HackableYou Podcast

Guess who's back with a brand new ra..Podcast. Its Ed, Alex and Will!
In this episode we bring you cyber news topics; LAPSUS$ hacking T-Mobile, Google/Mandiant 0day reports and Russian hackers new money laundering challenges.
Topic of the week discusses breach notification, using Troy Hunt's recent fun with Avvo as an example.
Secrets from the SOC is one of our favourites - We ask each other what SOC tools we WISH we had, that don't exist today.

We would love to hear from you: info@hackableyou.com

It's been a while, sorry about that! 

Join us as always with some cyber news, our topic of the week and the exclusive segment, secrets from the SOC.

contact: info@hackableyou.com

WE STAND WITH UKRAINE.

In today's episode, we discuss the ongoing cyber threat from Russia amid the tensions and attack on Ukraine. 

The Topic of The Week looks at the concept of Zero Trust and why we need it.

In Secrets from the SOC we openly discuss what not taking tools we use and how they help us! 

We hope you enjoy.

This episode certainly took a  while to come together, we hope you enjoy it! 

Join us on the HackableYou Podcast as we discuss the cyber events of 2021, notable lessons we have learned, and what we think 2022 has in store for all of us.

A very big Happy New Year from The HackableYou Team! 

Log4Shell... need we say any more?


Merry Christmas from the HackableYou Team! 

info@hackableyou.com

Check out our episode this week where we discuss the UPS Cross-Site Scripting (XSS) Phishing attack, the Tela Connected Cars outage, and the GoDaddy data breach impacting 1.2 million customers.

We also discuss how you should tackle securing your API keys, secrets, and cloud service account credentials.

This is a overdue episode, but we are back with more content. 

To get started have a listen of  a recording from a few weeks ago and ramp up to the next episode! 

We missed you, we hope you missed us! 

Hello and welcome back, it's great to have you here. 

In this episode's Cyber News we cover Imperial Kitten/Tortoiseshell using fake Facebook profiles to masquerade as Aerobics instructors in order to exploit defence aerospace contractors, some positive news on the money saved via the No More Ransom movement and we also discuss how an infamous ransomware gang have been hit by ransomware themselves...

In the topic of the week, we delve into the world of USB attacks and go over the 4 types of USB attacks with examples and discuss USB attack defences. 

Lastly in Secrets from the SOC we go over what an Old School SOC would do and compare that to how a New School SOC operates. Which one are you working in?

As always we would love to hear from you, please get in touch: info@hackableyou.com

== TIMESTAMPS ==

Cyber News: 02:24

Topic of the Week: 14:34

SFTS: 22:48

In this episode we look into cyber news including; Kaseya supply chain ransomware attacks, Chinese hackers exploiting another 0day in a Solarwinds solution, and the critical Microsoft patch dubbed "PrintNightmare".

In our topic of the week, we dive into the realm of Password Attacks looking at both active and passive attacks as well as the defences.

As always in our exclusive segment Secrets from the SOC, we provide you with some practical insight into some great APIs you can hook into to help your SOC investigations. 

We would love to hear your feedback, please get in contact at info@hackableyou.com

Enjoy this episode!!

NOBELIUM Microsoft Compromise, Code Signing Attacks, File Hashing

You’re listening to the HackableYou Podcast.

In this episode we report on Microsoft’s ongoing research into the Nobelium hacking group's activities, a data beach impacting Mercedes-Benz and more Web scraped LinkedIn data up for sale.

The topic of the week touches on the subject of Code Signing, attacks, and countermeasures.

Lastly, in Secrets from the SOC we discuss the use of file hashing and how you can use it in your role as a security analyst.

Thanks for tuning in and we hope you enjoy!

Timestamps:

Cyber News: 2:50

Topic: 17:21

SFTS: 26:35

Alert Logic Cloud Migration Webinar - https://tinyurl.com/WebinarCloudMigration

In this episode of the HackableYou Podcast, we highlight top cyber news including JBS Foods' ransom payment, TrickBot coder's 10-year jail sentence, and the FBI purpose-built encrypted device network deliberately created to catch criminals leading to tonnes of seized drugs and arrests.

