It's 5:05! Daily cybersecurity and open source briefing
300 episodes — Page 6 of 6
S1 Ep 72Episode #72 - It's 5:05, Tuesday, February 7, 2023
Hey, it's 5:05 on Tuesday, February 7th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Katy Craig in San Diego, California, Derek Weeks in Bethesda, Maryland, Olimpiu Pop in Transylvania, Romania, Ian Garrett, in Arlington, Virginia, Edwin Kwan in Sydney, Australia. Let's get to it.🇺🇸 Katy Craig, San Diego, CaliforniaGoogle unveils Bardhttps://blog.google/technology/ai/bard-google-ai-search-updates/https://www.cnn.com/2023/02/06/tech/google-bard-chatgpt-rival/index.htmlhttps://9to5google.com/2022/06/12/google-ai-lamda-sentienthttps://cajundiscordian.medium.com/what-is-lamda-and-what-does-it-want-688632134489🇺🇸 Derek Weeks, Bethesda, MarylandVMware hypervisors under attackhttps://techcrunch.com/2023/02/06/hackers-vmware-esxi-ransomware/🇷🇴 Olimpiu Pop, Transylvania, RomaniaThe Most Significant Non-Windows Ransomware Attack Targets Vulnerable VMWare ESXi Machines https://www.reuters.com/world/europe/italy-sounds-alarm-large-scale-computer-hacking-attack-2023-02-05/https://www.bleepingcomputer.com/news/security/massive-esxiargs-ransomware-attack-targets-vmware-esxi-servers-worldwide/https://blog.checkpoint.com/2023/02/06/massive-ransomware-attack-targets-vmware-esxi-servers/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21974https://www.vmware.com/security/advisories/VMSA-2021-0002.htmlhttps://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-015/https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.http.response.body%3A+%22How+to+Restore+Your+Files%22+and+services.http.response.html_title%3A%22How+to+Restore+Your+Files%22&ct=1<a...
S1 Ep 71Episode #71 - It's 5:05, Monday, February 6, 2023
Hey! It’s 5:05, on Monday, February 6 , 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Transylvania, Romania, Katy Craig in San Diego, California, Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwan in Sydney, Australia. We will begin today’s episode with Amélie Koran in Washington DC.Let’s get to it!🇺🇸 Amélie Koran, Washington, DCOpen Source Security Policy Conundrumhttps://aeva.online/blog/2023-oss-security-conundrum/🇦🇺 Edwin Kwan, Sydney, AustraliaGoogle Chrome No Longer Safe to Use for Millions of Usershttps://7news.com.au/news/cyber-security/google-chrome-to-become-dangerous-for-millions-of-users-from-next-week-c-9638559🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaGSA to Collect Software Attestation Letters https://www.gsa.gov/cdnstatic/MV-23-02_0.pdfhttps://fedscoop.com/gsa-to-collect-letters-of-attestation/ https://fedscoop.com/cisa-to-develop-self-attestation-cybersecurity-standards-for-federal-software-vendors/https://cyberscoop.com/dhs-sbom-adoption/ https://whitehouse.gov/wp-content/uploads/2022/09/M-22-18.pdf🇺🇸 Katy Craig, San Diego, CaliforniaGoogle invests in Anthropic AIhttps://www.businessinsider.in/tech/news/chatgpt-will-soon-be-rivalled-by-a-similar-ai-engine-from-google/articleshow/97637277.cmshttps://timesofindia.indiatimes.com/gadgets-news/google-invests-400-million-in-ai-firm-working-on-chatgpt-rival/articleshow/97642214.cmshttps://techcrunch.com/2023/02/03/google-best-yet-to-come-ai-journey-faces-potential-disruption-openai-chatgpt/https://techcrunch.com/2023/02/01/report-microsoft-plans-to-update-bing-with-a-faster-version-of-chatgpt-in-the-coming-weeks/🇷🇴 Olimpiu Pop, Transylvania, RomaniaDid ION Group pay for the ransom? Or has Lockbit got cold feet?https://505updates.com/february-1-2023/<a...
S1 Ep 70Episode #70 - It's 5:05, Friday, February 3, 2023
Hey! It’s 5:05, Friday, February 3, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Trac Bannon in Camp Hill, Pennsylvania, and Olimpiu Pop in Transylvania, RomaniaLet’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaSIM Jacking on the RiseCybercriminals Target Telecom Provider NetworksGoogle Fi data breach let hackers carry out SIM swap attacksNot a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies🇦🇺 Edwin Kwan, Sydney, AustraliaRecord Number of Online Shopping and Trading Scams for Western Australia in 2022https://www.commerce.wa.gov.au/announcements/online-shopping-and-trading-scams-hit-record-wa-victims-2022🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaMicrosoft Monitors the Ransomware Surgehttps://www.bleepingcomputer.com/news/security/microsoft-over-100-threat-actors-deploy-ransomware-in-attacks/https://twitter.com/MsftSecIntel/status/1620474467083231234https://505updates.com/november-23-2022/ 🇷🇴 Olimpiu Pop, Transylvania, RomaniaThe Inaugural EU Cybersecurity Conference held in Brusselshttps://www.enisa.europa.eu/news/supporting-policy-developments-to-achieve-a-high-common-level-of-cybersecurity
S1 Ep 69Episode #69 - It's 5:05, Thursday, February 2, 2023
Hey! It’s 5:05, Thursday, February 2, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Today’s report come from Edwin Kwan in Sydney, Australia, Olimpiu Pop in Transylvania, Romania, Katy Craig in San Diego, California and Mark Miller in Boca Raton, Florida.Let’s get to it! 🇦🇺 Edwin Kwan, Sydney, AustraliaIt's Change Your Password Dayhttps://nationaltoday.com/change-your-password-day/🇷🇴 Olimpiu Pop, Transylvania, RomaniaThe EU Agency for Cybersecurity publishes a report containing technological recommendations for GDPR implementationhttps://www.enisa.europa.eu/news/protecting-data-can-we-engineer-data-sharinghttps://www.enisa.europa.eu/news/protecting-data-can-we-engineer-data-sharinghttps://www.enisa.europa.eu/publications/engineering-personal-data-sharing🇺🇸 Katy Craig, San Diego, CaliforniaChatGPT clones stealing user datahttps://www.hackread.com/chatgpt-clone-apps-collect-ios-play-store/🇺🇸 Mark Miller, Boca Raton, FloridaCVE-2023-20076- Cisco Appliances Vulnerability AnnouncedWhen Pwning Cisco, Persistence is Key - When Pwning Supply Chain, Cisco is Keyhttps://www.trellix.com/en-us/about/newsroom/stories/research/when-pwning-cisco-persistence-is-key-when-pwning-supply-chain-cisco-is-key.htmlCommand-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeoverhttps://www.darkreading.com/ics-ot/command-injection-bug-cisco-industrial-gear-devices-complete-takeover
S1 Ep 68Episode #68 - It's 5:05, Wednesday, February 1, 2023
Hey! It’s 5:05, Wednesday, February 1, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Derek Weeks in Bethesda, Maryland, Olimpiu Pop in Transylvania, Romania, Ian Garret in Arlington, Virginia, Katy Craig in San Diego, California and Edwin Kwan in Sydney, Australia.Let’s get to it!🇺🇸 Derek Weeks, Bethesda, Marylandopen source security index reveals top 100https://opensourcesecurityindex.io/https://www.esecurityplanet.com/networks/open-source-security-ranking/🇷🇴 Olimpiu Pop, Transylvania, RomaniaLockbit ransomware group tries to unplug the City Of Londonhttps://www.telegraph.co.uk/business/2023/02/01/city-london-traders-hit-russia-linked-cyber-attack/🇺🇸 Ian Garrett, Arlington, VirginiaDoes this Hacker Job Come With a 401k?https://securelist.com/darknet-it-headhunting/108526/🇺🇸 Katy Craig, San Diego, CaliforniaPrilex payment card malwarehttps://securelist.com/prilex-modification-now-targeting-contactless-credit-card-transactions/108569/https://www.statista.com/statistics/1227815/contactless-payments-worldwide-by-region/🇦🇺 Edwin Kwan, Sydney, AustraliaDodgy Android Apps Gaining Popularity on Google Playhttps://www.bleepingcomputer.com/news/security/shady-reward-apps-on-google-play-amass-20-million-downloads/
S1 Ep 67Episode #67 - It's 5:05, Tuesday, January 31, 2023
Hey! It’s 5:05, Tuesday, January31, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Mark Miller in New York City, Katy Craig in San Diego, California, Olimpiu Pop in Transylvania, Romania and Edwin Kwan in Sydney Australia.Let’s get to it!🇺🇸 Mark Miller, New York CityBlack Basta Ransomare IncidentCase Study: Thwarting Black Bastahttps://quadrantsec.com/resource/case-study/thwarting-black-bastaTechnical Analysis of Quadrant Security, Black Basta Incidenthttps://quadrantsec.com/sites/default/files/2023-01/Black-Basta_Technical-Analysis_2023.pdfFrom the Labs: YARA Rule for Detecting Black Bastahttps://www.reversinglabs.com/from-the-labs/yara-rule-for-detecting-black-basta🇺🇸 Katy Craig, San Diego, CaliforniaNSA issues IPv6 security guidanceNSA Publishes Internet Protocol Version 6 (IPv6) Security Guidancehttps://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF🇷🇴 Olimpiu Pop, Transylvania, RomaniaUK and Germany Under Cyber Barrage from Iranian and Russian Hacker Collectiveshttps://www.euronews.com/2023/01/26/russian-hackers-launch-cyberattack-on-germany-in-leopard-retaliationhttps://www.ncsc.gov.uk/news/uk-cyber-experts-warn-of-targeted-phishing-attacks-from-actors-based-in-russia-and-iranhttps://thehackernews.com/2023/01/british-cyber-agency-warns-of-russian.html🇦🇺 Edwin Kwan, Sydney, AustraliaCode Signing Certificates for GitHub Desktop for Mac and Atom Revokedhttps://www.bleepingcomputer.com/news/security/github-revokes-code-signing-certificates-stolen-in-repo-hack/
S1 Ep 66Episode #66 - It's 5:05, Monday, January 30, 2023
Hey, it's 5:05 on Monday, January 30th, 2023 from the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Olimpiu Pop in Transylvania, Romania.Let's get to it.🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaAnother day another breach: T-Mobilehttps://techcrunch.com/2023/01/19/t-mobile-data-breach/ https://d18rn0p25nwr6d.cloudfront.net/CIK-0001283699/cd07a3a7-4109-47fe-a6c0-f16a300a3bf7.pdf https://techcrunch.com/2022/04/22/lapsus-hackers-t-mobile/ 🇦🇺 Edwin Kwan, Sydney, AustraliaHow to ensure success for your AppSec Security Champions Programhttps://boringappsec.substack.com/p/edition-15-is-your-champions-program🇺🇸 Katy Craig, San Diego, CaliforniaNewsGPT: Buzzfeed goes all in on ChatGPThttps://www.forbes.com/sites/chriswestfall/2023/01/26/buzzfeed-to-use-chatgpts-ai-for-content-creation-stock-up-200/?sh=b61e3b27eaec https://chat.openai.com “Write a short article on the significance of a news outlet using ChatGPT to develop content”🇷🇴 Olimpiu Pop, Transylvania, RomaniaMalware Molotov Cocktail Ingredients Thrown at Ukrinform Discoveredhttps://505updates.com/january-19-2023/https://www.bleepingcomputer.com/news/security/ukraine-sandworm-hackers-hit-news-agency-with-5-data-wipers/https://cert.gov.ua/article/3718487
S1 Ep 65Episode #65 - It's 5:05, Friday, January 27, 2023
Hey! It’s 5:05, Friday, January 27, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Sydney Australia, Trac Bannon in Camp Hill, Pennsylvania, Katy Craig in San Diego, California, Paulo Gouveia in Everglades, Florida, Olimpiu Pop in Transylvania, Romania and Mark Miller in New York City.Let’s get to it!🇦🇺 Edwin Kwan, Sydney, AustraliaYour Data is more valuable than you may realisehttps://www.welivesecurity.com/2023/01/26/data-more-valuable-you-realize/https://techwireasia.com/2023/01/observing-data-privacy-day-the-importance-of-protecting-personal-information-in-the-digital-age/https://www.coe.int/en/web/portal/28-january-data-protection-day🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaA helping hand for Cyber Criminals: ChatGPThttps://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/https://www.forbes.com/sites/thomasbrewster/2023/01/06/chatgpt-cybercriminal-malware-female-chatbots/?sh=1d4bbbf05534https://www.pcmag.com/news/cybercriminals-using-chatgpt-to-build-hacking-tools-write-codehttps://www.bleepingcomputer.com/news/technology/openais-new-chatgpt-bot-10-dangerous-things-its-capable-of/🇺🇸 Katy Craig, San Diego, CaliforniaWeapon of Mass Distractionhttps://gurwinder.substack.com/p/tiktok-may-be-a-chinese-bio-weaponhttps://www.ncbi.nlm.nih.gov/pmc/articles/PMC8622754/https://www.youtube.com/watch?v=0j0xzuh-6rYhttps://www.cnn.com/2021/09/20/tech/china-tiktok-douyin-usage-limit-intl-hnk/index.htmlhttps://www.sciencealert.com/iq-scores-falling-in-worrying-reversal-20th-century-intelligence-boom-flynn-effect-intelligence🇺🇸 Paulo Gouveia, Everglades, FloridaGood news at last<a href="https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant" rel="noopener noreferrer"...
