There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot of the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.
These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.
Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity.
45: Tales from the Crypto
First story is about someone who was “relieved” of their Bitcoin by some kids wielding malware back in 2018, when it was worth an awful lot less than it is now. There are some techie bits to this, as well as a few ethical and legal issues with the way the perps are being sued, so it’s a cracking story to get stuck into.
What do NFTs – non fungible tokens – and Banksy have in common? It’s pretty confusing as far as stories go, but our resident clearer-upperer, Kev, is on hand to help, leaving us to wonder if this is just Banksy himself having a bit of fun.
Sticking to the currency theme, we get knee deep in China’s digital Yuan in our next segment, and finally wrap up with a beautiful bit of OSINT from the Twitter Infosec community.
44: Rotten Apples or Privacy Nuts?
It's a tasty ransomware week this week! Conti face their own internal threat in the shape of a disgruntled affiliate and LockBit has its claws in Accenture.
Apple have been fiddling with their privacy settings again which is sending privacy advocates into a frenzy, and Kev tries very hard not to get ranty...
https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/ (https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/ )
43: Pegasus Project: Winged Horses for Spyware Courses
As you probably guessed from the title of this episode, this week is all about spyware and the Pegasus project.
This all kicked off when a consortium of 16 media outlets reported the alleged widespread and continuing abuse of NSO’s hacking spyware called Pegasus. The company insists that it is only used against criminals and terrorists – but is it? There’s a lot of depth to this story, and we cover it all.
42: Hey Ya Kaseya: MSPs as unwitting attackers
Kaseya, Kaseya, Kaseya... How could we release an episode this week WITHOUT talking about the calamity at Kaseya?
If you hadn't heard, the ransomware gang REvil has leveraged a vulnerability in Kaseya's VSA software against multiple MSPs and their clients. Oh dear. So what is it? Bog standard ransomware? Supply chain compromise? Zero-day exploit? It's all a bit murky, so Kev gets his 'Cyberattacks for Dummies' hat on.
Also featured is the news that audio-editing software Audacity has been accused of being 'possible spyware'.
41: Cyber Wars: Revenge of the Printers
There’s a lot to cover in this week’s episode, so brace yourself because we’ve got newsflashes and stone-cold facts flying your way.
First up, despite what Chris thinks, people do still use printers. Now, researchers in China have found (and accidentally disclosed) a critical Windows zero-day affecting Print Spooler. Cue much printer hate, as well as some actually useful insights into what has occurred.
Next on the agenda, we take a look at the HSE Ireland ransomware attack, with a special focus on what the heck has been going on with Virus Total. Also coming up is the somewhat intriguing “fact” that the USA is the most cyber-secure nation in the world.
And it wouldn’t be an episode of Cyber Humanity without a juicy ‘hackers could’ feature starting with a NEWSFLASH! Homes filled with smart devices could be exposed to hundreds of hacking attempts a WEEK. To which we say: no sh*t, Sherlock.
40: Slack, Track and...Hack?
EA have been hacked to the tune of 780GB of their source code which has now found itself for sale on various dark web forums. While they confirmed that they’d suffered a data breach, they’d offered no insight into how it happened. Until now…
Moving from EA to AI, research shows that AI can now convincingly mimic cybersecurity and medical experts, which, naturally, sparks some lively debate.
We also get into a discussion about disclosure, following Kev’s discovery of a number of vulnerabilities in NetGear’s routers. NDAs are flying everywhere and if you stay very still and quiet, you can even hear the sound of someone in legal crying.
And, of course, we have a cracking ‘Hackers Could’ section this week!
Insightful and Hilarious!
These guys are great-! Smart, witty and filled with insight.