Podcasts about phishlabs

I realize in one part of the intro I said 2024, but another I said 2025 as I wrote the show notes intro which were read. Sorry about that! Hello folks, welcome to program number 223 for Wednesday, January 22, 2025. Its already been a busy month, and now its time to tackle our first topic dealing with a Q4 report from Phishlabs. We also have news, notes, the landscape and we also will talk about our new blog post talking about the stupid fucks of the year. Contact info will always be given throughout the program. Our topic: Risky social media For the first major topic of 2025, an article talking about a Q4 report that Phishlabs did. Riskiest Social Media Platforms, Q4 2024 is tthe article. This is going to get very interesting. Please find full show notes including links to some of the news we talk about on our blog. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Hello everyone, welcome to the Security Box, podcast 181. In Q4 of 2023, Phishlabs is reporting that a record of phishing sites impersonate social media to target victims. Question for the listener, what do you think you should look for when you get communication that talks about social media before you click, tap, double tap or press enter on a keyboard? We'll have the news and landscape as well as your comments and concerns. We hope you enjoy the show! News, notes and the landscape You have to be kidding me, 1 year later and the DOD is sending out notifications? 2.5 million private plane owners breached 911 proxy is back, new name: cloud router: still dangerous Avast caught collecting lots of info? Selling it to other companies? There are other smaller news items, but these might be the bigger ones. If yours isn't on this list, what fancies you? Contact me through jaredrimer.net and let me know. You can also send things to ponder files which can be played as well. Our Topic: Phishing Sites up and impersonating social media Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4 comes to us from Phishlabs this week. Let us know what you think good, bad or indifferent. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello everyone, welcome to the security box, podcast 180. On this podcast, Phishlabs will guide us through something I don't think we have ever seen. It talks about a service that is a web host service, but it is a completely different type of web host. They didn't classify it as bulletproof hosting, but something called phishing as a service. Two different companies are mentioned. Besides that, we've got news, notes, the landscape and your thoughts. Thanks so much for listening! Big News of the week, Lockbit The big news it seems that is coming out this week is talking about Lockbit. Looks like their infrastructure has been taken over by all kinds of law enforcement partners from all around the world. While we don't intend to give you an exhaustive list, here is some of the coverage we know about. The Cyberwire Daily: February 20, 2024 will talk about this in their news notes for the episode. Here's a link to the Cyberwire. Lockbit, your time is up! Now its time to go find real work is my blog post, leading to LockBit cartel disrupted “at every level” – Europol if you don't want to read mine. I am not offended. I do take this article apart though, so give mine a read if you wish. Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates comes directly from Brian Krebs. At the time of Writeup, the JRN has not read this yet. Our topic: Phishing as a service This week, we're going to talk about Phishing as a service. It is a new concept, and you can probably say it is similar to Ransomware as a service. This week's article is titled Phishing-as-a-Service Profile: LabHost Threat Actor Group and it covers two different hosts. This, will get interesting. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box, podcast 175. I've been out sick, and now we're back to bring you what we wanted to bring you this past week. We've got news, notes, the landscape, two morons, things to ponder and a topic dealing with dark web threats targeting the airline industry. Thanks so much for listening and make it a great day! Our Morons We have to start with the moron who thought it would be a good idea that a database be left wide open for people to peruse the data. This database is a Mongo DB database, its similar to SQL where data is held and can be gotten at when needed. While this is a real estate app, this was definitely not done with security in mind. blog post If we've not had enough with Chat GPT, this aught to stand your hair right up. This data breaches article talks about how Chat GPT was made to give out ransomware software and now 4 are arrested. This aught to get more interesting. ChatGPT-aided ransomware in China results in four arrests as AI raises cybersecurity concerns Things to ponder Carrying over some items that we just will run as part of this week's program, we've got some doozies. We'll blog anything we didn't yack about as I continue to recover. 23 and me must be wanting to play the blame game. They claim that their incident is our fault, and they then are going to fix whatever security holes were caused by whathappened? Yes, we are at fault with reusable passwords, but you don't have two-factor on any accounts, so its a double whammy and part of it is yours. Here's my blog post from 2023 about this particular problem. I don't think its gotten any better there and they haven't really been better. Sans News Bites is back, and I still need to blog some others. My goal was to get two done, but I have the one from the 5th of January. As we move forward from my illness, we'll record them as we get them. Check the blog for ones not covered in audio. Here's my blog post for Jan 5th for those who want to find it easily. We're interested in audio dealing with predictions and Trend Micro has one for their predictions. This comes from their trend talks threats podcast series on their youtube channel. We also have top breaches that I found from Have I been Poned that I recorded before my illness took over. This list changes, and we'll bring this to you each week. Find something that you want to talk about? Use a file sharing service to get us the audio and you'll be featured. Our topic Our topic this week comes to us from Phishlabs. Dark Web Threats Targeting the Airline Industry is the article and we'll step through this one. Hope you'll find it of interest as everyone travels.

