You've Already Been Hacked

This week we are taking a look at what the NIST Cybersecurity Framework is, what are the pillars of it, and how this is something that could help you be better protected https://riversafe.co.uk/tech-blog/nist-framework-5-pillars-for-your-cyber-security-strategy/ https://www.nist.gov/cyberframework/online-learning/five-functions https://sopa.tulane.edu/blog/NIST-cybersecurity-framework ============== Prefer audio only check out my link on Anchor.FM to get to your favorite podcast service: https://anchor.fm/professor-cyber-risk Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

A topic that I teach in my class is what the stages of a cyber attack are. Since we talk about those events all the time here, I thought it a Good Idea to discuss just to level set so everyone is thinking similarly. Even in this discussion, I go over the fact that the cybersecurity community is not 100% in agreement on the stages, and the average is there are 5 to 7, and those are the ones that I will be going over this week. A couple of references for this weeks conversation https://www.macpas.com/5-stages-of-a-cyberattack/ https://tax.thomsonreuters.com/blog/kill-chain-the-7-stages-of-a-cyberattack/ Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.darkreading.com: US Banks Will Be Required to Report Cyberattacks Within 36 Hours - www.scmagazine.com: Months-long hack, theft of Sea Mar healthcare data impacts 688K patients - www.bleepingcomputer.com: Wind turbine giant Vestas' data compromised in cyberattack Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- thehill.com: Oversight finds 'small lapses' in security led to Colonial Pipeline, JBS hacks - www.fbi.gov: FBI Statement on Incident Involving Fake Emails - krebsonsecurity.com: Hoax Email Blast Abused Poor Coding in FBI Website - www.scmagazine.com: Ohio hospital diverting ambulances, canceling appointments amid cyberattack - www.bleepingcomputer.com: Costco discloses data breach after finding credit card skimmer Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This week, is the first in what I hope is at least several episodes in my adventure in building home lab using older hardware, and raspberry pi's. Kali Linux is the platform from which I will end up doing all of my personal skills training from. ----------------------------------------------- https://www.kali.org https://www.kali.org/tools/ ----------------------------------------------- Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

