The Jerich Show Podcast

Follow The Jerich Show Podcast
Share on
Copy link to clipboard

Timely topics, poorly presented, this time via a podcast. In this podcast the cyber security professionals Javvad Malik and Erich Kron discuss timely tech and cybersecurity topics in a casual and easy to understand format. the video version of this is a

Erich Kron and Javvad Malik


    • May 23, 2025 LATEST EPISODE
    • every other week NEW EPISODES
    • 24m AVG DURATION
    • 174 EPISODES


    Search for episodes from The Jerich Show Podcast with a specific topic:

    Latest episodes from The Jerich Show Podcast

    Patch Me If You Can: Cyber Oops, Selfies & Seizures

    Play Episode Listen Later May 23, 2025 15:52


    In this episode of The Jerich Show, Erich Kron and Javvad Malik dive headfirst into the week's most curious, cringeworthy, and critical cybersecurity stories. First up: a global honeypot powered by over 5,300 compromised Cisco devices—courtesy of the ViciousTrap botnet. Then, it's schadenfreude central as the developers of DanaBot malware accidentally infect themselves. Karma, meet keyboard. We'll also unpack Europol's massive takedown of ransomware infrastructure, which led to the seizure of 300 servers and €3.5 million in crypto. Not to be outdone, two ATM heist suspects made their arrest even easier... by taking selfies mid-crime. And finally, the UK's NCSC shows us how to securely retire old tech—because tossing servers in the skip just isn't secure policy. Join Erich and Javvad for sharp takes, security snark, and the cybersecurity fails you'll want to learn from (or at least laugh at).

    From Rogue Radios to Hijacked Chips: Cyber Threats Go Global!

    Play Episode Listen Later May 16, 2025 25:34


    In this episode of The Jerich Show, join your favorite cybersecurity duo, Erich Kron and Javvad Malik, as they dive into some truly wild cybercrime stories making headlines around the globe. Hackers who've been terrorizing UK retailers have hopped the pond to target US companies, while Japan's bold plan to double its cybersecurity workforce might mean saying sayonara to tough certifications. Meanwhile, the EU arms defenders with a shiny new vulnerability database, and the discovery of rogue communication devices lurking in Chinese-made solar inverters sparks fresh paranoia. Plus, could your CPU itself soon be held hostage by ransomware? Tune in for laughs, insights, and a healthy dose of cyber skepticism! Stories from the show: Hackers behind UK retail attacks now targeting US companies https://www.bleepingcomputer.com/news/security/google-scattered-spider-switches-targets-to-us-retail-chains/ Japan aims to double cybersecurity specialists by 2030, relax certification requirements https://asianews.network/japan-aims-to-double-cybersecurity-specialists-by-2030-relax-certification-requirements/ EU launches vulnerability database to tackle cybersecurity threats https://therecord.media/eu-launches-vulnerability-database CPU microcode hack could infect processors with ransomware directly https://www.techradar.com/pro/security/cpu-microcode-hack-could-infect-processors-with-ransomware-directly ‘Rogue' communication devices found on Chinese-made solar power inverters https://www.utilitydive.com/news/rogue-communication-devices-found-on-chinese-made-solar-power-inverters/748242/

    Lockbit hacked, Qlin jumps to #1 and Google gets serious against scams

    Play Episode Listen Later May 9, 2025 20:02


    In this episode, Erich and Javvad discuss how Lockbit appears to be hacked again, Qlin makes a jump to #1 in the ransomware game, Google gets serious against scams with Gemini, and more!   Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android https://thehackernews.com/2025/05/google-rolls-out-on-device-ai.html   Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures https://thehackernews.com/2025/05/qilin-leads-april-2025-ransomware-spike.html   LockBit ransomware gang hacked again https://www.computing.co.uk/news/2025/security/lockbit-ransomware-gang-hacked-again   UK Cyber Insurance Claims Second Highest on Record https://www.infosecurity-magazine.com/news/uk-cyberinsurance-claims-second/

    Iran attacked,Huge DDoS Attack and more!

    Play Episode Listen Later May 9, 2025 16:21


    Erich and Javvad recap the top stories in Cybersecurity this week including the cyber attack on Iran and a huge DD0S attack. All this and More

    Bad actors arrested, phishing with google, Darkula get's an upgrade and more!