Hello folks, welcome to the Security Box, podcast 172. On this podcast, we've got two different morons, a look at the landscape, a few things to ponder and our topic dealing with the Q3 report on the landscape which includes QBot and other variants out there causing havoc. For things to ponder, check the blog. Our Morons These are the morons of the podcast. Montana, you have got to be kidding me. We talked about this in May of this year, and now, it seems you lose. Seems like your law is unconstitutional and it questions what you're trying to do. While we support you, you've really got to prove why Montana should be allowed to ban the app as just banning it doesn't fix the overall problem. As we've asked, how are you going to enforce it? Here is the blog post titled Montana Loses battle to block Tiktok for now … still thinks they have a case which links to prior coverage and arguments. Have fun with this one. We have two Ukraine stories in recent posts, but one of these is our moron. Ukrainian gets 8 years argues that 8 years is still not enough for stealing and selling personally identifiable information on the darkweb and profiting from it. At least this suspect got caught, and we can celebrate just a little bit. The JRN did not copy his name. Topic: The Q3 Payload report On this week's program, the Q3 Payload report is going to be the topic. Looks like QBot is still at the top, even though they were dismantled. This was quite interesting. There are two different Rats that are part of the problem now, and these aren't rodants. These are Trojans. In this terminology, Rat stands for Remote Access Trojan. Phishlabs has this article and its titled Q3 Payload Report and you should read it in full if you wish to do so. You'll thank us later. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!

Hello folks, welcome to the security box, podcast 168. On this program, we'll see if we've got any morons, a service that is a phishing service, news, notes and more. The "You Stupid fuck" awards of the podcast If this isn't a moron, I don't know what is. The blog post is titled Tech CEO sentenced to IP addressing scheme which is coming from our blog. It leads to the article we spotted talking about this guy. We may have talked about Micfo LLC before, but this is probably the end of this. Problem: the JRN thinks that 5 years isn't going to be enough and isn't a harsh sentence for the crime. Please sound off if you believe that this is the case. ----------------------------- If you are prone to email scams, you might want to pay attention to this. One of my MENVI staff was smart enough to contact me to ask if they needed to do what the action in the email indicated. The bad news is that the site truly wasn't MENVI's, it looked nasty and never redirected as I thought it might. An email pretending to come from Cpanel, isn't cpanel … can you smell trouble? has the complete details of this one. Sound off if you've seen something similar to this and whether you fell for it or not. Its OK if you did. There should be no shame! ---------------------------------------------------------- Solar Winds is getting sued. Seems as though they were never as secure as they should have been, and the CEO among others are getting sued. We thought that something was wrong, seeing how we later found out about how that compromise was completely done. Whether they were compromised by Russia or not isn't the point of the lawsuit, says the article, but boy ... this is probably as bad as you get when it comes to a supply chain attack. Here is the blog post titled SEC sues Solar Winds for fraud, says they are secure and the charges are baseless for your perusal. It can't get any better than this, can it? Our topic: Phishing as a service Today, we are going to have a very interesting topic that might be known later as a threat. This comes from our friends at Phishlabs. The article is titled Threat Actor Profile: Strox Phishing-as-a-Service and it was a good one. We'll break this down, as phishing as a service now takes hold. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