S1 Ep 64Episode #64 - It's 5:05, Thursday, January 26, 2023
Hey, it's 5:05 on Thursday, January 26th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Kadi Grigg in Alexandria, Virginia, Derek Weeks in Bethesda, Maryland, Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Mark Miller in New York City.Let's get to it!🇺🇸 Kadi Grigg, Alexandria, VirginiaChatGPT + Mental Healthhttps://www.statnews.com/2023/01/23/mental-health-chatbot-chatgpt/https://www.goodtherapy.org/for-professionals/personal-development/become-a-therapist/is-there-shortage-of-mental-health-professionals-in-america 🇺🇸 Derek Weeks, Bethesda, Maryland1500 ChatGPT-based exploits on the dark webhttps://www.crn.com/news/security/chatgpt-is-a-powerful-tool-for-cybercrime-recorded-futurehttps://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/🇦🇺 Edwin Kwan, Sydney, AustraliaWhy is Google Sending me Spam and Phishing Emails?https://www.bleepingcomputer.com/news/security/google-ads-invites-being-abused-to-push-spam-adult-sites/🇺🇸 Katy Craig, San Diego, CaliforniaColleges join the TikTok “ban” wagonhttps://www.theguardian.com/us-news/2023/jan/20/us-tiktok-bans-university-campuseshttps://www.washingtonpost.com/technology/2023/01/20/tiktok-bans-states-colleges/🇺🇸 Mark Miller, New York CityCan it get any worse for LastPass users? YesOur response to a recent security incidenthttps://www.goto.com/blog/our-response-to-a-recent-security-incident#LastPass security breach keeps getting worse, admits parent companyhttps://www.techspot.com/news/97381-lastpass-owner-hackers-stole-encrypted-backups.html#commentsOffset
S1 Ep 63Episode #63 - It's 5:05, Wednesday, January 25, 2023
Hey! It's 5:05, Wednesday, January 25, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Katy Craig in San Diego, California, Mark Miller in New York City, Edwin Kwan in Sydney, Australia. Let's get to it! 🇺🇸 Katy Craig, San Diego, CaliforniaTSA No Fly list leaked by hackerTSA investigating how some no-fly list data was exposed on internet | CNN PoliticsU.S. ‘No Fly List’ Leaks After Being Left in an Unsecured Airline ServerFBI’s Terrorist "No Fly" List Leaked By United Express Carrier - Live and Let's Fly🇺🇸 Mark Miller, New York CityBye Bye LastPass: I'm outBret Johnson on LastPass breachhttps://www.linkedin.com/posts/gollumfun_lastpass-owner-goto-shares-more-bad-news-activity-7023834342346956800-AZYALastPass owner GoTo shares more bad news about November’s security breachhttps://www.theverge.com/2023/1/24/23569109/goto-hack-lastpass-breach-encrypted-backups-keyFrom GoTo: Our response to a recent security incidenthttps://www.goto.com/blog/our-response-to-a-recent-security-incident🇦🇺 Edwin Kwan, Sydney, AustraliaPopular Wordpress Plugin with Critical Vulnerability affecting 75,000 wordpress siteshttps://www.bleepingcomputer.com/news/security/75k-wordpress-sites-impacted-by-critical-online-course-plugin-flaws/
S1 Ep 62Episode #62 - It's 5:05, Tuesday, January 24, 2023
Hey! It’s 5:05, Tuesday, January 24, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Mark Miller in Boca Raton, Florida, Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Trac Bannon in Camp Hill, Pennsylvania, and Olimpiu Pop in Transylvania, Romania.Let’s get to it!🇺🇸 Mark Miller, Boca Raton, FloridaVASTFLUX Ad Fraud sends as many as 12 billion hidden requests a dayThe VastFlux Takedownhttps://www.humansecurity.com/company/satori-threat-intelligence/vastfluxTraffic signals: The VASTFLUX Takedownhttps://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown🇺🇸 Katy Craig, San Diego, CaliforniaMITRE-Harris Poll reveals large majority of US residents with cybersecurity concernshttps://www.mitre.org/news-insights/news-release/mitre-harris-poll-77-us-residents-concerned-about-ransomware-ip-theft🇦🇺 Edwin Kwan, Sydney, AustraliaHosting and Delivering Malware on GitHub Codespaceshttps://www.bleepingcomputer.com/news/security/hackers-can-use-github-codespaces-to-host-and-deliver-malware/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaNVIDIA’s AI means you can fake looking at the camerahttps://crowdsource.nvidia.com/en-us/broadcast/eye-contact/https://www.nvidia.com/en-us/geforce/news/jan-2023-nvidia-broadcast-update/🇷🇴 Olimpiu Pop, Transylvania, RomaniaAR-in-a-BOX: ENISA’s DYI Kit for awareness-raising programshttps://www.enisa.europa.eu/news/cybersecurity-awareness-raising-peek-into-the-enisa-do-it-yourself-toolboxhttps://www.enisa.europa.eu/topics/cybersecurity-education/awareness-raising-in-a-boxhttps://www.enisa.europa.eu/topics/cybersecurity-education/sme_cybersecurity
S1 Ep 61Episode #61 - It's 5:05, Monday, January 23, 2023
Hey! It’s 5:05, Monday, January 23, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Derek Weeks in Bethesda, Maryland, Kadi Grigg, Alexandria, Virginia, and Olimpiu Pop in Transylvania, Romania.Let's get to it!🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaVALL-Ehttps://valle-demo.github.io/ https://github.com/microsoft/unilm https://arxiv.org/pdf/2301.02111.pdf https://uk.finance.yahoo.com/news/microsoft-unveils-ai-simulate-voice-112136270.html🇦🇺 Edwin Kwan, Sydney, AustraliaRise in Microsoft OneNote Attachments in Phishing Emailshttps://www.bleepingcomputer.com/news/security/hackers-now-use-microsoft-onenote-attachments-to-spread-malware/🇺🇸 Katy Craig, San Diego, CaliforniaVoice biometrics for profitshttps://abcnews.go.com/Technology/collection-voice-data-profit-raises-privacy-fears/story?id=96363792https://www.aboutamazon.com/news/devices/amazon-devices-event-september-2019🇺🇸 Derek Weeks, Bethesda, MarylandA $30,000 PC goes open sourcehttps://computerhistory.org/press-releases/chm-makes-apple-lisa-source-code-available-to-the-p ublic-as-a-part-of-its-art-of-code-series/🇺🇸 Kadi Grigg, Alexandria, VirginiaKids and the Metaversehttps://nftnow.com/features/minors-in-the-metaverse-what-you-need-to-know-about-safety/https://www.parents.com/kids/safety/internet/what-parents-need-to-know-about-the-metaverse/ 🇷🇴 Olimpiu Pop, Transylvania, RomaniaThe tracking season is ON: Make sure that there are no rogue AirTags hidden in your pockets!https://www.zdnet.com/google-amp/article/how-to-find-out-if-an-airtag-is-tracking-you/https://www.wired.com/story/opinion-apples-air-tags-are-a-gift-to-stalkers/https://www.wired.com/story/how-to-find-airtags/
S1 Ep 60Episode #60 - It's 5:05, Friday, January 20, 2023
Hey! It’s 5:05, Friday, January 20, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Derek Weeks in Bethesda, Maryland, Olimpiu Pop in Transylvania, Romania, Trac Bannon in Camp Hill, Pennsylvania, Katy Craig in San Diego, California and Edwin Kwan in Sydney, Australia. Let's get to it!🇺🇸 Derek Weeks, Bethesda, MarylandThe credential-stuffing attack on PayPalhttps://www.darkreading.com/attacks-breaches/paypal-breach-exposed-pii-of-nearly-35k-accountshttps://www.hackread.com/paypal-data-breach-alert/🇷🇴 Olimpiu Pop, Transylvania, Romania11 Years Old sudo vulnerability allows attackers to gain root privileges http://www.openwall.com/lists/oss-security/2023/01/19/1https://lists.debian.org/debian-lts-announce/2023/01/msg00012.htmlhttps://www.debian.org/security/2023/dsa-5321https://www.sudo.ws/security/advisories/sudoedit_any/https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaHack the Pentagonhttps://sam.gov/opp/be855762a82543bcba2a4eac18b7202f/viewhttps://sam.gov/api/prod/opps/v3/opportunities/resources/files/0ff9fa4242824b0e807f92829c9222fb/download?&token=https://www.nextgov.com/cybersecurity/2016/03/pentagon-launches-open-contest-hack-military-websites/126383/🇺🇸 Katy Craig, San Diego, CaliforniaAI-powered "robot" lawyer will be first of its kind to represent defendant in courthttps://www.cbsnews.com/news/ai-powered-robot-lawyer-takes-its-first-court-case/🇦🇺 Edwin Kwan, Sydney, AustraliaCritical Exploits Available for Popular Wordpress Pluginshttps://www.bleepingcomputer.com/news/security/poc-exploits-released-for-critical-bugs-in-popular-wordpress-plugins/
S1 Ep 59Episode #59 - It's 5:05, Thursday, January 19, 2023
Hey! It’s 5:05, Thursday, January 19, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Mark Miller in New York City, Katy Craig in San Diego, California, Olimpiu Pop in Transylvania, Romania and Edwin Kwan in Sydney, Australia.Let's get to it!🇺🇸 Mark Miller, New York CityFinally, A National Cybersecurity StrategyWhen It Comes to Cybersecurity, the Biden Administration Is Getting Much More Aggressivehttps://slate.com/news-and-politics/2023/01/biden-cybersecurity-inglis-neuberger.htmlThe Biden national cyber strategy is unlike any before ithttps://www.washingtonpost.com/politics/2023/01/06/biden-national-cyber-strategy-is-unlike-any-before-it/U.S. national cyber strategy to stress Biden push on regulationhttps://www.washingtonpost.com/national-security/2023/01/05/biden-cyber-strategy-hacking/Cyber regulations proliferate, creating fresh problemshttps://www.washingtonpost.com/politics/2022/07/27/cyber-regulations-proliferate-creating-fresh-problems/🇺🇸 Katy Craig, San Diego, CaliforniaSecurity experts downplay GhostSec's RTU breachhttps://www.securityweek.com/cybersecurity-experts-cast-doubt-hackers-ics-ransomware-claimshttps://trello.com/c/3kyaELsl/116-security-experts-downplay-ghostsecs-rtu-breach🇷🇴 Olimpiu Pop, Transylvania, RomaniaRussian Sand Worm Attacks Ukrinform - the Ukrainian News Agencyhttps://twitter.com/dsszzi/status/1615718476269723651https://cip.gov.ua/en/news/kiberatakanezmoglazupinitirobotuinformaciinogoagentstvaukrinformhttps://cip.gov.ua/ua/news/ukrinformmogliatakuvatikhakerizugrupuvannyasandwormpovyazanogozrosiiskimgrupoperednidanidoslidzhennyacertuahttps://www.bleepingcomputer.com/news/security/ukrainelinksdatawipingattackonnewsagencytorussianhackers/🇦🇺 Edwin Kwan, Sydney, AustraliaCircleCI Hack Due to Compromise of Engineer's 2FA-backed session<a href="https://www.bleepingcomputer.com/news/security/circlecis-hack-caused-by-malware-stealing-engineers-2fa-backed-session/" rel="noopener noreferrer"...