In Topic of The Week, we provide our top tips for a Capture The Flag exercise and how you can sharpen your approach to the mystery vulnerable boxes. 

Lastly, in Secrets from The SOC, we give you sound advice on what to expect and how to work with Law Enforcement. 

As always, we LOVE hearing from you, please get in touch and ask us questions or tell us stories at info@hackableyou.com

Washington Police Ransom, Living off the Land, Hacking Labs

Welcome back to another episode of the HackableYou Podcast. In this episode we mention the Washington Police Dept Babuk Ransomware attack, Passwordstate password manager breached and stolen passwords and the Emotet stolen emails that have been uploaded to HIBP.

Our topic of the week is one of Ed's favorites as we discuss "Living off the Land" and provide a great Red .vs Blue insight.

In our exclusive segment, Secrets from The SOC we show and tell our 1st and current hacking labs all stuff that you can do at home for FREE!

We hope you enjoy it!

=== TIMESTAMPS ===

Cyber News: 01:22

Topic of the Week: 14:33

SFTS: 27:06

Our 1st Birthday giveaway is now live! 

http://bit.ly/HBYgiveaway

In this episode, we tuck into cyber news relating to a DNS vulnerability hosted on a vast amount of IoT devices around the world, the results of a recent study on cybersecurity awareness, and the infamous Facebook breach exposing 533million users' data via web scraping. 

The Topic of the Week takes the Facebook Breach into more detail looking into Web Data Scraping at a deeper level. 

Lastly, in our exclusive segment #SFTS we tackle how to solve complex problems that come your way during a SOC investigation and we discuss a couple of models you could use! 

As always, thank you for listening! 

HackableYou Team

=== Timestamps ===

Cyber News: 01:30

Topic of the Week: 14:14

STFS: 25:31

HAPPY 1ST BIRTHDAY HACKABLEYOU! 

Join us as we celebrate our 1st Podcast since starting the podcast. In the cyber news, we discuss the Ubiquiti Whistle-blower, malicious crypto-mining docker containers, and another Apple iOS 0day vulnerability that is actively being exploited in the wild.

In Topic of the Week Alex leads us through the complex technology behind Deep Fake with a cyber threat focus.

Last, but not least in Secrets from the SOC we discuss the difference between detection and prevention systems and why there is a use-case for both. 

GIVEAWAY! Make sure you follow our socials and our website for details on the BIRTHDAY GIVEAWAY for your chance to win some amazing prizes including HackableYou swag. 

Time Stamps:

Cyber News: 06:44

Topic of the Week: 15:33

SFTS: 22:44

We would love to hear from you. Get in touch at info@hackableyou.com

Guess whos back? Back again...

HackableYou is back with another awesome episode full of cybersecurity news, a topic of the week, and our Secrets from the SOC.

We report on the Teen responsible for the Twitter hacks prison sentence, the MoD incident report leaks, and the new variant of Mirai Botnet targeting unpatched routers and IoT. 

Topic of the week dives into a more human element of all of us and talks about what COVID remote working means for your work routine and what you have learnt over the last year.

Last but not least, in #SFTS we give you our view on a Springtime SOC cleanup of your processes, feeds and strategy.

Please enjoy! 

---- TIMESTAMPS ----

Cyber News: 01:33

Topic of the Week: 17:08

SFTS: 28:04

We'd love to hear from you! Get in touch at info@hackableyou.com

Back again with another great episode of the HackableYou Podcast. 

This week in the Cyber News we shed light on how some of the Top tech firms like Microsoft, Tesla, Apple have all been compromised through open source code repositorys, we discuss the Yandex insdier who had unauthorised access to 5000 user email accounts and give you our view on the recent Florida based water supply companies remote access hack that could have poisoned thousands of people. 

Our Topic of the week dives into "The Art of Social Engineering" and we talk about how Social Engineering is far more than just phishing. 

Lastly, in Secrets from The SOC we give you practical advise on how to use Reputation Blacklists for IP Addresses and other IOCs.

We hope you enjoy and feel free to contact us at info@hackableyou.com

Timestamps:

Cyber News: 01:37

Topic of The Week: 13:18

SFTS: 23:59

Back again with another episode of the HackableYou Podcast. This time it's just Ed and Alex while Will is away.

