower alleges ‘egregious deficiencies’ in security measures
https://www.theguardian.com/technology/2022/aug/23/twitter-whistleblower-peiter-zatko-mudge-security

Cyber attackers disrupt services at French hospital, demand $10 million ransom
https://www.france24.com/en/europe/20220823-cyber-attackers-disrupt-services-at-french-hospital-demand-10-million-ransom

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
https://thehackernews.com/2022/08/researchers-find-counterfeit-phones.html

Cisco Hacked, and Black Hat 2022 Wrap Up

The Jerich Show Podcast
The Jerich Show Podcast
Cisco Hacked, and Black Hat 2022 Wrap Up
Loading
/

In this episode, Javvad and Erich talk about the Cisco hack and wrap up the 2022 Black Hat experience.

 

Stories from the show:

Las Vegas slammed with more flash floods as iconic strip, casinos under water again
https://nypost.com/2022/08/12/las-vegas-slammed-with-more-flash-floods-as-iconic-strip-casinos-under-water-again/

Smishing Attack Led to Major Twilio Breach
https://www.infosecurity-magazine.com/news/smishing-attack-led-to-major/

Cloudflare: Someone tried to pull the Twilio phishing tactic on us too
https://www.theregister.com/2022/08/10/cloudflare_twilio_phishing/

Cisco Talos shares insights related to recent cyber attack on Cisco
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html

FEMA Warns Systems Vulnerable, $190MIL in Crypto Stolen and Macros Cause Havok

The Jerich Show Podcast
The Jerich Show Podcast
FEMA Warns Systems Vulnerable, $190MIL in Crypto Stolen and Macros Cause Havok
Loading
/

Erich and Javvad discuss a crypto currency theft of around $190mil, FEMA warns about patching emergency alerts systems and macros have become a top way to spread ransomware, plus more stories of the week. 

Join us live and chat with us on LinkedIn

 

 

Stories from the show:

Hack of US cryptocurrency firm Nomad leads to $190 million loss in bridge attack
https://www.scmagazine.com/analysis/breach/hack-of-us-cryptocurrency-firm-nomad-leads-to-190-million-loss-in-bridge-attack

87% of the ransomware found on the dark web has been delivered via malicious macros
https://www.helpnetsecurity.com/2022/08/03/ransomware-malicious-macros/

FEMA warns emergency alert systems could be hacked to transmit fake messages unless software is updated
https://www.cnn.com/2022/08/03/politics/fema-emergency-alert-software-warning/index.html

Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones
https://www.theregister.com/2022/08/03/tmobile_unlock_prison_phone/

What is your data worth, cyber attacks on shipping and much more!

The Jerich Show Podcast
The Jerich Show Podcast
What is your data worth, cyber attacks on shipping and much more!
Loading
/

In this episode Erich and Javvad discuss cyber attacks on the Port of Los Angeles, the value T-Mobile places on your data and much more!

 

T-Mobile Pitches $4-Per-Customer Settlement for Data Leak Impacting 80M People

https://www.darkreading.com/application-security/t-mobile-pitches-4-per-customer-settlement-for-data-leak

 

Cyber-attacks on Port of Los Angeles have doubled since pandemic

https://www.bbc.com/news/business-62260272

Fake Cisco gear, Microsoft warns about MFA resistant phish, and more!

The Jerich Show Podcast
The Jerich Show Podcast
Fake Cisco gear, Microsoft warns about MFA resistant phish, and more!
Loading
/

In this episode, Javvad and Erich discuss a Florida man charged with selling fake Cisco gear, a phish designed to get around MFA, ransomware gangs allow searching of dumped data and Google updates their password manager.

Stories from the show:

Florida man charged with selling fake Cisco equipment in $1 billion scheme
https://www.reuters.com/world/us/florida-man-charged-with-selling-fake-cisco-equipment-1-bln-scheme-2022-07-08/

This big phish can swim around MFA, says Microsoft Security
https://www.theregister.com/2022/07/13/aitm-phishing-microsoft/

Ransomware gang now lets you search their stolen data
https://www.bleepingcomputer.com/news/security/ransomware-gang-now-lets-you-search-their-stolen-data/

Google Updates Password Manager With New Security, Management Tools 
https://uk.pcmag.com/password-managers/141268/google-updates-password-manager-with-new-security-management-tools

India: How a fake ‘IPL’ cricket league ran for Russian punters
https://www.bbc.com/news/world-asia-india-62123966

Carnival gets a $5mil fine, Microsoft changes mind on macros, and more!

The Jerich Show Podcast
The Jerich Show Podcast
Carnival gets a $5mil fine, Microsoft changes mind on macros, and more!
Loading
/

In this episode, Erich and Javvad talk about fake copyright infringement emails, Carnival cruise line is fined $5 for not having MFA, A Dutch univeristy makes money off a paid ransom, unemployment payments taken offline by ransomware and more. 