S1 Ep 58Episode #58 - It's 5:05, Wednesday, January 18, 2023
Hey! It’s 5:05, Wednesday, January 18, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Kadi Grigg in Alexandria, Virginia and Olimpiu Pop in Transylvania, Romania. Let's get to it!🇺🇸 Katy Craig, San Diego, CaliforniaFortinet OS exploitedhttps://arstechnica.com/information-technology/2023/01/fortinet-says-hackers-exploited-critical-vulnerability-to-infect-vpn-customers/🇦🇺 Edwin Kwan, Sydney, AustraliaMalicious Python Lolipop packages in the Wild https://www.bleepingcomputer.com/news/security/malicious-lolip0p-pypi-packages-install-info-stealing-malware/ 🇦🇺 Edwin Kwan, Sydney, AustraliaUpgrade to The Latest Version of Githttps://www.bleepingcomputer.com/news/security/git-patches-two-critical-remote-code-execution-security-flaws/🇺🇸 Kadi Grigg, Alexandria, VirginiaHuman Intelligence vs. ChatGPT Codehttps://devops.com/will-chatgpt-replace-developers/ https://alphacode.deepmind.com/https://www.science.org/doi/10.1126/science.abq1158🇷🇴 Olimpiu Pop, Transylvania, RomaniaReuters discloses hacking attempts at US nuclear research laboratorieshttps://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/https://www.reuters.com/world/europe/has-putin-threatened-use-nuclear-weapons-2022-10-27/https://cyware.com/news/russian-attackers-involved-in-phishing-attacks-on-us-nuclear-scientists-e6f87707https://www.theguardian.com/world/2023/jan/06/russian-hackers-targeted-us-nuclear-research-laboratories-records
S1 Ep 57Episode #57 - It's 5:05, Tuesday, January 17, 2023
Hey! It's 5:05 on Tuesday, January 17th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode, come from Trac Bannon in Camp Hill, Pennsylvania, Dan Whiting in Washington, D.C, Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, and Olimpiu Pop in Transylvania, Romania.Let's get to it.🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaTaking the ChatGPT plungehttps://You.comhttps://you.com/apps/discover🇺🇸 Dan Whiting, Washington, DCA digital reserve corps of the U.S.H.R. 162 on Congress.gov https://www.congress.gov/bill/118th-congress/house-bill/162?q=%7B%22search%22%3A%5B%22digital+reserve+corps%22%2C%22digital%22%2C%22reserve%22%2C%22corps%22%5D%7D&s=1&r=1H.R. 162 bill text https://gonzales.house.gov/sites/evo-subsites/gonzales.house.gov/files/evo-media-document/national-digital-reserve-corps-act.pdfRep. Tony Gonzales https://gonzales.house.gov/ @RepTonyGonzalesRep. Kelly https://robinkelly.house.gov/ @RepRobinKelly🇦🇺 Edwin Kwan, Sydney, AustraliaThe Case for Running Ad Blockershttps://isc.sans.edu/diary/rss/29438🇺🇸 Katy Craig, San Diego, CaliforniaHackers breach an RTUhttps://industrialcyber.co/industrial-cyber-attacks/hacker-group-discloses-ability-to-encrypt-an-rtu-device-using-ransomware-industry-reacts/🇷🇴 Olimpiu Pop, Transylvania, RomaniaNo firmware patch for Siemens PLC vulnerabilityhttps://thehackernews.com/2023/01/over-100-siemens-plc-models-found.htmlhttps://redballoonsecurity.com/siemens-discoveryhttps://cert-portal.siemens.com/productcert/html/ssa-482757.htmlhttps://thehackernews.com/2022/10/critical-bug-in-siemens-simatic-plcs.html
S1 Ep 56Episode #56 - It's 5:05, Monday, January 16, 2023
Hey! It’s 5:05, Monday, January 16, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Trac Bannon in Pennsylvania on the fight to retain US military cyber experts, Edwin Kwan in Australia on password manager accounts compromised by credential stuffing, Katy Craig in California on Russian twibots and the 2016 election.Let’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaRussian twitbots & the 2016 electionhttps://www.nature.com/articles/s41467-022-35576-9🇦🇺 Edwin Kwan, Sydney, AustraliaPassword Manager Accounts Compromised By Credential Stuffinghttps://www.bleepingcomputer.com/news/security/nortonlifelock-warns-that-hackers-breached-password-manager-accounts/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaThe Fight to Retain US Military Cyber Experts.https://www.c4isrnet.com/cyber/2022/12/28/militarys-special-pay-keeps-cyber-experts-from-jumping-ship/https://cybersecurityguide.org/industries/government/https://www.bankinfosecurity.com/bidens-infrastructure-plan-3-cybersecurity-provisions-a-16308https://www.gao.gov/products/gao-23-105423https://www.gao.gov/assets/gao-23-105423.pdf
S1 Ep 55Episode #55 - It's 5:05, Friday, January 13, 2023
Hey… It’s 5:05, Friday, January 13e, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on part 4 of Kaspersky’s predictions of trends for crimeware and financial cybercrime in 2023, Katy Craig in California on student: 1 - GPT: 0, Edwin Kwan in Australia on university students suffering financial impact from QUT ransomware attack.Today’s episode begins with Paulo Gouveia in Florida on Mom! I downloaded this free Pokemon game!Let’s get to it!🇺🇸 Paulo Gouveia, FloridaMom! I downloaded this free Pokémon game!https://asec.ahnlab.com/en/45312/https://www.cybersecurityconnect.com.au/commercial/8572-hackers-access-windows-devices-through-fake-pokemon-gamehttps://www.ic3.gov/https://www.fbi.gov/investigate/cyber🇦🇺 Edwin Kwan, Sydney, AustraliaUniversity Students Suffering Financial Impact from QUT Ransomware Attackhttps://www.abc.net.au/news/2023-01-13/qut-cyber-attack-students-without-centrelink-payments/101846410🇺🇸 Katy Craig, San Diego, CaliforniaStudent: 1 -- GPT: 0https://www.businessinsider.com/app-detects-if-chatgpt-wrote-essay-ai-plagiarism-2023-1 🇷🇴 Olimpiu Pop, Transylvania, RomaniaPart 4 of Kaspersky’s Predictions of Trends For Crimeware and Financial Cybercrime in 2023https://securelist.com/crimeware-financial-cyberthreats-2023/108005https://securelist.com/it-threat-evolution-q2-2022/107099/https://www.bleepingcomputer.com/news/security/hackers-now-sharing-cracked-brute-ratel-post-exploitation-kit-online/https://securelist.com/new-ransomware-trends-in-2022/106457
S1 Ep 54Episode #54 - It's 5:05, Thursday, January 12, 2023
Hey! It's 5:05 on Thursday, January 12th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Edwin Kwan in Australia on Whatfuscator: an analysis of malicious open source packages, Olimpiu Pop in Romania on part three of Kaspersky's crimeware financial cybercrime trends 2022 and a quick follow up on what's going on with the airlines now with our Executive Producer Mark Miller in New York City. Let's get to it!🇺🇸 Mark Miller, New York CityUpdate on what’s going on with the airlines now?New York Times: https://www.nytimes.com/live/2023/01/11/business/faa-flights-groundedFlight Aware: https://flightaware.com/The Flight Misery Map: https://flightaware.com/miserymap/🇷🇴 Olimpiu Pop, Transylvania, RomaniaPart 3 of Kaspersky Crimeware Financial Cybercrime Trends 2022https://securelist.com/crimeware-financial-cyberthreats-2023/108005/https://en.wikipedia.org/wiki/YOLO_(aphorism)https://securelist.com/prilex-atm-pos-malware-evolution/107551/https://securelist.com/atm-pos-malware-landscape-2020-2022/107656/🇦🇺 Edwin Kwan, Sydney, AustraliaWhatfuscator: An analysis of malicious open source packageshttps://www.endorlabs.com/blog/whatfuscator-malicious-open-source-packages-and-other-beasts
S1 Ep 53Episode #53 - It's 5:05, Wednesday, January 11, 2023
Hey! It’s 5:05, Wednesday , January 11, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Derek Weeks in Maryland on school is out for 31,000 students, Katy Craig in California on Microsoft and ChatGPT: A bid on the future, Kadi Grigg in Virginia on Mint mobile taking on ChatGPT to write a commercial, Edwin Kwan in Australia on critical vulnerabilities in connected cars. Today’s episode begins with our Executive Producer Mark Miller on what’s going on with the airlines now?Let’s get to it!🇺🇸 Mark Miller, New York CityWhat’s going on with the airlines now?New York Times: https://www.nytimes.com/live/2023/01/11/business/faa-flights-groundedFlight Aware: https://flightaware.com/The Flight Misery Map: https://flightaware.com/miserymap/🇦🇺 Edwin Kwan, Sydney, AustraliaCritical Vulnerabilities in Connected Carshttps://samcurry.net/web-hackers-vs-the-auto-industry/https://505updates.com/december-5-2022/🇺🇸 Kadi Grigg, Alexandria, VirginiaMint Mobile taking on ChatGPT to write a commercialwhttps://www.fastcompany.com/90833253/ryan-reynolds-used-chatgpt-to-make-a-mint-mobile-ad-and-the-results-were-mildly-terrifying https://www.cyberscoop.com/chatgpt-ai-malware/ -Katy Craig previously reported on this on jan 9th ep. 48https://505updates.com/january-4-2023/ - Episode ft. Katy Craig’s report🇺🇸 Katy Craig, San Diego, CaliforniaMicrosoft and ChatGPT: A bid on the futurehttps://www.businessinsider.com/microsoft-openai-investment-the-smartest-1-billion-ever-spent-2023-1?amphttps://www.theinformation.com/articles/ghost-writer-microsoft-looks-to-add-openais-chatbot-technology-to-word-emailhttps://nypost.com/2022/12/06/scary-chatgpt-could-render-google-obsolete-in-two-years/https://fortune.com/2023/01/06/openai-valuation-ai-chatgpt-microsoft-bing-google-search/🇺🇸 Derek Weeks, Bethesda, MarylandSchool is out for 31,000 students<a...