https://apple.news/Ag8RE6-acR1OreRhC8WfDrw Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 64 This week we take an initial look at the Twitch data leak. All 175+ GBs and Over 2Million Files. This is a cursory discussion, and I will not be going into any hyper specific details as I have no interest in helping to damage Twitch. Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Cybersecurity Burnout Statistics: https://www.bitsight.com/blog/5-shocking-it-cybersecurity-burnout-statistics Combating Cyber Burnout: https://www.securew2.com/blog/combating-burnout-in-cybersecurity Hidden Costs: https://www.itsecurityguru.org/2020/05/19/cyber-burnout-the-hidden-cost-of-a-security-career/ How to Avoid: https://cyberwarrior.com/how-to-avoid-cybersecurity-burnout/ ----------------------------------- Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- threatpost.com: Baby's Death Alleged to Be Linked to Ransomware - www.bleepingcomputer.com: CISA releases tool to help orgs fend off insider threat risks https://www.cisa.gov/sites/default/files/publications/IRMPE_Assessment_v1_2021-08-25.pdf - www.bleepingcomputer.com: Russia arrests cybersecurity firm CEO after raiding offices - www.scmagazine.com: Food and agriculture industry needs more threat intel as ransomware attacks crop up Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.theregister.com: Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants - thehill.com: Major US port target of attempted cyber attack - www.govtech.com: Wisconsin Law Imposes Cybersecurity Rules for Insurance Industry - arstechnica.com: Security audit raises severe warnings on Chinese smartphone models - www.bleepingcomputer.com: Admin of DDoS service behind 200,000 attacks faces 35yrs in prison Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 60 - www.theregister.com: Hey – how did you get in here? Number one app security weakness of 2021 was borked access control, says OWASP - www.darkreading.com: Apple Patches Zero-Days in iOS 14.8 Update - www.bleepingcomputer.com: BlackMatter ransomware hits medical technology giant Olympus - www.bleepingcomputer.com: Former U.S. intel operatives to pay $1.6M for hacking for foreign govt - threatpost.com: REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out - www.bleepingcomputer.com: Ransomware encrypts South Africa's entire Dept of Justice network Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 59 - arstechnica.com: ProtonMail removed “we do not keep any IP logs” from its privacy policy - searchsecurity.techtarget.com: SEC sanctions financial firms for cybersecurity failures - www.theregister.com: New Zealand DDoS wave targets banks, post offices, weather forecasters and more - www.theregister.com: New Zealand internet outage blamed on DDoS attack on nation's third largest internet provider - thehill.com: United Nations confirms its systems were breached this year Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episodes 58 - Bleeping Computer: Fired NY credit union employee nukes 21GB of data in revenge - GovTech: Dallas Terminates Worker Who Deleted 22.5 TB of Police Data - Bleeping Computer: Atlassian Confluence flaw actively exploited to install cryptominers - Bleeping Computer: FTC bans stalkerware maker Spyfone from surveillance business - Bleeping Computer: Autodesk reveals it was targeted by Russian SolarWinds hackers Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 57 - www.bleepingcomputer.com: SteelSeries bug gives Windows 10 admin rights by plugging in a device - www.bleepingcomputer.com: Razer bug lets you become a Windows 10 admin by plugging in a mouse - www.bleepingcomputer.com: Nokia subsidiary discloses data breach after Conti ransomware attack - www.bleepingcomputer.com: FBI shares technical details for Hive ransomware Share this podcast with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.securityweek.com: Joplin: City Computer Shutdown Was Ransomware Attack - threatpost.com: Microsoft Warns: Another Unpatched PrintNightmare Zero-Day - thehackernews.com: A Critical Random Number Generator Flaw Affects Billions of IoT Devices - www.bleepingcomputer.com: Hacker behind biggest cryptocurrency heist ever returns stolen funds - www.darkreading.com: FTC: Phishing Campaign Targets Unemployment Benefits & PII - theconversation.com: What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets in Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.zdnet.com: Audit finds some former WA government staff still have systems access after termination - www.govinfosecurity.com: SolarWinds Attackers Accessed US Attorneys' Office Emails - www.engadget.com: Over 100 warship locations have been faked in one year - www.govinfosecurity.com: Amazon Hit With $885 Million GDPR Fine Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.bleepingcomputer.com: New destructive Meteor wiper malware used in Iranian railway attack - www.europol.europa.eu: Russian-Speaking Hackers Arrested in Poland Over ATM Jackpotting Attacks - threatpost.com: UC San Diego Health Breach Tied to Phishing Attack - www.darkreading.com: Florida DEO Discloses Data Breach Affecting 58,000 Accounts - www.govinfosecurity.com: What Can Be Done to Enhance Electrical Grid Security? Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Back online for Episode 53! - www.bleepingcomputer.com: Cyberattack on Moldova's Court of Accounts destroyed public audits - techcrunch.com: This tool tells you if NSO's Pegasus spyware targeted your phone - www.bleepingcomputer.com: Akamai DNS global outage takes down major websites, online services - www.govinfosecurity.com: TSA Issues Cybersecurity Requirements for Pipelines - www.bleepingcomputer.com: Chinese state hackers breached over a dozen US pipeline operators - arstechnica.com: Saudi Aramco confirms data leak after $50 million cyber ransom demand - www.theregister.com: Northern Train's ticketing system out to lunch as ransomware attack shuts down servers - www.bleepingcomputer.com: Ransomware hits law firm counseling Fortune 500, Global 500 companies - www.bleepingcomputer.com: Cyberattack on Moldova's Court of Accounts destroyed public audits Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 52, thats 52 weeks straight we been at it!!! Thank you to everyone who has stopped by over the past 52 weeks! Kaseya Supply Chain hack impacts 1000s - www.scmagazine.com: Kaseya offers pre-patch instructions for on-prem VSA customers - www.zdnet.com: Kaseya ransomware attack updates: Your questions answered - us-cert.cisa.gov: CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack - arstechnica.com: Up to 1,500 businesses infected in one of the worst ransomware attacks ever - www.darkreading.com: Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours Micrsoft's Printnighmare - arstechnica.com: Microsoft's emergency patch fails to fix critical “PrintNightmare” vulnerability - www.theregister.com: Microsoft struggles to wake from PrintNightmare: Latest print spooler patch can be bypassed, researchers say - www.bleepingcomputer.com: Microsoft's incomplete PrintNightmare patch fails to fix vulnerability - www.bleepingcomputer.com: Microsoft shares mitigations for Windows PrintNightmare zero-day bug Cyberinsurance is pulling itself together, for real - www.cyberscoop.com: Two cyber insurance industry initiatives grapple with rise of ransomware - cyberacuview.com: Consortium of Leading Cyber Insurers Announce the Launch of CyberAcuView Mongolian Certificate Authority Website Compromised - thehackernews.com: Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