In our Cyber News we talk about the recent Law Enforcement involvement in taking down the Emotet Botnet, the Washington State Audit Office data breach leaking 1.6million records of employment claims and a recent update to Agent Tesla RAT including new evasion techiques.

Topic of The Weeks looks at HoneyPots, HoneyNets and Deception Technology and the role they play acorss a security fuction. Go and have a look at Canary Tokens and the Honeynet Project.

In our exclusive segment Secrets from The SOC we dive into the topic of Typosquatting and associated threats behind a simple milseplt domain name.

We really hope you enjoy the Podcast and we would love to hear from you! Get in touch at info@hackableyou.com

---- Timestamps ----

CyberNews: 01:29

Topic of The Week: 15:46

SFTS: 24:49

Season 2 Episode 2 of the HackableYou Podcast!

This time round we discuss the recent Malwarebytes hack related to the SolarWinds supply chain breach. 

UK Department of Education shipping out laptops to children riddled with Russian malware and the Dating App MeetMindful's hack potentially exposing 2.28 Million users data.

Alex leads us through Anomaly Detection and some simple use cases in Topic of The Week.

Lastly in Secrets from the SOC we talk about Mentoring and Coaching, what the difference is and why it is a useful tool to engage with in your career! 

We hope you enjoy!

Cyber News: 01:44

Topic of The Week: 15:24

Secrets from the SOC: 21:29

We are BACK! Hello 2021 and Season 2 of the HackableYou Podcast!

Check out our first episode of the new year. With Cyber News related to Babuk Ransomware, Ticketmaster Cyber Espionage and JusPay Amazon merchant PCI Breach.

Topic of the week focuses on the SolarWinds Orion Hack with a deeper dive into the details..

We also challenge YOU to learn something NEW and develop a skill in Secrets from the SOC.

Share with a firend or colleage and lets get this season started!

Cyber News: 01:44

Topic of the Week: 10:23

Secrets from the SOC: 19:10

This is Episode 18 of the HackableYou Podcast! 

In this week's episode we cover the cit0day data breach collection, INTERPOL arrests against a Nigerian BEC cyber group and the Manchester United FC security incident. 

We discuss the types of Black Hat Hackers in the last of a 3 part series on types of hackers. We range from script kiddies to APTs.

Lastly, our exclusive segemnt - Secrets From The SOC, we talk about how a security operation should respond to a critical vulnerability disclosure and what you could be doing to prepare for the next one.

As always, thank you for listening, be sure to share with a friend and we will catch you in the next one!

info@hackableyou.com

Cyber News: 2:24

Topic of the Week: 14:33

SFTS: 32:36

Join us on this episode as we discuss news items on Maze quitting the ransomware game, Microsoft Teams fake updates delivering CobaltStike, and Russian disinformation against the UK's COVID-19 vaccine.

Topic of The Week extends our series looking to the different hats in Security, this week focusing on Grey Hat Hackers. 

Lastly, in our exclusive segment Secrets from the SOC, we give you practical guidance on how to investigate malicious web traffic. 

As always we want to hear from you! Any stories or Feedback please email us at info@hackableyou.com

Cyber News: 01:42

Topic of The Week:  12:15

SFTS: 23:56

Thank you for listening! 

HackableYou HALLOWEEN Special! 

In this week's spooky edition of the Podcast, we bring new a great set of topics including Dr. Reddy's COVID19 Vaccine Hacks, The defacement of President Trump's election campaign website, and a cheeky credential stuffing attack against Nandos.

Our topic of the week introduces a 3 part series looking into the 3 types of hackers, with a focus on White Hat Hackers. 

Lastly, in Secrets from the SOC we dive into the darkness that is the Dark Web and Dark Net and explains what it is and why you should care about it.

Cyber News: 01:50

Topic of the Week: 15:41

Secrets from the SOC: 27:26

Enjoy and Happy Halloween!

We would love your feedback - please get in touch via info@hackableyou.com

This week we bring you a lightly extended episode of the podcast covering topics such as

Maze Ransomware Virtual Machine delivery, TrickBot disruption campaign and hilarious news regarding a IoT chastity belt that can be hacked to lock you in"

Out topic of the week covers Cyber Security Awareness Month and the importance on educating staff on cyber threats.