While I love webinars, we must be mindful that they aren't mind and must give presenters the opportunity to distribute them. I believe this is Phishlab's webinar, although I could be wrong. Sorry about that if I am. Welcome to podcast 375. On this podcast, we're going to give you a webinar. This webinar is dealing with Chat GPT. You'll learn the good, the bad and the ugly. It was a very interesting webinar. Per usual, we give the presenters an opportunity to get it through their network. I believe this is a Phishlabs webinar but i could be wrong. If I am, I apologize. We hope you enjoy the program as much as I did listening to it and bringing it to you now. Contact info at the beginning. Sorry for any tech issue sounding, I'm getting it rectified.

Welcome to the security box, podcast 159. On this podcast, we're going to have a two-part article discussion dealing with fraudulent activity when it comes to retail and the dark web. This came to us via Phishlabs. Besides that, we may have some stupid fucks to talk about, the landscape as usual, and your comments and questions if any. The Stupid Fuck award I found an article I posted to the blog on August 30th that talks about the U.K. wanting to ban IOS updates unless its approved. Like that's going to solve anything except problems for us useers who may either travel to the UK or live there. Here's the blog post I wrote that posted before the show. Good job, UK government for earning the stupid fuck award. Fraudulent Activity on the dark web with retail This is a two part article coming to us from Phishlabs. Top Fraudulent Activity Targeting Retail on the Dark Web Top Fraudulent Activity Targeting Retail on the Dark Web – Part Two

We did have some participation, full notes are here. No replay on Clubhouse though, sorry about that! Welcome to the Security box, podcast 149. On this podcast, we may or may not have a moron, we'll definitely have news, notes and the landscape and a topic talking about a threat we thought was long gone. Good Job India, welcome to the moron of the podcast I stumbled across a video from a Youtube Channel which I am not familiar with. While Nick was in my JRN working room, I decided to see if there was an article about this. While the podcast gets a 9 minute video, check out this article titled India first democracy to ban encrypted messaging apps on massive scale. from a site called tutanota.com. They must be a news related site, name sounds familiar to me. Have fun with this one! Here's the youtube video from Mental Outlaw if you want to watch this instead of listening to it. Topic: Emotet is back, now a threat The article comes to us this time from Phishlabs. Emotet Returns from Hiatus, Trails QBot in Q1 Volume is the title. Are you surprised that this is the case? We know that Emotet was taken down in a crqackdown, but like most things, they come back in this industry. Feel free to view the article for complete details or download your copy of the show to hear our thoughts. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Welcome to the security box, podcast 143. Today, we're going to have a very interesting discussion about the Relationship between Ransomware and Phishing. We know of at least one moron of the podcast, and there is possibly going to be one more. Of course, we'll have news, notes and any questions from the Clubhouse audience. Morons of the Podcast First Moron, a Russian on the Run There are two different articles out there about this one. One from Krebs and the other from Cyberscoop. $10M Is Yours If You Can Get This Guy to Leave Russia Krebs on Security Russian national charged for role in stolen credit card verification scheme Cyberscoop How Not! to notify people of a databreach I saw a boost on Saturday about a breach with a company named Western Digital. That's nice, we have covered many breaches before. What I found was disturbing from Western Digital according to the boost. While they sent email out, the email was not accessible for those of us who use access technology; namely screen reading technology. I don't know about you, but I would expect the info not in graphical form, I would expect it in text just like you and I communicate already. Here is my blog post from May 6th that mentions this. As of show note creation time, we do not have any official articles from the tech press, but when we do, we'll be sure to pass it along. Don't put breach notifications in picture form! It doesn't do anyone with disabilities any good. Our main Topic The main topic comes from Phishlabs. The article is titled What is the Relationship Between Ransomware and Phishing? and was written at the end of March, 2023. This is going to get interesting. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Hello folks, welcome to program 139 of the security box. On this episode, let us talk about email for a bit. Yes, the thing you use to receive announcements about this podcast, maybe other programs you are interested across the network and other places and a way for businesses to communicate with you. According to an article, this method is still the best way to get ransomware and other things on your device. Why is that? We're going to have news and notes as well, maybe we'll find out as we post things between now and show time if there are morons, and we'll also see what the landscape brings. Topic: Email as a vector Today, let's talk about email. Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method comes from Phishlabs. We'll step through this article and see what people think. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

