The Jerich Show Podcast

This week, Javvad Malik and Erich Kron unpack a fresh pile of cyber mayhem containing equal parts fascinating, frustrating, and “you couldn’t make this up if you tried”. EU Blames Ransomware for Airport Check-In Chaos: The EU’s cyber agency has officially confirmed what everyone suspected: ransomware was behind the massive airport meltdown. Great, now someone please confirm when luggage will show up again. And in other news… Airport Cyber Arrest: Authorities nabbed a man allegedly behind attacks that disrupted airport systems across Europe. Flights were delayed, passengers got cranky, and IT staff was probably crying into their coffee. Turns out, ransomware doesn’t just ruin files, it ruins holidays. That was fast though. Deepfakes Go Corporate: Two-thirds of businesses report being hit with deepfake scams. Fake execs, bogus invoices, and AI-generated voices that sound “just enough like the boss” to drain your accounts. Technology: still helping criminals scale their hustle, although that seems like high number. Let’s talk about that. Jaguar Land Rover’s Production Nightmare: JLR’s cyber shutdown drags on as ministers huddle with suppliers to stop the bleeding. Yes folks, like many of the vehicles they sell, they are STILL broken. Nothing like a supply chain crisis to remind us that “smart factories” can be dumb when ransomware shows up. Expect a mix of snark, practical security takeaways, and a few sighs of disbelief as we connect the dots between these incidents and what they mean for CISOs, SOC analysts, and anyone who still thinks cyber risk is “just an IT problem.” Stories from the show: Man arrested in connection with cyber-attack on airports https://www.bbc.com/news/articles/c62ldxyj431o Deepfake Attacks Hit Two-Thirds of Businesses https://www.infosecurity-magazine.com/news/deepfake-attacks-hit-twothirds-of/ JLR shutdown extended again as ministers meet suppliers https://www.bbc.com/news/articles/c15kpxnn2p2o EU’s cyber agency blames ransomware as Euro airport check-in chaos continues https://www.theregister.com/2025/09/22/eus_cyber_agency_confirms_ransomware/

Javvad Malik and Erich Kron are back with tea, shade, and tech news, taking on three fresh cyber disasters that are making folks sweat: JLR’s Cyber Chaos: A hack shut down Jaguar Land Rover’s IT & production lines, and now its supply chain workers are being told to apply for Universal Credit. When “just a hack” looks more like a national employment crisis. Teenagers + Scattered Spider = TfL Attack Fallout: Two teens are now charged for allegedly being part of the Scattered Spider crew that hacked Transport for London last August. From Oyster cards to APIs—this one’s got lots of teeth. SonicWall: “Oops, Backups Leaked (a Little Bit)”: Under 5% of SonicWall users impacted by exposed firewall backup prefs. Credentials were encrypted but still, enough info was accessible to give attackers a run for their money. Reset everything. Like now. Buckle up: we’ll laugh, we’ll cringe, and we’ll figure out what this means for real people doing real work in security. ---------------------------------------------------------------------------- Stories from the show: JLR hack could see thousands laid off - MP https://www.bbc.com/news/articles/cwyrqxj3eqqo U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack https://thehackernews.com/2025/09/uk-arrest-two-teen-scattered-spider.html SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers https://thehackernews.com/2025/09/sonicwall-urges-password-resets-after.html

In this week’s episode, Javvad Malik and Erich Kron wade through the latest cybersecurity soap opera where silence, spin, and shady stats take center stage: 61% of U.S. companies claim they’ve been hit by insider breaches. Is this a shocking revelation… or just the result of someone finally checking the logs? CISOs are under growing pressure to zip it about incidents. Because nothing says “strong security posture” like sweeping breaches under the rug and hoping the auditors don’t trip over the lump. Hackers are holding Google’s data hostage unless two threat intel employees get the boot. Extortion? Performance review outsourcing? You decide. Meanwhile in the UK, the government sat on a secret breach review for two years before sheepishly releasing it. Because transparency apparently has an expiration date. Grab your headphones as we unpack what these stories really mean for security leaders, why “insider risk” is the boogeyman of the week, and how the industry’s favorite strategy still seems to be: “Shh… maybe they won’t notice.”

This week, Erich and Javvad dig into Salt Typhoon’s year-long hack of the National Guard (somebody check the cyber sandbags!), marvel at scammers out-faking CNN, BBC, and CNBC to push bogus investments, and celebrate the rarest of cyber events: a ransomware gang calling it quits and actually handing out free decryptors. Grab your popcorn—cyber drama doesn’t get juicier than this!

