Episodes
Episode 80: May 13 2024
This week we talk about [00:36] how Citrix is warning its customers to be aware of this integrated third party tool, then [07:55] we finally learn the identity of...
Episode 79: February 02 2024
This week we talk about [00:36] how a major player in the website protection game, get's hacked, [09:13] A Russian hacker group is using vulnerabilites from December to gain...
Episode 78: January 29 2023
This week we talk about [00:36] an Outlook vulnebility that leaks a hashed password to places it shouldn't, then [06:32] The US government doesn't need warrants for your...
Episode 77: January 22 2023
On my return for 2024, we talk about [00:36] how a Russia backed group hacked Microsoft's top leaders email account, [09:25] VMWare sounds the alarm about their latest critical...
Episode 76: November 27 2023
This week we talk about [00:36] ownCloud let's it users know it's found 3 critical vulnerabilites in some of it's software, [06:57] A school app based in India was...
Episode 75: November 20 2023
This week we talk about [00:36] We talk about how some security researchers were able to extract a RSA key from signing errors, [07:27] How a now defunt shadowy...
Episode 74: November 11 2023
This week we talk about [00:36] The Lace Tempest group seen exploiting a vulnerability in a popular IT Support Software, [06:46] Then we talk about how a company suffered...
Episode 73: October 30 2023
This week we talk about [00:36] A zero-day in a popular webmail client that can be exploited without interaction, then [06:38] How Octo Tempest gang's new addition to social...
Episode 72: October 23 2023
This week we talk about [00:36] a new advertising campaign that is targeting Notepad++ to spread malware, then [00:36] a new cheaper malware avaialbe to cybercriminals that you need...
Episode 71: October 16 2023
This week we talk about [00:36] How the blockchain is being utilized to help the spread of malware, [08:18] How the ToddyCat malware is being improved upon and how...
Episode 70: October 09 2023
Episode 69: September 25 2023
This week we talk about [00:36] a new phishing campaign that is using your reservations at hotels to target you from the hotel itself, then [08:20] how a proof...
Episode 68: September 11 2023
This week we talk about how a new attack, is actually just hackers using the tools that security testers are using against us, Then we talk about how Apple...
Episode 67: August 07 2023
We discuss a mistake that Burger King France had made that exposed database configuration information. We tell you why you need to be aware of LOLBAS (formerly LOLBins) and...
Episode 66: July 31 2023
We talk about a new exploit that abuses a computer search component that hopes to trick your users into clicking malware, Then a new malware with an older tactic,...
Episode 65: July 24 2023
This week we walk down the memory road, of downloading pirated software to give your computer an infection, because there's a new malware in town bringing back the 90s,...
Episode 64: July 17 2023
Today's episode we talk about the recently uncovered 2-year-old botnet called AVrecon, Then talk about how criminals are making their own AI called WormGPT, How a recently busted cyber...
Episode 63: July 10 2023
On this week’s show we talk about [00:36] Android security update patches 3 exploits that are being actively used, [08:05] A new technique that allows the successful tricking of...
Episode 62: June 26 2023
This weeks show, we talk about a security researches discovery about Swing VPN, then the US Military is warning it's staff beware of unexpected smart watches, followed by the...
Episode 61: June 20 2023
On this week's show, we talk about the new threat group that is targetting SSH servers, Barracuda announces get rid of impacted appliances after a Zero-Day attack on their...
Episode 60: June 12 2023
I talk about the [00:36] new easily exploitable Microsoft Visual Studio bug, [08:38] A new report that puts CyberSecurity awareness center stage, [19:15] A new “Picture in Picture” technique...
Episode 59: June 05 2023
I talk this week about a malware used for intelligence gathering that may have a state sponsor, New ransomeware that copies a ton of stuff from an establised group,...
Episode 58: May 28 2023
In this week's episode where we talk about how summertime vacations can cause hackers to get some major wins, how the size of your organization, does nothing to protect...
Episode 57: May 22 2023
We talk about how Cybersecurity firm Dragos discloses a security incident and extortion attempt, and what you can learn from it, DarkBERT darkweb search bot, New fingerprint vulnerability BrutePrint;...
