Cyber Coast to Coast Podcast

Parents are using AirTags to keep track of their kids, but it could stop them from learning important habits https://www.insider.com/why-parents-using-airtags-track-kids-2023-5   8 million people hit by data breach at US govt contractor Maximus https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus/   New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days https://thehackernews.com/2023/07/new-sec-rules-require-us-companies-to.html   Putting a price on privacy: Ending police data purchases https://thehill.com/opinion/technology/552105-putting-a-price-on-privacy-ending-police-data-purchases/  

Man uses an Apple AirTag to track down stolen motorcycle to Chicago alley https://www.nbcchicago.com/news/local/man-uses-an-apple-airtag-to-track-down-stolen-motorcycle-to-chicago-alley/3189405/   Tax preparers shared personal data with Meta, Google: Senate report https://thehill.com/policy/technology/4093026-tax-preparers-shared-personal-data-with-meta-google-senate-report/   Typo directs millions of US military emails to Mali by mistake https://cybernews.com/news/typo-us-military-emails-mali/   White House Unveils Cybersecurity Labeling Program for Smart Devices https://www.securityweek.com/white-house-unveils-cybersecurity-labeling-program-for-smart-devices/   Kevin Mitnick Interviewed at 2017 Cyber Investing Summit https://youtu.be/juy8xL5gM2Y?t=37  

8Base ransomware gang escalates double extortion attacks in June https://www.bleepingcomputer.com/news/security/8base-ransomware-gang-escalates-double-extortion-attacks-in-june/ Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces https://thehackernews.com/2023/06/over-100000-stolen-chatgpt-account.html   Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces https://thehackernews.com/2023/06/over-100000-stolen-chatgpt-account.html

City of Dallas shut down IT services after ransomware attack https://securityaffairs.com/145723/cyber-crime/city-of-dallas-ransomware-attack.html   ChatGPT-Themed Scam Attacks Are on the Rise https://unit42.paloaltonetworks.com/chatgpt-scam-attacks-increasing/   Apple and Google are working together to limit AirTag stalking https://www.theverge.com/2023/5/2/23707920/apple-google-airtag-stalking-bluetooth-tracker-alert-standard This episode is sponsored by www.darkcryptonite.com  

European authorities warned FIFA World Cup attendees against downloading the official tournament app named Hayya as well as the healthcare app Ehteraz. The two apps may collect location data without permission. https://www.infosecurity-magazine.com/news/euro-authorities-world-cup-fans/ Nonprofit organization is suing the state of Massachusetts on behalf of thousands of low-income families who were collectively robbed of more than a $1 million in food assistance benefits by card skimming devices secretly installed at cash machines and grocery store checkout lanes across the state. https://krebsonsecurity.com/2022/11/lawsuit-seeks-food-benefits-stolen-by-skimmers/ Nokia has stated that contrary to popular belief, 5G technology will make cyberattacks more common. Four years after 5G technology was widely released, 7 in 10 companies are reporting cyberattacks. https://www.cybersecuritydive.com/news/5g-security-breaches/636693/ This episode is sponsored by www.darkcryptonite.com

Twitter Verified Status Users Flooded with Scams https://www.infosecurity-magazine.com/news/twitter-verified-status-users/   Vodafone Italy discloses data breach after reseller hacked https://www.bleepingcomputer.com/news/security/vodafone-italy-discloses-data-breach-after-reseller-hacked/   Dropbox discloses unauthorized access to 130 GitHub source code repositories https://securityaffairs.co/wordpress/137975/hacking/dropbox-account-hacked-2fa-jpg.html   This episode is sponsored by www.DarkCryponite.com    

Scott and Craig discuss the following headlines: Crypto-Thieves Cost Victims 53 Times What They Make https://www.infosecurity-magazine.com/news/cryptothieves-cost-victims-53/   NSA Cyber Specialist, Army Doctor Charged in US Spying Cases https://www.securityweek.com/nsa-cyber-specialist-army-doctor-charged-us-spying-cases Fast Company shuts website after hack sends 'obscene' Apple News notifications https://www.reuters.com/technology/fast-companys-website-shuts-after-apple-news-feed-hacked-2022-09-28/   This episode is sponsored by Dark Cryptonite. www.DarkCryptonite.com    

