Episode 80: May 13 2024
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] how Citrix is warning its customers to be aware of this integrated third party tool, then [07:55] we finally learn the identity of the main member of LockBit, Then we talk about [14:04] Dell had one of their sites scraped and all it cost them was 49 million customers records and we round up this weeks discussion on [23:09] a wordpress plugin that is being actively exploited by hackers and how even if you don't use this plugin, you can protect yourself.
info_outline
Episode 79: February 02 2024
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] how a major player in the website protection game, get's hacked, [09:13] A Russian hacker group is using vulnerabilites from December to gain access to your account, [16:20] Mastadon has a critical vulnerability, can the admins patch their servers in time and finally [22:50] A popular remote access tool had their systems breach, and you should reset your account anyway. [00:36] Cloudflare Hacked [09:13] Russian Hackers using NTLM Relay Attacks [16:20] Critical vulnerability in Mastodon [22:50] AnyDesk breached,...
info_outline
Episode 78: January 29 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] an Outlook vulnebility that leaks a hashed password to places it shouldn't, then [06:32] The US government doesn't need warrants for your information they just pay data brokers, [13:58] The NoName Ransomware group take target at industries around the work, and finally [20:31] the Trello data breach that wasn't really a data breach and why that doesn't make us feel any better.
info_outline
Episode 77: January 22 2023
Cybersecurity News Byte with Jim Guckin
On my return for 2024, we talk about [00:36] how a Russia backed group hacked Microsoft's top leaders email account, [09:25] VMWare sounds the alarm about their latest critical vCenter vulnerability that's currently being used in attacks, [16:00] How a popular IT remote access tool is being exploited back hackers and what not to do, and finally [23:11] a long dormant group wakes back up and using email to create havoc.
info_outline
Episode 76: November 27 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] ownCloud let's it users know it's found 3 critical vulnerabilites in some of it's software, [06:57] A school app based in India was leaking personal student data due to misconfiguration, [12:15] Microsoft takes a sucessful attack again it's Windows Hello service to break into computers and [18:49] BlackCat is back at it again, by claiming to hack a fortune 500 company.
info_outline
Episode 75: November 20 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] We talk about how some security researchers were able to extract a RSA key from signing errors, [07:27] How a now defunt shadowy hack-for-hire group was behind a bunch of attacks, [15:11] Vulnerabilities in some AL and ML tools should they give you something to think about, [22:59] and an old tactic being used to extract money from those who care and reminder how it's the season for social engineering.
info_outline
Episode 74: November 11 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] The Lace Tempest group seen exploiting a vulnerability in a popular IT Support Software, [06:46] Then we talk about how a company suffered a compromise, paid the attacker and the data was still leaked, [13:38] We talk about the new vulnerability that CISA is warning about, and finally [17:34] Sumo Logic urges it's users to change their credentials.
info_outline
Episode 73: October 30 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] A zero-day in a popular webmail client that can be exploited without interaction, then [06:38] How Octo Tempest gang's new addition to social engineering is a little scary, [14:12] The Lockbit gang has claimed to have hacked Boeing, but is it true and finally [18:57] A social engineering tactic being used on LinkedIN to spread malware.
info_outline
Episode 72: October 23 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] a new advertising campaign that is targeting Notepad++ to spread malware, then [00:36] a new cheaper malware avaialbe to cybercriminals that you need to be aware of, [00:36] a IT company's misconfiguration exposes 820,000 customers data, and Cisco has a new zero-day that's as severe as can be.
info_outline
Episode 71: October 16 2023
Cybersecurity News Byte with Jim Guckin
This week we talk about [00:36] How the blockchain is being utilized to help the spread of malware, [08:18] How the ToddyCat malware is being improved upon and how it's being utilized for compromising exchange servers, [14:47] How ALPHV has stolen data from a hosptial and how their extortion techniques are getting worse, and [21:03] DarkGate malware is making a come-back and how it changed it's money making model.
info_outlineThis weeks show, we talk about a security researches discovery about Swing VPN, then the US Military is warning it's staff beware of unexpected smart watches, followed by the latest Mirai botnet campaign targeting IoT devices and finish the episode off with how a self propregrating malware found it's way to a healthcare network.
[00:36] Popular Swing VPN Android App as DDoS Botnet
[08:44] US Military warns of unexpected smart watches
[13:46] Latest Mirai Campaign Leveraging Multiple IoT Exploits
[19:09] Self-Propagating Malware Inadvertently Affects Networked Storage Devices