Episode 56: May 15 2023
This week I talk about [00:36] how the car location data of 2 million customers was exposed for ten years, [06:54] the fact that millions of mobile phones come...
Episode 55: April 30 2023
New Tactics for Extorting Payments, RTM Group Launches its Linux Ransomware, Hackers are breaking into AT&T email accounts to steal cryptocurrency, New macOS Info-stealer called Atomic
Episode 54: April 24 2023
This week, I talk about the new phishing scams that's targeting Microsoft Teams; how the LockBit Ransomware Group looking at Apple; that an employee at a company sent confidential...
Episode 53: April 17 2023
Pentagon Document Leak, NCR was the victim of BlackCat ransomware gang, Free Movie Sites are a bad idea, Vice Society Ransomware Using Stealthy PowerShell Exfiltration
Episode 52: April 03 2023
This week we talk about the cyber gang posing as another gang to try and extort more money out of the victims of a recent cyber attack. We talk...
Episode 51: March 27 2023
Instagram scam uses fake SHEIN gift cards as lure, Linus Tech Tips Hacked, Another one bites the dust, Fake IRS tax email delivers Emotet malware
Episode 50: March 20 2023
Google Pixel flaw allowed recovery of redacted, cropped images., Actively Exploited Microsoft Outlook Vulnerability Imperils Microsoft 365 Apps, Emotet malware now distributed in Microsoft OneNote files to evade defenses,...
Episode 49: March 13 2023
Batloader uses Google Ads, Crypto: Pay to Earn Scam, Akamai has mitigated the largest DDoS...So Far, Xenomorph Android Banking Trojan Returns
Episode 48: March 06 2023
Popular fintech apps expose exploitable secrets, Microsoft Word RCE PoC is public, Phishing Campaign Targets Job Seekers and Employers, Old Vulnerabilities haunt organizations
Episode 47: February 27 2023
Ransomware Ransom at the right price, Fake Amazon Prime email abuses LinkedIn's URL shortener, Wiper malware goes global, ChatGPT
Episode 46: February 20 2023
Fortinet Patches 40 Flaws, Twitter MMS MFA Disaster, Coinbase cyberattack targeted employees with fake SMS alert, Spain Orders Extradition of Alleged British Hacker to US
Episode 45: February 13 2023
TA866 Threat Group Selectively Targets U.S. and German Organizations, 4,000 Women’s Health Patient Data Breach, Pepsi Bottling Ventures suffers data breach after malware attack , How not to handle...
Episode 44: February 06 2023
LG UPlus' dat breach impacts 290,000 users, Mortgage Financial Technologies Company Exposes Hundreds of Thousands of Records Online, India's largest truck brokerage company leaks 140GB of Data, Security Teams...
Episode 43: Jamuary 30 2023
Old Vulnerabilities used to attack VMware, Nevada Ransomware Group, Data breach at Vice Media involved SSNs and Financial Info, New LockBit color
Episode 42: January 23 2023
Bullet points of key topics + chapter markers [00:36] New CrySIS/Dharma Ransomware Variants [07:45] No Fly List Uncovered [17:12] Riot Games Hacked [22:23] MailChimp discloses new breach
Episode 41: January 16 2023
Bullet points of key topics + chapter markers [00:36] Medical Imaging Firm Faces 2 Class Actions [10:32] Hackers disrupt virtual esports event [17:49] Security Things to Remember as People...
Episode 40: January 09 2023
Bullet points of key topics + chapter markers [00:36] Hackers go after PII the most [09:35] InfoSec Community Target in Phishing Campaign [16:09] Harder to Detect Phishing Technique [23:47]...
Episode 39 December 19 2022
Cisco Warns of Many Old Vulnerabilities Being Exploited in Attacks, Glupteba botnet is back after Google disrupted it, 85% of attacks now use encrypted channels, InfraGard Hacked/Hacker Halts Sale...
Episode 38: December 12 2022
Sequoia Discloses a Data Breach, Health Dept warns of Royal Ransomware, Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto, Cisco discloses high-severity IP phone zero-day
Episode 37: December 05 2022
How not to handle vulnerabilites, HHS warns use of pixel tracking tech without BAA violates HIPAA, Trustcor dropped as root certificate authority, Hyundai app bugs allowed hackers to remotely...