One sware word within the first hour and 15 minutes. A note has been placed in the audio for folks who need to be aware of it. Full notes below. Hello everyone. Welcome to program 131 of the Security box. I hope you'll enjoy what we have to offer you today. On this podcast, we have a rumor that indicates that we'll definitely have at least one moron of the podcast, maybe more. We'll also have the topic of the Q4 threat trends Report from Phishlabs as well as questions, comments and more. We hope you'll enjoy the program and thanks for listening! Here's a moron set for you There were two articles in which broke this, and it definitely fits our Moron of the podcast. This blog post from February 10th has links to each of the articles and initial thoughts. Also, I'm not too sure about this one, but we could probly fit this IRS update from February 10th as well as this blog post talking about an article by Andy Greenberg and a guy who thinks that he won't be caught as he apparently got a mixer going on and he's supposedly taken the right precautions. If you have anything in this category, feel free to mention it by sending us an email, an imessage, find me on Mastodon and even text or whats app me. Our topic Seems like QBot is back in the news as the top threat in this last quarters report from Phishlabs and Fortra. The article is titled QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4 is the article we'll be taking from. It was posted to TSB's list last December, and of course, I do try and cover it. The threat may still be there, and with all of what we'll be talking about here, all of these threats have not gone away. Supporting our podcast and work If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

I get a new report from a different research company almost every week about the state of cybersecurity. Most of them say the same thing, but I do read them all the way through. Recently received a report from a company called HelpSystems, a cybersecurity services company that works with some pretty big name companies and they issued a report that got me yawning almost immediately. But their research subsidiaries, Agari and PhishLabs, buried a couple of items that perked up my ears so I said yes to an interview. What follows is a 30-minute discussion about the report focusing on a couple of areas, hybrid vishing, and vulnerabilities criminals are using to target Office 365 users. John Wilson, senior fellow for threat research went on to talk about which email platforms are most popular for criminals and how criminal activity using cryptocurrency is on the rise. You can get a copy of the report here.big-name --- Send in a voice message: https://anchor.fm/crucialtech/message Support this podcast: https://anchor.fm/crucialtech/support

On this podcast, learn about what threats we face as part of the q2 report from Phishlabs. Go over to the blog for complete details in articles and ways to download the report. Enjoy!

Social media offers an important outline for people of all ages and walks of life to connect, share life experiences and post pictures of their breakfast. But oversharing - or not being wary of impostors - can lead to serious compromises in personal and professional security.  In a press release on the report's findings, Phishlabs “enterprises must broaden their line of defense [in 2022,] starting with strong, cross-channel monitoring, and building relationships with technology providers in new areas.”  “Fraud-related attacks made up almost half of all social media threats in 2021” In this episode of the EM360 podcast, Head of Content Max Kurton talks to John LaCour, Founder & CTO of Phishlabs and Principal Strategist at parent company HelpSystems, about:  Where the concept of ‘social media as a threat channel' comes from and what it concerns What the first steps towards the mitigation of social media threats look like and the route companies need to take How enterprises can turn social media into an actionable intelligence channel

Roger Grimes is an industry expert and the Data Driven Defense Evangelist for KnowBe4. In this episode, Roger and host Zack Hack discuss the recent decision by Lumen and Cogent - two companies that carry a significant percent of the world's internet traffic - to cut off Russia and whether it's a smart move, as well as PhishLabs' recent findings that vishing attacks more than quintupled in 2021. KnowBe4 is the world's first and largest New-school security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. To learn more about our sponsor, KnowBe4, visit https://knowbe4.com