S1 Ep 52Episode #52 - It's 5:05, Tuesday, January 10, 2023
Hey… It’s 5:05, Tuesday , January 10, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on part two of Kaspersky’s crimeware and financial cyber threats in 2022, Katy Craig in California on Seattle school district sues tech giants for harming kids, Trac Bannon in Pennsylvania on bypassing Captcha and using DevOps to steal cryptomining resources, Edwin Kwan in Australia on More than 100,000 Australian government logins discovered on dark web.Let’s get to it!🇷🇴 Olimpiu Pop, Transylvania, RomaniaPart II of Kaspersky’s Crimeware Financial Cyber Threats 2022https://en.wikipedia.org/wiki/Platform_as_a_servicehttps://en.wikipedia.org/wiki/Infrastructure_as_a_servicehttps://en.wikipedia.org/wiki/Software_as_a_servicehttps://encyclopedia.kaspersky.com/glossary/malware-as-a-service-maashttps://securelist.com/crimeware-financial-cyberthreats-2023/108005/https://securelist.com/initial-access-data-price-on-the-dark-web/106740/https://securelist.com/emotet-modules-and-recent-attacks/106290/https://www.kaspersky.com/blog/harly-trojan-subscriber/45573/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaBypassing Captcha and Using DevOps to Steal Cryptomining Resources.https://unit42.paloaltonetworks.com/purpleurchin-steals-cloud-resources/https://thehackernews.com/2023/01/hackers-using-captcha-bypass-tactics-in.htmlhttps://imagemagick.org/script/convert.phphttps://thehackernews.com/2022/10/new-cryptojacking-campaign-targeti🇺🇸 Katy Craig, San Diego, CaliforniaSeattle school district sues tech giants for harming kidsSeattle Schools Sue Tech Giants Over Social Media Harm🇦🇺 Edwin Kwan, Sydney, AustraliaMore than 100,000 Australian Government Logins Discovered on Dark Web<a href="https://www.afr.com/technology/more-than-100-000-suspected-government-logins-found-in-massive-breach-20230106-p5cauf" rel="noopener noreferrer"...
S1 Ep 51Episode #51 - It's 5:05, Monday, January 9, 2023
Hey! It’s 5:05, Monday , January 9, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on part one of how accurately did Kaspersky’s SecureList predict crimeware and financial cyber threats in 2022, Edwin Kwan in Australia on analysis of leaked AWS keys in Python package index, Katy Craig in California on new attack vector in Amazon Web Services, Mark Miller in New York City on documentation that’s better than “Good Enough”.Today’s episode begins with Derek Weeks in Maryland on the $5 data breach paymentLet’s get to it!🇺🇸 Derek Weeks, Bethesda, MarylandThe $5 data breach paymenthttps://www.cnbc.com/2022/12/28/payments-from-equifax-settlement-over-2017-data-breach-are-going-out.htmlhttps://twitter.com/kevinmitnick/status/1612155172914094080https://twitter.com/MsMJsays/status/1607868512617340930🇺🇸 Mark Miller, New York CityDocumentation that's better than "Good Enough"Fix Bosch Condensing Dryer F03 - Extreme Sump Cleaning (click the “Popular” button)https://www.youtube.com/watch?v=7q-2zAiBFywMITEEman on YouTubehttps://www.youtube.com/@miteeman/featured🇺🇸 Katy Craig, San Diego, CaliforniaNew attack vector in Amazon Web Serviceshttps://www.mitiga.io/blog/elastic-ip-hijacking-a-new-attack-vector-in-awshttps://aws.amazon.com/about-aws/whats-new/2022/10/amazon-virtual-private-cloud-vpc-transfer-elastic-ip-addresses-between-aws-accounts🇦🇺 Edwin Kwan, Sydney, AustraliaAnalysis of Leaked AWS Keys in Python Package Indexhttps://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/🇷🇴 Olimpiu Pop, Transylvania, RomaniaHow accurately did Kaspersky’s SecureList predict crimeware and financial cyber threats in 2022 Part Ihttps://securelist.com/cyberthreats-to-financial-organizations-in-2022/104974/https://securelist.com/crimeware-financial-cyberthreats-2023/108005/https://securelist.com/self-spreading-stealer-attacks-gamers-via-youtube/107407/<a href="https://securelist.com/onionpoison-infected-tor-browser-installer-youtube/107627/" rel="noopener noreferrer"...
S1 Ep 50Episode #50 - It's 5:05, Friday, January 6, 2023
Hey… It’s 5:05, Friday , January 6, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Trac Bannon in Pennsylvania on Iranian drones, US components, secondary markets, Edwin Kwan in Australia on Slack’s Github repository compromised, Katy Craig in California on White House’s IoT labels, Olimpiu Pop in Romania on three teachings from 2022 for a safer cyber ecosystem, Kadi Grigg i n Virginia on is cyber insurable?Today’s episode begins with our Executive Producer Mark Miller reporting live from New York City on the global outage at Target stores.Let’s get to it!🇺🇸 Mark Miller, New York CityGlobal Outage at Target Storeshttps://www.reddit.com/r/Target/comments/103z4sl/system_down/🇺🇸 Kadi Grigg, Alexandria, VirginiaIs Cyber Insurable?https://www.swissinfo.ch/eng/business/cyber-attacks-set-to-become--uninsurable---says-zurich-chief/48161718?utm_campaign=swi-rss&utm_source=multiple&utm_medium=rss&utm_content=o 🇷🇴 Olimpiu Pop, Transylvania, RomaniaThree Teachings From 2022 For a Safer CyberEcosystemhttps://www.computerweekly.com/feature/Cyber-security-professionals-share-their-biggest-lessons-of-2022https://www.computerweekly.com/news/252528192/Iranian-APT-seen-exploiting-GitHub-repository-as-C2-mechanism🇺🇸 Katy Craig, San Diego, CaliforniaWhite House’s IoT Labelshttps://securityintelligence.com/articles/how-white-house-new-iot-labels-improve-security/🇦🇺 Edwin Kwan, Sydney, AustraliaSlack’s GitHub repository Compromisedhttps://slack.com/intl/en-au/blog/news/slack-security-update🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaIranian Drones, US Components, Secondary Marketshttps://storymaps.arcgis.com/stories/7a394153c87947d8a602c3927609f572 https://www.pmddtc.state.gov/ddtc_public?id=ddtc_kb_article_page&sys_id=24d528fddbfc930044f9ff621f961987https://www.csis.org/analysis/improved-export-controls-enforcement-technology-needed-us-national-security <a...
