Wed, 26 February 2020
For the 131st episode of the Kaspersky Transatlantic Cable Podcast, Dave and I are all about the idioms and lolz -kind of (spoiler - you’ll have to give a listen to see). To start things off, we take a look at a US natural gas company that is in the news for the wrong reasons.
In this story, the company was closed for two days following a ransomware attack. While ransomware is nothing new to readers of this blog, the part that is interesting is that the government assessment notes that the plant was not prepared for a cyberattack as part of an emergency.
From there we head across the US, where, Ring has made the use of 2FA obligatory for users. While most should be happy with the additional step towards privacy, there are still some naysayers. The third story of the week takes a look at how Puerto Rico’s government was swindled out of a couple of million dollars in a phishing scheme.
As a follow-up from last week’s podcast, we take a look at the EU’s response to Facebook’s call for regulations on fake news and politically-driven advertisements. To close out the podcast, we discuss the latest victim of OurMine, FC Barcelona.
If you like what you heard, please consider sharing with your friends or subscribing. For more details on the stories from this week, please click the links below.
Wed, 19 February 2020
We open up the 139th edition of the Kaspersky Transatlantic Cable Podcast looking at a favourite topic of discussion… Facebook. Instead of the typical security-related incident, we start with the company speaking on regulation from governments.
Yes friends, you read that correctly, Mark Zuckerberg is asking for governments to implement regulations as to what is and what is not kosher when it comes to fake news, disinformation or just bending the truth.
After Facebook, we head to the Dark Web, where it appears that Black Energy's code is being re-used by attackers. From there, we jump into a cyberattack on Boston’s Children’s Hospital that is disrupting the flow of patients. We take a break from our regularly scheduled program to speak with Anton Shipulin to discuss the upcoming Kaspersky Industrial Cybersecurity conference in Sochi.
When we return to schedule, we dive into a story that hits close to home with me. Boston Children’s Hospital is currently working through a cyberattack that has disrupted the hospital’s service to patients. Our fourth story focuses on Redcar and Cleveland Borough. The English municipality appears to be facing a ransomware attack. To close things out, we look at Netflix and a recurring topic of password stuffing and account takeovers.
Wed, 12 February 2020
Welcome to the 129th episode of the Kaspersky Transatlantic Cable Podcast! In this episode, Dave and I cover a handful of stories that you may have missed, but should be aware of as well as taking you behind the scenes of the upcoming Kaspersky Security Analyst Summit, AKA #TheSAS2020 coming up in April.
To kick things off, we discuss a story about a new warning from UK police. While you may think of warnings of not leaving valuables in cars, this one is a tad different. You see, the police are warning businesses that cybercriminals may be employing cleaning services to gain access to corporate networks.
From there, we head to Wisconsin where we look at a ransomware attack on the city of Racine. While details are still emerging, the municipality has noted that they <b>will not</b> be paying the ransom. From there, we move to the smart office space where vulnerabilities lead to IoT devices being leveraged in DDoS attacks. This is definitely one to check out if you have installed smart office technology.
We take a break from our regularly scheduled programing to discus the upcoming Security Analyst Summit that is put on annually by Kaspersky. For this, I sit down with Sergey Novikov, the Deputy Director of GReAT (Global Research and Analysis Team) at Kaspersky. Following the discussion with Sergey, we close out with a pair of stories about Twitter. The first one looks into a potential Nation-state manipulating Twitter’s API and the other looks at the company’s take on Deep Fakes.
Wed, 5 February 2020
Dave and I open up the latest episode of the Kaspersky Transatlantic Cable Podcast, looking at recent research from the Electronic Frontier Foundation (EFF). Dave and I open up looking at an interesting unsecured server.
The research from the EFF goes under the hood in regards to privacy and the Ring. In this case, the privacy violation is data sharing with third parties.
While on the topic of privacy, we then hop across the pond and look at GDPR. I know, everyone’s favorite topic. In this article, we get a look at the financial impact of the regulation as compared to regulations in the US. The third story jumps into the world of corporate espionage. This fitness related story has some underlying data management issues that should put companies in an uneasy state when looking in the mirror.
