18-Dec-2024 Breaches Shake Thai Police, Meta, Microsoft, Telecom Namibia and Protecting AI with Wald.ai
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber. On today's episode, we dive into the latest cyber threats, regulatory actions, and innovations in the industry. First up, Thai police systems are reeling from a cyberattack by the 'Yokai' backdoor. Originating from an unidentified hacker group, this breach exposes vulnerabilities in Thailand's governmental networks, sparking urgent calls for improved digital defenses. In Europe, Meta faces a €251 million fine by the Irish Data Protection Commission following a 2018 breach that compromised data from 29 million accounts. This hefty penalty highlights increasing regulatory scrutiny and long-lasting aftermaths tech giants face over data protection missteps. Across the tech landscape, Microsoft Azure Data Factory is grappling with bugs that threaten cloud infrastructure security. Potentially leading to unauthorized access and disruptions, these issues underscore the pressing need for robust security strategies. Microsoft is currently investigating and working to resolve these vulnerabilities. In other news, the ransomware group Interlock has breached Texas Tech University Health Sciences Center, impacting over 1.46 million patients. Similarly, Telecom Namibia suffers a cyberattack by the Hunters International Ransomware Gang, who leaked sensitive government data after unmet ransom demands. Lastly, Wald.ai has unveiled a new DLP tool to protect AI platforms, marking a significant step in data security for emerging technologies. Tune in tomorrow for the latest in cybersecurity. Stay safe out there!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
18 Joulu 20243min
17-Dec-2024 FBI Alerts: HiatusRAT Threat, The Mask Returns, Lumma Infostealer Scams Emerge
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay tuned for today's top stories on the latest developments and threats in the cyber realm. First, the FBI is alerting organizations about cyberattacks utilizing HiatusRAT malware. This insidious malware targets network devices such as web cameras and DVRs, compromising security and privacy by granting hackers unauthorized access and control. Next, the Mask APT group, also known as Careto, has resurfaced with more advanced malware capable of targeting multiple platforms, including Windows, macOS, and Linux. The sophistication of these attacks poses increased risks to governments and businesses worldwide. In other news, cybercriminals are deploying malicious ads with fake CAPTCHA pages to spread the Lumma infostealer. This tactic deceives users into downloading the malware, leading to the theft of credentials and financial information. Stay vigilant in verifying online security checks to avoid falling prey. Additionally, the US Marshals Service faces a second ransomware attack within two years. This breach underscores the urgent need for enhanced cybersecurity measures to protect sensitive government data. Lastly, beware of a new investment scam leveraging AI and social media ads. These scams utilize fake testimonials and professional profiles to lure unsuspecting investors, emphasizing the importance of verifying investment opportunities. Join us tomorrow for another episode of Hacked dAily. Stay safe, stay secure.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
17 Joulu 20243min
16-Dec-2024: Ukrainian Cyber Minors, Kaiser Phished, Clop Hits Cleo, TPU Theft Risks AI Models
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay updated on the latest in cyber threats and security trends every day. In today's top stories, the Ukraine-Russia conflict takes a disturbing turn as reports surface about Ukrainian minors being recruited for cyber operations. This development raises serious ethical concerns about the involvement of children in war-torn regions. Google's advertising platform becomes a battleground with a new phishing campaign targeting Kaiser Permanente employees. The attackers impersonated the health care company's HR portal and used a fake browser update to deploy the SocGholish malware, highlighting ongoing threats in search ads. Data theft makes headlines again as the Clop ransomware group claims to have infiltrated Cleo company's systems, exfiltrating sensitive information. This incident underscores the growing sophistication of ransomware attacks on businesses. In other news, Rhode Island's RIBridges system faces a ransomware threat, prompting potential data leaks and urging users to enhance their security measures. The state ensures affected households are informed about accessing free credit monitoring. Finally, we address a rising threat to AI industries with 'TPUXtract.' This new vulnerability allows attackers to extract AI models from Tensor Processing Units, emphasizing the urgent need for safeguarding AI intellectual property. Stay tuned for more updates on "Hacked dAily." Protecting your digital world starts with staying informed.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
16 Joulu 20243min
15-Dec-2024 Cybersecurity Breaches Hit WordPress, Krispy Kreme, and Starbucks Amid Rising Global Threats
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, your daily dose of the latest in the fast-evolving world of cybersecurity. In today's episode, we discuss a significant breach affecting WordPress. A supply chain attack has compromised around 390,000 accounts, infiltrating through a third-party component. Users are advised to change their passwords and verify the integrity of their plugins and themes. Next, we delve into Krispy Kreme's recent cyberattack that hit its US online ordering systems. This incident serves as a stark reminder of the importance of robust cybersecurity strategies across all industries. Current investigations are underway, with no confirmation yet on compromised customer data. In international news, the Russian cyber espionage group, Turla, has developed Android spyware targeting Ukrainian users. Disguised as a pro-Ukrainian app, this sophisticated malware reflects the growing complexity of state-sponsored cyber threats. Additionally, a ransomware attack has plagued a critical supplier, affecting operations at Starbucks and major UK supermarkets, resulting in significant supply chain disruptions. Finally, we discuss a survey highlighting AI-enhanced cyberattacks as a major threat to API security. These sophisticated attacks challenge current security frameworks, stressing the need for advanced protection measures. Stay tuned for today's insights and expert analysis on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