Scott and Craig discuss building materials giant Knauf hit by Black Basta ransomware gang, Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely, Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia” and Cyber Tip of the Week involving Crypto scams via PayPal. This episode is sponsored by www.DarkCryptonite.com https://www.bleepingcomputer.com/news/security/building-materials-giant-knauf-hit-by-black-basta-ransomware-gang/ https://thehackernews.com/2022/07/unpatched-gps-tracker-bugs-could-let.html https://thehackernews.com/2022/07/russian-hackers-tricked-ukrainians-with.html

This week, Scott and Craig discuss "Leaked Audio From 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed From China", "new Android malware has been downloaded over 3 million times and still found on the Google Play Store" and "Florida waitress cons 99-year-old for nearly $600k to spend on vacations" as well as the cyber tip of the week. This episode is sponsored by www.DarkCryptonite.com https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access https://www.bleepingcomputer.com/news/security/new-android-malware-on-google-play-installed-3-million-times/ https://www.wfla.com/news/florida/florida-waitress-cons-99-year-old-for-nearly-600k-to-spend-on-vacations-deputies/ https://youtu.be/_g3KI5yi6Fw

Scott and Craig discuss Ukrainian cybersecurity officials disclose two new hacking campaigns, Europol Busts Phishing Gang Responsible for Millions in Losses and Facebook phishing campaign that breached millions of accounts is still active even after its discovery. Our cyber tip of the week is all about phishing.    This episode is sponsored by Dark Cryptonite. Dark Cryptonite stops ransomware, malware and phishing in their tracks eliminating cybercrime, fraud and information warfare. Dark Cryptonite utilizes advanced blockchain algorithms and zero trust models. Learn more on www.DarkCryptonite.com https://www.cyberscoop.com/ukraine-russia-hacking-apt28-trickbot-follina/ https://thehackernews.com/2022/06/europol-busts-phishing-gang-responsible.html https://pixmsecurity.com/blog/blog/phish-goes-on/  

Scott and Craig discuss Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room, Attackers can control touchscreens remotely using GhostTouch, and Oil and gas companies take cyber resilience pledge https://thehackernews.com/2022/05/lumos-system-can-find-hidden-cameras.html https://thehackernews.com/2022/05/attackers-can-use-electromagnetic.html https://www.itsecurityguru.org/2022/05/27/oil-and-gas-companies-take-cyber-resilience-pledge/

This week Scott and Craig open the show (apologies for sound issues at the top of the episode) by discuss and new book release of Hacker's Movie Guide: The Complete List of Hacker and Cybersecurity Movies (2022-23 Edition). They also discuss 3 stories involving researchers finding three vulnerabilities in Qualcomm and MediaTek mobile chips, 3 flaws present in Lenovo laptops that can give attackers a way to drop highly persistent malware and the FBI has stated that the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide. This episode is sponsored by www.DarkCryptonite.com https://www.amazon.com/Hackers-Movie-Guide-Complete-Cybersecurity/dp/173301571X https://thehackernews.com/2022/04/critical-chipset-bug-opens-millions-of.html https://www.darkreading.com/threat-intelligence/millions-of-lenovo-laptops-contain-firmware-level-vulnerabilities https://www.bleepingcomputer.com/news/security/fbi-blackcat-ransomware-breached-at-least-60-entities-worldwide/  

Scott and Craig discuss joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy, Wind turbine company Nordex is still trying to recover from a cyberattack, evidence of LockBit ransomware found in the network of a regional U.S. government agency. This episode is sponsored by www.DarkCryptonite.com https://www.bleepingcomputer.com/news/security/us-warns-of-govt-hackers-targeting-industrial-control-systems/ https://www.securityweek.com/wind-turbine-giant-nordex-scrambling-recover-cyberattack https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-lurked-in-a-us-gov-network-for-months/  

Scott and Craig discuss criminal hackers harvesting sensitive customer data from Apple, Facebook, Discord and possibly Snap using fake subpoena requests, Wyze knew hackers could remotely access cameras for three years and said nothing, Verizon blames ‘bad actors' for the spam text you got from your own number and the cyber tip of the week on security updates of firmware, software, operating systems, etc. Scott and Craig also introduce their new sponsor, www.DarkCryptonite.com https://krebsonsecurity.com/2022/03/hackers-gaining-power-of-subpoena-via-fake-emergency-data-requests/ https://www.theverge.com/23003418/wyze-cam-v1-vulnerability-no-patch-bitdefender-responsible-disclosure https://www.theverge.com/2022/3/29/23001528/verizon-spam-texts-own-number-confirms-statement