Last but not least, in Secrets from the SOC we answer a repeat question from listeners about Cyber Security Certifications and what out opinion on a great learning path you could take. 

Thanks for listening, we hope you enjoy!

Malicious QR Codes, NHS COVID App, SOAR and Automation

This week we bring you a slightly longer episode! With great conversation surrounding the risk posed by malicious QR codes, the Russian LinkedIn hacker sentenced to 7 years in prison and the sad news of a death related to hospital ransomware. 

Our topic of the week talks about the NHS COVID 19 App and the role of Data Privacy and Information Security.

As always, in Secrets from the SOC we gove you out thoughts on the role of SOAR and Automation, and what you could be doing to adopt this in your role! 

Cyber News - 1:36

Topic of the Week - 21:46

Secrets from the SOC - 33:27

Thank you for listening!

info@hackableyou.com

Hello! 

We are back with Episode 13 of the HackableYou Podcast.

This week we mention Government plans to give energy providers remote access to your smart meter,  KnowB4 Awareness Training Phishing, and the critical Zero Logon Vulnerability.

The topic of the weeks gives a high-level touch on Network and Application attacks.

Lastly in Secrets from the SOC, we gove you our ultimate top 3 tips for cybersecurity major incident response you should start doing. 

Thank you to all our listeners so far! 

email: info@hackableyou.com

Podcast Sections:

Cyber News: 1:36

Topic of the Week: 10:28

Secrets from the SOC: 18:32

Join us on episode 12 of the HackableYou Podcast as we discuss the Apple Mac Malware Shlayer, DDoS attacks on the New Zealand Stock Exchange and the 11-year prison sentence given to a moderator of the Dark Web market place AlphaBay. 

In our topic of the week, we break down the Cyber Threat Kill Chain and touch upon the MITRE ATT&CK framework.

Lastly, in Secrets from the SOC we guide through how to make the most of a cybersecurity conference, whether it's in-person or virtual.

We would love to hear from you,if you have feedback or some stories to share. Please get in contact at info@hackableyou.com

We hope you enjoy it!

Join us in Episode 11 as we look at the Phishing attack that caused the SANS Data Breach, a credential stuffing attack against the Canadian Government, and whether paid for threat intelligence is really worth it.

We introduce the concept of life response and help you understand how to do it.

Last but not least Secrets from the SOC exposes how a CISRT is built up and why they are important.

Listen in this week as we report on updated Twitter hack arrests, Garmin Ransomware, and the Blackbaud hacks.

Our topic of the week exposes how hackers' infrastructure is set up and the concept of Command and Control.

In our exclusive segment, Secrets from the SOC we give you a Malware Analysis 101 and how to understand the difference between static and dynamic reverse engineering. 

We would love to hear from you! If you have thoughts, feedback, or would like to be on the Podcast please get in touch at info@hackableyou.com.

Join us with our SPECIAL GUEST Oli Lacey-Reed as we discuss the cyber news, including Twitter VIPs Bitcoin scams, Trickbot Emotet double trouble malware, and the recent report from the NCSC on the Russian Cyber Threat.

We openly talk about burn out and mental health in our Guests topic of the week.

As always, Secrest from The SOC brings our insight into the basics of Cyber Threat Intelligence and how to use it!

Join us this week as we discuss the recent Twitter Breach, Black Lives Matter Trickbot, and the World Record DDoS attack. 

Our topic of the week looks at a growing trend in Business Email Compromise (BEC) and what you can do about it

As always, Secrets from the SOC we provide you advice on the importance of communication and articulation needed as a Security Analyst. 

We have grown our social media platform to allow you guys and girls to connect with us. Just search for HackableYou on Twitter, Instagram, LinkedIn, and Facebook! 

Today we discuss the most recent Snake Ransomware attack on Honda and other news.
Our topic of the week looks at Sub-domain takeover and the importance of monitoring your DNS and in our exclusive segment, Secrets from the SOC we look at Incident Response and the importance of Table Top Exercises.