Hacker And The Fed

Search Engine Vulnerabilities, Ghost Tokens, Anna Kournikova

Apr 27, 2023

58:24

AI Chapters

Episode notes

Introduction

2min

How to Deal With Dependency Confusion

3min

Google's Recalling to a Repository

2min

Giaraffe Security: How to Find Dependency Confusions in Large Tech Companies

2min

The Googlers Compromise

2min

Google's Social Engineering Campaign: A Passive Attack

2min

How to Integrate Python Into Your Development Cycle

3min

Ghost Tokens Open Google Accounts to Permanent Infections

2min

The Ghost Token: A Backdoor to Your Account

2min

10.

OAuth Fishing: A Social Engineering Campaign

2min

11.

Google's Ghost Token Attack

3min

12.

Delete Me: A Simple Subscription Privacy Service for Reducing Unwanted Personal Information

2min

13.

How to Start a Therapy Program With BetterHelp

3min

14.

The Absurdity of Hacker Group Names

3min

15.

Microsoft's Change in Names of Hacking Groups

2min

16.

How Long Would It Take to Brute Force a Password?

2min

17.

How to Crack High Entropy Passwords

2min

18.

How to Create a Password That's Simple and Effective

2min

19.

Hacker in the Fed: How to Save Our Banter

2min

20.

The Importance of Intelligence Analysts in Cyber Cases

2min

21.

The Importance of Security in Apple Devices

4min

22.

The Melissa Virus

2min

23.

The Anacornicova Virus

4min

24.

How Many Times Has Hector Left His Own Name in the Episode?

2min

25.

Naxo's Exciting Year

2min

This week on Hacker And The Fed security researchers find a vulnerability allowing them to run code on Search Engine computers, ghost tokens could be used to totally control Search Engine Workplace accounts, we let you know what a Pumpkin Sandstorm and a Spandex Tempest are, how long does it take to crack your password in 2023, we answer listener questions about the FBI and diversity in cyber security appliances, and we talk about Anna Kournikova.

Links from the episode:

Remote Code Execution Vulnerability in Google They Are Not Willing To Fix

giraffesecurity.dev/posts/google-remote-code-execution/

'GhostToken' Opens Google Accounts to Permanent Infection

darkreading.com/remote-workforce/-ghosttoken-opens-google-accounts-to-permanent-infection

Hacker Group Names Are Now Absurdly Out of Control

wired.com/story/hacker-naming-schemes-spandex-tempest/amp

How Long It Would Take A Hacker To Brute Force Your Password In 2023

hivesystems.io/blog/are-your-passwords-in-the-green

Support this episode's sponsors:

DeleteMe: Visit JoinDeleteMe.com/FED and use promo code FED20

BetterHelp: Visit BetterHelp.com/HATF and get 10% off your first month

For more information on Chris and his current work visit naxo.com

Follow Hector @hxmonsegur

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.