    Play Episode Listen Later May 9, 2025 15:50


    Erich and Javvad summarize this week's cyber soap opera and bring you a tangled web of digital deceit, artificial “intelligence,” and just enough government extradition drama to keep things spicy. From Spain With Wire Fraud: Alleged “Scattered Spider” member Tyler Buchanan thought sunny Spain was a safe hideout—until the long arm of U.S. justice said hola. Extradited for allegedly scamming Caesars and MGM, his toolkit included SIM swapping and social engineering. Welcome to America, Tyler—hope you like federal courtrooms. Phishing with Google's Seal of Approval: Meanwhile, phisherfolk are reusing Google's DKIM signatures like they're leftover lasagna—slapping them onto spoofed emails from no-reply@accounts.google.com and tricking even the most paranoid clickers. The result? Legit-looking credential traps hosted on Google Sites. It's like gourmet phishing, served with a side of irony. Darcula Gets a Brain Upgrade: And if you thought cybercrime required effort, think again. The Darcula phishing kit now uses generative AI to do all the heavy lifting. Bad grammar and clunky templates? Gone. Now, even your cousin Steve with zero hacking skills can impersonate a bank in 100 languages. Thanks, AI. Tune in for a romp through the latest digital deceptions, complete with dark web drama and facepalms galore. Stay sharp—because the hackers definitely are.

    Cyber prof goes missing, ransomware group hacked back, passwords stink, and more!

    Play Episode Listen Later May 9, 2025 19:50


    In this episode Erich and Javvad discuss a cyber professor that went away, a ransomware group hacks back, passwords are still poor, and more!

    Old MS vuln left open, sperm bank breached, Wordpress sites exploited and more!

    Play Episode Listen Later Mar 25, 2025 22:23


    In this episode, Erich and Javvad discuss a breach of a sperm bank in California, an 9-year old Microsoft vuln that they feel is too unimportant to patch (although it's being exploited), and a hack of over 2000, Wordpress sites

    VSCode oopsie, Roblox is your problem, UK says cyber folks are underpaid, and more!

    Play Episode Listen Later Mar 25, 2025 23:07


    In this episode, Erich and Javvad discuss the VSCode extensions that was used by millions, and that Microsoft wrongly removed, Roblox tells parents if they want safe kids, that's a 'you' problem, and the UK says cyberpros need to make more than the PM. This and more!

    Snail Mail Ransomware, Cyber Folks Looking to Move On, and More!

    Play Episode Listen Later Mar 25, 2025 20:13


    In this episode, Erich and Javvad talk about a confirmed ransomware campaign through snail mail, 60% of cyber pros looking to change employers, 12 Chinese hackers charged by the US, 1.4TB dataset stolen, and more

    AI voice scam, military infostealer, Steam malware and more!

    Play Episode Listen Later Mar 25, 2025 24:49


    In this episode, Erich and Javvad discuss an AI voice scam, the Steam game PirateFi turning out to be info-stealing malware, HCRG hack/ransomware and a Palo Alto firewall vulnerability. All of this and more!

    DeepSeek problems, a cybercrime domain crackdown and much, much more!

    Play Episode Listen Later Mar 25, 2025 20:57


    In this episode, Erich and Javvad discuss issues facing DeepSeek, a law enforcement takedown of cybercrime sites, and much, much more!

    Fraudsters arrested, NSA warns, Cambodians ditch a potential scammer

    Play Episode Listen Later Jan 27, 2025 27:02


    In this episode, Erich and Javvad discuss a warning from the NSA, the arrest of fraudsters in several countries, a story where Cambodian scammers send a potential scammer packing because of his lack of computer skills.  All this and more!

    Hackers, Scammers, and a Thousand Arrests – Oh My!

    Play Episode Listen Later Dec 6, 2024 15:49


    Buckle up, cyber enthusiasts, because this week's episode is a rollercoaster ride through the murky depths of cybercrime! Erich and Javvad are diving into the story of 1,006 suspects nabbed in a global sting that makes "Ocean's Eleven" look like a kindergarten playdate. Next, we shop 'til we drop on fake e-commerce sites tied to cybercrime marketplaces—spoiler alert: you're not getting that “Gucci” bag for $19.99. Finally, we break down the latest saga in the US vs. China cyber espionage showdown, where telecom providers find themselves tangled in a hack straight out of a Hollywood thriller. It's cyber justice, scams, and geopolitical drama served with a side of sarcasm and a heaping dose of security tips you'll actually want to use. Don't miss it! Stories from the show: Major cybercrime operation nets 1,006 suspects https://www.interpol.int/en/News-and-Events/News/2024/Major-cybercrime-operation-nets-1-006-suspects Fraudulent shopping sites tied to cybercrime marketplace taken offline https://www.europol.europa.eu/media-press/newsroom/news/fraudulent-shopping-sites-tied-to-cybercrime-marketplace-taken-offline?mtm_campaign=newsletter White House official: 8 US telecom providers hacked by Chinese https://www.cnn.com/2024/12/04/politics/us-telecom-providers-chinese-hack/index.html

    Hot mess at Hot Topic, Typhoons spreading botnets, ethical hacker dumps data and more!

