16-May-2024: Santander Breach, Chrome Vulnerability CVE-2024-4761, FBI Seizes BreachForums

Welcome to "Hacked dAily," the first AI-driven cybersecurity podcast powered by Cytadel Cyber, delivering the freshest insights into cyber threats and news every day. In today’s episode, we delve into recent activities by Iranian cyber actors known as Pioneer Kitten, or Fox Kitten, operating under "xplfinder". They've been targeting U.S. sectors like education, finance, and healthcare with ransomware since 2017, exploiting public applications and networking devices while collaborating with notorious ransomware groups. Next, we touch upon APT29, linked to Russian intelligence, repurposing iOS and Chrome exploits from NSO Group and Intellexa. This raises substantial concerns over digital surveillance and the recycling of cyber-attack methods among international espionage agencies. Also, a fresh security alert as hackers target the Atlassian Confluence vulnerability, CVE-2021-26084, to conduct illicit crypto mining operations. Immediate system updates are urged to close this security loophole. In other news, a persistent malware campaign strikes Roblox developers, leveraging NPM to distribute malware disguised as legitimate tools, potentially affecting millions of users globally. And finally, we cover a ransomware incident at Singapore’s Abecha that manages the Esso Corporate Fleet Discount Programme, putting customer credit card details at risk, emphasizing the critical need for vigilance and timely action in cybersecurity. Stay tuned and stay protected with 'Hacked dAily.' Join us daily for your quick update on the ever-evolving world of cybersecurity.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

30 Aug 20243min

Welcome to Hacked dAily, the FIRST AI-Driven Cybersecurity Podcast by Cytadel Cyber, where we delve into the latest threats, breaches, and security innovations every day. In today's episode: - We start with a massive security breach in U.S. educational systems where ransomware attacks have compromised 6.7 million records, exposing a critical need for enhanced cybersecurity protocols in educational institutions. - Next, we examine a serious advisory from CISA, warning of targeted ransomware attacks from Iran against U.S. businesses and government entities, underscoring the importance of heightened security measures and constant vigilance. - Across the pond, France has brought charges against Telegram’s CEO, Pavel Durov, accusing his platform of facilitating criminal activities, a significant case that touches on the balance between user privacy and crime prevention. - In other news, the emergence of deepfakes is warping reality, with AI-created videos that are almost indistinguishable from real ones, raising alarms over potential impacts on public opinion and democratic processes. - Lastly, we look at the BlackByte ransomware's exploitation of a new vulnerability in VMware products, highlighting the continuous threats to network security and the critical need for timely software updates. Tune in to Hacked dAily to stay informed and ahead of the curve in the ever-evolving world of cybersecurity. Stay secure!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

29 Aug 20243min

Welcome to Hacked dAily, the FIRST AI-Driven Cybersecurity Podcast brought to you by Cytadel Cyber. Join us daily as we dive into the latest and most critical cybersecurity news, ensuring you stay informed and ahead of potential threats. In our top stories, we explore Chinese state-sponsored hackers exploiting a zero-day in Versa Director servers through groups Volt Typhoon and Bronze Silhouette, targeting key sectors globally. We discuss the implications and the urgent measures advised by Black Lotus Labs and CISA. Next, we cover the BlackSuit ransomware group’s recent data leak affecting over 950,000 individuals after failed ransom negotiations with Connexure. Learn about the steps being taken to combat this affiliate of the Royal Ransomware family and protect affected clients. We also delve into Microsoft's patching of the ASCII smuggling vulnerability, a critical flaw that allowed attackers to bypass security measures. Discover the importance of this update in securing systems against sophisticated cyber threats. In other news, the UK's legal sector faces a 77% increase in cyberattacks, particularly ransomware, severely impacting client confidentiality and legal integrity. Hear about the growing calls for enhanced cybersecurity measures in law firms. Finally, we discuss the emerging threat of 'quishing' through Microsoft's Sway app, which underscores the evolving nature of cyber threats and stresses the need for continuous vigilance in digital security. Stay informed, stay secure. Tune into Hacked dAily for your daily dose of cybersecurity updates and expert insights.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

28 Aug 20243min

Welcome to Hacked Daily, the first AI-driven cybersecurity podcast, brought to you by Cytadel Cyber. Tune in daily for your concise update on the latest and most significant cyber incidents impacting our world. In today's episode: - Texas Dow Employees Credit Union reports a severe security breach affecting about 500,000 members through unauthorized access to the MOVEit file transfer program, compromising sensitive data. - Patelco Credit Union faces a ransomware attack, potentially exposing the personal information of 726,000 customers, leading to enhanced security protocols and an urgent call to monitor account activities. - IntelBroker and EnergyWeaponUser launch a new attack on AMD, stealing crucial internal communications and user credentials, marking a repeating security dilemma for the tech giant. - Toyota confronts a hefty data breach, impacting several online services and exposing customer data through compromised endpoint security, highlighting the critical need for intensified corporate cybersecurity measures. - The Dutch Data Protection Authority slaps Uber with a whopping €290 million fine for GDPR violations concerning the mishandling of European drivers' personal data, setting precedents in international data protection enforcement. Stay updated, secure, and ready to protect your digital life with Hacked Daily, your leading source for urgent cybersecurity news.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

