Leaky Weekly

Flare
  • 5,0 (1)
  • NOTÍCIAS DE TECNOLOGIA

There’s so much happening in the world of cybercrime, it’s hard to keep up for anyone, including security practitioners. Dive in with security researcher Nick Ascoli as he covers the most pressing stories on data leaks, cybercrime, and the dark web. Tune in with short and sweet episodes in about 15 minutes.

Episódios

  1. HÁ 4 DIAS

    Spilling the Tea on the Tea App and TeaOnHer, and Salesforce Tenant Breaches

    On this episode of Leaky Weekly, host and security researcher Nick Ascoli spills the tea on data leaks from Tea and TeaOnHer, as well as attacks on Salesforce tenants. Here are the resources on the stories: The Cost of a Call: From Voice Phishing to Data Extortion (Google Threat Intelligence Group)ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH (BleepingComputer)Hackers steal images from women's dating safety app that vets men (BBC)Tea app leak worsens with second database exposing user chats (BleepingComputer)TeaOnHer, a rival Tea app for men, is leaking users’ personal data and driver’s licenses (TechCrunch)Brought to you by Flare, Threat Exposure Management solution and industry-leading dataset on cybercrime that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Sign up for your next training here. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick!), and more.

    10min

  2. 27 DE AGO.

    Use a Stealer Log, Go to Prison (Part 2): PowerSchool and Snowflake Tenant Breach Arrests

    On this episode of Leaky Weekly, host and security researcher Nick Ascoli gets into stealer logs and arrests in the last few weeks of the threat actors who targeted PowerSchool and Snowflake tenants. This is part 2 of a 2 part series, Use a Stealer Log, Go to Prison. Missed part 1? Check it out here on Apple Podcasts or Spotify. Here are the resources on the stories: Cybersecurity Incident Notice (PowerSchool)Matthew Lane Plea Deal (Thomson Reuters)United States v. Matthew D. Lane (U.S. Department of Justice)Update on New PowerSchool Data Breach and Ongoing Protection Measures (Union Intermediate School, Sampson County Schools)A hacker's ransom: Inside the cyberattack that compromised NC student and teacher records (WRAL)Leaky Weekly: PowerSchool Hack; Takedowns & Arrests & Leaks, Oh My!; and ITRC Breach Report (Flare)Hacker in Snowflake Extortions May Be a U.S. Soldier (Krebs on Security)United States v. Moucka (CourtListener)Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies (U.S. Department of Justice)Leaky Weekly: Arrests, RedLine & META Infrastructure Takedown, and MOVEit Leaks (Flare)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical cybersecurity topics. Check out Flare Academy to keep up with upcoming trainings, check out previous training resources, chat with cybersecurity professionals (including Nick!) in the Flare Academy Community Discord, and more.

    11min

  3. 13 DE AGO.

    Use a Stealer Log, Go to Prison (Part 1): IntelBroker and Scattered Spider(?) Arrests

    On this episode of Leaky Weekly, host and security researcher Nick Ascoli gets into stealer logs and arrests in the last few weeks of threat actor IntelBroker and threat actors who targeted retail companies in the U.K. using the DragonForce encryptor. This is part 1 of a 2 part series, Use a Stealer Log, Go to Prison. Here's part 2: on Apple Podcasts or Spotify. Here are the resources on the stories: 2025 Data Breach Investigations Report (DBIR) (Verizon)The Rising Role of Stolen Credentials in Cybercrime: 3 Insights from the 2025 Verizon DBIR (Flare)IntelBroker Threat Actor (TheSecMaster)Following the Bitcoin Trail: The IntelBroker Takedown (Chainalysis)United States of America v. Kai West (“IntelBroker,” “Kyle Northern”) Complaint (U.S. Department of Justice)Four arrested in connection with M&S and Co-op cyber-attacks (BBC)Retail cyber attacks: NCA arrest four for attacks on M&S, Co-op and Harrods (National Crime Agency)UK police arrest four over cyberattacks on M&S, Co-op and Harrods (Reuters)Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks (Infosecurity Magazine)Inside the Dragon: DragonForce Ransomware Group (Group-IB)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical cybersecurity topics. Check out Flare Academy to keep up with upcoming trainings, check out previous training resources, chat with cybersecurity professionals (including Nick!) in the Flare Academy Community Discord, and more.

    15min

  4. 2 DE JUL.

    LockBit's Fall and the Rise of Ransomware Chaos 2025 with Tammy Harper

    On this episode of Leaky Weekly, Tammy Harper, Senior Threat Intelligence Researcher at Flare joins host and security researcher Nick Ascoli. Tammy explains: LockBit’s fall, the affiliate exodus, and rise of RansomHub“Ransomware without the ware” – cross-posting as the norm nowNoise in the ransomware undergroundMore episodes from Tammy and Nick’s conversation on ransomware will be coming in the following weeks. Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Sign up for Senior Threat Intelligence Researcher Tammy Harper’s Academy training, CRYPTOS: Hunting Adversaries in the Crypto Underground on Tuesday July 15, 2025 at 11:00-1:00 PM ET. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick and Tammy!), and more.