    Play Episode Listen Later Dec 6, 2024 18:02


    Hey there, tech detectives and cyber sleuths! Grab your headphones and get ready for another wild ride through the digital jungle with Erich and Javvad. This week, we're diving into a hot mess at Hot Topic (pun totally intended) that's left 57 million people saying 'Uh-oh!' Plus, we'll take you on a typhoon-fueled adventure as China's notorious Volt Typhoon crew makes a shocking comeback. It's like a cyber soap opera, but with way more zeroes and ones! So, buckle up, buttercup – it's time to unravel these tangled webs of tech drama! Stories from the show: HIBP notifies 57 million people of Hot Topic data breach https://www.bleepingcomputer.com/news/security/hibp-notifies-57-million-people-of-hot-topic-data-breach/ China's Volt Typhoon crew and its botnet surge back with a vengeance https://www.theregister.com/2024/11/13/china_volt_typhoon_back/ Amazon MOVEit Leaker Claims to Be Ethical Hacker https://www.infosecurity-magazine.com/news/amazon-moveit-leaker-claims/

    Ransomware and baguettes, Synology woes, spying fryers and more!

    Play Episode Listen Later Dec 6, 2024 23:10


    In this episode, Erich and Javvad discuss some odd ransomware demands, a serious flaw with Synology, spying fryers and much more!

    Brits hiring for cheap, Teams as an exploit, NK and Play work together and more!

    Play Episode Listen Later Nov 1, 2024 30:04


    In this episode, Erich and Javvad discuss how the British government is trying to hire more security pros for next to nothing, how Teams is being used as an attack vector, and how North Korean attackers have paired up with the Play ransomware group. All this and more!   Stories from the show: Wanted. Top infosec pros willing to defend Britain on shabby salaries https://www.theregister.com/2024/10/29/gchq_needs_advanced_cybersecurity_professionals/ Hackers Exploit Microsoft Teams In New Ransomware Scam https://www.forbes.com/sites/larsdaniel/2024/10/30/hackers-posing-as-it-support-on-teams-new-ransomware-scam-targeting-your-workplace/ North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack https://thehackernews.com/2024/10/north-korean-group-collaborates-with.html

    Cisco breach, MS misplaces security logs, SolarWinds screws up again, and more!

    Play Episode Listen Later Oct 18, 2024 20:08


    In this episode, Erich and Javvad talk about the latest SolarWinds screw up, Cisco data showing up on the dark web, Microsoft losing security logs for a bit, and much, much more!   Microsoft warns it lost some customer's security logs for a month https://www.bleepingcomputer.com/news/security/microsoft-warns-it-lost-some-customers-security-logs-for-a-month/ Critical hardcoded SolarWinds credential now exploited in the wild https://www.theregister.com/2024/10/16/solarwinds_critical_hardcoded_credential_bug/ Cisco investigates breach after stolen data for sale on hacking forum https://www.bleepingcomputer.com/news/security/cisco-investigates-breach-after-stolen-data-for-sale-on-hacking-forum/ Firm hacked after accidentally hiring North Korean cyber criminal https://www.bbc.co.uk/news/articles/ce8vedz4yk7o   

    Kaspersky pulls a quick one, Florida get a batch and more!

    Play Episode Listen Later Oct 4, 2024 20:21


    In thi sepisode, Erich and Javvad talk about the Kaspersky switch-a-roo and the storm hitting the Eastern US right now, which will certainly turn into scammers taking advantage of people in a bad spot.  All this and more!

    Special Guest Thomas Ryan, Meow pounces and more!

    Play Episode Listen Later Oct 4, 2024 55:04


    In this episode, Erich and Javvad speak to Thomas Ryan of 'Robin Sage' fame, the big jump the Meow ransomware group took, and much, much more!

    OnlyFans fakery, fraud at all time high, Russian trolling and more!

    Play Episode Listen Later Sep 6, 2024 33:58


    In this episode, Erich and Javvad chat about the Russian trolling in the US elections, fraud hitting the 'heighest ever' levels, a fake OnlyFans tool, and more!   Stories from the show: Russian trolling 2.0: How the Kremlin shifted tactics from its 2016 election strategy https://uk.news.yahoo.com/russian-trolling-2-0-kremlin-211903137.html Fraud and scam complaints reach ‘highest ever' level https://www.fstech.co.uk/fst/Fraud_And_Scam_Complaints_Reach_Highest_Ever_Level.php Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords https://www.bleepingcomputer.com/news/security/fake-onlyfans-cybercrime-tool-infects-hackers-with-malware/

    Deadbeat Dad, Critical Chrome, Halliburton Hack, Midnight Malware and more!

    Play Episode Listen Later Sep 6, 2024 20:11


    In this episode, Erich and Javvad discuss a deadbeat dad that made himself look deceased to end child support payments, a critical chrome patch that is being actively exploited, an incident with Halliburton and ransomware attacks at night.  All this and more!     Stories from the show: Most Ransomware Attacks Now Happen at Night https://www.infosecurity-magazine.com/news/most-ransomware-attacks-happen/ Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html Deadbeat dad faked his own death by hacking government databases https://www.theregister.com/2024/08/21/man_jailed_faking_death_online/ Halliburton confirms cyber attack on certain systems https://www.reuters.com/technology/cybersecurity/halliburton-confirms-cyber-attack-certain-systems-2024-08-23/

    Um... Crowdstrike... oh, and other stuff

    Play Episode Listen Later Jul 19, 2024 21:31


    In this episode Erich and Javvad talk about Crowdstrike, and other stuff. I mean on a day like today, is there really anything else to talk about? Join us and be a part of the discussion

    AT&T breach exposes call/text records, 10 billion creds dumped and more!