https://www.consumeraffairs.com/news/linkedin-data-breach-puts-700-million-user-records-at-risk-062921.html https://threatpost.com/linkedin-data-scrape-victims-targeted-attackers/167473/ Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Episode 50 - www.sfgate.com: A hacker gained access to a Bay Area drinking water facility - thehackernews.com: North Korea Exploited VPN Flaw to Hack South's Nuclear Research Institute - eclypsium.com: Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities - www.cyberscoop.com: A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill - krebsonsecurity.com: How Cyber Safe is Your Drinking Water Supply? Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.govinfosecurity.com: Ukraine Arrests 6 Clop Ransomware Operation Suspects - www.theregister.com: Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority - www.bleepingcomputer.com: Network security firm COO charged with medical center cyberattack - www.zdnet.com: This data and password-stealing malware is spreading in an unusual way - www.govinfosecurity.com: NATO Endorses Cybersecurity Defense Policy - www.bleepingcomputer.com: Avaddon ransomware shuts down and releases decryption keys Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Talking about what we went over in the spring term, and how it related to the last 3 months! Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

As 2021 goes on, the attack on critical infrastructure continues at a rapid pace. - www.zdnet.com: FBI attributes JBS ransomware attack to REvil - www.bleepingcomputer.com: FBI: REvil cybergang behind the JBS ransomware attack - www.cyberscoop.com: Meat chain JBS says US production is returning after ransomware attack - www.bleepingcomputer.com: Chinese threat actors hacked NYC MTA using Pulse Secure zero-day - www.bleepingcomputer.com: Swedish Health Agency shuts down SmiNet after hacking attempts - www.cyberscoop.com: Sensitive medical, financial data exposed in extortion of Massachusetts hospital - www.theverge.com: How to opt out of (or into) Amazon's Sidewalk network Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.scmagazine.com: As market for cyber insurance booms, watchdog calls for better data - www.theregister.com: Doncaster insurance firm One Call hit by not-dead-at-all Darkside ransomware gang - www.theregister.com: Air India admits to data breach impacting 4.5m customers, sat on the news for five weeks - www.theregister.com: Toyota rear-ended by twin cyber attacks that left ransomware-shaped dents - www.cyberscoop.com: FBI employee indicted for stealing classified info on FBI cybersecurity work Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.bloomberg.com: CNA Financial Paid $40 Million in Ransom After March Cyberattack - www.zdnet.com: Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going public - www.bleepingcomputer.com: Insurer AXA hit by ransomware after dropping support for ransom payments - threatpost.com: Fresh Loader Targets Aviation Victims with Spy RATs Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