Stories from the show:

Fake copyright infringement emails install LockBit ransomware
https://www.bleepingcomputer.com/news/security/fake-copyright-infringement-emails-install-lockbit-ransomware/

Cruise line operator Carnival hit with $5m fine for failing to implement multi-factor authentication and failing to conduct cyber security training for its staff.
https://www.itpro.co.uk/security/cyber-security/368362/carnival-hit-with-5-million-fine-over-cyber-security-violations

Dutch University retrieves Bitcoin ransomware payment and makes a profit
https://www.theregister.com/2022/07/05/maastricht_university_ransom_return/

Cyberattack shuts down unemployment, labor websites across the US
https://www.theregister.com/2022/07/01/gsi-cyberattack-state-unemployment/

Supermarket chain Wegmans settles with New York over data breach
https://www.reuters.com/business/retail-consumer/supermarket-chain-wegmans-settles-with-new-york-over-data-breach-2022-06-30/

Google Updates Password Manager With New Security, Management Tools 
https://uk.pcmag.com/password-managers/141268/google-updates-password-manager-with-new-security-management-tools

Microsoft rolls back decision to block Office macros by default
https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-back-decision-to-block-office-macros-by-default/

 

Voices from the dead, CISA gets serious, and much more!

The Jerich Show Podcast
The Jerich Show Podcast
Voices from the dead, CISA gets serious, and much more!
Loading
/

In this episode, Javvad and Erich chat about Alexa bringing voices from the dead, CISA getting serious about Log4Shell, AI being alive and much, much more.

Stories from the show: 

CISA: Log4Shell exploits still being used to hack VMware servers
https://www.bleepingcomputer.com/news/security/cisa-log4shell-exploits-still-being-used-to-hack-vmware-servers/

Conti ransomware hacking spree breaches over 40 orgs in a month
https://www.bleepingcomputer.com/news/security/conti-ransomware-hacking-spree-breaches-over-40-orgs-in-a-month/

Google engineer put on leave after saying AI chatbot has become sentient
https://www.theguardian.com/technology/2022/jun/12/google-engineer-ai-bot-sentient-blake-lemoine

Alexa could soon speak in a dead relative’s voice
https://www.npr.org/2022/06/23/1107079194/amazon-alexa-dead-relatives-voice 

Burnout, False Hope, and Bad Practices Spell Trouble

The Jerich Show Podcast
The Jerich Show Podcast
Burnout, False Hope, and Bad Practices Spell Trouble
Loading
/

Today James McQuiggan (who is in for Javvad) discuss burnout in security folks, reliance on endpoint protection, and how an Elasticsearch server with no password or encryption lost 1 million records.

All this and more on today’s show

Stories from the show:

New research reveals overreliance on endpoint protection could be putting organizations at higher risk of exposure to ransomware
https://www.securityinfowatch.com/cybersecurity/information-security/breach-detection/press-release/21271323/gigamon-new-research-reveals-overreliance-on-endpoint-protection-could-be-putting-organizations-at-higher-risk-of-exposure-to-ransomware

 

Elasticsearch server with no password or encryption leaks a million records
https://www.theregister.com/2022/06/16/storehub_data_leak/

The unrelenting threat of ransomware is pushing cybersecurity workers to quit
https://www.zdnet.com/article/the-unrelenting-threat-of-ransomware-is-driving-cybersecurity-workers-to-quit/

45% of cybersecurity pros are considering quitting the industry due to stress
https://www.helpnetsecurity.com/2022/06/13/cybersecurity-professionals-stress-levels/

 

Roblox Ransomware, EMOTET is Still Alive, 1 Million Facebook Creds Stolen in 4 Months, and More!

The Jerich Show Podcast
The Jerich Show Podcast
Roblox Ransomware, EMOTET is Still Alive, 1 Million Facebook Creds Stolen in 4 Months, and More!
Loading
/

In this episode, Erich and Javvad discuss ransomware demanding payment through ROBLOX, a cybercriminal that stole over 1 million Facebook accounts in 4 months, a data breach exposes 2 million people’s info, and they offer no help. 

Stories from the show:

Bizarre ransomware sells decryptor on Roblox Game Pass store
https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/

A cybercriminal stole 1 million Facebook account credentials over 4 months
https://www.techrepublic.com/article/a-cybercriminal-stole-1-million-facebook-account-credentials-over-4-months/

Emotet malware detections surge 27-fold in first quarter
https://siliconangle.com/2022/06/09/emotet-malware-detections-surge-first-quarter/

Data breach at health care organization may affect 2 million
https://abcnews.go.com/Health/wireStory/data-breach-health-care-organization-affect-million-85262287

 

The Jerichshow Episode 88 – Twitter Fined, CFOs Mushroomed, and More!

The Jerich Show Podcast
The Jerich Show Podcast
The Jerichshow Episode 88 - Twitter Fined, CFOs Mushroomed, and More!
Loading
/

In this episode, Erich and Javvad talk about the arrest of a phishing kingpin, in Nigeria surprisingly, the $150m fine Twitter just got, and a study showing that CFO’s aren’t being included in ransomware talks. 

All this and more in this episode.

 

Stories from the show:

FTC fines Twitter $150M for using 2FA info for targeted advertising:
https://www.bleepingcomputer.com/news/technology/ftc-fines-twitter-150m-for-using-2fa-info-for-targeted-advertising/

Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader:
https://www.infosecurity-magazine.com/news/operation-arrest-cybercrime-gange/

Most CFOs being left out of ransomware conversations:
https://www.computerweekly.com/news/252520714/Most-CFOs-being-left-out-of-ransomware-conversations

New virus forces people to donate to the poor if they want their data recovered:
https://metro.co.uk/2022/05/24/new-ransomware-demands-victims-donate-to-the-poor-to-unlock-their-data-16698304/

NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments:
https://www.infosecurity-magazine.com/news/phishing-lures-disguised-as/