Hello folks, welcome to the Security box, podcast 59. On this edition of the program we have two different prerecorded segments for you. First, we interview Scott Schober of Berkeley Varitronics Systems, Inc. He's written various books which we talk about, as well as some of what is going on in the security landscape. Next, we have a talk that was done by Phishlabs, who did the Quarter 2 Phishing Trends report. To top it all off, we'll have news and notes from around the landscape as well as questions and comments after each segment if any. >

Hello folks, welcome to the security box, podcast 51. On this edition of the program, we continue with Phishlabs and their q1 Phishing and intellegence report talking about Top Level Domains and certificate abuse. Next, Michael in Tennessee sent me an article talking about one email which exposed hundreds of email addresses. We'll also have news and notes, people can call and comment as usual, and we'll see where the show takes us. Topics Breaking Down Phishing Site TLDs and Certificate Abuse in Q1 Phishlabs An email sent by One Medical exposed hundreds of customers' email addresses Tech Crunch News Notes International cops seize DoubleVPN, a service allegedly meant to shield ransomware attacks from investigators Cyberscoop Another 0-Day Looms for Many Western Digital Users Krebs on Security DOJ files 7 new charges against alleged Capital One hacker Tech Crunch US hits anti-robocall milestone but annoying calls won't stop any time soon Ars Technica Kaseya hit with suspected cyberattack, raising fears of major supply chain incident Cyberscoop Chinese hackers suspected of using Dropbox to snoop on Afghan officials Cyberscoop We Infiltrated a Counterfeit Check Ring! Now What? Krebs On Security We hope you enjoy the program!

Welcome to the security box, podcast 50. On the big 50th episode, we've got quite a bit of news notes to cover this week. Besides that, we're continuing with Phishlabs and their ongoing rundown of the Q1 Intelligence Report, this time, talking about free tools and their abuse. We hope that users find this of interest like I did. Of course, the lines of communication are always open whether on the show or podcast. Topic: 62% of Phishing Sites Abuse Free Tools or Services Phishlabs Sans News Bites Sans News Bites for June 25th, 2021 covers tons of stuff including Del, Vmware and more News Notes MyBook Users Urged to Unplug Devices from Internet Krebs on Security “I'm totally screwed.” WD My Book Live users wake up to find their data deleted Ars Technica Hackers are using bootleg copies of 'Grand Theft Auto V' game to mine Monero Cyberscoop Tulsa police say 18,000 files are leaked after Conti ransomware hack Cyberscoop NFC flaws let researchers hack an ATM by waving a phone Ars Technica via Wired John McAfee found dead after Spanish court approved extradition to US Cyberscoop Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison Cyberscoop Ukrainian Police Nab Six Tied to CLOP Ransomware Krebs On Security First American Financial Pays Farcical $500K Fine Krebs on Security Russian hackers breached Microsoft customer support to try phishing targets in 36 countries Cyberscoop

Welcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren't going to do that. Why? It looks like news has gotten about Facebooks's 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We'll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program! Topic: Has Facebook done it again? Michael in Tennessee sent me an article from Phone Scoop, as well as me seeing the article we'll be taking from, which came from Cyberscoop. It looks like Facebook is really paying for a 2019 breach in which 500 plus million people's information including phone number were exposed somehow and later patched by Facebook. The data, which comes from people from over 100 countries, includes users’ phone numbers, email addresses, full names, birthdates and location, among other identifiers, according to Insider, which first "reported the news." The leak, was first reported by Motherboard, according to the article. The only thing that I'm unclear on is the section that talks about the fact that the leak was reported by Motherboard in January. The information was made available by paying a Telegram bot a couple of bucks for the details according to the article. According to the article, Facebook removed the ability of searching people by telephone number after the breach. Facebook will be probed by Ireland, and its unclear if the Unnited States will follow suit by the FTC. The article goes on on what the actors may do with the information now that the information has been made available for free. The website "have I been poned" has been updated by Mr. Troy Hunt with the information that was made available by the breach. For more information and to read the full article, 533 million Facebook users’ personal data leaked online is the article and do read this. News Notes for podcast 38 Office 365 is no stranger to attack. A Phishlabs article talks about the latest threat. This time, actors can mimic websites by using Google's API through Google Ads that allow redirects to whatever they want. The issue with this one is that once you log in, they capture your credentials as well as sending you to your account. For complete information, Breaking Down the Latest O365 Phishing Techniques is the article, which will talk about this entire process. Ubiquiti is back in the news. A post by Krebs on Security talks about the latest drama at the company who now has come out saying that there was a problem. After making a change that forced people to log in to their network, they were later told to reset their passwords because of a "third-party cloud provider" may have been breached. There's more including the very interesting fact that this company should have invalidated all credentials. Ubiquiti All But Confirms Breach Response Iniquity is the article. This is going to get very interesting now. Finally, due to time constraints, I've got some good news I want to pass along. Another web boss now has been pleaded and this guy pleaded guilty. This boss was behind selling heroin, firearms and hacking tools. He pleaded guilty on charges of money laundering. Tal Prihar was captured by French authorities. Read Cyberscoop's article DeepDotWeb boss pleads guilty to laundering millions for more. Thanks so much for listening!