S1 Ep 49Episode #49 - It's 5:05, Thursday, January 5 , 2023
Hey… It’s 5:05, Thursday , January 5, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on attacks on power grid in Ukraine and US put pressure on transmission gear, Katy Craig in California on New York’s power move and Edwin Kwan in Australia on CircleCI security incident immediate actions.Let’s get to it!🇷🇴 Olimpiu Pop, Transylvania, RomaniaAttacks On Power Grid In Ukriane And US Put Pressure On Transmission Gearhttps://www.eenews.net/articles/attacks-on-grid-infrastructure-in-4-states-raise-alarm/https://www.politico.com/news/2022/12/26/physical-attacks-electrical-grid-peak-00075216https://www-wired-com.cdn.ampproject.org/c/s/www.wired.com/story/attacks-us-electrical-grid-security-roundup/amphttps://www.forbes.com/sites/craighooper/2023/01/04/with-electrical-grids-under-assault-us-and-ukraine-seek-scarce-transmission-gear/?sh=7082997d325fhttps://edition.cnn.com/2022/09/28/energy/nord-stream-pipelines-leaks-explainer-intl/index.html🇺🇸 Katy Craig, San Diego, CaliforniaNew York’s Power Movehttps://www.governor.ny.gov/news/governor-hochul-signs-nation-leading-legislation-protect-energy-grid-cyber-threats🇦🇺 Edwin Kwan, Sydney, AustraliaCircleCI security incident immediate actionshttps://circleci.com/blog/january-4-2023-security-alert/
S1 Ep 48Episode #48 - It's 5:05, Wednesday, January 4, 2023
Hey… It’s 5:05, Wednesday , January 4, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Australia on Queensland University of Technology suffers Ransomware Attack, Katy Craig in California on PwnGPT, Olimpiu Pop in Romania on Jarviz 0.1.0 is released to provide a solution to inspect the content of Java Archives, Kadi Grigg in Virginia on Gorilla toolkit is now abandonware.Today’s episode begins with Trac Bannon in Pennsylvania on ethics and unethical hacking? Is this some kind of joke?Let’s get to it! 🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaEthics and Unethical Hacking? Is this some kind of joke?https://www.engadget.com/lock-bit-ransomware-gang-apologizes-sick-kids-attack-224245439.htmlhttps://www.bleepingcomputer.com/news/security/ransomware-gang-apologizes-gives-sickkids-hospital-free-decryptor/https://twitter.com/AlvieriD/status/1609253113436700678?s=20&t=hLelspGcmLxOXfsYyHJxGg🇺🇸 Kadi Grigg, Alexandria, VirginiaGorilla Toolkit Is Now Abandonwarehttps://thenewstack.io/gorilla-toolkit-open-source-project-becomes-abandonware/ https://www.darkreading.com/application-security/how-hackers-infiltrate-open-source-projects 🇷🇴 Olimpiu Pop, Transylvania, RomaniaJarviz 0.1.0 is released to provide a solution to inspect the content of Java Archiveshttps://andresalmiray.com/jarviz-0-1-0-has-been-released/ 🇺🇸 Katy Craig, San Diego, CaliforniaPwnGPThttps://www.cyberscoop.com/chatgpt-ai-malware/https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/🇦🇺 Edwin Kwan, Sydney, AustraliaQueensland University of Technology suffers Ransomware Attackhttps://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-queensland-university-of-technology/
S1 Ep 47Episode #47 - It's 5:05, Tuesday, January 3, 2023
It’s 5:05, Tuesday , January 3, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on Firefox for iOS and Android kernel vulnerabilities reported in week 51 of 2022, Katy Craig in California on Southwest’s culture problem, Edwin Kwan in Australia on Google home smart speaker wiretap vulnerability.Today’s episode begins with Derek Weeks in Maryland on your code or a derivative? The next thing we need for AI is an evaluation of original content versus a derivative.Let’s get to it! 🇺🇸 Derek Weeks, Bethesda, MarylandYour code or a derivative? The next thing we need for AI is an evaluation of original content versus a derivativehttps://www.itprotoday.com/development-techniques-and-management/does-ai-assisted-coding-violate-open-source-licenses🇦🇺 Edwin Kwan, Sydney, AustraliaGoogle Home Smart Speaker Wiretap vulnerabilityhttps://downrightnifty.me/blog/2022/12/26/hacking-google-home.html🇺🇸 Katy Craig, San Diego, CaliforniaSouthwest’s Culture Problemhttps://www.reddit.com/r/SouthwestAirlines/comments/zyao44/the_real_problem_with_the_software_at_southwest/https://www.wsj.com/articles/southwest-meltdown-shows-airlines-need-tighter-software-integration-11672687980🇷🇴 Olimpiu Pop, Transylvania, RomaniaFirefox for iOS and Android kernel vulnerabilities reported in week 51 of 2022 https://source.android.com/docs/security/bulletin/pixel/2022-12-01https://nvd.nist.gov/vuln/detail/CVE-2022-1887https://www.mozilla.org/en-US/security/advisories/mfsa2022-23/https://www.cisa.gov/uscert/ncas/bulletins/sb22-361https://www.cisa.gov/known-exploited-vulnerabilities-cataloghttps://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809
S1 Ep 46Episode #46 - It's 5:05, Monday, January 2, 2023
It’s 5:05, Monday, January 2, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Australia on PyTorch dependency confusion attack, Trac Bannon in Pennsylvania on office space inspired cyber theft, Olimpiu Pop in Romania on Linux Kernel vulnerability allows RCE on SMB3 servers.Today’s episode begins with Katy Craig in California on smartphone sidechannel attack. Let’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaSmartphone Sidechannel Attackhttps://arxiv.org/pdf/2212.12151.pdf🇷🇴 Olimpiu Pop, Transylvania, RomaniaLinux Kernel Vulnerability Allows RC On SMB3 Servershttps://www.zerodayinitiative.com/advisories/ZDI-22-1690/https://lore.kernel.org/lkml/[email protected]/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaOffice Space Inspired Cyber Thefthttps://www.scribd.com/document/617139119/Ex-Zulily-engineer-charged-for-alleged-theft-scheme-inspired-by-Office-Spacehttps://www.cnn.com/2022/12/30/us/office-space-inspired-washington-software-engineer-thief/index.html🇦🇺 Edwin Kwan, Sydney, AustraliaPyTorch Dependency Confusion Attack https://pytorch.org/blog/compromised-nightly-dependency/https://www.bleepingcomputer.com/news/security/pytorch-discloses-malicious-dependency-chain-compromise-over-holidays/
S1 Ep 45Episode #45 - It's 5:05, Friday , December 30, 2022
It’s 5:05, Friday, December 30, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania on his part 4 of Ukraine cyber war analysis, Dan Whiting in Washington, DC, talks about how to keep your kids safe from connected toys, Edwin Kwan in Australia with a report on parental control apps come packaged with malware, Katy Craig in California on biometrics devices sold on eBay holds sensitive data, DJ Schleen in Colorado on the cyber criminals who aren’t bringing home the bacon anymore.Today’s episode begins with Trac Bannon in Pennsylvania on ALERT: Github suffering from spamming surge.Let’s get to it!🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaALERT: GitHub Suffering from Spamming Surgehttps://twitter.com/_JohnHammond/status/1608257989017993217https://github.com/uBlockOrigin/uAssets/discussions/14904#discussioncomment-4530059https://github.blog/🇺🇸 DJ Schleen, Golden, ColoradoThe Cyber Criminals who aren't bringing home the bacon anymorehttps://nationaltoday.com/national-bacon-day/https://techcrunch.com/2022/12/30/meet-the-cybercriminals-2022/https://www.cisa.gov/uscert/ncas/alerts/aa21-265a🇺🇸 Katy Craig, San Diego, CaliforniaBiometrics Device Sold on eBay Holds Sensitive Datahttps://www.msn.com/en-us/news/technology/biometric-devices-sold-on-ebay-reportedly-contained-sensitive-us-military-data/ar-AA15HCZG https://www.nytimes.com/2022/12/27/technology/for-sale-on-ebay-a-military-database-of-fingerprints-and-iris-scans.html🇦🇺 Edwin Kwan, Sydney, AustraliaParental Control Apps Come Packaged with Malwarehttps://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/🇺🇸 Dan Whiting, Washington, DCKeep your kids safe from connected toyshttps://www.wired.com/story/how-to-set-up-kids-smart-toys/🇷🇴 Olimpiu Pop, Transylvania, RomaniaUkraine Cyber War Analysis Part 4 - Poisoned open-source repositories, weaponizing open-source software<a href="https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/" rel="noopener noreferrer"...
S1 Ep 44Episode #44 - It's 5:05, Thursday, December 29, 2022
It’s 5:05, Thursday, December 29, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California with an update on Meta & Cambridge Analytica, DJ Schleen in Colorado on punt the AI and just write the code yourself,Olimpiu Pop in Romania with his part 3 of Ukraine Cyber War analysis, Edwin Kwan in Australia on cyber attack on Australian universities.Let’s get to it! 🇺🇸 Katy Craig, San Diego, CaliforniaUpdate on Meta & Cambridge Analyticahttps://fingfx.thomsonreuters.com/gfx/legaldocs/gkplwwkebvb/12232022facebook_settle.pdfhttps://www.netflix.com/title/80117542 https://www.bbc.com/news/technology-64075067?zephr-modal-register🇺🇸 DJ Schleen, Golden, ColoradoPunt the AI and just write the code yourselfhttps://techcrunch.com/2022/12/28/code-generating-ai-can-introduce-security-vulnerabilities-study-finds/https://beta.openai.com/docs/guides/codehttps://nypost.com/2022/12/26/students-using-chatgpt-to-cheat-professor-warns/https://beta.openai.com/docs/guides/safety-best-practices🇷🇴 Olimpiu Pop, Transylvania, RomaniaUkraine Cyber War Analysis Part 3 - Taking sideshttps://journals.sagepub.com/doi/full/10.1177/00027642221118264https://securelist.com/reassessing-cyberwarfare-lessons-learned-in-2022/108328/https://mobile.twitter.com/cpartisanshttps://www.msn.com/en-us/news/world/anonymous-declares-cyber-war-against-pro-russian-hacker-group-killnet/ar-AAXClKnhttps://securityaffairs.co/wordpress/138906/hacktivism/killnet-ddos-european-parliament.html🇦🇺 Edwin Kwan, Sydney, AustraliaCyber Attack on Australian Universitieshttps://www.msn.com/en-au/news/australia/queensland-university-of-technology-shuts-it-systems-after-being-hit-by-ransomware-attack/ar-AA15ymSq
S1 Ep 43Episode #43 - It's 5:05, Wednesday, December 28, 2022
It’s 5:05, Wednesday, December 28, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Australia on Guardian newspaper hit by ransomware attack, Trac Bannon in Pennsylvania on imposter SDK found in Python repository, Katy Craig in California on Amazon Prime Air, Dan Whiting in Washington, DC on TikTok ban.Today’s episode begins with Olimpiu Pop in Romania on part two of Ukraine cyber war events. Let’s get to it! 🇷🇴 Olimpiu Pop, Transylvania, RomaniaUkraine Cyber War Analysis - Part 2https://en.wikipedia.org/wiki/Dragobetehttps://twitter.com/netblocks/status/1498365220107997191?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1498365220107997191%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fnetblocks.org%2Freports%2Finternet-disruptions-registered-as-russia-moves-in-on-ukraine-W80p4k8Khttps://www.reuters.com/business/energy/satellite-outage-knocks-out-control-enercon-wind-turbines-2022-02-28/https://novayagazeta.ru/articles/2022/02/24/my-budem-stremitsia-k-demilitarizatsii-i-denatsifikatsii-ukrainy-putin-obiavil-o-nachale-spetsoperatsii-v-ukraine-newshttps://web.archive.org/web/20220313011410/https:/prozorro.gov.ua/tender/UA-2020-12-23-008256-chttps://www.viasat.com/space-innovation/satellite-fleet/ka-sat/https://news.viasat.com/blog/corporate/ka-sat-network-cyber-attack-overviewhttps://www.viasat.com/space-innovation/satellite-fleet/ka-sat/https://news.viasat.com/blog/corporate/ka-sat-network-cyber-attack-overviewhttps://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/https://www.govinfo.gov/content/pkg/CRPT-117srpt122/html/CRPT-117srpt122.htm🇺🇸 Dan Whiting, Washington, DCTikTok Ban<a href="https://www.forbes.com/sites/emilybaker-white/2022/12/22/tiktok-tracks-forbes-journalists-bytedance" rel="noopener noreferrer"...