This week, Scott and Craig discuss Hacking group Lapsus$ claims to have leaked the source code for Bing, Cortana, and other Microsoft products, Android password-stealing malware infects 100,000 Google Play users and Anonymous hacking Russian printers to print "the people of Russia must find horror in Putin's actions." over 100,000 times. Scott and Craig also discuss the pros and cons or Apple's App Store compared to Google Play App store as the cyber tip of the week. This episode is sponsored by www.Cyberlitica.com https://www.bleepingcomputer.com/news/microsoft/lapsus-hackers-leak-37gb-of-microsofts-alleged-source-code/ https://www.bleepingcomputer.com/news/security/android-password-stealing-malware-infects-100-000-google-play-users/ https://www.ladbible.com/news/anonymous-says-its-hacked-printers-all-across-russia-20220322

Scott and Craig discuss Russian hackers exploiting MFA vulnerability to attack different companies, Germany's Federal Office for Information Security, BSI, has warned companies against using Kaspersky antivirus products, Netflix is starting to crack down on password sharing and our CYBER TIP of the WEEK on password reuse. This episode is sponsored by www.Cyberlitica.com.

Scott and Craig discuss Lapsus$ hacking group attack on Samsung, Anonymous claims on hacking Russian TV and how cybersecurity companies Cloudflare, Clidstrike and Ping Identity offering free services to critical U.S. infrastructure. They also discuss the attempted social engineering attack through email spoofs of their own company as the cyber tip of the week. This episode is sponsored by www.Cyberlitica.com https://techcrunch.com/2022/03/07/samsung-breach-source-code/?guccounter=1 https://fortune.com/2022/03/07/anonymous-claims-hack-of-russian-tvs-showing-putins-ukraine-invasion/ https://www.washingtonpost.com/technology/2022/03/07/cyber-security-russia-ukraine/?utm_source=reddit.com  

Scott and Craig discuss Hacker group Anonymous alleged breach of Vladimir Putin's yacht, Ukrainian WordPress websites seeing a 10x increase in cyber attacks, researchers demonstrate new side-channel attack on homomorphic encryption and cyber tip of the week: MFA. This episode is sponsored by www.Cyberlitica.com. https://www.insider.com/hackers-change-call-sign-of-putin-linked-superyacht-to-fckptn-2022-3 https://www.bleepingcomputer.com/news/security/ukrainian-sites-saw-a-10x-increase-in-attacks-when-invasion-started/ https://thehackernews.com/2022/03/researchers-demonstrate-new-side.html Sophisticated bank scam ID spoof can even fool cybersecurity experts (Scott's appearance on ABC27 News) https://youtu.be/rPGOvvVZyi8  

Scott and Craig discuss 3 stories related  to Russian attacks against Ukraine including a mass text message cyber operation against Ukranian soldiers and citizens, Russian cyberattack against Ukrainian banks and government websites and Biden's cyberwarfare tactical options against Russia. This episode is sponsored by www.Cyberlitica.com https://www.msn.com/en-us/news/world/disturbing-mass-text-operation-terrorizes-ukraine-as-russian-troops-move-in/ar-AAUdejJ https://www.cnbc.com/2022/02/23/cyberattack-hits-ukrainian-banks-and-government-websites.html https://www.nbcnews.com/politics/national-security/biden-presented-options-massive-cyberattacks-russia-rcna17558  

Scott and Craig discuss Honorlock's new attempt to lure in students cheating remotely, a married couple that allegedly laundered $3.6 in Bitcoin before producing an awful rap video and a new software tool that can actually Unredact pixelated text making it readable. They also discuss Paypal, Twitter and Ebay related scams and offer some tips to stay safe. This episode is sponsored by Cyber Coast to Coast. https://www.theverge.com/2022/2/16/22937125/honorlock-remote-proctor-cheating-honeypot-fake-test-answers https://www.nytimes.com/2022/02/08/us/politics/ilya-lichtenstein-heather-morgan-bitcoin-laundering.html https://www.youtube.com/watch?v=6Y1ujFhhADU https://thehackernews.com/2022/02/this-new-tool-can-retrieve-pixelated.html