Welcome to podcast 17 of the technology series known as the security box. Catch up Michael in Tennessee makes an appearance as he was not able to make it last week. We talk about encryption, the lack there of from the government, and companies in general in the security landscape.We are not pointing our fingers at any one company, but mainly an open discussion. Topics: A subset of apps were targeted in an article that indicates that 76 percent of them have at least one vulnerability or bug. The goal is not to write perfect software, but software that can be fixed within a reasonable time frame. Different types of terms are used within this article, none of which I'm too familiar with, but the article I found quite interesting. It came from the folks at help net security. 76% of applications have at least one security flaw is the article, let us discuss. Trend Micro has a program for free called House Call which is accessible. This was actually talked about this past Thursday with Andy and Josh. In the article Trend Micro HouseCall for Home Networks Trend Micro talks about what they've done with the program and how it can benefit you. URL tracking systems like add words and add cents by Google can be abused just like the URL shorteners before it. How URL Tracking Systems are Abused for Phishing comes from Phishlabs, and its well worth the read. This should probably be talked about, because sites use these services including blindness related sites. Do you think it is time to move away from the services in the name of security? News Notes and more In some good news, we've definitely got some. Two Charged in SIM Swapping, Vishing Scams is the article penned by Mr. Krebs. Maybe this is a start to something, only time will tell what happens. There may be more news that I didn't cover here or on the podcast of the box, let me know what you want covered. Books Due to space limitations, the books section of the show notes can't be reproduced here. The Tech blog will have the entire notations including the books for you to peruse. Thanks so much for listening and contributing!

Welcome to podcast 12 of the tech podcast series known as the Security Box. Topics: On podcast 10 of the box, we link to an article about due dilligence. It was segment 2 of that podcast. Just recently,, its time to update this, as now Krebs has an article asking the question: Who is Tech Investor John Bernard? Seems to me that this guy, whoever he is, is not a good guy, and I think I visited the page in the first story just to see what it was about. In no way was I going to utalize the services, but I was mainly curious what the main page had to say. It is funny to see that the site has a general closed message on it, and people still come forward afterword to people like Brian and tell him what has happened to them. This is quite funny, and I think I'll have this as my first topic. Did you read the article linked to in podcast 10, and if so, what did you think? What do you think now? Apparently, another tech company is hitting the news in regards to a ransomware attack. The company in question put out the same type of info that most companies put out in regards to the breach or lack there of when it comes to personal information that may have been taken. The problem is that the investigation is still ongoing, and even though the article was updated after initial printing, we can't say who is telling the truth. Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack is the article, and I think this aught to be quite interesting. Only time will tell. APWG is the Anti Phishing working group. This group does work to try and advise security experts and us on how to be as safe as possible. Now they're saying that SSL should not be used in determining if a website is secure. We've known through Phishlabs articles on the blog that the rate of SSL certificates by actors was on the rise, but now we shouldn't rely on it. APWG: SSL Certificates No Longer Indication of Safe Browsing comes from the Phishlabs folks, and I think its worth the read. We also put it in the news notes rundown, and I am sure it'll garner conversation. News Notes: News Notes has quite a few items even though I have had technical problems as of late. The weather isn't helping with health concerns as well, so it may not be large, but it is good none the less. If you're interested in the news I've gathered, head on over to this blog post and check out what might interest you. There may be some overlap, but at the same time, you might find something you want discussed that I didn't read. Podcast segments Michael in Tennessee is on with us for about 37 minutes talking about one particular article that caught his attention. He and I discuss this particular article, and we even bring up other odds and ends tying this up with other revelant but could be off topic stuff as well. The article we reference comes from Cyber Scoop, and its a good one. FBI hopes a more aggressive cyber strategy will disrupt foreign hackers which was posted to that site on the 21st of September. This article was written by Sean Lyngaas.