Episode 36: November 28 2022
Tis the Season for Cyber Security, 487 Million WhatsApp Users Numbers for Sale, Hospitality company confirms Data Breach, SocGholish finds success through novel email techniques
Episode 35: November 21, 2022
Amazon RDS Instances Leaking Users' Personal Data, Dangerous BatLoader Malware Dropper, Samba Vulnerability Can Lead to DoS or RCE, RapperBot Targets Game Servers with Modified Brute-Force and DDoS Attacks
Episode 34: November 14 2022
Companies who pay ransomware become targets, Yanluowang Group Hacked, Hackers Are Publishing Stolen Abortion Records on the Dark Web, Fake financial regulators
Episode 33: November 07 2022
Hack of IT firm may include health records, FBI: Hacktivist DDoS attacks had minor impact on critical orgs, AstraZeneca password lapse exposed patient data, Hijacker replaces crypto addresses with...
Episode 32: October 31 2022
Data Wiper Frame Security Researchers, Chrome Urgent Update, LinkedIN Phishing Campaign, Bypass Protections, Cranefly’s Stealthy Techniques
Episode 31: October 24 2022
Emotet learns a new trick, Are Open-Source Repositories Safe?, Text4Shell Concern, 16 Apps Pulled Due to Malware
Episode 30: October 10 2022
Emotet’s Current Tactics, Zimbra’s Unpatched RCE Flaw, Toyota Customers prepare for Phishing, City of Tucson discloses data breach
Episode 29: October 03 2022
Vice Society sets a deadline for LA School District to pay ransom, SolarMarker Makers uses spamdexing to target tax consulting organization BEC Attacks on the Rise, Former IT Administrator Cripples...
Episode 28: September 19 2022
Patreon Lays Off Its Entire Security Team, Uber Hacked, Rockstar Hacked, TikTok can record what you type
Episode 27: September 05 2022
Magecart’s New JavaScript Skimmer Targets Magento Websites, Hackers adopt Sliver toolkit as a Cobalt Strike alternative, Google Chrome emergency update fixes new zero-day used in attacks, Was TikTok Breached?
Episode 26: August 29th, 2022
LastPass Developer System Breached, Nelnet Servicing breach exposes data of 2.5M student loan accounts, Malware delays coinminer install to evade detection, LockBit ransomware gang tries triple-extortion tactic
Episode 25: August 22 2022
iPhone Users Update Now to Patch 2 Zero-Days, Lazarus Group Targets Engineers with Malware, Hackers Stole from Bitcoin ATMs using Zero-Day, TA558 Group Targets Hospitality, Hotel and Travel
Episode 24: June 27 2022
Voicemail Scam Steals Microsoft Credentials, ToddyCat APT Targets Microsoft Exchange Servers, Mitel VoIP Bug Exploited in Ransomware Attacks, Fancy Bear Uses Nuke Threat to Exploit 1-Click Bug
Episode 23: June 20 2022
Flaws Found in Siemens' Industrial Network Management System, Researchers Uncover 'Hermit' Android Spyware, Facebook Messenger Scam Duped Millions, Linux Malware Deemed ‘Nearly Impossible’ to detect
Episode 22: June 13 2022
HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems, Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks, Chinese Hackers Distribute Backdoored Wallets for iOS...
Episode 21: June 06 2022
State-Backed Hackers Exploit 'Follina' to Target Entities in Europe and U.S, Global Law Enforcement Operation Shuts Down FluBot, SideWinder APT Launched More than 1,000 Attacks in Two Years, Critical...
Episode 20: May 31 2022
Ransomware demands acts of kindness to get your files back, Microsoft Office zero day leaves researchers scrambling, Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely, Experts Warn of...
Episode 19: May 24 2022
Malware Campaign Targets InfoSec Community, Vulnerabilities found in Bluetooth gives hackers access to numerous devices, Hackers Gain Fileless Persistence SQL Servers Using a Built-in Utility, Bank refuses to pay...
