15-May-2024: Major Cyber Attacks Hit Singing River and HK Colleges; Ransomware Surge

Welcome to Hacked dAily—your go-to spot for cyber news dished with a side of snark. In today’s episode, we drop into the dramatic world of GitHub, where downloading a "must-have" mod could end up with your data taking a one-way trip to dodginess. Cue the violins for our digital soap opera! Next, we'd like to sound the airhorn: 99% of organizations have hit rocky API security waters this past year. Few have life vests on! With API chaos at its peak, grab your coffee, because caffeine may be your best defense until nearly half these businesses get their strategies sorted. Turning to speed demons—brace yourself. Ransomware attackers are making moves quicker than a toddler at Disneyland, shrinking detection windows to the blink of an eye or, to be precise, a micro-nap. In other news, ransomware groups consider subtlety overrated, hammering Paragon Partition Manager with BYOVD attacks so brazen, they deserve their own razzie. And, let’s not overlook that irony: financial institutions are becoming playgrounds for AI hackers. Yep, the protectors of our money are getting schooled by an AI-led digital heist. Should we start betting on the supervillain hackers instead? Tune in tomorrow for more witty (and slightly worrying) cybersecurity tales on Hacked dAily, where we learn together that trusting tech is as tricky as asking a cat to share its secrets.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

2 Mars 3min

Welcome to today's episode of Hacked dAily, the FIRST and possibly most sarcastic AI-Driven Cybersecurity Podcast, brought to you by Cytadel Cyber. Prepare yourself as we take a light-hearted (and slightly cynical) spin through today's most head-scratching cyber news. First up, in the "Learn From Our Mistakes" file, stalkerware apps like Spyzie, Cocospy, and Spyic have managed to expose personal data—ironically including those of the spies themselves—due to some impressively bad coding. They're so good at sharing they might as well start a data giveaway channel. Meanwhile, in Thailand, our favorite cyber villain has finally clocked out for good. A notorious data extortion actor got caught in a scene right out of CSI: Cyber... but with less glam and more reality TV drama. Note to future cybercriminals: The world has eyes everywhere, and they're ready to throw you an orange jumpsuit party. Elsewhere, cyber tricksters have decided CAPTCHA forms are the new 'IT' spot for malware. These sneaky developers have turned mayhem into an art form, so remember: if your CAPTCHA makes bizarre requests, tread carefully—puzzles are only fun when you don't lose your data. Turning to some ransomware theatrics, Lynx thinks it's the next cyber diva with its drama-queen antics, while over 12,000 hardcoded API keys are doing their best impression of "house keys under the doormat." As we wrap up, let us hope tomorrow's headlines keep our hard-coded curiosity satisfied. Join us again on Hacked dAily!

1 Mars 3min

Welcome to Hacked dAily, your sardonic dive into the murky depths of the digital underworld. Today, we kick off with Australian IVF titan Genea discovering that their systems have unexpectedly auditioned for a cybersecurity horror flick. Patient data exposure has them navigating Valentine’s Day with more fear than love notes, and patients should keep an eye out for unwelcome phishing attemps too. Shifting gears to tech fans... Two Visual Studio Code extensions got the boot despite their 9 million installs. Turns out, cyber vulnerabilities are the backstage pass no one wanted. Because hey, popularity isn't an immunity boost in the cybersecurity cosmos. Meanwhile, the LightSpy malware saga continues. It’s updating its credentials to reach a broader audience, much like that overeager popstar in need of a comeback tour. It's going after users of more devices, trying to steal data like it's the latest hit track. On a note of high drama, Saudi Arabia's Albilad Bank has been hit by DragonForce, scoring 6 terabytes of data. Looks like DragonForce took the concept of a "data diet" a bit too seriously. Lastly, a multinational hacking-for-hire squad has been using stolen Microsoft API keys in a scheme that’s part cyber crime, part global thriller—with all the finger-pointing drama of your favorite reality show reunion. Tune in for your daily dose of cybersecurity chaos served with humor and a side of sarcasm!

28 Feb 2min

Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast brought to you by Cytadel Cyber. Tune in for the latest cyber misadventures, unveiled with just the right dash of humor and sarcasm to keep your day electrifyingly engaging. Today's episode unfolds with a cyber soap opera as LockBit ransomware gang takes a stab at personal branding, sending FBI Director Kash Patel a salty threat and a backhanded nod to Donald Trump. From mixing protests and praise, it seems even cybercriminals appreciate a good character arc. Meanwhile, over at Conduent, SafePay ransomware group decided to play a little round of "Guess who didn't lock the door", carting away plentiful data. It appears someone forgot the rest of the IT department's script. Here's hoping they had backups and a good stress ball. In industries critical to keeping us afloat—literally—the Anubis Threat Group channels its inner supervillain, plotting against energy and healthcare systems. They aimlessly target vital services with the precision of a toddler in a candy store but threaten global consequences instead. HOLT CAT's data turns to clay as CACTUS ransomware gang digitalizes their shenanigans, stealing sensitive information as if hacking was their new toy. If only their ransom demands were as civilized as a borrowed cup of sugar. Lastly, Google's recent report shows AI making new cyber friends—unfortunately, in all the wrong places. This could turn into an ongoing saga—stay tuned. Join us again tomorrow for more incredible tales from the digital underworld!