S1 Ep 42Episode #42 - It's 5:05, Tuesday, December 27, 2022
It’s 5:05, Tuesday, December 27, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California on don’t give up your data, Edwin Kwan in Australia on Github to require 2FA for all users by the end of 2023, DJ Schleen in Colorado on dust of the security crystal ball, it’s almost 2023.Today’s episode begins our Executive Producer Mark Miller in New York City on the LastPass story isn’t getting any better.Let’s get to it!🇺🇸 Mark Miller, New York CityThe LastPass story isn’t getting any betterLastPass: Notice of Recent Security Incidenthttps://blog.lastpass.com/2022/12/notice-of-recent-security-incident/What’s in a PR statement: LastPass breach explainedhttps://palant.info/2022/12/26/whats-in-a-pr-statement-lastpass-breach-explained/Wladimir Palant: Who I Amhttps://palant.info/about/🇺🇸 Katy Craig, San Diego, CaliforniaDon’t Give Up Your Datahttps://epic.org/issues/consumer-privacy/data-brokers/https://www.politico.com/news/2022/12/21/data-brokers-privacy-federal-government-00072600 🇦🇺 Edwin Kwan, Sydney, AustraliaGitHub to require 2FA for all user by end of 2023https://www.bleepingcomputer.com/news/security/github-to-require-all-users-to-enable-2fa-by-the-end-of-2023/🇺🇸 DJ Schleen, Golden, ColoradoDust off the Security Crystal Ball, its almost 2023https://securityboulevard-com.cdn.ampproject.org/c/s/securityboulevard.com/2022/12/here-comes-2023-rezilions-security-predictions/amp/
S1 Ep 41Episode #41 - It's 5:05, Monday, December 26, 2022
It’s 5:05, Monday, December 26, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwon in Australia, on LastPass suffers second data breach this year. And more on LastPass with Mark Miller in New York City - Delete my LastPass account? I’m not sure. Fight me.Trac Bannon in Pennsylvania, on adding more oversight layers to speed things up? Katy Craig in California, on cybersecurity audit of NASA and Olimpiu Pop in Romania, on Ukraine cyberware analysis.Let’s get to it!🇦🇺 Edwin Kwan, Sydney, AustraliaLastPass suffers second data breach this yearhttps://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/amp/🇺🇸 Mark Miller, New York CityDelete my LastPass account? I’m not sure. Fight me.LastPass: Notice of Recent Security Incidenthttps://blog.lastpass.com/2022/12/notice-of-recent-security-incident/Andrew Johnson, Insightful Update on LastPass Breachhttps://www.linkedin.com/posts/andrew-johnson-7b29b93_lastpass-lastpass-hacked-activity-7012507887449116672-jRsqLastPass: Hackers Stole User Data and Encrypted Password Vaultshttps://www.hackread.com/lastpass-encrypted-password-vaults-stolen/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaAdding more oversight layers to speed things up?https://www.fedscoop.com/fedramp-reform-measures-enacted-as-biden-signs-ndaa-into-law/https://www.congress.gov/bill/117th-congress/house-bill/7900 https://www.congress.gov/bill/117th-congress/house-bill/8956/text https://hub.schellman.com/blog/common-pitfalls-when-pursuing-fedramp🇺🇸 Katy Craig, San Diego, CaliforniaCybersecurity Audit of NASAhttps://oig.nasa.gov/audits/auditReports.htmlhttps://oig.nasa.gov/docs/IG-22-009.pdfhttps://oig.nasa.gov/docs/ML-22-001.pdf🇷🇴 Olimpiu Pop, Transylvania, RomaniaUkraine Cyberware Analysishttps://en.wikipedia.org/wiki/Romanian_Revolutionhttps://securelist.com/reassessing-cyberwarfare-lessons-learned-in-2022/108328/<a...
S1 Ep 40Episode #40 - It's 5:05, Friday, December 23, 2022
It’s 5:05, Friday, December 23, 2022. Happy Holidays! From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwon in Australia, on behind the scenes of Optus response's to their data breach. Olimpiu Pop in Romania, with a report on cybersecurity and foreign interference in the EU information ecosystem, Trac Bannon in Pennsylvania, on open source: always the season for giving and myself on New York’s taxi dispatch got hacked. Today’s episode begins with Katy Craig in California on introduction to Amazon SidewalkLet’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaIntroduction to Amazon Sidewalkhttps://www.amazon.com/Amazon-Sidewalk/b?node=21328123011https://m.media-amazon.com/images/G/01/sidewalk/final_privacy_security_whitepaper.pdf🇺🇸 Pokie Huang, New York CityNew York’s taxi dispatch got hackedhttps://www.theregister.com/2022/12/20/jrk_nyc_russian_hacking/🇷🇴 Olimpiu Pop, Transylvania, RomaniaCybersecurity and Foreign Interference in the EU Information Ecosystemhttps://www.enisa.europa.eu/news/cybersecurity-foreign-interference-in-the-eu-information-ecosystemhttps://www.enisa.europa.eu/publications/foreign-information-manipulation-interference-fimi-and-cybersecurity-threat-landscapehttps://www.fbi.gov/wanted/cyber/russian-interference-in-2016-u-s-electionshttps://www.theguardian.com/uk-news/2020/jan/04/cambridge-analytica-data-leak-global-election-manipulation🇦🇺 Edwin Kwan, Sydney, AustraliaBehind the scenes of Optus response's to their data breachhttps://www.afr.com/technology/inside-the-optus-hack-that-woke-up-australia-20221123-p5c0lm🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaOpen Source: Always the Season for Givinghttps://digital-strategy.ec.europa.eu/en/library/study-about-impact-open-source-software-and-hardware-technological-independence-competitiveness-andhttps://www.zdnet.com/article/open-source-software-is-it-about-free-or-is-it-about-freedom/ <a href="https://www.redhat.com/en/blog/value-open-source" rel="noopener noreferrer"...
S1 Ep 39Episode #39 - It's 5:05, Thursday, December 22, 2022
It’s 5:05, Thursday, December 22, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwon in Australia, with a report on end-to-end encryption coming to Gmail. Katy Craig in California, on FBI public safety announcement.Today’s episode begins with Executive Producer Mark Miller on Hey, EULA. Are you listening?Let’s get to it!🇺🇸 Mark Miller, New York CityHey, EULA. Are you listening?https://www.technologyreview.com/2022/12/19/1065306/roomba-irobot-robot-vacuums-artificial-intelligence-training-data-privacy/🇺🇸 Katy Craig, San Diego, CaliforniaFBI Public Safety Announcementhttps://fbi.gov/news/press-releases/press-releases/fbi-and-partners-issue-national-public-safety-alert-on-financial-sextortion-schemes 🇦🇺 Edwin Kwan, Sydney, AustraliaEnd-to-end Encryption Coming to Gmailhttps://www.bleepingcomputer.com/news/security/google-introduces-end-to-end-encryption-for-gmail-on-the-web/
S1 Ep 38Episode #38 - It's 5:05, Wednesday, December 21, 2022
It’s 5:05, Wednesday, December 21, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Olimpiu Pop in Romania, talking about ChatGPT for generating cyberattack. Trac Bannon in Pennsylvania, with a report on the increasing sophistication of Python malware, Katy Craig in California, on US cyber national mission forces and Edwin Kwan in Australia, talking about malicious cybersecurity SDK released to developers.Today’s episode begins with Derek Weeks in Maryland talking about from unemployed to cyber target.Let’s get to it!🇺🇸 Derek Weeks, Bethesda, MarylandFrom unemployed to cyber targethttps://www.linkedin.com/feed/update/urn:li:activity:7011049036350668800/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A7011049036350668800%2C7011319740937719808)&dashCommentUrn=urn%3Ali%3Afsd_comment%3A(7011319740937719808%2Curn%3Ali%3Aactivity%3A7011049036350668800)🇦🇺 Edwin Kwan, Sydney, AustraliaMalicious Cybersecurity SDK released to Developershttps://www.bleepingcomputer.com/news/security/malicious-sentinelone-pypi-package-steals-data-from-developers/🇺🇸 Katy Craig, San Diego, CaliforniaUS Cyber National Mission Forceshttps://www.cybercom.mil/Media/News/Article/3250075/the-evolution-of-cyber-newest-subordinate-unified-command-is-nations-joint-cybe/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaThe Increasing Sophistication of Python Malwarehttps://jfrog.com/blog/pypi-malware-creators-are-starting-to-employ-anti-debug-techniques/https://www.techradar.com/news/python-malware-is-using-a-devious-new-technique🇷🇴 Olimpiu Pop, Transylvania, RomaniaChatGPT for generating cyberattackhttps://www.infoq.com/news/2022/10/ai-state-2022https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/
S1 Ep 37Episode #37 - It's 5:05, Tuesday, December 20, 2022
It’s 5:05, Tuesday, December 20, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Kadi Grigg in Virginia, talking about open source software in the automotive industry, Edwin Kwan in Australia, with a report on facebook post phishing attack on the rise, Katy Craig in California, talking about Epic games gets record fines and Olimpiu Pop in Romania, with a report on CISA’s vulnerability summary of week 50 of 2022.Let’s get to it!🇺🇸 Kadi Grigg, Alexandria,VAOpen Source Software in the Automotive Industryhttps://www.automotiveworld.com/articles/driving-the-future-why-open-source-is-key-in-a-world-of-software-defined-cars/🇦🇺 Edwin Kwan, Sydney, AustraliaFacebook Post Phishing Attack on the Risehttps://www.bleepingcomputer.com/news/security/phishing-attack-uses-facebook-posts-to-evade-email-security/🇺🇸 Katy Craig, San Diego, CaliforniaEpic Games Gets Record Fineshttps://www.ftc.gov/news-events/news/press-releases/2022/12/fortnite-video-game-maker-epic-games-pay-more-half-billion-dollars-over-ftc-allegations🇷🇴 Olimpiu Pop, Transylvania, RomaniaCISA’s Vulnerability Summary of Week 50/ 2022https://www.cisa.gov/uscert/ncas/bulletins/sb22-353https://www.cisa.gov/known-exploited-vulnerabilities-cataloghttps://nvd.nist.gov/vuln/detail/CVE-2022-42856https://support.apple.com/en-us/HT213516https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698
S1 Ep 36Episode #36 - It's 5:05, Monday, December 19, 2022
