The Jerich Show Podcast

In this episode, Erich and Javvad talk about a cyber problem in Leicester, booze distribution problems in Sweden due to ransomware and much more!

In this episode, Erich and Javvad talk about the leader of the Hive RAT getting busted, another bust of LabHost, Frontier communications hit, and more! The cyber camp from Randy: https://www.randylee.com/cybercamp Stories from the show: Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown https://thehackernews.com/2024/04/hive-rat-creators-and-35m-cryptojacking.html Police bust global cyber gang accused of industrial-scale fraud https://www.bbc.com/news/uk-68838977 Frontier Communications shuts down systems after cyberattack https://www.bleepingcomputer.com/news/security/frontier-communications-shuts-down-systems-after-cyberattack/#google_vignette 840-bed hospital in France postpones procedures after cyberattack https://www.bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/

In this episode, Erich and Javvad talk about UK charities being hit, spies accidentally exposed themselves and UK taxi software leaks some details. All this and more in this episode! Stories from the show: Global taxi software vendor exposes details of nearly 300K across UK and Ireland https://www.theregister.com/2024/04/11/icabbi_database_exposure/ Over 90,000 LG Smart TVs may be exposed to remote attacks https://www.bleepingcomputer.com/news/security/over-90-000-lg-smart-tvs-may-be-exposed-to-remote-attacks/ Head of Israeli cyber spy unit exposed ... by his own privacy mistake https://www.theregister.com/2024/04/08/infosec_news_roundup/ Third of charities experienced a cyber breach last year, government reports https://www.civilsociety.co.uk/news/third-of-charities-experienced-a-cyber-breach-last-year-government-reports.html

In this episode Erich and Javvad talk about Scottish IR calls doubling , Microsoft getting beat up over security, YouTube being used to spread malware and what LockBit has done after it took a hit from law enforcement. Stories from the show: Calls to Incident Response Helpline Double in a Year https://www.infosecurity-magazine.com/news/calls-incident-response-helpline/ Microsoft roasted over “cascade of security failures” https://www.thestack.technology/microsoft-roasted-by-csrd-over-security-key-theft/ YouTube being used to distribute malware https://cybernews.com/security/youtube-used-to-distribute-malware/ LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches https://www.infosecurity-magazine.com/news/lockbit-takedown-leak-site-old/

In this episode, Erich and Javvad talk about the clud leak of military data, a UK data leak at Southern Water, the rise in ransomware victims in 2023 and more! Stories from the show: US military notifies 20,000 of data breach after cloud email leak https://techcrunch.com/2024/02/14/department-defense-data-breach-microsoft-cloud-email/ Southern Water Notifies Customers and Employees of Data Breach https://www.infosecurity-magazine.com/news/southern-water-notifies-customers/ Ransomware victim numbers rose by 50% in 2023 https://www.csoonline.com/article/1306045/ransomware-victim-numbers-rose-by-50-in-2023.html

In this episode, Erich and Javvad discuss the reward being offered for Hive ransomware members, a botnoet of toothbrushes, a breach that left a healthcare provider using LinkedIn as a notifcation platform, and more! Stories from the show: https://www.techradar.com/pro/security/major-data-breach-at-healthcare-provider-puts-millions-of-customers-at-risk https://www.forbes.com/sites/daveywinder/2024/02/08/surprising-3-million-hacked-toothbrushes-story-goes-viral-is-it-true/?sh=22dc0e296147 https://www.theregister.com/2024/02/09/hive_leaders_bounty/

In this episode, Erich and Javvad discuss the cyberattack targeting UK councils, what might be the Mother of All Breaches (MOAB) with 26 billion records, the NSA buying web browsing data, and more. Stories from the show: Cyberattack targeting UK councils causes online disruption https://uk.style.yahoo.com/cyberattack-targeting-uk-councils-causes-154505162.html?guccounter=1 Mother of all breaches reveals 26 billion records: what we know so far https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/ US National Security Agency buys web browsing data without warrant, letter shows https://www.reuters.com/technology/cybersecurity/national-security-agency-buys-web-browsing-data-without-warrant-letter-shows-2024-01-26/

In thie episode, Erich and Javvad are talking about the SEC Twitter/x/whateveritis account getting hacked, a vulnerability in Bosch thermostats, the NCA director getting sacked over using personal accounts for sensitive info, and more! Check us out on LinkedIn, YouTube or as an audio-only podcast on all of your favorite platforms Some stories from the show: Have I Been Pwned adds 71 million emails from Naz.API stolen account list https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-71-million-emails-from-nazapi-stolen-account-list/ Bosch thermostats vulnerable to malware attacks https://www.scmagazine.com/brief/bosch-thermostats-vulnerable-to-malware-attacks Senators Want Better SEC Cybersecurity After EFT-Related Hack https://www.pymnts.com/cybersecurity/2024/senators-want-better-sec-cybersecurity-after-eft-related-hack/ NCA director sacked after WhatsApp and email security breaches https://www.computerweekly.com/news/366566272/NCA-director-sacked-after-WhatsApp-and-email-security-breaches