    Play Episode Listen Later Jul 12, 2024 18:48


    In this episode, Erich and Javvad talk about the latest AT&T breach, a dump of 10 billion credentials, Singapore banks ditching texted 2FA, and much more!      Stories from the show: AT&T data breach: Millions of customers caught up in major dark web leak https://www.bbc.co.uk/news/world-us-c...  Singapore's banks to ditch texted one-time passwords https://www.theregister.com/2024/07/1...  Nearly 10 billion stolen passwords were leaked on a hacker forum https://www.securitymagazine.com/arti...

    Telco infects users, crypto scammers pull a fast one, and much more!

    Play Episode Listen Later Jun 28, 2024 24:39


    In this episode, Erich and Javvad discuss the Korean telco that allegedly infected its P2P users with malware, Crypto scammers posing as lawyers to steal $10m and much more!

    Travel scams are way up, Kaspersky being banned, Chinese users targeted with VPN malware

    Play Episode Listen Later Jun 21, 2024 27:17


    In this episode, Erich and Javvad chat about the Kaspersky ban in the US, a threat actor targeting Chinese users with VPN malware and Booking.com reports a 900% jump in travels scams. All this and more     Stories from the show: Biden bans Kaspersky antivirus software in US over security concerns https://www.bleepingcomputer.com/news/security/biden-bans-kaspersky-antivirus-software-in-us-over-security-concerns/ New Threat Actor 'Void Arachne' Targets Chinese Users with Malicious VPN Installers https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html Booking.com warns of up to 900% increase in travel scams https://www.bbc.com/news/articles/c8003dd8jzeo

    MS Recall recalled, sacked employee creates havok, Frontier customers data in trouble, and more!

    Play Episode Listen Later Jun 14, 2024 19:03


    In this episode, Ericha nd Javvad are covering some of the more interesting Cybersecurity stories this week. MS Recall gets recalled, a fired employee deletes a bunch of servers, Frontier communications is about to lose control of data from 750k customers, and more!   Stories from the show:   Microsoft Made Changes to Recall Feature Following Controversial Security Concerns https://cybersecuritynews.com/microsoft-recall-security-concerns/   Frontier hackers threaten to release private data for at least 750,000 customers https://www.theverge.com/2024/6/10/24175169/frontier-communications-hack-cyberattack-data-breach-ransom   Fired employee accessed company's computer 'test system' and deleted servers, causing it to lose S$918,000 https://www.channelnewsasia.com/singapore/former-employee-hack-ncs-delete-virtual-servers-quality-testing-4402141  

    Tik Tok targeted, Ruskies cyber attack hospitals,Lockit unlocked and more!

    Play Episode Listen Later Jun 7, 2024 25:54


    In this episode, Erich and Javvad talk about the TikTok breach, Russians cyber attacking hospitals LockBit keys being released and much more!   Stories from the show: 'Russian criminals' behind hospitals cyber attack https://www.bbc.com/news/articles/cxee7317kgmo FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out https://www.bleepingcomputer.com/news/security/fbi-recovers-7-000-lockbit-keys-urges-ransomware-victims-to-reach-out/#google_vignette Paris Hilton among users targeted in TikTok hack https://www.bbc.com/news/articles/cl770d121gro Cisco fixes WebEx flaw that allowed government, military meetings to be spied on https://www.theregister.com/2024/06/07/cisco_fixes_webex_flaw_which/ 

    600k routers bricked, Ticketmaster breached, botnets crushed and arrests made!

    Play Episode Listen Later May 31, 2024 27:26


    In this episode, Erich and Javvad discuss an attack that bricked over 600,000 routers, some serious botnet takedowns, the Ticketmaster breach and much more! Stories from the show: Malware botnet bricked 600,000 routers in mysterious 2023 attack https://www.bleepingcomputer.com/news/security/malware-botnet-bricked-600-000-routers-in-mysterious-2023-attack/#google_vignette Multiple botnets dismantled in largest-ever international operation against ransomware https://www.techcentral.ie/multiple-botnets-dismantled-in-largest-ever-international-operation-against-ransomware/ Ticketmaster breached — data of over 500 million users allegedly put up for sale online https://www.techradar.com/pro/security/ticketmaster-breached-data-of-over-500-million-users-allegedly-put-up-for-sale-online Chinese national cuffed on charges of running 'likely the world's largest botnet ever' https://www.theregister.com/2024/05/29/911s5_botnet_arrest/

    Leicester leaves the lights on_ ransomware attacks booze distribution and more!