https://en.wikipedia.org/wiki/PhishingWelcome back to the technology blog and podcast, this is podcast 322 of the continuing series covering everything tech including assistive tech, self driving cars, the security landscape and more. This podcast is packed and even three articles that are on one topic, Phishing. Lets take this opportunity and give you the breakdown of today's program, and I hope you'll consider contacting me with your thoughts and comments on these topics. Philmore Productions has had it bad with the technology as of late. I put a senario in place as a thought piece. Let me know what you think. An unofficial report on assignment 15 was released, where I knew I had to fix some things, and yet I have read everything. Its going to get interesting once I'm ready, and I've sent my official assignment. Still pushing through. A self driving car has had it bad. This isn't the first for this make and model, and I have a hunch that this can be fixed. The strech of highway, according to the article I read, is to blame, where something wasn't fixed, and the car got in to an accident. Multiple cars got in to an accident at the same spot. California highway barrier not repaired before fatal Tesla crash from blog The Technology blog and podcast is the article, and it links to the article of the same name where you can read more. In our Phishing segment, three articles come together with some alarming statistics. Its not going away any time soon. The first article which caps off this segment is entitled Why Social Media is Increasingly Abused for Phishing Attacks. Just take a look at this stat: "In 2018 we found that the abuse of social media increased by near 200%" and if thats not enough, Phishlabs expects this to increase. I am not surprised, and this article is linked to other material. In another article Cybersecurity: 99% of email attacks rely on victims clicking links which means we need to continue to teach. Its OK to be curious, but yet, you should know the signs and we need to make sure we slow down and look at what we're clicking on. Finally, to cap this off, Techwarm, a contributer to the blog, posted What is Phishing: Learn How to Protect Your Company which also links to some things and a great article to boot. All of these articles are put together in a nice package and tied up with a bow. I hope you enjoy this 73 minute podcast. I'd also like to thank Amadeus, maintainer of Live Wire for putting this podcast as a podcast on Live Wire. Besides my show at 2276, people who read the RSS can now subscribe to a board to get the podcast if they wish. That board number is 974, so enjoy your options! Thanks so much for participating, and we'll see you next time!

As I scanned the list of my unread emails, one stood out, coming from alerts@citibank.com. The message indicated there was a problem with a credit card transaction, a link was provided to learn more about this problem.  I clicked on the link and was taken to an official-looking Citibank web page with a form to login to my account. Fortunately, I did catch myself before completing the login, realizing that this was a classic phishing attack to trick me into providing my login credentials on a fake web page. According to a 2019 Report by PhishLabs, approximately 65% of all phishing attacks were part of a credential theft scheme. The article claims Nation-state actors use phishing attacks to gain strategic access to target environments, such as the armed forces, all areas of the federal government, the power grid, corporate research and virtually all areas of intellectual property. Join me and Colin Bastablé as we discuss the various types of cyber attacks and how Lucy Security helps organizations defend against these attacks.

Hello folks, welcome to podcast number 287. This is the first podcast on Anchor that will be released there. I talk about scammy behavior, even though it wasn't in email form, its good to be on guard. Transit App has their new version 5 of their app, and I demo a little bit to show you how it works now. Finally, we bring back the scammy behavior when we talk about an article from Phishlabs entitled Phishing 101: Targeted Phishing Attacks. Our contact information is also available at the end, as well as our public thanks to Anchor. Thanks for listening!