Scott and Craig discuss the FBI advisory on hackers writing code that could disrupt critical infrastructure, the warning signs and ways to avoid romantic scams on the internet and why ID.me cannot keep up with the U.S. government's needs. This episode is sponsored by www.cyberlitica.com https://www.nextgov.com/cybersecurity/2022/02/fbi-ransomware-attackers-have-code-halt-critical-infrastructure/361808/ https://www.bleepingcomputer.com/news/security/ftc-says-americans-lost-547-million-to-romance-scams-in-2021/ https://www.theverge.com/2022/2/11/22928082/id-me-irs-facial-recognition-overworked-employees

Scott and Craig discuss the railway ransomware hacktivism in Belarus, Deadbolt ransomware infecting QNAP servers, cybersecurity skills gap interview with SecureWorks and this week's cyber tip of the week on ransomware attacks. This episode is sponsored by Cyberlitica. https://arstechnica.com/information-technology/2022/01/hactivists-say-they-hacked-belarus-rail-system-to-stop-russian-military-buildup/ https://www.bleepingcomputer.com/news/security/qnap-force-installs-update-after-deadbolt-ransomware-hits-3-600-devices/ https://docs.publicnow.com/viewDoc?hash_primary=8E834E6ECFD4B2C8896CBF702F497C75AE41FCE8

Scott and Craig begin with a suspicious letter that Craig's wife received from NY Dept. of Labor regarding unemployment fraud and ID theft. They then discuss a new report detailing how vulnerable medical IoT devices are, how an angry developer posted corrupt code on GitHub and Microsoft's proposed acquisition of Blizzard Activision. This episode is sponsored by Cyberlitica. https://www.theverge.com/2022/1/19/22891440/internet-connected-medical-devices-vulnerable https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ https://www.nytimes.com/2022/01/19/business/dealbook/microsoft-activision-deal.html

Scott and Craig discuss a new theme song for the podcast, a ransomware attack on a jail in New Mexico, QR code parking meter scam in Texas and a Tesla owner that claims to use his Tesla Model 3 to mine cryptocurrency. This episode is sponsored by Cyberlitica. https://www.theverge.com/2022/1/11/22878471/ransomware-attack-new-mexico-jail-lockdown-cameras-bernalillo-county https://www.bitdefender.com/blog/hotforsecurity/us-police-parking-meters-phishing-qr-codes/ https://www.msn.com/en-us/money/other/a-tesla-owner-says-he-makes-up-to-800-a-month-mining-cryptocurrency-with-his-car-he-says-it-s-worth-it-even-though-it-could-void-his-warranty/ar-AASCufw

Scott and Craig discuss the new bandwidth allocated to make Wi-Fi 6E faster and more reliable, how Apple's AirTags are being used to stalk people and steal cars and a roundup of some of CES 2022's most intriguing security gadgets. This episode is sponsored by Cyberlitica - Proactive Cybercrime Intelligence www.cyberlitica.com https://www.theverge.com/2021/12/28/22857852/6ghz-wifi-win-fcc-wi-fi-6e-7-att-spectrum https://www.cnet.com/roadshow/news/apple-airtag-carjackers/ https://www.popsci.com/reviews/ces-2022-smart-home-gadgets/

Scott and Craig discuss medical devices facing ransomware risks, fake postage scam and NSO Pegasus spyware group has new owners in Poland. This episode is sponsored by Cyberlitica.   https://thehackernews.com/2022/01/are-medical-devices-at-risk-of.html https://www.aarp.org/money/scams-fraud/info-2021/fake-postage-stamp.html https://www.i24news.tv/en/news/international/europe/1641241855-report-poland-bought-nso-spyware-after-meeting-with-netanyahu  

Scott and Craig discuss the widespread Log4j exploit, consumer survey on big tech trust and walk-through metal detector vulnerabilities discovered. This episode is sponsored by Cyberlitica.

Scott and Craig discuss Apple's 'do not track' privacy theater, Chinese U.S. export blacklist, 5G potentially wreaking havoc on flights and Craig plays a suspicious voicemail. This episode is sponsored by Cyberlitica.

Scott and Craig discuss the Life360 acquisition of Tile, Qualcomm's new always-on camera chip and security flaws in many home and public EV chargers.  https://www.theverge.com/2021/12/9/22820381/tile-life360-location-tracking-data-privacy https://www.theverge.com/22811740/qualcomm-snapdragon-8-gen-1-always-on-camera-privacy-security-concerns https://techcrunch.com/2021/08/03/security-flaws-found-in-popular-ev-chargers/