    Play Episode Listen Later Apr 26, 2024 22:05


    In this episode, Erich and Javvad talk about a cyber problem in Leicester, booze distribution problems in Sweden due to ransomware and much more!    

    RAT leader busted, LabHost crushed, Frontier hit and more!

    Play Episode Listen Later Apr 19, 2024 17:12


    In this episode, Erich and Javvad talk about the leader of the Hive RAT getting busted, another bust of LabHost, Frontier communications hit, and more!   The cyber camp from Randy: https://www.randylee.com/cybercamp   Stories from the show:   Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown https://thehackernews.com/2024/04/hive-rat-creators-and-35m-cryptojacking.html   Police bust global cyber gang accused of industrial-scale fraud https://www.bbc.com/news/uk-68838977   Frontier Communications shuts down systems after cyberattack https://www.bleepingcomputer.com/news/security/frontier-communications-shuts-down-systems-after-cyberattack/#google_vignette   840-bed hospital in France postpones procedures after cyberattack https://www.bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/

    Charities hit, LG TVs a danger, exposed spies, taxis leak details and more!

    Play Episode Listen Later Apr 12, 2024 21:16


    In this episode, Erich and Javvad talk about UK charities being hit, spies accidentally exposed themselves and UK taxi software leaks some details.  All this and more in this episode!     Stories from the show: Global taxi software vendor exposes details of nearly 300K across UK and Ireland https://www.theregister.com/2024/04/11/icabbi_database_exposure/ Over 90,000 LG Smart TVs may be exposed to remote attacks https://www.bleepingcomputer.com/news/security/over-90-000-lg-smart-tvs-may-be-exposed-to-remote-attacks/ Head of Israeli cyber spy unit exposed ... by his own privacy mistake https://www.theregister.com/2024/04/08/infosec_news_roundup/ Third of charities experienced a cyber breach last year, government reports https://www.civilsociety.co.uk/news/third-of-charities-experienced-a-cyber-breach-last-year-government-reports.html

    Microsoft problems, IR helpline calls double, YouTube used for malware and more!

    Play Episode Listen Later Apr 5, 2024 16:52


    In this episode Erich and Javvad talk about Scottish IR calls doubling , Microsoft getting beat up over security, YouTube being used to spread malware and what LockBit has done after it took a hit from law enforcement.   Stories from the show: Calls to Incident Response Helpline Double in a Year https://www.infosecurity-magazine.com/news/calls-incident-response-helpline/ Microsoft roasted over “cascade of security failures”  https://www.thestack.technology/microsoft-roasted-by-csrd-over-security-key-theft/ YouTube being used to distribute malware https://cybernews.com/security/youtube-used-to-distribute-malware/ LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches https://www.infosecurity-magazine.com/news/lockbit-takedown-leak-site-old/

    Military cloud leak, Southern Water leak, ransomware victims up in 2023

    Play Episode Listen Later Feb 16, 2024 19:49


    In this episode, Erich and Javvad talk about the clud leak of military data, a UK data leak at Southern Water, the rise in ransomware victims in 2023 and more!   Stories from the show: US military notifies 20,000 of data breach after cloud email leak https://techcrunch.com/2024/02/14/department-defense-data-breach-microsoft-cloud-email/  Southern Water Notifies Customers and Employees of Data Breach https://www.infosecurity-magazine.com/news/southern-water-notifies-customers/  Ransomware victim numbers rose by 50% in 2023 https://www.csoonline.com/article/1306045/ransomware-victim-numbers-rose-by-50-in-2023.html   

    Toothbrush botnet, big rewards for Hive members, LinkedIn as a breach notification and more!

    Play Episode Listen Later Feb 9, 2024 18:09


    In this episode, Erich and Javvad discuss the reward being offered for Hive ransomware members, a botnoet of toothbrushes, a breach that left a healthcare provider using LinkedIn as a notifcation platform, and more!   Stories from the show: https://www.techradar.com/pro/security/major-data-breach-at-healthcare-provider-puts-millions-of-customers-at-risk https://www.forbes.com/sites/daveywinder/2024/02/08/surprising-3-million-hacked-toothbrushes-story-goes-viral-is-it-true/?sh=22dc0e296147 https://www.theregister.com/2024/02/09/hive_leaders_bounty/

    Mother of all breaches, NSA buying web browsing data, UK councils hit and more!

    Play Episode Listen Later Jan 26, 2024 25:04


    In this episode, Erich and Javvad discuss the cyberattack targeting UK councils, what might be the Mother of All Breaches (MOAB) with 26 billion records, the NSA buying web browsing data, and more. Stories from the show: Cyberattack targeting UK councils causes online disruption https://uk.style.yahoo.com/cyberattack-targeting-uk-councils-causes-154505162.html?guccounter=1 Mother of all breaches reveals 26 billion records: what we know so far https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/ US National Security Agency buys web browsing data without warrant, letter shows https://www.reuters.com/technology/cybersecurity/national-security-agency-buys-web-browsing-data-without-warrant-letter-shows-2024-01-26/

    71 million new emails added to HIBP, Bosch thermostat dangers, SEC hacked, and more!