In this episode of The Jerich Show, Erich Kron and Javvad Malik dive headfirst into the week’s most curious, cringeworthy, and critical cybersecurity stories. First up: a global honeypot powered by over 5,300 compromised Cisco devices—courtesy of the ViciousTrap botnet. Then, it's schadenfreude central as the developers of DanaBot malware accidentally infect themselves. Karma, meet keyboard. We’ll also unpack Europol’s massive takedown of ransomware infrastructure, which led to the seizure of 300 servers and €3.5 million in crypto. Not to be outdone, two ATM heist suspects made their arrest even easier... by taking selfies mid-crime. And finally, the UK’s NCSC shows us how to securely retire old tech—because tossing servers in the skip just isn’t secure policy. Join Erich and Javvad for sharp takes, security snark, and the cybersecurity fails you’ll want to learn from (or at least laugh at).

In this episode of The Jerich Show, join your favorite cybersecurity duo, Erich Kron and Javvad Malik, as they dive into some truly wild cybercrime stories making headlines around the globe. Hackers who've been terrorizing UK retailers have hopped the pond to target US companies, while Japan's bold plan to double its cybersecurity workforce might mean saying sayonara to tough certifications. Meanwhile, the EU arms defenders with a shiny new vulnerability database, and the discovery of rogue communication devices lurking in Chinese-made solar inverters sparks fresh paranoia. Plus, could your CPU itself soon be held hostage by ransomware? Tune in for laughs, insights, and a healthy dose of cyber skepticism! Stories from the show: Hackers behind UK retail attacks now targeting US companies https://www.bleepingcomputer.com/news/security/google-scattered-spider-switches-targets-to-us-retail-chains/ Japan aims to double cybersecurity specialists by 2030, relax certification requirements https://asianews.network/japan-aims-to-double-cybersecurity-specialists-by-2030-relax-certification-requirements/ EU launches vulnerability database to tackle cybersecurity threats https://therecord.media/eu-launches-vulnerability-database CPU microcode hack could infect processors with ransomware directly https://www.techradar.com/pro/security/cpu-microcode-hack-could-infect-processors-with-ransomware-directly ‘Rogue’ communication devices found on Chinese-made solar power inverters https://www.utilitydive.com/news/rogue-communication-devices-found-on-chinese-made-solar-power-inverters/748242/

In this episode, Erich and Javvad discuss how Lockbit appears to be hacked again, Qlin makes a jump to #1 in the ransomware game, Google gets serious against scams with Gemini, and more! Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android https://thehackernews.com/2025/05/google-rolls-out-on-device-ai.html Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures https://thehackernews.com/2025/05/qilin-leads-april-2025-ransomware-spike.html LockBit ransomware gang hacked again https://www.computing.co.uk/news/2025/security/lockbit-ransomware-gang-hacked-again UK Cyber Insurance Claims Second Highest on Record https://www.infosecurity-magazine.com/news/uk-cyberinsurance-claims-second/

Erich and Javvad recap the top stories in Cybersecurity this week including the cyber attack on Iran and a huge DD0S attack. All this and More

Erich and Javvad summarize this week’s cyber soap opera and bring you a tangled web of digital deceit, artificial “intelligence,” and just enough government extradition drama to keep things spicy. From Spain With Wire Fraud: Alleged “Scattered Spider” member Tyler Buchanan thought sunny Spain was a safe hideout—until the long arm of U.S. justice said hola. Extradited for allegedly scamming Caesars and MGM, his toolkit included SIM swapping and social engineering. Welcome to America, Tyler—hope you like federal courtrooms. Phishing with Google’s Seal of Approval: Meanwhile, phisherfolk are reusing Google's DKIM signatures like they’re leftover lasagna—slapping them onto spoofed emails from [email protected] and tricking even the most paranoid clickers. The result? Legit-looking credential traps hosted on Google Sites. It's like gourmet phishing, served with a side of irony. Darcula Gets a Brain Upgrade: And if you thought cybercrime required effort, think again. The Darcula phishing kit now uses generative AI to do all the heavy lifting. Bad grammar and clunky templates? Gone. Now, even your cousin Steve with zero hacking skills can impersonate a bank in 100 languages. Thanks, AI. Tune in for a romp through the latest digital deceptions, complete with dark web drama and facepalms galore. Stay sharp—because the hackers definitely are.