27 Aug 20243min

Welcome to "Hacked Daily," the FIRST AI-Driven Cybersecurity Podcast, brought to you by Cytadel Cyber. Every day, we dive into the latest cyber threats, breaches, and security updates from around the globe. In today's episode: 1. Seattle-Tacoma International Airport faced a significant cyber attack early Saturday morning that disrupted its website and phone systems. The IT teams are striving for a full recovery by Monday after identifying a possible cloud misconfiguration. 2. Patelco Credit Union reports a massive breach affecting 726,000 members, with a ransomware gang threatening to auction the stolen data. This incident has triggered a major security overhaul and a collaboration with law enforcement to protect member information. 3. Malaysian public transport firm Prasarana has been hit by a RansomHub ransomware attack with over 316GB of data stolen. They are working with national cybersecurity agencies to respond to the threat and ensure operational continuity. In other news, BlackSuit ransomware was used to compromise a network, gathering sensitive data through tools like Cobalt Strike and executing ransomware attacks on key endpoints. And finally, Chinese hackers identified as Velvet Ant exploited a zero-day vulnerability in Cisco systems to deploy custom malware, prompting an urgent response from Cisco to patch the security flaw. Stay vigilant and join us daily for your essential cybersecurity briefing on "Hacked Daily."This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

26 Aug 20243min

Welcome to Hacked Daily, the FIRST AI-Driven Cybersecurity Podcast, brought to you by Cytadel Cyber. Dive into the world of cybersecurity with us every day as we unravel the complexities of hacking incidents and data breaches that shape our digital lives. In today's episode: 1. **Massive Data Breach Expands** A recent data breach has shockingly affected millions in the U.S., UK, and Canada, exposing a vast amount of unencrypted, sensitive data. We explore the implications of such extensive data vulnerability. 2. **WhatsApp Accounts Targeted by Iranian Hackers** Meta reports Iranian hackers have infiltrated WhatsApp accounts of individuals from both the Biden and Trump administrations. Discover the sophisticated methods used and the measures Meta is taking to combat these intrusions. 3. **Ransomware Hits Audiology Service** Bloom Hearing Specialists faces a ransomware crisis affecting thousands of medical and financial records in Australia and New Zealand. We break down the timeline of the breach and its repercussions on patient data security. In other news: - The Linux malware 'sedexp' has been lurking undetected for almost two years, showcasing advanced stealth and capability. Hear about the ongoing risks it poses to the Linux operating system. And finally: - The alarming rise in deepfake tech misuse has potential fraud losses projected to hit $40 billion by 2027. We discuss the evolving battle against deepfake fraud and the efforts to safeguard digital identities. Join us daily on Hacked Daily to stay informed on the latest cybersecurity threats and trends. Let's uncover and understand the digital dangers together!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

25 Aug 20243min

Welcome to Hacked Daily, the FIRST AI-Driven Cybersecurity Podcast, brought to you by Cytadel Cyber. In today's episode, we delve into a series of high-profile cyberattacks affecting major organizations across different sectors. First, we discuss a significant cyberattack on US oil giant Halliburton, which led to the shutdown of its systems and has serious implications for the energy sector's cybersecurity. Next, we cover the American Radio Relay League's plight, that paid a ransom of $1 million to recover their crippled communication infrastructure, spotlighting the vulnerabilities within non-for-profit organizations. Our third story addresses a breach at Arden Claims Service, where personal information of nearly 139,000 individuals was exposed, stirring fears of potential identity theft and fraud. In other news, we explore a ransomware attack on CannonDesign by AvosLocker, examining how it has impacted operations and raised security concerns in the architecture and engineering fields. Finally, we look at a deceptive cryptocurrency scam where hackers infiltrated McDonald's Instagram to promote a bogus crypto token "GRIMACE", tricking followers out of $700,000 and raising awareness about the prevalence of online scams. Join us as we analyze these cybersecurity incidents and discuss measures to mitigate future risks. Stay secure with Hacked Daily.

24 Aug 20242min

Welcome to "Hacked Daily," the FIRST AI-Driven Cybersecurity Podcast. In today's episode, brought to you by Cytadel Cyber, we delve into the latest cyber-related disruptions and threats: First up, we discuss a major cyberattack on Halliburton, which recently targeted their IT infrastructure in Houston, Texas, causing significant disruptions at their North Houston campus and affecting global connectivity. Next, we look into SolarWinds' new security predicament, where hardcoded credentials were left in its Web Help Desk product, exposing the systems to unauthorized access and potential data breaches. We also examine the emergence of the Qilin ransomware, a new and aggressive strain leveraging compromised VPN credentials to infiltrate networks, specifically targeting data within Google Chrome browsers. In other news, we highlight the worrying rise of the BlackSuit ransomware group, whose high-stake demands are pressuring large corporations with their sophisticated encryption techniques. Lastly, we discuss a recent FCC's action imposing a $1 million fine on a telecommunication operator for distributing a deepfake video of President Joe Biden, showcasing the regulatory crackdown on digital misinformation. Stay tuned to "Hacked Daily" for your daily dose of cybersecurity news and insights, ensuring you stay one step ahead of cyber threats.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

23 Aug 20243min