Episode 18: May 16 2022
US college forced to close after cyberattack, Conti Ransomware Attack Spurs State of Emergency in Costa Rica, $7 to rent DCRat to backdoor your network, ‘Nerbian’ Trojan Uses Advanced...
Episode 17: May 09 2022
Researchers Develop Exploit for the Latest F5 BIG-IP Vulnerability, USB-based Wormable Malware Targets Windows Installer, Attackers Use Event Logs to Hide Fileless Malware, Unpatched DNS Bug Puts Millions of...
Episode 16: May 02 2022
New Malware Loader 'Bumblebee' in the Wild, Hackers Exploit Critical Vulnerability in VMware to Install Malware, Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector, Emotet is...
Episode 15: April 25 2022
Bullet points of key topics + chapter markers [00:37] Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers [04:38] Amazon's Hotpatch for Log4j Flaw Found Vulnerable to...
Episode 14: April 11 2022
Episode 12: April 04 2022
[00:35] Apple Rushes Out Patches for 0-Days in MacOS, iOS [05:59] QNAP Customers Waiting on Fix for OpenSSL Bug among others [12:39] GitLab Releases Patch for Critical Vulnerability That...
Episode 12: March 20 2022
Bullet points of key topics + chapter markers [00:43] Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines [06:09] New "B1txor20" Linux Botnet Uses DNS...
Episode 11: March 13 2022
Bullet points of key topics + chapter markers [00:37] Hackers Abuse Mitel Devices to Amplify DDoS Attacks [06:54] Critical Bugs Could Let Attackers Damage APC Smart-UPS Devices [11:29] New...
Episode 10: March 6th 2022
Date: March 06, 2022 Episode title and number: 10 - March 06, 2022 CISA and FBI warn of potential data wiping attacks spillover, TeaBot Trojan Haunts Google Play Store,...
Episode 09: February 27 2022
Bullet points of key topics + chapter markers [00:35] Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store [04:05] New Flaws Discovered in Cisco's Network Operating System...
Episode 08: February 20 2022
Bullet points of key topics + chapter markers [00:30] TrickBot getting a new upgrade and targeting high-end sites [06:59] Emotet Now Spreading Through Malicious Excel Files [13:09] Critical vulnerabilities...
Episode 07: February 13 2022
A Ransomware Groups’ New Tactic, PHP Everywhere WordPress Plugin Vulnerability, Hackers Planted Fake Digital Evidence on Devices, DOJ Arrests Two and Seizes $3.6 Billion Stolen Cryptocurrency, The Pirate Bay...
Episode 06: February 06 2022
Argo CD Security Bug Opens Kubernetes to Attackers, Critical Vulnerabilities Discovered in Airspan Networks Mimosa, Hackers Exploit 0-Day Vulnerability in Zimbra, Dozens of Security Flaws Discovered in UEFI Firmware,...
Episode 05: January 30 2022
Segway Hit by Magecart Attack, Work at Home sees a Surge in Insider Threats, Newly Discovered Critical Linux Vulnerability, New Standard Aims To Protect Against Deepfakes, Hackers use Windows...
Episode 04 – January 23 2022
Date: January 23, 2022 Episode title and number: 04 - January 23 2022 McAfee has patched two high-severity bugs in its Agent component, 20K WordPress Sites Exposed by Insecure...
Episode 03: January 16, 2022
Router Flaw impacts millions of devices, Cloud Apps Replace Web as Source for Most Malware Downloads, Ransomware targets Edge users, Chrome will limit access to private networks, citing security...
Episode 02 – January 09, 2022
Date: January 09, 2022 Episode Number: 02 Dridex Phishing Email taunt victims of Covid hoax phish with funeral helpline, New warning over abuse of Google services, Norton360 comes with...
Episode 01: January 02, 2022
Inital launch of the podcast, discussion about the new malware targeting MSBuild and how to protect yourself, Why malicious actors are not ‘aging’ their domain name to attack your...
Episode 81: August 05 2024
This week we talk about [00:36] We talk about a new Remote Access Trojan (RAT) that uses Telegram as it's command and control server, then [07:56] we talk about...