In this episode Erich and Javvad discuss a cyber professor that went away, a ransomware group hacks back, passwords are still poor, and more!

In this episode, Erich and Javvad discuss a breach of a sperm bank in California, an 9-year old Microsoft vuln that they feel is too unimportant to patch (although it's being exploited), and a hack of over 2000, Wordpress sites

In this episode, Erich and Javvad discuss the VSCode extensions that was used by millions, and that Microsoft wrongly removed, Roblox tells parents if they want safe kids, that's a 'you' problem, and the UK says cyberpros need to make more than the PM. This and more!

In this episode, Erich and Javvad talk about a confirmed ransomware campaign through snail mail, 60% of cyber pros looking to change employers, 12 Chinese hackers charged by the US, 1.4TB dataset stolen, and more

In this episode, Erich and Javvad discuss an AI voice scam, the Steam game PirateFi turning out to be info-stealing malware, HCRG hack/ransomware and a Palo Alto firewall vulnerability. All of this and more!

In this episode, Erich and Javvad discuss issues facing DeepSeek, a law enforcement takedown of cybercrime sites, and much, much more!

In this episode, Erich and Javvad discuss a warning from the NSA, the arrest of fraudsters in several countries, a story where Cambodian scammers send a potential scammer packing because of his lack of computer skills. All this and more!

Buckle up, cyber enthusiasts, because this week’s episode is a rollercoaster ride through the murky depths of cybercrime! Erich and Javvad are diving into the story of 1,006 suspects nabbed in a global sting that makes "Ocean’s Eleven" look like a kindergarten playdate. Next, we shop 'til we drop on fake e-commerce sites tied to cybercrime marketplaces—spoiler alert: you’re not getting that “Gucci” bag for $19.99. Finally, we break down the latest saga in the US vs. China cyber espionage showdown, where telecom providers find themselves tangled in a hack straight out of a Hollywood thriller. It’s cyber justice, scams, and geopolitical drama served with a side of sarcasm and a heaping dose of security tips you’ll actually want to use. Don’t miss it! Stories from the show: Major cybercrime operation nets 1,006 suspects https://www.interpol.int/en/News-and-Events/News/2024/Major-cybercrime-operation-nets-1-006-suspects Fraudulent shopping sites tied to cybercrime marketplace taken offline https://www.europol.europa.eu/media-press/newsroom/news/fraudulent-shopping-sites-tied-to-cybercrime-marketplace-taken-offline?mtm_campaign=newsletter White House official: 8 US telecom providers hacked by Chinese https://www.cnn.com/2024/12/04/politics/us-telecom-providers-chinese-hack/index.html

Hey there, tech detectives and cyber sleuths! Grab your headphones and get ready for another wild ride through the digital jungle with Erich and Javvad. This week, we're diving into a hot mess at Hot Topic (pun totally intended) that's left 57 million people saying 'Uh-oh!' Plus, we'll take you on a typhoon-fueled adventure as China's notorious Volt Typhoon crew makes a shocking comeback. It's like a cyber soap opera, but with way more zeroes and ones! So, buckle up, buttercup – it's time to unravel these tangled webs of tech drama! Stories from the show: HIBP notifies 57 million people of Hot Topic data breach https://www.bleepingcomputer.com/news/security/hibp-notifies-57-million-people-of-hot-topic-data-breach/ China's Volt Typhoon crew and its botnet surge back with a vengeance https://www.theregister.com/2024/11/13/china_volt_typhoon_back/ Amazon MOVEit Leaker Claims to Be Ethical Hacker https://www.infosecurity-magazine.com/news/amazon-moveit-leaker-claims/

In this episode, Erich and Javvad discuss some odd ransomware demands, a serious flaw with Synology, spying fryers and much more!

In this episode, Erich and Javvad discuss how the British government is trying to hire more security pros for next to nothing, how Teams is being used as an attack vector, and how North Korean attackers have paired up with the Play ransomware group. All this and more! Stories from the show: Wanted. Top infosec pros willing to defend Britain on shabby salaries https://www.theregister.com/2024/10/29/gchq_needs_advanced_cybersecurity_professionals/ Hackers Exploit Microsoft Teams In New Ransomware Scam https://www.forbes.com/sites/larsdaniel/2024/10/30/hackers-posing-as-it-support-on-teams-new-ransomware-scam-targeting-your-workplace/ North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack https://thehackernews.com/2024/10/north-korean-group-collaborates-with.html