    Play Episode Listen Later Jan 19, 2024 24:59


    In thie episode, Erich and Javvad are talking about the SEC Twitter/x/whateveritis account getting hacked, a vulnerability in Bosch thermostats, the NCA director getting sacked over using personal accounts for sensitive info, and more! Check us out on LinkedIn, YouTube or as an audio-only podcast on all of your favorite platforms     Some stories from the show: Have I Been Pwned adds 71 million emails from Naz.API stolen account list https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-71-million-emails-from-nazapi-stolen-account-list/ Bosch thermostats vulnerable to malware attacks https://www.scmagazine.com/brief/bosch-thermostats-vulnerable-to-malware-attacks Senators Want Better SEC Cybersecurity After EFT-Related Hack https://www.pymnts.com/cybersecurity/2024/senators-want-better-sec-cybersecurity-after-eft-related-hack/ NCA director sacked after WhatsApp and email security breaches https://www.computerweekly.com/news/366566272/NCA-director-sacked-after-WhatsApp-and-email-security-breaches

    Water authority attacked, Apple was skimming off the top of scams, cheap luggage and more!

    Play Episode Listen Later Jan 12, 2024 25:42


    In this episode, James is guest hosting again, and Erich and him cover some of the most interesting cybersecurity stories of the week.  Did Apple profit from letting scammers demand iTunes gift cards? The courts say it deserves a trial.  O'Hare airport selling lost luggage for less than $10? A Facebook ad says yes! A water authority in the Pittsburgh-area was attacked by Iran because... they used Israeli-made equipment; more crypto stuff being spread through social media account takovers, this time with a cybersecurity vendor, and more! Join one of our live streams at 10am Eastern Time to comment Stories from the show: States and Congress wrestle with cybersecurity after Iran attacks Pittsburgh-area water authority https://www.cbsnews.com/pittsburgh/news/states-congress-wrestle-cybersecurity-iran-attacks-aliquippa-water-authority/ Apple agrees to settle lawsuit over iTunes gift card scam https://www.reuters.com/legal/apple-agrees-settle-lawsuit-over-itunes-gift-card-scam-2024-01-03/ Security Firm Certik's Account Hijacked to Spread Crypto Drainer https://www.infosecurity-magazine.com/news/certiks-account-hijacked-crypto/ Scam Claims You Can Buy Unclaimed Luggage From O'Hare For $9.95 https://blockclubchicago.org/2024/01/08/scam-claims-you-can-buy-unclaimed-luggage-from-ohare-for-9-95-but-its-not-true/

    Welcome to 2024!

    Play Episode Listen Later Jan 5, 2024 28:33


    In this episode, the first of 2024, James McQuiggan fills in for Javvad as we welcome in the new year.   Stories from the show: Budget cuts take a toll on IT decision makers' mental health https://www.helpnetsecurity.com/2024/01/05/it-decision-makers-wellbeing/ Google Chrome starts blocking data tracking cookies https://www.bbc.com/news/technology-67882315 Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack  https://thehackernews.com/2024/01/mandiants-twitter-account-restored.html  

    budget google chrome javvad james mcquiggan
    Wrapping up 2023 with a call center takedown and more!

    Play Episode Listen Later Jan 5, 2024 16:36


    In this episode, Erich and Javvad wrap up 2023 with a story about a Florida woman hitting her boyfriend with a Christmas tree, plus they discuss a call center takedown in India that netted arrests of 36 people, and more!

    Booking.com users targeted, home purchases stopped and hospitals shut down!

    Play Episode Listen Later Dec 1, 2023 17:32


    In ths episode, Erich and Javvad talk about cyber attacks impacting people buying homes, how cybercriminals are targeting booking.com users, and more hospital outages caused by ransomware. All of these cybersecurity stories and more!   Stories from the show: Thousands of house purchases frozen by cyber attack https://finance.yahoo.com/news/thousands-house-purchases-frozen-cyber-183437339.html  Booking.com hackers increase attacks on customers https://www.bbc.com/news/technology-67583486  Cyber-attack closes hospital emergency rooms in three US states https://www.theguardian.com/us-news/2023/nov/28/cyber-attack-us-hospitals-texas-oklahoma-new-mexico  Regulator says stranger entered hospital, treated a patient, took a document ... then vanished https://www.theregister.com/2023/12/01/nhs_health_board_ticked_off/ 

    EasyJet investigation dropped due to lack of resources, C2 via calendars and more!