The fallout from the colonial pipeline ransomware attack, may have a net positive for the cybersecurity landscape. Verizon published the 2021 Data breach investigations report, and 2020 was the year that showed we have so much more to do in making everyone have better cyber hygiene. - www.govinfosecurity.com: Biden: Russian Government Not Behind Colonial Pipeline Attack - threatpost.com: Colonial Pipeline Shells Out $5M in Extortion Payout, Report - www.cyberscoop.com: Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards - www.theregister.com: South Korea orders urgent review of energy infrastructure cybersecurity - www.darkreading.com: 85% of Data Breaches Involve Human Interaction: Verizon DBIR Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- Ransomware attack: Major U.S. fuel pipeline halts operations - https://salinapost.com/posts/3930ba6b-803c-4415-a0d0-b57dd47fc4bf - www.darkreading.com: Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack - www.bleepingcomputer.com: A student pirating software led to a full-blown Ryuk ransomware attack - threatpost.com: Massive DDoS Attack Disrupts Belgium Parliament - Threatpost: Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices Bleeping Computer: Suspected Chinese state hackers target Russian submarine designer Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.bleepingcomputer.com: HashiCorp is the latest victim of Codecov supply-chain attack - www.zdnet.com: University of Minnesota responds to Linux security patch requests - threatpost.com: Linux Kernel Bug Opens Door to Wider Cyberattacks - www.bleepingcomputer.com: DC Police confirms cyberattack after ransomware gang leaks data - threatpost.com: DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down - www.scmagazine.com: Apple patches ‘worst macOS bug in recent memory’ after it was used in the wild - www.scmagazine.com: 22% of all users still run Microsoft end-of-life Windows 7 Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.fireeye.com: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day - www.darkreading.com: University Suspends Project After Researchers Submitted Vulnerable Linux Patches - www.bleepingcomputer.com: REvil gang tries to extort Apple, threatens to sell stolen blueprints - www.cyberscoop.com: Codecov dev tool hit in another supply chain hack - thehackernews.com: Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems - www.cyberscoop.com: FIN7 'technical guru' sentenced to 10 years in prison3 Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.scmagazine.com: As US takes sweeping action against Russia for years of hacking, industry skeptical of impact - www.darkreading.com: FBI Operation Remotely Removes Web Shells From Exchange Servers - www.bleepingcomputer.com: CISA gives federal agencies until Friday to patch Exchange servers - www.zdnet.com: Google Project Zero testing 30-day grace period on bug details to boost user patching - www.cyberscoop.com: Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says - edscoop.com: Accellion breach exposed 300,000 records, University of Colorado says - www.govinfosecurity.com: Kentucky Unemployment Insurance Site Shuttered After Attack - www.zdnet.com: Critical Zoom vulnerability triggers remote code execution without user input Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This past week had a bunch of large scale hits with potentially 700 million people being hacked (not all this week, some as early as 2019). - thehill.com: Major DC insurance provider hacked by 'foreign cybercriminals' - www.bleepingcomputer.com: North Korean hackers use new Vyveva malware to attack freighters - www.darkreading.com: LinkedIn Phishing Ramps Up With More-Targeted Attacks - www.scmagazine.com: Conti ransomware gang hits Broward County Schools with $40M demand - www.bleepingcomputer.com: 533 million Facebook users’ phone numbers leaked on hacker forum hare that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Lots happening this week, as I welcome in my new students to this term. Solarwinds fall out still happening, along with changes at the company, multi university hacks reported, North Korea is still being tricky, another water treatment plan was hacked (although in the past), Ubiquity has a whistle blower, and Space X encrypted their data streams. - thehill.com: Hackers accessed emails of top DHS officials as part of SolarWinds breach: report - www.cyberscoop.com: US to publish details on suspected Russian hacking tools used in SolarWinds espionage - www.darkreading.com: SolarWinds Experimenting With New Software Build System in Wake of Breach - arstechnica.com: North Korean hackers return, target infosec researchers in new operation - www.bleepingcomputer.com: Ubiquiti confirms extortion attempt following security breach - www.zdnet.com: Ransomware group targets universities in Maryland, California in new data leaks - edscoop.com: Brown U. cuts off data center after detecting 'cybersecurity threat' - www.cyberscoop.com: Kansas man indicted in connection with 2019 hack at water utility - www.slashgear.com: SpaceX seemingly takes steps to protect telemetry data after leak --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Taking a break from the reoccuing nightmare that is cybersecurity, and doing a quick high level overview of teaching cybersecurity, specifically my class. Which happens to start back up on 6 April 2021. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.zdnet.com: Mimecast reveals source code theft in SolarWinds hack - www.bleepingcomputer.com: CISA releases new SolarWinds malicious activity detection tool - www.zdnet.com: Microsoft investigates potential ties between partner security firm, Exchange Server attack code lea - arstechnica.com: Exchange servers first compromised by Chinese hackers hit with ransomware - www.bleepingcomputer.com: FBI: Over $4.2 billion officially lost to cybercrime in 2020 - www.cyberscoop.com: Cypriot sentenced for email hacking committed as teen - arstechnica.com: I was a teenage Twitter hacker. Graham Ivan Clark gets 3-year sentence #cyber #cybersecuritynews #hacked #solarwinds #exchange #ransomware Share that link with your friends, or share this one, either helps this podcast grow! Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This week focused heavily on the hack of 2021, at least 10 APTs are exploiting Microsoft Exchange Server vulnerabilities across the globe, oh and 150,000 security cameras were also breached... - www.cyberscoop.com: At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns - www.cyberscoop.com: Amid widespread Exchange Server attacks, Microsoft issues patch for older versions - arstechnica.com: Critical 0-day that targeted security researchers gets a patch from Microsoft - www.darkreading.com: Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day - www.bleepingcomputer.com: Microsoft's MSERT tool now finds web shells from Exchange Server attacks - krebsonsecurity.com: At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software - arstechnica.com: Tens of thousands of US organizations hit in ongoing Microsoft Exchange hack - krebsonsecurity.com: A Basic Timeline of the Exchange Mass-Hack - www.securityweek.com: EU Banking Regulator Hit by Microsoft Email Hack - www.bloomberg.com: Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.scmagazine.com: China’s new cyber tactic: targeting critical infrastructure - www.forbes.com: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19 - arstechnica.com: Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 - www.theregister.com: Chinese businessman plotted with GE insider to steal transistor secrets, say Feds - www.darkreading.com: Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks - www.zdnet.com: GAO report finds DOD's weapons programs lack clear cybersecurity guidelines --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.bleepingcomputer.com: Federal Reserve nationwide outage impacts US banking system - www.bleepingcomputer.com: TD Bank suffered systemwide banking outage, services now recovered - www.scmagazine.com: ThreatNeedle malware tied to year-long North Korean espionage campaign against global defense industry - www.cyberscoop.com: Plane-maker Bombardier discloses breach after stolen data surfaces - threatpost.com: Mysterious Silver Sparrow Malware Found Nesting on 30K Macs - www.bleepingcomputer.com: Underwriters Laboratories (UL) certification giant hit by ransomware - www.gcn.com: NIST Updates Smart Grid Framework Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- www.bleepingcomputer.com: Microsoft: SolarWinds hackers downloaded Azure, Exchange source code - www.cyberscoop.com: White House warns SolarWinds breach cleanup will take time - threatpost.com: Florida Water Plant Hack: Leaked Credentials Found in Breach Database - www.zdnet.com: Singtel hit by third-party vendor's security breach, customer data may be leaked - statescoop.com: Washington state looks to consolidate cybersecurity after data breach - www.bleepingcomputer.com: Cyberattack on Dutch Research Council (NWO) suspends research grants - www.darkreading.com: 100+ Financial Services Firms Targeted in Ransom DDoS Attacks in 2020 - www.bleepingcomputer.com: RIPE NCC Internet Registry discloses SSO credential stuffing attack - www.wired.com: Malware Is Now Targeting Apple’s New M1 Processor - www.theregister.com: Uncle Sam accuses three suspected North Korean govt hackers of stealing $1.3bn+ from banks, crypto orgs --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This week we go after Critical Infrastructure hacks, the majority of windows computers have likely had a vulnerability for over a decade, and 60 million in bitcoin may be locked away forever - www.vice.com: Hacker Tried to Poison Florida City's Water Supply, Police Say - www.wired.com: A Hacker Tried to Poison a Florida City's Water Supply, Officials Say - www.bleepingcomputer.com: Eletrobras, Copel energy companies hit by ransomware attacks - www.bleepingcomputer.com: 12-year-old Windows Defender bug gives hackers admin rights - arstechnica.com: Cops can’t access $60M in seized bitcoin—fraudster won’t give password https://fcw.com/articles/2021/02/08/ferc-bulk-power-cyber-rule.aspx - fcw.com: FERC Proposes Cybersecurity Incentives for Electric companies --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

