The Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military Domains
Description
This week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology.
Links from the episode:
Airline Fake Contact Number on Google Maps
https://twitter.com/Shmuli/status/1680669938468499458
https://twitter.com/SwiftOnSecurity/status/1680926780599812098
JumpCloud discloses breach by state-backed APT hacking group
https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/
JumpClouds IOCs - https://jumpcloud.com/support/july-2023-iocs
Domains like army․ml, pentagon․ml, navy․ml and af․ml all have Mail Exchange records pointing to 'handle․catchemail․ml'
https://twitter.com/mikko/status/1680947795862200325
Watch out for this new malicious ransomware disguised as Windows updates
https://www.foxnews.com/tech/watch-out-new-malicious-ransomware-disguised-windows-updates
https://www.trendmicro.com/en_id/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html
Listener Questions
https://www.lsu.edu/mediacenter/news/2023/06/13-cyber-clinic.php
Support our sponsors:
Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off
Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees
Get your Hacker and the Fed merchandise at hackerandthefed.com
On this episode of Hacker And The Fed we interview Special Agent Aron Mann with Homeland Security Investigations (HSI) Cyber Crime Center about their cyber role and career opportunities. We break down the Colonial Pipeline hack, how the dark web is intensifying the insider threat, and dig into...
Published 01/31/24
This week on Hacker And The Fed we interview Greg Van Houten of Haynes Boone and policyholderplaybook.com, a seasoned civil litigator who focuses on insurance recovery. We talk to Greg about the SEC's new cybersecurity disclosure rules, which went into effect this month. We also discuss a massive...
Published 12/21/23