Episodes
-
A hacking group boasted about breaching car manufacturer Ford's network and stealing data on 44,000 customers, selling it for 2 dollars on hacking forums for everyone to enjoy. The only problem? That data isn't exactly what they claimed.
Sources: https://pastebin.com/d7r88Q7m
-
Simple misconfiguration can often lead to disaster, and sometimes that disaster is a threat actor sneakily taking over your trusted website and using it to host malware, send phishing emails, or control botnets. Here's a surprisingly easily exploited DNS oversight that has allowed threat actors to take over 70,000 websites.
Sources: https://pastebin.com/DqXL1BRb
-
Missing episodes?
-
Ransomware groups typically request payments in the form of crypto, but newcomers Hellcat wanted to get this bread in a more literal sense. So why bread? There may be a more realistic reason than you'd think...
Sources: https://pastebin.com/kAkdLJD5
-
There's all sorts of online shopping scams, but one of the newest ones discovered exploits legitimate eshops by creating fake product listings on other people's websites and redirecting shoppers to an attacker-controlled page that will steal credit card data.
Sources: https://pastebin.com/VS9XFHRF
-
The Flipper Zero is a notorious hacking tool used to wreak havoc on traffic lights, banks, locks, and cars. Or is it? What can the Flipper actually do, and is it really as dangerous as it seems on Tik Tok?
Sources: https://pastebin.com/cnJyQkXC
-
A couple months ago security education company KnowBe4 accidentally hired a North Korean threat actor who tried to install malware on their machine. Turns out this may not be as uncommon as you'd think. Recently a network of North Korean threat actors applying for jobs, and US citizens helping them, has been uncovered.
Sources: https://pastebin.com/1npHD8cA
-
The Internet Archive is a website vital in the preservation of digital information, and recently it was attacked on two separate occasions. Here's what went down.
Sources: https://pastebin.com/nbhNFAv5
-
Ever receive a weird wrong number text or match with someone on a dating site who starts talking about crypto? It may be part of a long term scam meant to drain you of as much money as you're willing to part with to make a big investment. Once it seems too good to be true and you go to withdraw your earnings, suddenly you realize you've lost it all.
-
Cars are just big computers now, and that means they are vulnerable to exploits that could allow a concerning amount of control over them. Security researchers discovered a vulnerability in the Kia dealer portal that could allow a hacker remote control over millions of cars made after 2013.
Sources: https://pastebin.com/tsJGg8jq
-
The Tor network allows for anonymous connections to unindexed search engines, including to online criminal services. Recently though, German authorities claimed to have de-anonymized a user using Tor and made an arrest. Has Tor finally been cracked, or is this a scare tactic to instill fear in threat actors?
Sources: https://pastebin.com/Hfrrbdag
-
YubiKeys are physical authentication devices that have a lot of flexibility and are compatible with just about every service, but as it turns out if you know a lot about math and electronics you can uncover the private keys and clone the device!
Sources: https://pastebin.com/WacbUmA1
-
The city of Columbus, Ohio had a data breach occur in July. According to the mayor, the information leaked was nothing important to hackers. A security researcher proved that this was not the case, that the data was incredibly sensitive. In response, the city sued him.
Sources: https://pastebin.com/C632hthD
-
Using native Windows tools rather than custom malware is becoming a better technique of pulling off attacks while remaining under the radar. Qilin was caught doing just this to steal credentials right from the Chrome web browser.
Sources: https://pastebin.com/Ccvhs7Pd
-
Antimalware solutions like EDR are meant to keep a careful watch on our systems to ensure they are protected from even sneaky threats. But what happens when malware can take out an EDR solution before it is spotted?
Sources: https://pastebin.com/6uRVy4Yd
-
Often times we can reduce our risk to cyber crime by being careful about the websites we sign up for, but what if someone has our data that we never consented to giving them and ends up being breached? Just that happened, with a company you've probably never heard of.
Sources: https://pastebin.com/Yms285F5
-
Ransomware threat actors are one of the biggest modern threats, and things will only ramp up when threat actors see just how much an organization is willing to pay to have their data back. Recently it was uncovered that a covert ransomware group quietly received the largest payout ever recorded in ransomware history.
Sources: https://pastebin.com/uLQ9sFh0
-
KnowBe4 has employed hacker Kevin Mitnick as a spokesperson in their security training materials. But what happens when you employ a hacker by accident and they immediately try loading malware on the company provided laptop?
Sources: https://pastebin.com/XrMa4bsS
-
The biggest IT outage across the world just happened. Planes were grounded, hospitals and 911 dispatch centers were down, people couldn't turn their computers on, all on a massive global scale never seen before. So what is CrowdStrike, and how did this happen?
Sources: https://pastebin.com/vxfyMcd4
-
Ticketmaster, AT&T, Neiman Marcus, Advanced Auto Parts. These organizations may not seem like they have anything in common, but they all were customers of Snowflake that had a data breach within the past couple months. With conflicting reports from Snowflake, the victims, the threat actors, and different security firms, who is really at fault here?
Sources: https://pastebin.com/E1H5rgkd
-
Authy is an app that allows for multifactor authentication, recently the phone numbers of 33 million Authy customers were leaked due to an unsecured API, which could lead to attacks on those users.
Sources: https://pastebin.com/qLsuL1Qb
- Show more