Episodes

  • Millions of Synology NAS at Risk: Patch for CVE-2024-10443

    Millions of Synology NAS at Risk: Patch for CVE-2024-10443
    Nov 5 2024
    Millions of Synology NAS Devices Vulnerable to Zero-Click Attacks (CVE-2024-10443) 🎧 Listen to Our Podcast on Your Favorite Platforms! 🎧 Subscribe: Youtube | Spotify | Amazon Synology has ... Read More
    Show more Show less
    Less than 1 minute
  • Microsoft Alerts on Major Russian Spear Phishing Campaign

    Microsoft Alerts on Major Russian Spear Phishing Campaign
    Nov 4 2024
    Microsoft Warns of Major Russian Spear Phishing Attack on U.S. Government Officials Microsoft Threat Intelligence (MTI) has revealed alarming new findings about a spear phishing campaign targeting U.S. ... Read More
    Show more Show less
    17 mins
  • French ISP Confirms Cyberattack and Data Breach Affecting 19 Million Users

    French ISP Confirms Cyberattack and Data Breach Affecting 19 Million Users
    Oct 30 2024
    This source reports on a cyberattack on Free, a French ISP, resulting in a data breach affecting 19 million subscribers. The attackers accessed sensitive personal information, but not financial or password data. Free is investigating the breach and has notified authorities and affected customers. The article highlights the growing threat of cyberattacks against ISPs and discusses steps individuals can take to protect themselves. ... Read More
    Show more Show less
    16 mins
  • Over 6,000 WordPress Sites Hacked to Install Plugins Pushing Infostealers

    Over 6,000 WordPress Sites Hacked to Install Plugins Pushing Infostealers
    Oct 29 2024
    The source describes two malware campaigns, ClearFake and ClickFix, which target WordPress websites by installing malicious plugins. These plugins display fake browser update notifications and system errors to trick users into downloading malware that steals sensitive data. The article explores the tactics used by the attackers, including exploiting plugin vulnerabilities, using the Binance Smart Chain for script injection, and automating logins using stolen credentials. It also discusses the impact on website owners and users, as well as the role of WordPress security firms in addressing the threat. The article concludes with a list of preventive measures for WordPress site owners, such as updating plugins regularly, using reputable plugins, and implementing strong password security. ... Read More
    Show more Show less
    11 mins
  • How Black Basta Ransomware Uses Microsoft Teams to Breach Networks

    How Black Basta Ransomware Uses Microsoft Teams to Breach Networks
    Oct 28 2024
    The sources discuss the evolving tactics of the Black Basta ransomware group, which leverages Microsoft Teams to deceive employees into granting remote access to their systems. The group creates fake IT support accounts within the platform and uses social engineering techniques to convince employees to install malicious software, ultimately allowing them to gain control of the network. The sources also outline various preventative measures that companies can take to protect themselves from Black Basta attacks, including limiting external communication on Teams, enabling multi-factor authentication, and providing comprehensive cybersecurity training to employees. Additionally, the sources highlight the services offered by Technijian, a cybersecurity firm that specializes in defending against ransomware threats like Black Basta. ... Read More
    Show more Show less
    18 mins
  • Henry Schein Discloses Data Breach a Year After Ransomware Attack

    Henry Schein Discloses Data Breach a Year After Ransomware Attack
    Oct 25 2024
    This document details a significant data breach affecting Henry Schein, a global healthcare solutions provider. The breach was caused by two consecutive ransomware attacks by the BlackCat (ALPHV) group, which resulted in the theft of approximately 35 terabytes of sensitive data. The breach impacted over 166,000 individuals, potentially exposing their names, Social Security numbers, medical data, and financial information. Henry Schein has responded by offering credit monitoring services to affected individuals and has taken steps to improve its cybersecurity measures. The document also explores the impact of data breaches on individuals and organizations, emphasizing the importance of robust cybersecurity practices and the role of cyber insurance in mitigating risks. ... Read More
    Show more Show less
    10 mins
  • Microsoft SharePoint Vulnerability Under Active Exploit

    Microsoft SharePoint Vulnerability Under Active Exploit
    Oct 25 2024
    The source describes a critical vulnerability, CVE-2024-38094, affecting Microsoft SharePoint. This vulnerability allows attackers to execute arbitrary code on a SharePoint server, which could compromise sensitive data and potentially take control of entire sites. This vulnerability is especially concerning because it is actively exploited and a proof-of-concept exploit is publicly available on GitHub. The source explains how the vulnerability works, its potential impact, and provides steps organizations can take to mitigate risk, including applying the latest security patches, restricting access, and implementing network segmentation. ... Read More
    Show more Show less
    8 mins
  • Georgia Election Officials Thwart Cyberattack from Foreign Country

    Georgia Election Officials Thwart Cyberattack from Foreign Country
    Oct 24 2024
    recent cyberattack on Georgia's election website, exploring the motivations behind such attacks and highlighting the crucial role of cybersecurity in protecting elections. It emphasizes the importance of collaboration between government and private cybersecurity firms, like Cloudflare, to mitigate these threats. The document also introduces Technijian, a cybersecurity firm offering a range of solutions to safeguard organizations from various digital threats. ... Read More
    Show more Show less
    17 mins