15 Joulu 20243min
14-Dec-2024: PUMAKIT Threat, Cleo MFT Vulnerabilities, Prometheus Weakness, Open Source AI Security
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber, unraveling the latest in cyber threats and defenses! In today's episode, we dive into the emergence of PUMAKIT, a new Linux rootkit employing advanced stealth techniques to outsmart existing security measures. Discover how this malware is making waves in the cybersecurity landscape and why experts are on high alert. We also examine the warning from security analysts about an increase in zero-day exploits targeting Cleo Managed File Transfer systems. With potential risks to data integrity and confidentiality, we discuss the urgent need for enhanced defense strategies and patch management for organizations using Cleo’s solutions. In another critical update, our focus shifts to the vulnerabilities in Prometheus. Over 330,000 instances of this open-source monitoring platform are at risk due to default security settings, leaving systems exposed to denial-of-service attacks. Learn why it's essential to implement stringent security practices now. Elsewhere, we reflect on the infamous WannaCry ransomware attack, a stark reminder of the disruptive power of cyber threats and the importance of robust cybersecurity measures. Finally, we explore the collaborative world of open-source generative AI security tools. By embracing community-driven innovation, these tools promise to fortify defenses against AI-generated threats. Stay ahead of threats with Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
14 Joulu 20243min
13-Dec-2024: FBI Takes Down Rydox Marketplace; Apple Faces Security Flaw; Teams Exploited by Hackers
Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, bringing you the latest in cyber news and security breakthroughs every day. In today's episode, we cover some of the most pressing issues in the cybersecurity world. First, the FBI has shut down the Rydox Marketplace, a notorious platform for selling personal data, seizing $225,000 in cryptocurrency linked to over 7,600 illicit sales. This operation strikes a major blow against online data trafficking. Next, a newly discovered symlink exploit threatens Apple's TCC privacy framework in iOS and macOS systems, raising alarms about the potential for unauthorized data access by malicious apps without user consent. We also delve into a new "vishing" tactic using Microsoft Teams, where cybercriminals impersonate IT support to install DarkGate malware in corporate systems. This highlights the need for robust security measures in virtual communication tools. In other news, Rutherford County Schools in Tennessee face a ransomware attack with hackers demanding 20 Bitcoin, but school officials refuse to pay, focusing instead on strengthening cybersecurity after staff data appeared on the dark web. Finally, businesses are leveraging AI and open data to better manage third-party risks, improving both security protocols and operational efficiency. Stay tuned for these stories and more tomorrow on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
13 Joulu 20243min
12-Dec-2024: Facebook, WhatsApp, OpenAI Hit by Outages; Europol Crushes DDoS Networks
Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast by Cytadel Cyber, where we bring you the latest and most important cybersecurity news in just a few minutes each day. Today, we discuss a major global outage affecting millions of Facebook, Instagram, and WhatsApp users. The connectivity issues left users unable to access their accounts or share content for hours, with the cause still shrouded in mystery. In other news, OpenAI faces a similar disruption as their popular AI services, including ChatGPT and Sora, experienced a worldwide outage. OpenAI is swiftly working towards restoring full functionality. A significant victory for Europol as they dismantle 27 platforms used for DDoS attacks across 15 countries, resulting in numerous arrests and demonstrating international cooperation against cyber threats. On a different front, a cardiac surgery device manufacturer suffers a ransomware attack, jeopardizing sensitive data and raising alarms about the security of medical devices and patient information. Investigations are underway to assess the impact. Lastly, Deloitte's 2025 Tech Trends report highlights AI's growing role as a seamless, hidden force in the workplace, set to massively boost decision-making and efficiency. Join us daily as we delve into the latest happenings in the cyber world, only on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
12 Joulu 20243min
11-Dec-2024 Cyber Fraud Unveiled: Dubai Scams, AWS Breach, Senior Dating Data Leak, and Ohio Ransomware
Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast, by Cytadel Cyber. Stay informed with the latest in cyber threats and security updates in just a few minutes each day. In today's episode, we dive into a sophisticated fraud scheme in the UAE where cybercriminals are impersonating Dubai Police to trick residents into paying fake fines. This scam has intensified during the festive UAE National Day period, catching many off-guard. Next, we explore a massive data breach caused by misconfigurations in Amazon Web Services. The breach has exposed sensitive data from multiple high-profile companies, highlighting the urgent need for improved cloud security practices. A popular senior dating website has suffered a significant data breach, compromising the personal information of over 765,000 users. This incident raises critical concerns over the privacy and security of personal data on digital platforms. In Ohio, a ransomware attack has crippled emergency services, forcing a return to manual operations and causing public safety concerns. Efforts are underway to restore systems, though the timeline remains uncertain. Finally, we discuss the rising threat of AI-powered vishing scams. These deepfake technologies make it increasingly challenging to trust voice communications, prompting organizations to invest in advanced security measures and continuous employee training. Tune in daily to Hacked dAily for your essential cybersecurity updates. Stay safe, stay informed.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.
11 Joulu 20243min