- thehill.com: Hackers had access to SolarWinds email system for months - apnews.com: Russian hack brings changes, uncertainty to US court system - www.bleepingcomputer.com: Hackers steal StormShield firewall source code in data breach - arstechnica.com: High-performance computers are under siege by a newly discovered backdoor - threatpost.com: Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher - www.bleepingcomputer.com: Fonix ransomware shuts down and releases master decryption key - threatpost.com: Industrial Gear at Risk from Fuji Code-Execution Bugs - thehill.com: IBM rolls out $3M grant program for schools to defend against cyberattacks --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Links to the Stories - www.wired.com: North Korea Targets—and Dupes—a Slew of Cybersecurity Pros - www.darkreading.com: Intl. Law Enforcement Operation Disrupts Emotet Botnet - www.govinfosecurity.com: Another Takedown: NetWalker Ransomware Gang Disrupted - threatpost.com: Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball - www.darkreading.com: Ransomware Disrupts Operations at Packaging Giant WestRock - arstechnica.com: Home alarm tech backdoored security cameras to spy on customers having sex - threatpost.com: ADT Security Camera Flaws Open Homes to Eavesdropping - www.bleepingcomputer.com: USCellular hit by a data breach after hackers access CRM software Follow Professor Cyber Risk on Twitter --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Fireeye tries to help, Solarwinds has another trick up it’s sleeve, students infected with malware from government laptops, and the FBI warns of vishing, all this week. Fireeye Release a tool to help: https://www.zdnet.com/article/fireeye-releases-tool-for-auditing-networks-for-techniques-used-by-solarwinds-hackers/ SolarWinds has a fourth vector: https://www.zdnet.com/article/fourth-malware-strain-discovered-in-solarwinds-incident/ Malwarebytes hit with SW: https://threatpost.com/malwarebytes-solarwinds-attackers/163190/ Vulnerable Students infected with Malware: https://www.bbc.com/news/technology-55749959 CISA’s got a new campaign: https://thehill.com/policy/cybersecurity/535240-federal-cyber-agency-announces-new-campaign-to-fight-ransomware-attacks Belgium Hospital loses 100TB: https://www.bleepingcomputer.com/news/security/chwapi-hospital-hit-by-windows-bitlocker-encryption-cyberattack/ Hackers leaked altered Pfizer data to sabotage trust in vaccines- www.bleepingcomputer.com FBI warns of vishing attacks stealing - www.bleepingcomputer.comcorporate accounts --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This week we are taking a high level look at decentralized social media alternatives, that can replace the other platforms you use. https://www.minds.com https://getaether.net https://joinmastodon.org https://lbry.tv/ https://diasporafoundation.org https://d.tube https://www.signal.org https://www.voice.com/faq/ https://mewe.com/faq https://sopa.tulane.edu/blog/decentralized-social-networks https://www.coindesk.com/now-is-the-time-to-advance-the-decentralized-web https://bravenewcoin.com/insights/decentralized-social-media-the-good-the-bad-and-the-potentially-ugly https://betanews.com/2021/01/13/decentralized-social-media-platforms-trump-ban/ https://socialx.network/what-is-decentralized-social-media/ --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Sites for the News References - krebsonsecurity.com: Sealed U.S. Court Records Exposed in SolarWinds Breach - www.fedscoop.com: CISA updates guidance on SolarWinds compromise - www.zdnet.com: SolarWinds: The more we learn, the worse it looks - www.theverge.com: SolarWinds hack may be much worse than originally feared - duo.com: SolarWinds Attackers Accessed, But Did Not Modify, Microsoft Source Code - www.zdnet.com: CISA updates SolarWinds guidance, tells US govt agencies to update right awa - threatpost.com: Fired Healthcare Exec Stalls Critical PPE Shipment for Months - www.cyberscoop.com: Nissan investigated source code exposure, says it plugged leak - www.cyberscoop.com: T-Mobile: Breach exposed call information for some customers --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

