This week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology.
Links from the episode:
Airline Fake Contact Number on Google Maps
https://twitter.com/Shmuli/status/1680669938468499458)
https://twitter.com/SwiftOnSecurity/status/1680926780599812098)
JumpCloud discloses breach by state-backed APT hacking group
https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/)
JumpClouds IOCs - https://jumpcloud.com/support/july-2023-iocs)
Domains like army․ml, pentagon․ml, navy․ml and af․ml all have Mail Exchange records pointing to 'handle․catchemail․ml'
https://twitter.com/mikko/status/1680947795862200325)
Watch out for this new malicious ransomware disguised as Windows updates
https://www.foxnews.com/tech/watch-out-new-malicious-ransomware-disguised-windows-updates)
https://www.trendmicro.com/en_id/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html)
Listener Questions
https://www.lsu.edu/mediacenter/news/2023/06/13-cyber-clinic.php)
Support our sponsors:
Go to JoinDeleteMe.com/FED) and use the code FED20 for 20% off
Go to drata.com/partner/hacker-fed) and get 10% off Drata and waived implementation fees
Get your Hacker and the Fed merchandise at hackerandthefed.com)