    16min

  5. 18 DE JUN.

    To Extort or Not to Extort: Ransomware Group Tactics in 2025 with Tammy Harper

    On this episode of Leaky Weekly, Tammy Harper, Senior Threat Intelligence Researcher at Flare joins host and security researcher Nick Ascoli. They talk about shifts in the ransomware ecosystem in 2025. Tammy explains: Ransomware group adaptations based on 2024 eventsWhy data-only extortion isn’t catching onHow access to leaked data is shaping both victim decision-making and long-term exposureMore episodes from Tammy and Nick’s conversation on ransomware will be coming in the following weeks. Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Sign up for Senior Threat Intelligence Researcher Tammy Harper’s Academy training, CRYPTOS: Hunting Adversaries in the Crypto Underground on Tuesday July 15, 2025 at 11:00-1:00 PM ET. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick and Tammy!), and more.

    22min

  6. 3 DE JUN.

    Committing Cybercrime Gets 5% Easier Each Year?: Ransomware Recap 2024-2025 with Tammy Harper

    On this episode of Leaky Weekly, Tammy Harper, Senior Threat Intelligence Researcher at Flare joins host and security researcher Nick Ascoli. They discuss ransomware in 2024, and how that affects the ransomware ecosystem of 2025. Tammy goes over: 2024 ransomware ecosystem summary2025 disruptions in the wake of 2024 takedownsCompromised credentials’ growing role in cybercrimeMore episodes from Tammy and Nick’s conversation on ransomware will be coming in the following weeks. Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Sign up for Senior Threat Intelligence Researcher Tammy Harper’s Academy training, CRYPTOS: Hunting Adversaries in the Crypto Underground on Tuesday July 15, 2025 at 11:00-1:00 PM ET. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick and Tammy!), and more.

    12min

  7. 20 DE FEV.

    PowerSchool Hack; Takedowns and Arrests and Leaks, Oh My!; and ITRC Breach Report Findings

    On this first episode of Leaky Weekly after our winter break, host and security researcher Nick Ascoli covers recent events in the cybercrime space the PowerSchool hack, Cracked & Nulled takedown & arrests, Otelier data leak, DeepSeek data leak, and Identity Theft Resource Center (ITRC) breach report findings. Here are the resources Nick mentions: Children’s data hacked after school software firm missed basic security step, internal report says (NBC News)PowerSchool Cybersecurity Incident (PowerSchool)AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records (WIRED)FBI has warned agents it believes hackers stole their call logs (Fortune)Law enforcement takes down two largest cybercrime forums in the world (Europol)Otelier data breach exposes info, hotel reservations of millions (Bleeping Computer)Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History (Wiz)ITRC Annual Data Breach Report (Identity Theft Resource Center)Canadian Man Arrested in Snowflake Data Extortions (Krebs On Security)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick!), and more.

    24min

  8. 03/12/2024

    Arrests, RedLine & META Infrastructure Takedown, and MOVEit Leaks

    On this latest episode of Leaky Weekly, host and security researcher Nick Ascoli covers recent news in the cybercrime space such as the USDoD arrest, Judische/Waifu (Connor Moucka) arrest, RedLine infrastructure takedown and arrest(s), and MOVEit leaks. Here are the resources Nick mentions: The unmasking of threat actor USDoD (Cybernews)USDoD, the hacker allegedly behind attacks on FBI and Airbus, arrested in Brazil (Cybernews)USDoD Hacker Behind $3 Billion SSN Leak Reveals Himself as Brazilian Citizen (Hackread)Man Arrested for Snowflake Hacking Spree Faces US Extradition (Wired)Here’s the indictment against two men allegedly responsible for Snowflake customer breach (Cyberscoop)Canadian Man Arrested in Snowflake Data Extortions (Krebs on Security)“Operation Magnus” Seized RedLine and META Infostealer Networks (Cyberinsider)Operation Magnus Update Announces Arrest of RedLine Malware Creator (Cyberinsider)Operation Magnus (operation-magnus.com)Millions of records from MOVEit hack released on dark web (SC Media)More data stolen in 2024 MOVEit attacks come to light (Computer Weekly)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick!), and more.