27 Feb 3min

Welcome to Hacked dAily, the FIRST AI-driven cybersecurity podcast that's shaping up to be your daily dose of what-in-the-digital-world-is-going-on. Brought to you by the ever-watchful Cytadel Cyber, today's episode dives into the latest stories that will make you question why you haven't ditched the internet and moved to a cabin in the woods—yet. First up, Have I Been Pwned gets a little too inclusive by adding 284 million new accounts to its compromised data list, thanks to sneaky infostealer malware. If anything, it’s a nostalgic trip back to when even your "1234password" was considered ultra-secret. Next, a major US background check firm made hackers feel as welcome as a long-lost relative—except they invited about 3 million of them by exposing an ocean of personal records. Time for the firm to introspect with a "background check" on their own cyber safety. Channeling your great-grandfather's vintage fashion vibe, cyber criminals have taken a liking to exploiting legacy drivers. Those old vulnerabilities might seem charming, until they start draining your bank account like it's a free trial offer. As a plot twist worthy of a soap opera, ransomware hackers are opting for fast-paced data swiping over painfully slow encrypting, proving it's still cool to be quick. Finally, Anthropic’s AI, Claude 3.7 Sonnet, makes other algorithms look like they need a double espresso to catch up—revolutionizing how we define AI brilliance. Tune in daily for more cyber adventures!

26 Feb 2min

Get ready for a rollicking ride of cyber chaos in today's episode of Hacked dAily! We’re starting Down Under as Australia kicks Kaspersky to the curb faster than a boomerang returning from an awkward date, amidst rising data security concerns. Better grab those firewalls and sunscreen, mates! Next, we’re dialing up the future with Google, who’s trading SMS-based Multi-Factor Authentication for QR codes. It's like swapping your telegram for Wi-Fi—about time your security caught up, or at least your dinner reservation app! Meanwhile, Apple enthusiasts got their own pixelated party crasher with a zero-day bug in Parallels Desktop. Just imagine it as the unexpected guest at your Mac's virtual machine gossip session—Windows users just laugh in solidarity. In today’s cyber carnival, the Dpose ransomware makes a dramatic entrance, encrypting files with more stealth than a cat burglar on espresso. Fear not, valiant cyber defenders are already scripting its downfall, proving even a digital villain has its match. Lastly, join the 68% of humans questioning reality as deepfakes keep us guessing—and possibly wishing these crafty AI tricksters would promote pineapple-free pizzas instead. Tune into Hacked dAily for all this and more, delivered with a side of sarcasm and a sprinkle of geeky humor. Enjoy the first AI-driven cybersecurity podcast, keeping your defenses up one byte at a time!

25 Feb 3min

Kick off your day with Hacked dAily, the podcast that brings you the latest in cybersecurity headlines with a side of wit and a splash of sarcasm. Brought to you by the AI brains at Cytadel Cyber, we promise to make your daily infosec digest a little less bleak. Today's digital shenanigans range from cybercriminals dancing through a Confluence vulnerability all the way to Microsoft's Power Pages flaw, which has a CVSS score scarier than your morning coffee. LockBit ransomware is at it again, proving that sometimes software bugs lay out the welcome mat with extra flair. On the defense side, Google Cloud steps into sci-fi territory, launching quantum-safe digital signatures. It’s like they're prepping for a world where hackers arrive via flux capacitor. Good thing our data will have a quantum shield—or at least a DeLorean speed to dodge them. The touching irony of Hong Kong's investment agency drawing in ransomware attacks instead of tech businesses reminds us that promoting tech might also need a firewall-infused charm offensive. Finally, researchers play match-maker, pairing neural networks with cryptographic panache. Going from digital crunching to analog elegance is no easy feat, but they’re working to make those digital Swiss Army knives sing the right (encrypted) tune. Gather around for more cyber mayhem, and we’ll make sure it goes down easy—like a spoonful of cybersecurity sugar. Tune in tomorrow for more of the best worst news in tech.

24 Feb 3min

Welcome to Hacked dAily, the FIRST AI-Driven Cybersecurity Podcast by Cytadel Cyber, where today we dip into the world of digits, drama, and digital disasters with a generous sprinkle of sarcasm. First up, the notorious Lazarus Group has staged a virtual heist, swiping $1.5 billion in cryptocurrency from Bybit. Imagine Bonnie and Clyde, but without the getaway car—just blockchain and a coffee-stained laptop. Bybit insists they're fine, clutching their $20 billion pillow, surely wondering why Tuesday mornings can't just be uneventful. Next, Europe’s healthcare had an unwelcome guest—NailaoLocker ransomware, bringing the kind of chaos only software villains could relish. The randomness of their choices makes one wonder if these cybercriminals are pulling names out of a hat—today’s target: Healthcare! Surprise, surprise. In today’s digital crime novel, enter SoaPy—our modern-day Sherlock Holmes, sans deerstalker, snooping through Active Directory secrets like it was made for espionage. Elsewhere in the chaos: SimonMed Imaging and the Sault Ste. Marie Tribe took turns gamely playing victim to ransomware antics, while thousands woke up to headlines of a breach within the UFCW Local 135. They’re now the proud recipients of complimentary credit monitoring—a festive touch indeed. Finally, Deepwatch's acquisition of Dassana gives a tech upgrade twist, nearly superhero-like if you're into algorithms as crusaders. Tune in daily, because in cybersecurity, there really is no dull moment!

23 Feb 3min