30-Day InfoSec

TJ Nel, Ryan Hays

30-Day InfoSec, a monthly information security recap show for the latest news, stories, and happenings from around the cybersecurity community.

Episodes

  1. 11/10/2020

    Episode 05: Insecure IoT, Trickbot Takedown, Nation-state Hacking and Charitable Hackers

    IoT is VulnerableIoT Homefootage on sale in the deep and dark web and an intimate IoT device is found to have an exploit. https://www.hackread.com/3tb-clips-hacked-home-security-cameras-leaked/https://gizmodo.com/a-security-flaw-could-send-your-dick-to-jail-forever-1845286359Trickbot Takedown via Private and Public SectorBoth Microsoft and USCybercom both try to disrupt the Trickbot gang using different approaches https://krebsonsecurity.com/2020/10/microsoft-uses-copyright-law-to-disrupt-trickbot-botnet/https://krebsonsecurity.com/2020/10/report-u-s-cyber-command-behind-trickbot-tricks/Government Sponsored Cyber Attacks The UK reveals it carried out cyberattacks against Russia, Iran and Russia found to be interfering with US elections. The NSA releases a list of the 25 most used exploits in attack from China. https://www.cnn.com/2020/10/21/politics/fbi-election-security/index.htmlhttps://www.ibtimes.sg/uk-carried-out-secret-cyberattacks-russia-retaliation-says-former-national-security-adviser-52806https://www.zdnet.com/article/nsa-publishes-list-of-top-25-vulnerabilities-currently-targeted-by-chinese-hackers/Bug Bounty crew spends 3 months hacking AppleA bug bounty crew cashes in big hacking apple infrastructure. https://samcurry.net/hacking-apple/Ransomware actor gives to charityDarkside ransomware actors show proof of their philanthropy by press releasing a receipt of their donation. https://www.hackread.com/3tb-clips-hacked-home-security-cameras-leaked/Upcoming Events: Blackhat EU 2020 - Nov. 9OSDF Con - Nov 18Cyber Security & Data Protection Summit - Nov 19Intro/Outro Music CreditsSomething Elated (Broke For Free: https://freemusicarchive.org/music/Broke_For_Free/Something_EP/Broke_For_Free_-_Something_EP_-_05_Something_Elated) / CC BY 3.0: https://creativecommons.org/licenses/by/3.0/us/

    51 min

  2. 09/23/2020

    Episode 04: Emotet, Twitter Hack, Sev10 CVEs, and the Tesla Ransomware Scandal

    Emotet Is back and then not The group behind the Emotet malware has popped back up but shortly after that it appears the C2 infrastructure was compromised and started sharing out memes. https://www.bleepingcomputer.com/news/security/emotet-malware-operation-hacked-to-show-memes-to-victims/https://www.bleepingcomputer.com/news/security/emotet-spam-trojan-surges-back-to-life-after-5-months-of-silence/ Garmin HACKED!!! Garmin was hacked recently and the intrusion was used to spread ransomware on the network. The attackers also ended up being paid out $10M by Garmin.  https://arstechnica.com/information-technology/2020/07/garmans-four-day-service-meltdown-was-caused-by-ransomware/ Twitter Admin Panel Exposed Recently a teenager was able to get access to a twitter management panel which allowed them to take over high profile accounts to include Barack Obama, Beyonce as well as Elon Musk. The take over was being used a scam to attempt to get bitcoin from people. https://www.cnn.com/2020/07/15/tech/twitter-hack-elon-musk-bill-gates/index.html High Profile Exploits Recently Released Recently there were several high profile exploits released that were all remote code execution exploits. Vendors such as F5, SAP and Microsoft were all among the vendors affected by these exploits.  https://threatpost.com/thousands-f5-big-ip-users-takeover/157543/https://threatpost.com/critical-sap-bug-enterprise-system-takeover/157392/https://www.bleepingcomputer.com/news/security/critical-sigred-windows-dns-bug-gets-micropatch-after-pocs-released/ Tesla Attempted Hack A Tesla employee was approached by a supposed Russian sponsored individual in an attempt to compromise the entire organization and spread ransomware.  https://www.databreachtoday.com/russian-indicted-in-tesla-ransom-scheme-a-14960Upcoming Events: https://ekoparty.org/en_US/ https://www.bsidesclt.org/ https://shellcon.io/ Intro/Outro Music CreditsSomething Elated (Broke For Free: https://freemusicarchive.org/music/Broke_For_Free/Something_EP/Broke_For_Free_-_Something_EP_-_05_Something_Elated) / CC BY 3.0: https://creativecommons.org/licenses/by/3.0/us/

    20 min

  3. 07/15/2020

    Episode 03: Honda Cyberattack, Chinese App Banning and MongoDB Leaks

    Honda hit by Cyberattack  Honda was hit by a cyber attack shutting down its manufacturing plant for several days. It appears to be the Ekans variant of ransomware. The company has insisted no data has been breached and added that "at this point, we see minimal business impact". https://www.bbc.com/news/technology-52982427 59 Chinese Apps Banned Apps such as TikTok are starting to be banned within the Indian government. Many other countries and businesses are now also considering banning the applications from there networks. These applications were exposed to collecting too much detailed information about their users.  https://twitter.com/ShivAroor/status/1277619905269989378 MongoDB Exposed Millions of Medical Insurance Records Millions of records containing personal information and medical insurance data were exposed by a database belonging to the insurance marketing website MedicareSupplement.com. https://www.cybersecurity-review.com/news-june-2019/mongodb-leak-exposed-millions-of-medical-insurance-records/ Upcoming Events: https://conference.hitb.org/hitb-lockdown002/https://www.opcde.com/Intro/Outro Music CreditsSomething Elated (Broke For Free: https://freemusicarchive.org/music/Broke_For_Free/Something_EP/Broke_For_Free_-_Something_EP_-_05_Something_Elated) / CC BY 3.0: https://creativecommons.org/licenses/by/3.0/us/