In this episode, James is guest hosting again, and Erich and him cover some of the most interesting cybersecurity stories of the week. Did Apple profit from letting scammers demand iTunes gift cards? The courts say it deserves a trial. O'Hare airport selling lost luggage for less than $10? A Facebook ad says yes! A water authority in the Pittsburgh-area was attacked by Iran because... they used Israeli-made equipment; more crypto stuff being spread through social media account takovers, this time with a cybersecurity vendor, and more! Join one of our live streams at 10am Eastern Time to comment Stories from the show: States and Congress wrestle with cybersecurity after Iran attacks Pittsburgh-area water authority https://www.cbsnews.com/pittsburgh/news/states-congress-wrestle-cybersecurity-iran-attacks-aliquippa-water-authority/ Apple agrees to settle lawsuit over iTunes gift card scam https://www.reuters.com/legal/apple-agrees-settle-lawsuit-over-itunes-gift-card-scam-2024-01-03/ Security Firm Certik’s Account Hijacked to Spread Crypto Drainer https://www.infosecurity-magazine.com/news/certiks-account-hijacked-crypto/ Scam Claims You Can Buy Unclaimed Luggage From O’Hare For $9.95 https://blockclubchicago.org/2024/01/08/scam-claims-you-can-buy-unclaimed-luggage-from-ohare-for-9-95-but-its-not-true/

In this episode, the first of 2024, James McQuiggan fills in for Javvad as we welcome in the new year. Stories from the show: Budget cuts take a toll on IT decision makers’ mental health https://www.helpnetsecurity.com/2024/01/05/it-decision-makers-wellbeing/ Google Chrome starts blocking data tracking cookies https://www.bbc.com/news/technology-67882315 Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html

In this episode, Erich and Javvad wrap up 2023 with a story about a Florida woman hitting her boyfriend with a Christmas tree, plus they discuss a call center takedown in India that netted arrests of 36 people, and more!

In ths episode, Erich and Javvad talk about cyber attacks impacting people buying homes, how cybercriminals are targeting booking.com users, and more hospital outages caused by ransomware. All of these cybersecurity stories and more! Stories from the show: Thousands of house purchases frozen by cyber attack https://finance.yahoo.com/news/thousands-house-purchases-frozen-cyber-183437339.html Booking.com hackers increase attacks on customers https://www.bbc.com/news/technology-67583486 Cyber-attack closes hospital emergency rooms in three US states https://www.theguardian.com/us-news/2023/nov/28/cyber-attack-us-hospitals-texas-oklahoma-new-mexico Regulator says stranger entered hospital, treated a patient, took a document ... then vanished https://www.theregister.com/2023/12/01/nhs_health_board_ticked_off/

In this episode, Erich and Javvad talk about using Google Calendar as a C2 channel, how a lack of resources ended the investigation into the EasyJet breach, and more! Stories from the show: EasyJet hack investigation abandoned because of ‘limited resources’ https://www.itpro.com/security/data-breaches/limited-resources-scuppers-ico-probe-into-easyjet-breach Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html Mr. Cooper Responds to Cyberattack: Offering Enhanced Payment Options for Customers https://ts2.space/en/mr-cooper-responds-to-cyberattack-offering-enhanced-payment-options-for-customers/#google_vignette Court rules automakers can record and intercept owner text messages https://therecord.media/class-action-lawsuit-cars-text-messages-privacy Plastic surgeons hit by hackers https://www.timesnownews.com/technology-science/plastic-surgery-data-breach-nude-photos-leaked-article-105062693

After quite a bit of travel in the last couple of weeks, the dynamic duo is back to chat about recent #cybersecurity stories and more. In this episode, Erich and Javvad talk about some of the most recent antics from North Korea, including attacks on shipbuilding and aerospace organizations, something called a 'Dual Ransomware Attack', and much more. Stories from the show: South Korea accuses North of Phish and Ships attack https://www.theregister.com/2023/10/05/north_korea_phishing_attack_on_south/ Lazarus impersonated Meta recruiter to breach Spanish aerospace firm https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/ FBI: Crippling 'Dual Ransomware Attacks' on the Rise https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends People's Republic of China-Linked Cyber Actors Hide in Router Firmware https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a

