Episode 85: Fake Chrome, Dangling Domains & Volt Typhoon Shenanigans
From fake Chrome download pages spreading SpyNote malware to stealthy attacks on Fortinet devices and dangling DNS exploits, cyber criminals are getting creative. Meanwhile, Volt Typhoon shows China’s long game in infiltrating U.S. infrastructure. This episode dives into the hidden threats lurking behind legitimate facades.
Episode 84: Toll Trolls, Fake Recruiters & Tax-Time Traps
From fake toll smishing attacks and job scam malware to tax-themed phishing and compromised npm packages, cybercriminals are pulling out all the psychological stops. This episode exposes how attackers prey on urgency, trust, and tax season chaos to deploy malware like BeaverTail, Tropidoor, and Remcos. Tune in to learn how to spot the tricks before they drain your data—or...
Episode 83: From Trojan Takedowns to Browser Breakdowns
This week we talk about [00:36] a new banking/crypto trojan stealing credentials and taking over phones, then [11:21] a new dropper malware that uses a bunch of techniques to avoid detection, then [18:18] how hackers stealing malchimp sessions and using it for phishing and finally [23:12] FireFox and Chrome have a serious vulnerability currently being exploited.
Episode 81: August 05 2024
This week we talk about [00:36] We talk about a new Remote Access Trojan (RAT) that uses Telegram as it's command and control server, then [07:56] we talk about how DigiCert made a mistake and needed to revoke certificates and the chaos that causes, but why it's needed, then [16:21] we talk about how criminals once again are utilizing...
Episode 80: May 13 2024
This week we talk about [00:36] how Citrix is warning its customers to be aware of this integrated third party tool, then [07:55] we finally learn the identity of the main member of LockBit, Then we talk about [14:04] Dell had one of their sites...
Episode 79: February 02 2024
This week we talk about [00:36] how a major player in the website protection game, get's hacked, [09:13] A Russian hacker group is using vulnerabilites from December to gain access to your account, [16:20] Mastadon has a critical vulnerability, can...
Episode 78: January 29 2023
This week we talk about [00:36] an Outlook vulnebility that leaks a hashed password to places it shouldn't, then [06:32] The US government doesn't need warrants for your information they just pay data brokers, [13:58] The NoName...
Episode 77: January 22 2023
On my return for 2024, we talk about [00:36] how a Russia backed group hacked Microsoft's top leaders email account, [09:25] VMWare sounds the alarm about their latest critical vCenter vulnerability that's currently being used in attacks, [16:00] How...
Episode 76: November 27 2023
This week we talk about [00:36] ownCloud let's it users know it's found 3 critical vulnerabilites in some of it's software, [06:57] A school app based in India was leaking personal student data due to misconfiguration, [12:15] Microsoft takes a...
Episode 75: November 20 2023
This week we talk about [00:36] We talk about how some security researchers were able to extract a RSA key from signing errors, [07:27] How a now defunt shadowy hack-for-hire group was behind a bunch of attacks, [15:11] Vulnerabilities in some AL and...
Episode 74: November 11 2023
This week we talk about [00:36] The Lace Tempest group seen exploiting a vulnerability in a popular IT Support Software, [06:46] Then we talk about how a company suffered a compromise, paid the attacker and the data was still leaked, [13:38] We talk...
Episode 73: October 30 2023
This week we talk about [00:36] A zero-day in a popular webmail client that can be exploited without interaction, then [06:38] How Octo Tempest gang's new addition to social engineering is a little scary, [14:12] The Lockbit gang has claimed to have...