In Tracking Security Innovation, PhishLabs-BrandProtect merger, Avast cuts proposed IPO range, SafeBreach raised $15M Series B, Red Canary raised $6.3M in Equity, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode85 Visit http://securityweekly.com/category/ssw for all the latest episodes! !

In Tracking Security Innovation, PhishLabs-BrandProtect merger, Avast cuts proposed IPO range, SafeBreach raised $15M Series B, Red Canary raised $6.3M in Equity, and more! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode85 Visit http://securityweekly.com/category/ssw for all the latest episodes!

This week, Michael and Paul interview George Finney, Chief Security Officer at Southern Methodist University! In the Article Discussion, "Why People Really Quit Their Jobs", "Why You Need an Untouchable Day Every Week", and more! In Tracking Security Innovation, we have updates from PhishLabs, Avast, SafeBreach, Red Canary, and more on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode85   Visit https://www.securityweekly.com/bsw for all the latest episodes!

This week, Michael and Paul interview George Finney, Chief Security Officer at Southern Methodist University! In the Article Discussion, "Why People Really Quit Their Jobs", "Why You Need an Untouchable Day Every Week", and more! In Tracking Security Innovation, we have updates from PhishLabs, Avast, SafeBreach, Red Canary, and more on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode85   Visit https://www.securityweekly.com/bsw for all the latest episodes!

We speak with John LaCour from PhishLabs, a cybersecurity company that provides 24/7 services that protect against the exploitation of people. PhishLabs is headquartered in Charleston, SC. www.phishlabs.com

This episode of Silicon Harbor Radio features John LaCour, Founder and CEO of Charleston SC-based cybersecurity solutions provider PhishLabs.  John shares his experiences in launching and scaling Phishlabs and discusses the challenges of staying on top of an ever-evolving industry like Cybersecurity. The Tech Life with host Rich Conte together with Silicon Harbor Magazine bring you Silicon Harbor Radio; news and interviews from the Technology, Creative and Entrepreneur communities in Charleston, SC.

In today's podcast, we hear about German concerns over Russian meddling in elections. In the US, the NSA Director says a nation-state made a conscious attempt to influence American elections. Dictators can use social media, too, it seems. Huawei and ZTE reassure customers about the Adups backdoor. Holiday shopping security warnings are out, and they're not just about online purchases, either—watch out for that in-store Wi-Fi. The UK's Snooper's Charter passes the House of Lords. Ran Yahalom from Ben Gurion University describes USB hardware attacks. John LaCour, CEO of Phishlabs provides advice on avoiding (wait for it…) phishing attacks. And a Russian court tells that country's ISPs to shut down LinkedIn—it's a concern about privacy, don't you know.

In today's podcast, we hear about a spyware case connected to Pegasus, a tool that can jailbreak an iPhone (they say) with a single click. Apple issues an out-of-band patch for the three iOS zero-days Pegasus exploits. Shadow Brokers leaks remain under investigation. Phishlabs and TrapX release anti-ransomware tools. Ramnit and Dreambot are after bank accounts (and Dreambot spreads over Tor). NIST has a de-identification standard out for comment. AT&T's Bindu Sundaresan looks at academic networks as students head back to school. Johns Hopkins' Joe Carrigan discusses option for safely backing up your photos. Industry news includes some interesting short-selling. And Russia isn't feeling the love in cyberspace. 

In today's Daily Podcast we hear about Mexican and Philippine authorities’ investigations into voting database compromises. Ransomware continues to circulate, and we learn something about the increased sophistication of phishing. Point-of-sale crooks race against US EMV adoption. We take a look at the SecureWorks IPO and the long interest in some leading security stocks. Joseph Opacki from PhishLabs explains the growing sophistication of phishing schemes, and Benjamin Yelin from the University of Maryland Center for Health and Homeland Security tells us about mobile security and Stingrays.