In this episode, Erich and Javvad discuss the takedown of the Qakbot botnet, an attack on the Polish train system, the Forever 21 breach, which impacts more than 500k people, and much more. Stories from the show: https://www.bleepingcomputer.com/news/security/classiscam-fraud-as-a-service-expands-now-targets-banks-and-251-brands/ Classiscam fraud-as-a-service expands, now targets banks and 251 brands FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown Poland investigates cyber-attack on rail network https://www.bbc.com/news/world-europe-66630260 Forever 21 Data Breach: Personal Details of Over 500,000 Customers, Employees Compromised https://www.techtimes.com/articles/295813/20230831/forever-21-data-breach-personal-details-over-500-000-customers.htm

Erich and Javvad are back after taking a couple of weeks off to vacation and to attend BSides Las Vegas, Blackhat and DEFCON. In this episode they talk about the conference and what has been happening in the cyber world for the past couple of weeks Stories from the show: Danish cloud host says customers ‘lost all data’ after ransomware attack https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/ Cybercriminals turn to AI to bypass modern email security measures https://www.helpnetsecurity.com/2023/08/23/ai-enabled-email-threats/ TP-Link smart bulbs can let hackers steal your WiFi password https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/ Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal https://www.bbc.co.uk/news/technology-60864283

In this episode, Erich and Javvad talk about the upcoming BSides Las Vegas, Black Hat and DEFCON conferences, NHS sharing data via WhatsApp, the #cyber skills gap, and much more Stories from the show: Humans Unable to Reliably Detect Deepfake Speech https://www.infosecurity-magazine.com/news/humans-detect-deefake-speech/ NHS Staff Reprimanded For WhatsApp Data Sharing https://www.infosecurity-magazine.com/news/nhs-staff-reprimanded-whatsapp/ Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/ Hacktivist Collective “Mysterious Team Bangladesh” Revealed https://www.infosecurity-magazine.com/news/mysterious-team-bangladesh-revealed/ Report outlines causes of cyber security skills gap https://www.publicsectorexecutive.com/articles/report-outlines-causes-cyber-security-skills-gap

In this episode, Erich and Javvad discuss current #cybersecurity stories including the attack on a cardiac services vendor, an attack on a Tampa hospital and some new SEC rules around breaches. All this and more! Stories from the show: Security Incident Impacts CardioComm’s Operations https://www.infosecurity-magazine.com/news/security-incident-cardiocomm/ Tampa General Hospital Data Breach Impacts 1.2 Million Patients https://www.infosecurity-magazine.com/news/tampa-hospital-data-breach/

Today morning Erich and Javvad recount their experiences with the famed hacker and colleague Kevin Mitnick, chat about a Ukrainian takedown netting 150k SIM cards, concernes over the Frenchies plan to use AI to surveil the Paris olympics, Microsoft deciding that allowing access to security logs, without a fee, is good, and much more from the world of #cybersecurity. Stories from the show: Kevin Mitnick passed away at 59 https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 French Assembly passes bill allowing police to remotely activate phone cameras and microphones for surveillance https://www.engadget.com/french-assembly-passes-bill-allowing-police-to-remotely-activate-phone-cameras-and-microphones-for-surveillance-210539401.html Paris 2024 Olympics: Concern over French plan for AI surveillance https://www.bbc.co.uk/news/world-europe-66122743 Under CISA pressure, err collaboration, Microsoft makes cloud security logs available for free https://www.theregister.com/2023/07/20/under_cisa_spressures_collaboration_microsoft/ Ukraine takes down massive bot farm, seizes 150,000 SIM cards https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/

In this episode Erich and Javvad talk about the US government email hack, an ethical hacker gone rogue, Ruskies tempting diplomats with a cheap car, and more #cybersecurity stories from this week. Stories from the show: Fewer Than 100 Scammers Responsible For Global Email Extortion https://www.infosecurity-magazine.com/news/fewer-100-scammers-global-email/ Chinese Hackers Gained Access To Some U.S. Government Emails, Microsoft Says https://www.forbes.com/sites/siladityaray/2023/07/12/chinese-hackers-gained-access-to-some-us-government-emails-microsoft-says/?sh=5f49e30c2a37 Russian hackers lured diplomats in Ukraine with cheap BMW ad https://www.reuters.com/world/europe/russian-hackers-lured-embassy-workers-ukraine-with-an-ad-cheap-bmw-2023-07-12/ Cybersecurity professional accused of stealing $9M in crypto https://techcrunch.com/2023/07/11/cybersecurity-professional-charged-for-stealing-9-million-in-crypto/?guccounter=1 Number of email-based phishing attacks surges 464% https://www.helpnetsecurity.com/2023/07/10/evolving-cyberattack-landscape/ Indian developer fired 90 percent of tech support team, outsourced the job to AI https://www.theregister.com/2023/07/13/dukaan_ai_support_replacement/