    16min

  9. 17/10/2024

    Dark Web Forum Arrests, Columbus Ransomware Attack Updates, and American Background Info Data Leak

    On this latest episode of Leaky Weekly, host and security researcher Nick Ascoli covers recent news in the cybercrime space such as the LockBit arrests, an update to the Columbus ransomware attack, Bohemia arrests, and MC2 data leak. Here are the resources Nick mentions: LockBit power cut: four new arrests and financial sanctions against affiliates (Europol)Evil Corp: Behind the Screens (National Crime Agency)LockBit Ransomware and Evil Corps Members Arrested and Sanctioned in Joint Global Effort (The Hacker News)LockBit Links to Evil Corp (Secureworks)Dark Web Drama: LockBit and the AN Security Breach Saga (Flare)Columbus pledges $3 million more to fix data breach (NBC4i)Internationale actie tegen werelds' grootste darkweb-markt 'Bohemia/ Cannabia' (Politie)One-third of the US population’s background info is now public (Cybernews) Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick!), and more.

    21min

  10. 19/09/2024

    AWS Takeover Campaign, Ransomware Attack on Columbus, and City of Columbus Sues Ransomware Researcher Whistleblower

    In Leaky Weekly’s third episode, host and security researcher Nick Ascoli covers recent news in the cybercrime space including the AWS takeover campaign, ransomware attack on Columbus, Ohio, and the city of Columbus suing a ransomware researcher whistleblower. Here are the resources Nick mentions: Leaked Environment Variables Allow Large Scale Extortion Operation in Cloud EnvironmentsRansomware Group Claims Columbus Attack, Selling 6 Terabytes of Passwords and MoreResearcher Sued for Sharing Data Stolen by Ransomware with MediaHe Proved the Columbus Data Leak Hurts the Public. Now, the City has Silenced HimBrought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick!), and more.

    14min

  11. 21/08/2024

    Background Check Organization Breach, a Repossessed Ransomware Blog, Feuding Forums, and Double Arrest of “J.P. Morgan”

    In Leaky Weekly’s second episode, host and security researcher Nick Ascoli covers recent news in the cybercrime space such as the National Public Data breach, Dispossesser ransomware operation repossession, feuding forums, and the arrest of two “J.P. Morgans.” Here are the resources Nick mentions: National Public Data confirms breach, scope unknown (TechTarget)National Public Data com Hack Exposes a Nation’s Data (Krebs on Security)Personal Data of 3 Billion People Stolen in Hack, Suit 1 (Bloomberg Law)Inside the “3 Billion People” National Public Data Breach (Troy Hunt)National Public Data Security Incident Announcement (National Public Data)FBI disrupts the Dispossessor ransomware operation, seizes servers (Bleeping Computer)Ransomware Evolution | How Cheated Affiliates Are Recycling Victim Data for Profit (SentinelOne Blog)Ransomfeednews’ X (formerly known as Twitter) Thread on Dispossessor Reposting LeaksA Threat Actor Has Allegedly Scraped the Data belonging to the Forum Leakbase (Dark Web Informer)Leakbase Information (Searchlight Cyber Dark Web Hub)Leader of International Malvertising and Ransomware Schemes Extradited from Poland to Face Cybercrime Charges (U.S. Department of Justice)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization.

    11min

  12. 07/08/2024

    Pilot: Stealer Log Abuse, Hacktivist Groups, and Unauthorized Access Through Third-Parties

    In Leaky Weekly’s first episode, host and security researcher Nick Ascoli covers recent news in the cybercrime space, such as the AT&T breach, Snowflake tenant breaches, the hacktivist group SiegedSec, and Disney hack. Here are the resources Nick mentions: The Sweeping Danger of the AT&T Phone Records Breach (Wired)Massive Ticketmaster, Santander data breaches linked to Snowflake cloud storage (The Verge)UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion (Mandiant)Read the furious texts the Heritage Foundation sent furry hacking collective SiegedSec after breach (Daily Dot)Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages (Wired)Brought to you by Flare, the world's easiest to use and most comprehensive cybercrime database that integrates into your security program in 30 minutes. Check out what’s on the dark web (and more) about your organization. Flare now offers Flare Academy training, which is our (free!) training series led by experts that cover critical topics such as threat intelligence, operational security, and advanced investigation techniques. You can also earn CPE credits toward your cybersecurity certifications. Join the Flare Academy Community Discord to keep up with upcoming training, check out previous training resources, chat with cybersecurity professionals (including Nick and Tammy!), and more.

    15min
  • 12 episódios

Sobre

There’s so much happening in the world of cybercrime, it’s hard to keep up for anyone, including security practitioners. Dive in with security researcher Nick Ascoli as he covers the most pressing stories on data leaks, cybercrime, and the dark web. Tune in with short and sweet episodes in about 15 minutes.

Informações

  • Criado por
    Flare
  • Anos de atividade
    2024 - 2025
  • Episódios
    12
  • Classificação
    Livre
  • Site do podcast
    Leaky Weekly

Você também pode gostar de