Episode 70: October 09 2023

This week we talk about [00:36] how a major player in the website protection game, get's hacked, [09:13] A Russian hacker group is using vulnerabilites from December to gain access to your account, [16:20] Mastadon has a critical vulnerability, can the admins patch their servers in time and finally [22:50] A popular remote access tool had their systems breach, and you should reset your account anyway.

[00:36]    Cloudflare Hacked
[09:13]    Russian Hackers using NTLM Relay Attacks
[16:20]    Critical vulnerability in Mastodon
[22:50]    AnyDesk breached, reset passwords

This week we talk about [00:36]    an Outlook vulnebility that leaks a hashed password to places it shouldn't, then [06:32] The US government doesn't need warrants for your information they just pay data brokers, [13:58] The NoName Ransomware group take target at industries around the work, and finally [20:31] the Trello data breach that wasn't really a data breach and why that doesn't make us feel any better.

On my return for 2024, we talk about [00:36] how a Russia backed group hacked Microsoft's top leaders email account, [09:25] VMWare sounds the alarm about their latest critical vCenter vulnerability that's currently being used in attacks, [16:00] How a popular IT remote access tool is being exploited back hackers and what not to do, and finally [23:11] a long dormant group wakes back up and using email to create havoc.

This week we talk about [00:36] ownCloud let's it users know it's found 3 critical vulnerabilites in some of it's software, [06:57] A school app based in India was leaking personal student data due to misconfiguration, [12:15] Microsoft takes a sucessful attack again it's Windows Hello service to break into computers and [18:49] BlackCat is back at it again, by claiming to hack a fortune 500 company.

This week we talk about [00:36] We talk about how some security researchers were able to extract a RSA key from signing errors, [07:27] How a now defunt shadowy hack-for-hire group was behind a bunch of attacks, [15:11] Vulnerabilities in some AL and ML tools should they give you something to think about, [22:59] and an old tactic being used to extract money from those who care and reminder how it's the season for social engineering.

This week we talk about [00:36] The Lace Tempest group seen exploiting a vulnerability in a popular IT Support Software, [06:46] Then we talk about how a company suffered a compromise, paid the attacker and the data was still leaked, [13:38] We talk about the new vulnerability that CISA is warning about, and finally [17:34] Sumo Logic urges it's users to change their credentials.

This week we talk about [00:36] A zero-day in a popular webmail client that can be exploited without interaction, then [06:38] How Octo Tempest gang's new addition to social engineering is a little scary, [14:12] The Lockbit gang has claimed to have hacked Boeing, but is it true and finally [18:57] A social engineering tactic being used on LinkedIN to spread malware.

This week we talk about [00:36] a new advertising campaign that is targeting Notepad++ to spread malware, then [00:36] a new cheaper malware avaialbe to cybercriminals that you need to be aware of, [00:36] a IT company's misconfiguration exposes 820,000 customers data, and Cisco has a new zero-day that's as severe as can be.

This week we talk about [00:36] How the blockchain is being utilized to help the spread of malware, [08:18] How the ToddyCat malware is being improved upon and how it's being utilized for compromising exchange servers, [14:47] How ALPHV has stolen data from a hosptial and how their extortion techniques are getting worse, and [21:03] DarkGate malware is making a come-back and how it changed it's money making model.

This week we talk about [00:36] how buying cheap android products on popular ecommerce sites may come preloaded with malware, then [07:16] we talk about how the curl library and command has 2 security patches that you need to make sure you update this week, [11:11] a popular DNA testing company has their data leaked on the internet and why that should concern you, and [16:25] Sony confirms another breach linked to the MoveIT vulernability.