It’s 5:05, Monday, December 19, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Australia with a report on software loophole allows hacking of Australian Taxation Office accounts, Trac Bannon in Pennsylvania talks about why rapid satellite innovation is a cyber threat paradise, Katy Craig in California on EU-US adequacy decision.Today’s episode begins with Executive Producer, Mark Miller, on the dumpster fire that has become Twitter.Let’s get to it!🇺🇸 Mark Miller, New York CityThe Dumpster Fire that has become TwitterAndy Kaufman vote off SNLhttps://www.youtube.com/watch?v=g_30RwO6wdgTwitter Users Say Elon Musk Should Quit as Bosshttps://www.nytimes.com/2022/12/19/business/elon-musk-quit-twitter.htmlAndy Kaufman Banned NBC ABC Special Full Uncut with Commercialshttps://www.youtube.com/watch?v=yZS6NrjurewJudd Legum on Twitterhttps://twitter.com/JuddLegumWhat is Mastodon? w/ The Wall Street Journalhttps://www.wsj.com/story/how-to-use-mastodon-the-social-media-platform-blocked-by-elon-musks-twitter-7751455f?mod=e2tw🇺🇸 Katy Craig, San Diego, CaliforniaEU US Adequacy Decisionhttps://ec.europa.eu/commission/presscorner/detail/en/ip_22_7631🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaRapid Satellite Innovation is a Cyber Threat Paradisehttps://www.reuters.com/world/europe/exclusive-us-spy-agency-probes-sabotage-satellite-internet-during-russian-2022-03-11/https://www.cisa.gov/uscert/ncas/alerts/aa22-076ahttps://www.cyberscoop.com/apt28-fancy-bear-satellite/https://www.cyberwarcon.com/https://www.cisa.gov/shields-up🇦🇺 Edwin Kwan, Sydney, AustraliaSoftware Loophole allows hacking of Australian Taxation Office accountshttps://www.abc.net.au/news/2022-12-18/ato-tax-hacked-via-mygov-services-australia-exploit/101781656
S1 Ep 35Episode #35 - It's 5:05, Friday, December 16, 2022
It’s 5:05, Friday, December 16, 2022. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in California, talks about Tech Giants vs. Google Maps, Edwin Kwan in Australia with a report on an investigation into TikTok’s privacy concerns, Trac Bannon in Pennsylvania with a report on the widely used Atlassian products compromised and DJ Schleen in Colorado, talks about GitHub public repositories now include free secret scanning.Let’s get to it!🇺🇸 Katy Craig, San Diego, CaliforniaTech Giants vs. Google Mapshttps://overturemaps.org/https://www.mapillary.com/about🇦🇺 Edwin Kwan, Sydney, AustraliaAn Investigation into TikTok's Privacy Concernshttps://malwaretech.com/2022/12/tiktok-is-a-national-security-risk.html🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaWidely Used Atlassian Products Compromisedhttps://cloudsek.com/security-flaw-in-atlassian-products-jira-confluencetrello-bitbucket-affecting-multiple-companies/https://cloudsek.com/cyber-security-incident-at-cloudsek/🇺🇸 DJ Schleen, Golden, ColoradoGitHub public repositories now include free secret scanninghttps://github.blog/2022-12-15-leaked-a-secret-check-your-github-alerts-for-free/https://thehackernews.com/2022/12/github-announces-free-secret-scanning.html?m=1https://apiiro.com/blog/the-secrets-about-secrets-in-code/
S1 Ep 34Episode #34 - It's 5:05, Thursday, December 15, 2022
It’s 5:05, on Thursday, December 15, 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Edwin Kwan in Australia with a report on victoria fire rescue dispatch system offline due to a potential cyber attack, Trac Bannon in Pennsylvania on balancing flexibility with cyber threats, Katy Craig in California on CISA 6 new vulnerabilities and myself with a follow up on the the met opera house cyber attack.Let’s get to it!🇦🇺 Edwin Kwan, Sydney, AustraliaVictoria's Fire Rescue Dispatch System offline due to potential cyber attackhttps://www.abc.net.au/news/2022-12-15/fire-rescue-victoria-dispatch-system-down/101775300🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaBalancing Flexibility with Cyber Threatshttps://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3239938/nsa-releases-series-on-protecting-dod-microelectronics-from-adversary-influence/https://media.defense.gov/2022/Dec/08/2003127935/-1/-1/0/CTR_DOD_MICROELECTRONICS-FPGA_BEST_PRACTICES_THREAT_CATALOG.PDF 🇺🇸 Katy Craig, San Diego, CaliforniaCISA 6 New Vulnerabilitieshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog 🇺🇸 Pokie Huang, New York CityThe show must go onhttps://www.nytimes.com/2022/12/14/arts/music/met-opera-cyberattack.htmlhttps://www.musikverein.at/
S1 Ep 33Episode #33 - It's 5:05, Wednesday, December 14, 2022
It’s 5:05, on Wednesday, December 14, 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Derek Weeks in Maryland, James Mcleod in UK, Katy Craig in California and Edwin Kwan in Australia.Let’s get to it!🇺🇸 Derek Weeks, Bethesda, MarylandMeta open sources a way to find more bad guys onlinehttps://www.newsweek.com/child-abuse-images-porn-sting-switzerland-1764750https://www.engadget.com/meta-open-source-tool-scan-terrorist-content-130952284.html🇬🇧 James McLeod, London, United KingdomHow far can NASA’s open source get you into space?https://github.com/nasahttps://github.com/nasa/openmcthttps://nasa.github.io/openmct/getting-started/https://github.com/nasa/prog_models🇺🇸 Katy Craig, San Diego, CaliforniaQuantum Preparedness Acthttps://www.hassan.senate.gov/news/press-releases/senate-passes-senators-hassan-and-portmans-bipartisan-bill-to-strengthen-national-security-by-preparing-for-quantum-cybersecurity-risks🇦🇺 Edwin Kwan, Sydney, AustraliaFBI's Threat Info Sharing Network Breached through Social Engineeringhttps://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/
S1 Ep 32Episode #32 - It's 5:05, Tuesday, December 13, 2022
It’s 5:05, on Tuesday, December 13 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Dan Whiting in Washington, DC, Katy Craig in San Diego, California, Trac Bannon in Camp Hill, Pennsylvania, Edwin Kwan in Sydney, Australia, Olimpiu Pop in Transylvania, Romania, and myself in New York City. Let’s get to it!🇺🇸 Dan Whiting, Washington, DCEndor Labs' State of Dependency Management Reporthttps://www.endorlabs.com/blog/introducing-the-state-of-dependency-management-report🇺🇸 Katy Craig, San Diego, CaliforniaKaty Craig JSON WAF Bypasshttps://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaKiller Robots and Supply Chain Risk - A bridge too far?https://apnews.com/article/police-san-francisco-government-and-politics-d26121d7f7afb070102932e6a0754aa5https://www.auvsi.org/commercial-ground-advocacy-initiativeshttps://www.c4isrnet.com/battlefield-tech/2022/12/05/san-francisco-police-approved-to-deploy-killer-robots/https://www.nytimes.com/2022/12/06/us/police-robots-san-francisco.html🇦🇺 Edwin Kwan, Sydney, AustraliaUber Suffers Data Breach Due to Supply Chain Attackhttps://www.bleepingcomputer.com/news/security/uber-suffers-new-data-breach-after-attack-on-vendor-info-leaked-online/🇺🇸 Pokie Huang, New York CityHospitals under cyberattackhttps://www.nytimes.com/2022/12/12/nyregion/brooklyn-hospital-cyberattack.htmlhttps://www.thecity.nyc/2022/11/25/23478350/one-brooklyn-health-system-offline-kingsbrook-brookdale-interfaith-hospitals🇷🇴 Olimpiu Pop, Transylvania, RomaniaGitHub Copilot Business Launched Despite Legal Questionshttps://www.kolide.com/blog/github-copilot-isn-t-worth-the-riskhttps://techcrunch.com/2022/12/08/github-launches-copilot-for-business-plan-as-legal-questions-remain-unresolved/
S1 Ep 31Episode #31 - It's 5:05, Monday, December 12, 2022
It’s 5:05, on Monday, December 12 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Katy Craig in california gives highlights from Fiscal Year 2023, The National Defense Authorization Act, Edwin Kwan in Australia reporting on Australia's largest telecommunication suggers privacy breach, Olimpiu Pop in Romania on Kali Linux newest released.We will start today with Mark Miller in New York city on why CVE and NVD do not workLet’s get to it!🇺🇸 Mark Miller, New York CityCVE / NVD doesn’t workhttps://blog.crashoverride.com/cve-nvd-doesnt-work-for-open-source-and-supply-chain-security🇺🇸 Katy Craig, San Diego, CaliforniaHighlights from the FY2023 NDAA Defense BudgetH.R.7900 - 117th Congress (2021-2022): National Defense Authorization Act for Fiscal Year 2023 FY2023 NDAA k80cb.pdf🇦🇺 Edwin Kwan, Sydney, AustraliaAustralia's Largest Telco Suffers Privacy Breachhttps://www.reuters.com/technology/australias-telstra-suffers-privacy-breach-132000-customers-impacted-2022-12-11/https://www.itnews.com.au/news/telstra-blames-privacy-breach-on-database-misalignment-588975🇷🇴 Olimpiu Pop, Transylvania, RomaniaKali Linux 2022.4 released also in Azure Marketplacehttps://www.kali.org/blog/kali-linux-2022-4-release/https://www.kali.org/tools/bloodhound.py/https://www.kali.org/tools/certipy-ad/https://www.kali.org/tools/python-ldapdomaindump/https://www.kali.org/tools/hak5-wifi-coconut/https://www.kali.org/tools/peass-ng/https://www.kali.org/tools/rizin-cutter/
S1 Ep 30Episode #30 - It's 5:05, Friday, December 9, 2022
It’s 5:05, on Friday, December 9 , 2022. This is your daily update of open source and cybersecurity news. This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trac Bannon in Pennsylvania, talking about the Chinese drone threat to US States and Local governments, Katy Craig in California on critical Chrome updates, Olimpiu Pop in Romania with a report on the cybercrime to reach 24.5 trillion dollars by 2027, Edwin Kwan in Australia on Medibank system wide shutdown over weekend. We will start today with DJ Schleen in Colorado talking about how the Tech Lobbyists discourage government agencies from requiring SBOMsLet’s get to it!🇺🇸 DJ Schleen, Golden, ColoradoTech Lobbyists discourage government agencies from requiring SBOMshttps://www.securityweek.com/big-tech-vendors-object-us-gov-sbom-mandatehttps://www.gsa.gov/technology/technology-products-services/it-security/executive-order-14028-improving-the-nations-cybersecurityhttps://www.ntia.doc.gov/files/ntia/publications/sbom_at_a_glance_apr2021.pdfhttps://www.ntia.doc.gov/files/ntia/publications/sbom_overview_20200818.pdf🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaChinese drone threat to US States and Local governmentshttps://gcn.com/cybersecurity/2022/12/chinese-drones-could-expose-state-local-governments/380481/https://cset.georgetown.edu/publication/banned-in-d-c/https://gcn.com/emerging-tech/2022/07/state-explores-drone-skyway/374808/ 🇺🇸 Katy Craig, San Diego, CaliforniaCritical Chrome Updateshttps://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.htmlhttps://nvd.nist.gov/vuln/detail/CVE-2022-4262https://www.cisa.gov/known-exploited-vulnerabilities-catalog🇷🇴 Olimpiu Pop, Transylvania, RomaniaCybercrime to reach 24.5 Trillion Dollars by 2027https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027/🇦🇺 Edwin Kwan, Sydney, AustraliaMedibank system wide shutdown over weekend<a href="https://www.news.com.au/technology/online/hacking/medibank-set-for-systemwide-weekend-shutdown/news-story/8a8ed8a4b760574af3374a064d1d1c94" rel="noopener...