    Play Episode Listen Later Nov 10, 2023 22:48


    In this episode, Erich and Javvad talk about using Google Calendar as a C2 channel, how a lack of resources ended the investigation into the EasyJet breach, and more! Stories from the show: EasyJet hack investigation abandoned because of ‘limited resources' https://www.itpro.com/security/data-breaches/limited-resources-scuppers-ico-probe-into-easyjet-breach  Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html Mr. Cooper Responds to Cyberattack: Offering Enhanced Payment Options for Customers https://ts2.space/en/mr-cooper-responds-to-cyberattack-offering-enhanced-payment-options-for-customers/#google_vignette  Court rules automakers can record and intercept owner text messages  https://therecord.media/class-action-lawsuit-cars-text-messages-privacy  Plastic surgeons hit by hackers https://www.timesnownews.com/technology-science/plastic-surgery-data-breach-nude-photos-leaked-article-105062693 

    North Korea antics, dual ransomware, router firmware compromise and more!

    Play Episode Listen Later Oct 6, 2023 20:22


    After quite a bit of travel in the last couple of weeks, the dynamic duo is back to chat about recent #cybersecurity stories and more.  In this episode, Erich and Javvad talk about some of the most recent antics from North Korea, including attacks on shipbuilding and aerospace organizations, something called a 'Dual Ransomware Attack', and much more.      Stories from the show: South Korea accuses North of Phish and Ships attack https://www.theregister.com/2023/10/05/north_korea_phishing_attack_on_south/ Lazarus impersonated Meta recruiter to breach Spanish aerospace firm https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/ FBI: Crippling 'Dual Ransomware Attacks' on the Rise https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends People's Republic of China-Linked Cyber Actors Hide in Router Firmware https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a

    Cyber attack on Polish trains, Qakbot takedown, Forever 21 breach and more!

    Play Episode Listen Later Sep 1, 2023 18:24


    In this episode, Erich and Javvad discuss the takedown of the Qakbot botnet, an attack on the Polish train system, the Forever 21 breach, which impacts more than 500k people, and much more.   Stories from the show: https://www.bleepingcomputer.com/news/security/classiscam-fraud-as-a-service-expands-now-targets-banks-and-251-brands/  Classiscam fraud-as-a-service expands, now targets banks and 251 brands   FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown Poland investigates cyber-attack on rail network https://www.bbc.com/news/world-europe-66630260 Forever 21 Data Breach: Personal Details of Over 500,000 Customers, Employees Compromised https://www.techtimes.com/articles/295813/20230831/forever-21-data-breach-personal-details-over-500-000-customers.htm

    Post BSides LV/BlackHat/DEFCON and cyberstories of the week

    Play Episode Listen Later Aug 25, 2023 24:23


    Erich and Javvad are back after taking a couple of weeks off to vacation and to attend BSides Las Vegas, Blackhat and DEFCON. In this episode they talk about the conference and what has been happening in the cyber world for the past couple of weeks   Stories from the show: Danish cloud host says customers ‘lost all data' after ransomware attack https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/ Cybercriminals turn to AI to bypass modern email security measures https://www.helpnetsecurity.com/2023/08/23/ai-enabled-email-threats/ TP-Link smart bulbs can let hackers steal your WiFi password  https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/ Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal https://www.bbc.co.uk/news/technology-60864283

    Deepfakes fooling humans, NHS staff sharing data, Black Hat USA and much more!

    Play Episode Listen Later Aug 4, 2023 29:59


    In this episode, Erich and Javvad talk about the upcoming BSides Las Vegas, Black Hat and DEFCON conferences, NHS sharing data via WhatsApp, the #cyber skills gap, and much more Stories from the show: Humans Unable to Reliably Detect Deepfake Speech  https://www.infosecurity-magazine.com/news/humans-detect-deefake-speech/ NHS Staff Reprimanded For WhatsApp Data Sharing  https://www.infosecurity-magazine.com/news/nhs-staff-reprimanded-whatsapp/ Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/ Hacktivist Collective “Mysterious Team Bangladesh” Revealed  https://www.infosecurity-magazine.com/news/mysterious-team-bangladesh-revealed/ Report outlines causes of cyber security skills gap https://www.publicsectorexecutive.com/articles/report-outlines-causes-cyber-security-skills-gap 

    A cardiac event, Tampa hospital breach, SEC releases new rules, and more!

    Play Episode Listen Later Jul 28, 2023 17:17


    In this episode, Erich and Javvad discuss current #cybersecurity stories including the attack on a cardiac services vendor, an attack on a Tampa hospital and some new SEC rules around breaches.  All this and more!    Stories from the show: Security Incident Impacts CardioComm's Operations https://www.infosecurity-magazine.com/news/security-incident-cardiocomm/ Tampa General Hospital Data Breach Impacts 1.2 Million Patients https://www.infosecurity-magazine.com/news/tampa-hospital-data-breach/

    The passing of Kevin Mitnick, Ukraine grabs 150k SIM cards, and more!