    49 min

  4. 06/01/2020

    Episode 02: Ransomware Leaks, Contact Tracing and Verizon DBIR

    US President target of hackers In a press conference in May The White House Press Secretary held up the check being donated from the president's salary which held his account number and the routing number of an account within Citibank. This has placed a large target on the bank as they now have ties with the administration and government accounts. Hackers will be targeting them similar to how the REvil group is targeting Trump with the release of information collected during the hack of a law firm said to contain information about the president.  https://thehill.com/homenews/administration/499268-trump-routing-number-bank-revealed-coronavirus-responsehttps://twitter.com/ransomleaks/status/1261105634159800321 Contact Tracing Apps and Jailbroken Phones Governments around the world have started encouraging citizens to install tracking application to hopefully get an idea of the spread of the virus. It’s gone as far as Apple and Google baking this into the operating system of the devices. Tracking applications present huge security concerns and risks to everyone. We should all be looking at these to ensure personal safety is being maintained while using them.  https://www.unc0ver.dev Increased Unemployment Fraud With the world under its current situation, Brian Krebs has been reporting on increased unemployment fraud along with Microsoft report huge upticks of malicious documents related to COVID-19. With the world in crisis and working from home everyone's guard is down so scammers and malicious attackers will be taking advantage of this.  https://krebsonsecurity.com/2020/05/riding-the-state-unemployment-fraud-wave/https://www.infosecurity-magazine.com/news/microsoft-warns-of-massive-covid19/ Verizon DBIR The Verizon Databreach Investigation Report was released and covers the current attack surfaces being exploited at least during 2019 but a majority of these will continue on into 2020.  https://enterprise.verizon.com/resources/reports/dbir/ Upcoming Events https://www.sans.org/event/hackfest-ranges-summit-2020 SANs Hackfesthttps://www.securitysummits.com/event/enterprise-lockdown/ Enterprise Lockdown 6/25https://securecon.streameventlive.com/login SecureCon 6/16-18https://www.eventbrite.com/e/bsides-greenville-2020-tickets-84602497347 BSides Greenville 6/13https://www.womenhackerz.com/whackzcon-2020 WomenHackerz Con 6/6-7https://2020.pass-the-salt.org Pass the Salt 6/29Intro/Outro Music CreditsSomething Elated (Broke For Free: https://freemusicarchive.org/music/Broke_For_Free/Something_EP/Broke_For_Free_-_Something_EP_-_05_Something_Elated) / CC BY 3.0: https://creativecommons.org/licenses/by/3.0/us/

    38 min

  5. 05/07/2020

    Episode 01: COVID, IoT Botnets, Ransomware and Online Events

    COVID-19 Related Attacks COVID-19 has hit the entire world extremely hard. We have seen an uptick in COVID-19 related attacks targeting businesses and consumers around the world. Recently we have witnessed spear phishing attacks related to streaming platforms as well as an uptick in malicious mobile applications related to COVID-19. Referenceshttps://research.checkpoint.com/2020/covid-19-goes-mobile-coronavirus-malicious-applications-discovered/https://www.infosecurity-magazine.com/news/hackers-target-netflix-disney/ Dark Nexus IOT Botnet IoT attacks have seen an uptick in IoT related attacks over the past few years. One of the largest currently operating in the Dark Nexus botnet. Referenceshttps://labs.bitdefender.com/2020/04/new-dark_nexus-iot-botnet-puts-others-to-shame/ Ransomware Attacks (Travelx and Cognizant) Ransomware attacks have always been an issue, but with employees in work from home mode and using VPNs, it increases the risk to the corporate network for attack. Two companies that we have seen hit recently Travelex were hit with Sodinokibi ransomware causing them to pay out $2.3M in ransom to unlock the systems. Cognizant is an MSP for some large organizations, and they were hit with MAZE ransomware. The difference here is attackers are exporting this data so the victims can no longer just restore from backups they are forced to pay out the ransom. Referenceshttps://threatpost.com/travelex-pays-2-3m-in-bitcoin-to-hackers-who-hijacked-network-in-january/154666/https://www.infosecurity-magazine.com/news/maze-wage-ransomware-attack-on/ Online Training/Events It seems with the world in its current state all of the infosec conferences have quickly adapted to still providing training within the virtual space. TJ and I collected several upcoming events and listed them for everyone to enjoy hopefully. Referenceshttps://wildwesthackinfest.com/deadwood/tickets-and-training-info/https://www.sans.org/blog/and-now-for-something-awesome-sans-launches-new-series-of-worldwide-capture-the-flag-cyber-events/Intro/Outro Music Credits Something Elated (Broke For Free: https://freemusicarchive.org/music/Broke_For_Free/Something_EP/Broke_For_Free_-_Something_EP_-_05_Something_Elated) / CC BY 3.0: https://creativecommons.org/licenses/by/3.0/us/

    38 min
  • 5 Episodes

About

30-Day InfoSec, a monthly information security recap show for the latest news, stories, and happenings from around the cybersecurity community.

Information

  • Creator
    TJ Nel, Ryan Hays
  • Years Active
    2K
  • Episodes
    5
  • Rating
    Explicit
  • Copyright
    © 2025 TJ Nel, Ryan Hays
  • Show Website
    30-Day InfoSec