Our fourth story showcases the return of the notorious OurMine group. Instead of hacking into the celebrity or C-suite accounts that they have become synonymous with, the group has gained access to 15 of the National Football League (NFL) teams’ accounts. To close out the podcast, we revisit the Windows 7 end of service. While they said they were done with fixes, it seems that we – and they – spoke a bit too soon.
Wed, 29 January 2020
For the 127th episode of the Kaspersky Transatlantic Cable Podcast Dave and I open up looking at an interesting unsecured server.
Unlike many of the recent stories that mention insecure AWS or Azure servers of random companies being unsecured, this one comes from Microsoft’s support.
While the server has since been secured, it is worth double-checking that you are really chatting with the company should you be looking for support. Following that story, we head over to looking at some vulnerabilities within Apple's anti web-tracking features.
Our third story takes a look at Mozilla’s recent move to ban ~200 add-ons from Firefox. The move is the latest from the company in their battle against malicious add-ons. From there, we jump into the dating pool with a story on Tinder’s panic button. While it sounds like a good idea on the surface, it seems that the separate app, Noonlight, is sharing data with third party brokers. So in a nutshell, big data + dating = big marketing. To close out the podcast, we head to the state of New York where a proposed bill looks to ban municipalities from paying the ransom from ransomware attacks.
Wed, 22 January 2020
Dave and I open up the 126th episode of the Kaspersky Transatlantic Cable Podcast by following up with the Travelex story from last week.
While not a resolution or mission accomplished moment, it is more of a warning of new phone-based scams targeting customers of the company.
The second story heads to the adult industry and an unfortunate data breach. Unlike many breaches that have similar PII exposed, this breach exposes that and more including tattoos, scars and photos of passports. From there, we head to an unsecured server from Peekaboo moments that shared intimate moments of babies. While discussing intimate images being shared, we also look at a story from the BBC that examines the types of filters that allowed them to target people in some unsuspecting ways. The next story takes a look at how Google will be approaching third-party cookies in the coming years.
To close out the podcast we head over to a pair of stories that should grab the attention of businesses and consumers alike. The first examines a phishing attack on the United Nations, while the final tale looks at scammers targeting those donating to relief in Australia.
Thu, 16 January 2020
Welcome to the 125th edition of the Transatlantic Cable Podcast!
Dave and I open up the episode deep in the heart of Texas. In this story, a school system lost millions of dollars by transferring funds to cybercriminals after falling victim to a phishing campaign.
From there, we head further West to Las Vegas. The city was recently hit with a cyber incident. The third story takes us back to the topic of Facebook. Instead of our common discussion points, this story looks at encryption and where it stands with the Messenger platform. Spoiler: it’s not coming as fast as many would like. To close out the podcast, we discuss two Windows-based stories. The first looks at the end of support for Windows 7, then we finish the podcast looking at a recent vulnerability patched in Windows that came courtesy of the NSA.
Wed, 8 January 2020
After a couple week hiatus, Dave and I return for the 124th edition of the Kaspersky Transatlantic Cable Podcast Hopefully you had a great holiday and New Year.
To kick off the episode, we head to one of the topics that we closed out the decade with: Amazon’s Ring. Earlier this week, the company announced that they had rolled out a new and improved privacy dashboard that was met with, well critics.
From Amazon, we move to Arkansas, where ransomware may have played a bit of the Grinch for a couple hundred employees of a call center. The company that employed them was hit with ransomware, paid the ransom and then could not restore data, in turn, shuttering the company. We stay on the topic of ransomware for our next story. Travelex, a company well known by travelers across the world, has been hit with a cyber incident that is being attributed to the REvil group. Currently the company is working on restoring their networks, however this story is developing and more is sure to come.
From ransomware, we jump to another familiar topic of discussion in 2019 – Facebook. Recently, Facebook announced that they would be removing certain types of deep fake videos. The question of our discussion though is whether this is just for PR purposes or if it needs to go further. We close out this week’s edition of the podcast looking at the case of the FBI looking for assistance unlocking an iPhone tied to a shooting at a Pensacola Military base.