S1 Ep 29Episode #29 - It's 5:05, Thursday, December 8, 2022
It’s 5:05, on Thursday, December 8 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Edwin Kwan in Australia with a report on a third major Australian data breach in three months, Katy Craig in California on Deloitte’s 2023 tech trends, DJ Schleen in Colorado with SBOM and SLSA Paulo Gouveia in Florida talking about Phishing with BeEF and myself reporting on the met opera cyber attack. We will start today with Ax Sharma from Manchester, UK, talking about his article on the bias and racism inherent within ChatGPTLet’s get to it!🇬🇧 Ax Sharma, Manchester UKChatGPT and its biashttps://www.bleepingcomputer.com/news/technology/openais-new-chatgpt-bot-10-dangerous-things-its-capable-of/🇦🇺 Edwin Kwan, Sydney, AustraliaThird major Australian data breach in three monthshttps://www.vice.com/en/article/7k8apa/ransomware-gang-steals-employee-and-customer-data-from-lj-hooker🇺🇸 Katy Craig, San Diego, CaliforniaDeloitte 2023 Tech Trendshttps://www2.deloitte.com/us/en/insights/focus/tech-trends.html?id=us:2el:3pr:diUS175897:eng:di:120722&pkid=1010964#explore🇺🇸 Pokie Huang, New York CityThe Met Opera is under cyber attackhttp://maintenance.metoperafamily.org/https://www.nytimes.com/2022/12/07/arts/met-opera-cyberattack-website.htmlhttps://twitter.com/MetOpera/status/1600626124370972672?s=20&t=KovuANZjFpsPNIUkOmgqCg🇺🇸 DJ Schleen, Golden, ColoradoAdd a little spice to your Software Bill of Materials with SLSAhttps://slsa.devhttps://thenewstack.io/enhance-your-sbom-success-with-slsa/🇺🇸 Paulo Gouveia, Southwest Ranches, FloridaPhishing with BeEFBeEF - Official Project Websiteshttps://beefproject.com/https://github.com/beefproject/beefCool Deployment Guides:https://www.youtube.com/watch?v=3ogyS4KOlXchttps://www.linode.com/docs/products/tools/marketplace/guides/beef/https://www.youtube.com/watch?v=EL96fXFNLNA
S1 Ep 28Episode #28 - It's 5:05, Wednesday, December 7, 2022
It’s 5:05, on Wednesday, December 7 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trac Bannon in Pennsylvania with a report on scamming the digital workforce, Edwin Kwan in Australia on how AirAsia poor network organization spared it from future attacks, Katy Craig in California on Apple AirTag stalking initial report and DJ Schleen in Colorado with a report on the new version of the Software Bill of Materials vulnerability scanning tool. We are going to start with a story from Dan Whiting on his use of AI and Chat GPTLet’s get to it!🇺🇸 Dan Whiting, Washington, DCChatGPT Stack Overflowhttps://meta.stackoverflow.com/questions/421831/temporary-policy-chatgpt-is-bannedhttps://openai.com/blog/chatgpt/🇺🇸 Tracy (Trac) Bannon, Camp Hill, PennsylvaniaI’m here to help! Scamming the digital workforce.https://cybir.com/2022/cve/hijacking-connectwise-control-and-ddos/https://www.crn.com/news/security/connectwise-patches-critical-flaw-that-could-have-infected-5-000-servers-huntress🇦🇺 Edwin Kwan, Sydney, AustraliaAirAsia Poor Network Organisation spared it from future attackshttps://www.databreaches.net/airasia-victim-of-ransomware-attack-passenger-and-employee-data-acquired/https://grahamcluley.com/ouch-ransomware-gang-says-it-wont-attack-airasia-again-due-to-the-chaotic-organisation-and-sloppy-security-of-hacked-companys-network/🇺🇸 Katy Craig, San Diego, CaliforniaApple AirTag Stalking Initial Reporthttps://www.nytimes.com/2022/02/10/business/apple-airtags-safety.htmlhttps://www.bloomberg.com/news/articles/2022-12-06/apple-sued-by-women-over-dangerous-airtag-stalking-by-exes https://apps.cand.uscourts.gov/newcasefilings/ Hughes v. Apple, Inc., 3:22-cv-07668, U.S. District Court, Northern District (not posted yet on the Court filings page)🇺🇸 DJ Schleen, Golden, ColoradoSoftware Bill of Materials vulnerability scanning tool “bomber” announces EPSS supporthttps://github.com/devops-kung-fu/bomberhttps://first.org/epss
S1 Ep 27Episode #27 - It's 5:05, Tuesday, December 6, 2022
It’s 5:05, on Tuesday, December 6 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trace Bannon in Pennsylvania with a follow up report on LastPass breach, Edwin Kwan in Australia on compromised Android platform certificates used to sign malware, Olimpiu Pop in Romania on Russia coordinates cyberattacks with missile strikes and Mark Miller in New York City talking about writing code in with ChatGPT Let’s get to it!🇺🇸 Tracy (Trac) Bannon, Camp Hill, Pennsylvania Flying under the radar?https://developers.google.com/search/docs/crawling-indexing/robots-meta-taghttps://www.goto.com/blog/our-response-to-a-recent-security-incident#🇦🇺 Edwin Kwan, Sydney, AustraliaCompromised Android Platform Certificates Used to Sign Malwarehttps://bugs.chromium.org/p/apvi/issues/detail?id=100https://www.wired.com/story/android-platform-certificates-malware/🇷🇴 Olimpiu Pop, Transylvania, RomaniaRussia Coordinates Cyberattacks with missile strikeshttps://www.microsoft.com/en-us/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/https://www.goto.com/blog/our-response-to-a-recent-security-incident#🇺🇸 Mark Miller, New York CityWriting code in with ChatGPTChatGPT: Optimizing Language Models for Dialoguehttps://openai.com/blog/chatgpt/OpenAIhttps://openai.com/Riley Goodside on Twitterhttps://twitter.com/goodside/status/1598129631609380864James Blackwell on Twitterhttps://twitter.com/jwblackwell/status/1598090447854792705Amjad Masad on Twitterhttps://twitter.com/amasad/status/1598042665375105024
S1 Ep 26Episode #26 - It's 5:05, Monday, December 5, 2022
It’s 5:05, on Monday, December 5 , 2022. This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Derek Weeks in Maryland reporting on connected vehicle, Edwin Kwan in Australia on Eufy doorbell camera leaking user content to cloud and Mark Miller in New York City reporting on how Lensa wants all your data. Let’s get to it! 🇺🇸 Derek Weeks, Bethesda, MarylandConnectivity sparks curiosityhttps://twitter.com/samwcyo/status/1597792097175674880🇦🇺 Edwin Kwan, Sydney, AustraliaEufy Doorbell camera Leaking User Content to Cloudhttps://www.macrumors.com/2022/11/29/eufy-camera-cloud-uploads-no-user-consent/🇺🇸 Mark Miller, New York CityLensa wants your data... all of ithttps://play.google.com/store/apps/datasafety?id=com.lensa.app&gl=UShttps://lensa-ai.com/privacy
S1 Ep 25Episode #25 - It's 5:05, Friday, December 2, 2022
It’s 5:05, on Friday, December 2, 2022. Coming from the 5:05 offices in New York City, this is Mark Miller. Stories for today come from Edwin Kwan in Sydney Australia who gives an update on the Vanuatu Government which is still offline a month Cyber attack, Olimpiu Pop from Transylvania Romania talking about Cybersecurity Investments in the EU, and Trac Bannon offering a personal story about the overwhelming nature of password management. Today’s episode begins with the final segment in my series on scams focusing on the elderly. I’ll make a few simple suggestions on things your family can do to stay safe from scammers this holiday season.Let’s get to it!🇺🇸 Mark Miller, New York CityIt’s not about you anymore. It’s about protecting your family.Anatomy of a phone scamhttps://505updates.com/november-29-2022/Prizes and Sweepstakeshttps://505updates.com/november-30-2022/Holiday scams with giftcardshttps://505updates.com/december-1-2022/🇺🇸 Tracy (Trac) Bannon, Camp Hill, Pennsylvania The overwhelming nature of password management: a personal story https://www.theverge.com/2022/11/30/23486902/lastpass-hackers-customer-information-breachhttps://blog.lastpass.com/2022/11/notice-of-recent-security-incident/🇷🇴 Olimpiu Pop, Transylvania, RomaniaCybersecurity Investments in the EUhttps://www.enisa.europa.eu/news/cybersecurity-investments-in-the-eu-is-the-money-enough-to-meet-the-new-cybersecurity-standards🇦🇺 Edwin Kwan, Sydney, AustraliaVanuatu Government still offline after a month Cyber attackhttps://www.theguardian.com/world/2022/nov/29/vanuatu-officials-turn-to-phone-books-and-typewriters-one-month-after-cyber-attack
S1 Ep 24Episode #24 - It's 5:05, Thursday, December 1, 2022
It’s 5:05, on Thursday, December 1, 2022. Coming from the 5:05 offices in New York City, this is Mark Miller. Stories for today come from Edwin Kwan in Sydney Australia on the six gigabytes dump of up to 10 million customer's personal data from Medibank, and Pokie Huang in New York City on the TikTok invisible body challenge. I’ll be adding to my continuing series on scams focusing on the elderly. Today’s segment is on holiday scams with gift cards, and the difference of online payments with debit cards vs credit cards.. Let’s get to it!🇺🇸 Mark Miller, New York CityHoliday scams against the elderlyThe scammers are coming for you. Here’s how to protect yourself.https://www.washingtonpost.com/business/2021/11/24/safe-online-holiday-shopping-tips/🇺🇸 Pokie Huang, New York CityTiktok invisible challengehttps://www.techradar.com/news/hackers-are-exploiting-this-new-tiktok-craze-to-push-malwarehttps://checkmarx.com/blog/attacker-uses-a-popular-tiktok-challenge-to-lure-users-into-installing-malicious-package/🇦🇺 Edwin Kwan, Sydney, AustraliaLargest file dump from Medibank Breachhttps://amp.smh.com.au/business/companies/case-closed-medibank-hackers-release-massive-data-file-20221201-p5c2pu.html
S1 Ep 23Episode #23 - It's 5:05, Wednesday, November 30, 2022
It’s 5:05, on Wednesday, November 30, 2022. Coming from the 5:05 offices in New York City, this is Mark Miller on HumpDay here in the US. Stories for today come from Edwin Kwan in Sydney Australia on Sensitive Information of Australians on Black Market, Trace Bannon in Pennsylvania on FCC’s Ban of Equipment citing National Security Concerns, and Derek Weeks in Bethesda, Maryland reporting on Twitter’s possible use of Signal for encrypting DMs. We’ll start today’s episode with a follow up from yesterday’s segment on phone scamming.Let’s get to it!🇺🇸 Mark Miller, New York CityThe Top Phone and Email Scams the Elderly Fall ForTop Ten Scamshttps://fraud.org/top-ten-scams-2021/🇺🇸 Tracy (Trac) Bannon, Camp Hill, Pennsylvania US FCC Bans Equipment citing National Security Concernshttps://www.fcc.gov/document/fcc-bans-authorizations-devices-pose-national-security-threathttps://insidedefense.com/daily-news/industry-groups-urge-lawmakers-cut-china-based-semiconductor-ban-federal-contracts🇦🇺 Edwin Kwan, Sydney, AustraliaHighly Sensitive Information of Australians on Black Market following series of breacheshttps://www.abc.net.au/news/2022-11-28/cyber-black-market-shows-medibank-optus-hack-just-the-surface/101700974🇺🇸 Derek Weeks, Bethesda, MarylandTwitter to have Encrypted DMsElon Musk's Twitter to Add Open-Source Signal Protocol for Encrypted DMshttps://news.itsfoss.com/twitter-signal/