Hacker And The Fed

This week on Hacker And The Fed we speak with Lance Taubin of Alston & Bird about being a cyber lawyer, the FBI shares the tactics of the ransomware gang Scattered Spider, a company pays a ransom and their data is exposed anyway, Alpha BlackCat uses government regulations to further pressure a victim to pay, and the FCC is trying to make SIM swapping more difficult.Links from the episode: FBI Shares Tactics of Notorious Scattered Spider Hacker Collectivehttps://www.bleepingcomputer.com/news/security/fbi-shares-tactics-of-notorious-scattered-spider-hacker-collective/ Dolly.com Pays Ransom, Attackers Release Data Anywayhttps://cybernews.com/security/dolly-data-breach-ransomware-attack/#google_vignette Ransomware Gang Files SEC Complaint Over Victim’s Undisclosed Breachhttps://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/ FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attackshttps://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html Lance Taubin | Technology and Privacy Attorney | Alston & BirdSupport our sponsors:NAXO is a premier cybersecurity and investigations firm whose mission to fight cybercrime aligns perfectly with Hacker and the Fed’s content.Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

This week on Hacker And The Fed we break down the SolarWinds hack, there are 8 new vulnerabilities found in SolarWinds, thousands of remote IT workers have been working for North Korea, hackers are targeting a company that handles data requests for law enforcement, and we answer listener questions about VPN services, password managers and patch management.Links from the episode: Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeoverhttps://www.darkreading.com/vulnerabilities-threats/critical-solarwinds-rce-bugs-enable-unauthorized-network-takeover Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program, FBI Sayshttps://apnews.com/article/north-korea-weapons-program-it-workers-f3df7c120522b0581db5c0b9682ebc9b?taid=6531b8b29c11a80001ef2a28 Hackers Target Company That Vets Police Data Requests for Tech Giantshttps://www.404media.co/hackers-target-kodex-accounts-edrs/ Support our sponsors:Go to JoinDeleteMe.com/FED and use the code FED20 for 20% offGo to Cloudsolvers.com and tell them "Hacker and the Fed sent you" for a free assessment of your current environmentGet your Hacker and the Fed merchandise at hackerandthefed.comSend HATF your questions at questions@hackerandthefed.com

Updates on MOVEit and MGM Resorts hacks, US Senate email system meltdown, Cisco's use of static passwords. Listener questions on single sign-on, circumventing IT rules, LinkedIn profiles.

In this podcast, the hosts discuss the legality of paying ransoms in the US and the top 10 cybersecurity misconfigurations. They also explore a ransomware attack that led to the shutdown of a 158-year-old company. Additionally, they address listener questions about Fido2 security keys and hacktivist rules.

This podcast delves into the end of privacy with the use of AI for doxxing, billions of usernames and passwords being exposed, nation-state hackers hiding in router firmware updates, and listener questions about working with the FBI, starting a cybersecurity business, and safely using data. They also announce their first contest for cyber security awareness month.

This podcast covers interesting topics like the Equifax breach, the potential vulnerability of Google Authenticator, an iPhone exploit chain, and the arrest of a Department of State IT contractor on espionage charges. They also discuss the excitement of breaching a system, hacker motivations, asset management in cybersecurity, segmentation and risk assessment in online services, and the importance of following rules and not engaging in illegal activities.

This week on Hacker And The Fed we answer listener questions about finding out our relative is a hacker, applying for a cyber security job as a chemical engineer, preparing you for a technical interview, the FBI being a great place to work, is MFA once every 24 hours too much, and much more.Get your Hacker and the Fed merchandise at hackerandthefed.comSend HATF your questions at questions@hackerandthefed.com

Iran and North Korea hacking crews target security researchers, US Departments of State and Commerce compromised due to a Windows crash report, victories over Russian hackers, your car may have sensitive information about your sex life, Swiss insurer fined $3M for cyber security flaws

Chris, former FBI agent, discusses the FBI's Operation 'Duck Hunt' takedown, hackers' secret weapon for doxing, NYC subway's online tracking, leaving the FBI, cybersecurity job opportunities, and red teaming vs pen testing.

Topics covered in the podcast include a Danish cloud provider losing customer data, a hacker using a fire stick to continue hacking, a zero day vulnerability exploited by cybercriminals, HTML smuggling leading to domain-wide ransomware, the cybersecurity hiring gap and qualifications for entry-level positions, and the transition of active hackers to becoming white hats.