This week, just a small update on SolarWinds, and a look back at the top 10 hacks that occurred in 2020. www.cyberscoop.com: Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are www.govinfosecurity.com: CISA Warns SolarWinds Incident Response May Be Substantial - www.bleepingcomputer.com: SolarWinds releases updated advisory for new SUPERNOVA malware www.wired.com: The Worst Hacks of 2020, a Surreal Pandemic Year arstechnica.com: 2020 had its share of memorable hacks and breaches. Here are the top 10 Gearbrain.com – to 10 data breaches 2020 --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

Since its the holidays, we are skipping the news this week, and doing a tweaked version of A Christmas Carol. I hope you enjoy it Special Thanks to my family for lending their voices. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

FireEye's intrusion was just the tip of the iceberg. Solarwinds is the real nightmare. This week we dig a bit deeper than normal, and talk about Solarwinds, but wait...more than that happened this past week too! - arstechnica.com: ~18,000 organizations downloaded backdoor planted by Cozy Bear hackers - www.govtech.com: Federal Agencies, Think Tank Targeted in Russian Hacking Spree - www.cyberscoop.com: White House activates cyber emergency response under Obama-era directive - www.bleepingcomputer.com: CISA: Hackers breached US govt using more than SolarWinds backdoor - www.washingtonpost.com: Investors in breached software firm SolarWinds traded $280 million in stock days before hack was revealed - www.scmagazine.com: ‘Disconnect or power down’: After high profile hacks hit federal agencies, CISA demands drastic SolarWinds mitigation - www.fireeye.com: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor - arstechnica.com: FTC kicks off sweeping privacy probe of nine major social media firms - www.infosecurity-magazine.com: Healthcare.gov Data Thief Jailed - www.securityweek.com: Norwegian Cruise Company Hurtigruten Hit by Cyberattack --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

The hack that has shaken the cybersecurity industry, COVID vaccine information stolen, Congress brings national cyber back, all happened this past week - www.fireeye.com: FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community - www.darkreading.com: Nation-State Hackers Breached FireEye, Stole Its Red Team Tools - www.zdnet.com: Hackers leak data from Embraer, world's third-largest airplane maker - arstechnica.com: COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator - www.bleepingcomputer.com: Teen who shook the Internet in 2016 pleads guilty to DDoS attacks - www.cyberscoop.com: Congress set to establish White House national cyber director, enact other Solarium Commission recommendations - www.zdnet.com: Kazakhstan government is intercepting HTTPS traffic in its capital - www.zdnet.com: Hacker opens 2,732 PickPoint package lockers across Moscow --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

CISA and the FBI Issue warnings to Think Tanks, The Cold Chain is being attacked, and MacOS vulnerabilities are being attacked buy APTs all this week Articles: - www.bleepingcomputer.com: FBI and Homeland Security warn of APT attacks on US think tanks - www.securityweek.com: FBI Warns of Auto-Forwarding Email Rules Abused for BEC Scams - www.politico.com: Justices express qualms about sweeping computer crime law - www.bleepingcomputer.com: Pennsylvania county pays 500K ransom to DoppelPaymer ransomware - www.wired.com: Hackers Are Targeting the Covid-19 Vaccine ‘Cold Chain’ - www.darkreading.com: Latest Version of TrickBot Employs Clever New Obfuscation Trick - www.zdnet.com: Hackers are targeting MacOS users with this updated malware --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support

The Managed.com hack impacts local governments, Google adding E2EE to RCS, and Manchester United was hacked, all this week Links to the Stories - www.securityweek.com: Attack on Vendor Affects Website of Arizona Court System - arstechnica.com: Google is testing end-to-end encryption in Android Messages - www.europol.europa.eu: Over 2 000 Participants from 132 Countries Logged on for the 4th Global Conference on Criminal Finances and Cryptocurrencies - www.bleepingcomputer.com: Tesla Model X key fobs could be hacked to steal cars, fix released - www.zdnet.com: Brazilian government recovers from "worst-ever" cyberattack - www.bleepingcomputer.com: Ransomware forces E-Land South Korean retail giant to close stores - www.zdnet.com: Manchester United football club discloses security breach --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support