    Play Episode Listen Later Jul 21, 2023 27:34


    Today morning Erich and Javvad recount their experiences with the famed hacker and colleague Kevin Mitnick, chat about a Ukrainian takedown netting 150k SIM cards, concernes over the Frenchies plan to use AI to surveil the Paris olympics, Microsoft deciding that allowing access to security logs, without a fee, is good, and much more from the world of #cybersecurity.    Stories from the show: Kevin Mitnick passed away at 59  https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 French Assembly passes bill allowing police to remotely activate phone cameras and microphones for surveillance https://www.engadget.com/french-assembly-passes-bill-allowing-police-to-remotely-activate-phone-cameras-and-microphones-for-surveillance-210539401.html  Paris 2024 Olympics: Concern over French plan for AI surveillance https://www.bbc.co.uk/news/world-europe-66122743  Under CISA pressure, err collaboration, Microsoft makes cloud security logs available for free https://www.theregister.com/2023/07/20/under_cisa_spressures_collaboration_microsoft/ Ukraine takes down massive bot farm, seizes 150,000 SIM cards https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/

    US gov email hacked, security geek goes rogue, and much more!

    Play Episode Listen Later Jul 14, 2023 31:08


    In this episode Erich and Javvad talk about the US government email hack, an ethical hacker gone rogue, Ruskies tempting diplomats with a cheap car, and more #cybersecurity stories from this week.   Stories from the show: Fewer Than 100 Scammers Responsible For Global Email Extortion https://www.infosecurity-magazine.com/news/fewer-100-scammers-global-email/ Chinese Hackers Gained Access To Some U.S. Government Emails, Microsoft Says https://www.forbes.com/sites/siladityaray/2023/07/12/chinese-hackers-gained-access-to-some-us-government-emails-microsoft-says/?sh=5f49e30c2a37 Russian hackers lured diplomats in Ukraine with cheap BMW ad https://www.reuters.com/world/europe/russian-hackers-lured-embassy-workers-ukraine-with-an-ad-cheap-bmw-2023-07-12/ Cybersecurity professional accused of stealing $9M in crypto https://techcrunch.com/2023/07/11/cybersecurity-professional-charged-for-stealing-9-million-in-crypto/?guccounter=1 Number of email-based phishing attacks surges 464% https://www.helpnetsecurity.com/2023/07/10/evolving-cyberattack-landscape/ Indian developer fired 90 percent of tech support team, outsourced the job to AI https://www.theregister.com/2023/07/13/dukaan_ai_support_replacement/ 

    Anatsa targets Androids, more MOVEit trouble and much more

    Play Episode Listen Later Jun 30, 2023 22:16


    In this episode Erich and Javvad discuss the issues with the Anatsa malware being spread on the Google Play store, the issue Siemens Energy has with MOVEit and pilot data being lost in a breach. This and much more! Stories from the show: ‘Anatsa' malware targets banking users in US, UK and Central Europe https://siliconangle.com/2023/06/27/anatsa-malware-targets-banking-users-us-uk-central-europe/ Siemens Energy confirms data breach after MOVEit data-theftattack https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/ Pilot data of American Airlines and Southwest stolen in data breach https://www.csoonline.com/article/643352/pilot-data-of-american-airlines-and-southwest-stolen-in-data-breach.html

    Apple 0-Day, Every Louisiana drivers licence hold info dumped and more!

    Play Episode Listen Later Jun 23, 2023 15:47


    In this episode we discuss the new Apple 0-day, the Lousiana MVD losing info on millions of licensed drivers in the state, and more #cybersecurity stories!   Stories from the show: Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html Every Louisiana driver's license holder exposed in colossal cyber-attack https://www.theguardian.com/us-news/2023/jun/16/louisiana-drivers-license-hack-cyber-attack FTC accuses DNA testing company of lying about dumping samples https://www.theregister.com/2023/06/21/dna_testing_company_ftc_complaint/  US Offers $10m Reward For MOVEit Attackers https://www.infosecurity-magazine.com/news/us-offers-10m-reward-for-moveit/

    Ring gets fined, Android app starts spying, RaidForums members leaked and more!

    Play Episode Listen Later Jun 2, 2023 30:12


    In this episode, Erich and Javvad cover the top #cybersecurity stories of the week including the settlment over Ring and Alexa, and Andriod app that started spying, a dark web data link with RaidForums member info, and much more!   Stories from the show: Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine  https://www.theregister.com/2023/06/01/ftc_alexa_ring_amazon_settlement/   Most CEOs now see cybersecurity as more important than economic performance https://www.techradar.com/news/most-ceos-now-see-cybersecurity-as-more-important-than-economic-performance   Check your phone: Popular Android app reportedly started spying on users, making recordings https://www.msn.com/en-us/money/other/check-your-phone-popular-android-app-reportedly-started-spying-on-users-making-recordings/ar-AA1bUISq   Dark Web Data Leak Exposes RaidForums Members https://www.infosecurity-magazine.com/news/data-leak-exposes-raidforums/   Government publishes guidelines on cybersecurity https://www.rte.ie/news/business/2023/0601/1386968-government-publishes-guidelines-on-cybersecurity/  

    Claim The Jerich Show Podcast

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel