Skip to main content
USB our Guest

USB our Guest

By Theo
This podcast is intended to help people better protect themselves from Cyber criminals by offering quick tips and hacking news summaries.
Listen on
Where to listen
Apple Podcasts Logo

Apple Podcasts

Breaker Logo

Breaker

Google Podcasts Logo

Google Podcasts

Overcast Logo

Overcast

Pocket Casts Logo

Pocket Casts

RadioPublic Logo

RadioPublic

Spotify Logo

Spotify

Twitch Gets Hacked or Source Code! Get your Source Code here!
Today's episode covers the recent Twitch hack. yikes.  The entirety of Twitch has reportedly been leaked https://www.videogameschronicle.com/news/the-entirety-of-twitch-has-reportedly-been-leaked/ A Devastating Twitch Hack Sends Streamers Reeling - https://www.wired.com/story/devastating-twitch-hack-sends-streamers-reeling/ Twitch confirms it was hacked after its source code and secrets leak out https://www.theverge.com/2021/10/6/22712365/twitch-data-leak-breach-security-confirmation-comments Twitch’s twitter posts https://twitter.com/Twitch/status/1445770441176469512 https://twitter.com/Twitch/status/1445985601174392835 Twitch’s blog - Update on the Twitch Security incident https://blog.twitch.tv/en/2021/10/06/updates-on-the-twitch-security-incident/?utm_referrer=https://t.co/ FB Update about the October 4th outage https://engineering.fb.com/2021/10/04/networking-traffic/outage/
05:44
October 14, 2021
EA Hack or The bad guys forgot to do something...
This episode is about the recent EA/Electronic Arts hack that occurred on June 6th.  TL:DR/L - only download from Legit game retailers.  Hackers Steal Wealth of Data from Game Giant EA - https://www.vice.com/en/article/wx5xpx/hackers-steal-data-electronic-arts-ea-fifa-source-code Hackers leak full EA data after failed extortion attempt - https://therecord.media/hackers-leak-full-ea-data-after-failed-extortion-attempt/ How Hackers Used Slack to Break into EA Games - https://www.vice.com/en/article/7kvkqb/how-ea-games-was-hacked-slack EA ignored domain vulnerabilities for months despite warnings and breaches - https://www.zdnet.com/article/ea-ignored-domain-vulnerabilities-for-months-despite-warnings-and-breaches/ Hackers selling access to FIFA matchmaking servers and other games after EA attack - https://www.zdnet.com/article/hackers-selling-access-to-fifa-matchmaking-servers-and-other-games-after-ea-attack/ How Hackers Used Slack to Break into EA Games - https://www.vice.com/en/article/7kvkqb/how-ea-games-was-hacked-slack
07:48
August 29, 2021
Colonial Pipeline ransomware attack or Backup, Shmackup...
Today’s episode is about the Ransomware attack that occurred on May 7th that forced Colonial Pipeline to shut down its operations. A Closer Look at the DarkSide Ransomware Gang - https://krebsonsecurity.com/2021/05/a-closer-look-at-the-darkside-ransomware-gang/#more-55529 Colonial Pipeline attack: Everything you need to know- https://www.zdnet.com/article/colonial-pipeline-ransomware-attack-everything-you-need-to-know/ Colonial Pipeline ransomware attack linked to a single VPN login -https://www.engadget.com/pipeline-ransomware-010631984.html Hackers Breached Colonial Pipeline Using Compromised Password - https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password?sref=10lNAhZ9 USBOG - Ransomware - https://anchor.fm/usbog/episodes/What-is-Ransomware-ejikem USBOG - Passwords - https://anchor.fm/usbog/episodes/Password-Best-Practices-e52ank
04:09
June 19, 2021
The FBI is remotely hacking hundreds of servers or Why Hello, I didn’t see you there...
Today’s episode covers the FBI’s Unprecedented helpful remote hacking of Hafnium infected servers. The FBI is remotely hacking hundreds of computers to protect them from Hafnium- https://www.theverge.com/2021/4/13/22382821/fbi-doj-hafnium-remote-access-removal-hack The FBI got a court order to delete backdoors from hacked Exchange servers- https://www.engadget.com/fbi-hafnium-exchange-server-060721872.html USB our Guest - Microsoft Server Exchange Hack - https://anchor.fm/usbog/episodes/Microsoft-Server-Exchange-Hack-ets89n
04:02
May 28, 2021
Gamers, Modders and RATs and Take your negative K/D like we all have
Today's episode is about cheaters or modders getting infected with RAT’s or a Remote Access Trojans.  Tech Republic - Malicious attack now targeting video gamers and modders https://www.techrepublic.com/article/malicious-attack-now-targeting-video-gamers-and-modders/ Cisco Talos - Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools https://blog.talosintelligence.com/2021/03/cheating-cheater-how-adversaries-are.html USBOG Episode 31- RAT's or Remote Access Trojans and Stop Clicking Links from your Moms https://anchor.fm/usbog/episodes/RATs-or-Remote-Access-Trojans-and-Stop-Clicking-Links-from-your-Moms-ev3dht 
03:34
May 22, 2021
RAT's or Remote Access Trojans and Stop Clicking Links from your Moms
Today’s episode covers RATs or Remote Access Trojans. There is a great article on DarkReading that gives an overview of what RATs do and I’ll include it in the show notes. In This episode we will cover What are RATs, how do they find their way on your computer, what they do when they find themselves on there and what you can do to protect your device from them. Dark Reading - RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes...
03:10
April 17, 2021
Alwin of ITPodcast.club Interview
Today's episode is a little different. We have the opportunity to speak to the host of ITPodcast.Club, available on major podcasting platforms and who is in their last year of university. This episode is a bit longer around 30 minutes, but Alwin and I talk about a few topics including, paid and free learning resources, how we learn, entry level work, certifications and lastly why Backups are essential. Alwin email - alwin@itpodcast.club IG - @itpodcast.club Link Alwin’s podcast - ITpodcast.Club https://open.spotify.com/show/2qjTo5KX5lDoEgGymvx4mU?si=Dc46RQssQn2PBKZALuuXwA Link CFTE server - https://discord.gg/uWPvAR6HTR 
29:42
April 9, 2021
Microsoft Server Exchange Hack
Today’s episode covers the Microsoft Server Exchange Hack. So disclaimer here, this is a fairly technical hack. The purpose of this episode is to give you a high level overview of the hack, a timeline, who is responsible and what to do? Krebs on Security - At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software - https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/ ZD Net - Everything you need to know about the Microsoft Exchange Server hack - https://www.zdnet.com/article/everything-you-need-to-know-about-microsoft-exchange-server-hack/ Microsoft’s Github with tools for mitigation - https://github.com/microsoft/CSS-Exchange/tree/main/Security ZD Net Microsoft blog with patch update - https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/ Krebs on Security - A Basic Timeline of the Exchange Mass Hack https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/ USB our Guest - Software Updates https://anchor.fm/usbog/episodes/Software-Updates-emgnsh
05:24
March 30, 2021
Silver Sparrow as discovered by Red Canary
Silver Sparrow as discovered by Red Canary RedCanary's silver sparrow discovery - https://redcanary.com/blog/clipping-silver-sparrows-wings/ Computer world - https://www.computerworld.com/article/3609611/30k-macs-infected-with-silver-sparrow-virus-m1-mac-ssd-health.html MITRE|ATT&CK - LaunchAgents - https://attack.mitre.org/techniques/T1543/001/ CyberWire- Silver Sparrow targets Macs - https://thecyberwire.com/newsletters/week-that-was/5/8 USB our Guest - Episode 22 Updates - https://anchor.fm/usbog/episodes/Software-Updates-emgnsh
03:53
March 11, 2021
CD Projekt Red's CyberPunk2077 Breach
Hello and welcome back to USB our Guest Cyber Security tips. Today's episode is about CD Projekt Red's CyberPunk2077 Breach. Spoiler, they tell hackers 'no thank you' to ransom demands and restore from backup. Wired article https://www.wired.com/story/cd-projekt-red-ransomware-hack-cyberpunk-2077-source-code/    knowbe4 blog https://blog.knowbe4.com/cyberheistnews-vol-11-08-eye-opener-major-video-game-maker-refuses-to-negotiate-with-ransomware-cyber-criminals USB our Guest - Backups https://anchor.fm/usbog/episodes/Backups-eju9r7
02:43
March 3, 2021
Zero-Day Exploits - Recently Windows
Today's episode covers Zero Days. What are they, why you should know about them and what you should do when you hear about them. Recent Windows Zero day - https://www.darkreading.com/vulnerabilities---threats/microsoft-fixes-windows-zero-day-in-patch-tuesday-rollout/d/d-id/1340114 FireEye Zero-Day definition - https://www.fireeye.com/current-threats/what-is-a-zero-day-exploit.html
02:42
February 18, 2021
RoboCalls with Dominic
Today's Episode is an interview with my son Dominic. I had the chance to sit down and talk to him about Robo-calls. Never give someone from a Robo-call your personal identifiable info, Credit Card numbers or Bank account numbers.
10:50
February 1, 2021
Coronavirus Scams
Today's topic is Coronavirus Phishing Scams. https://www.consumer.ftc.gov/blog/2020/06/help-covid-19-contact-tracers-not-scammers https://www.irs.gov/coronavirus/economic-impact-payments https://www.consumer.ftc.gov/blog/2020/04/coronavirus-stimulus-payment-scams-what-you-need-know https://coronavirus.ohio.gov/wps/portal/gov/covid-19/covid-19-vaccination-program
02:37
January 22, 2021
AnimalJam Passwords with Rosie
This episode I get to interview my daughter and pick her brain on Animal Jam and Passwords. A little longer than usual but Rosie drops a truth bomb about passwords and I couldn't be more proud Also, error on part during recording. Best passwords should seem like a random, incoherent group of letters, numbers and symbols. 
08:57
January 22, 2021
Software Updates
This episode is about Software Updates and why they are important to install asap.  Norton anti-virus article mentioned in the episode. https://us.norton.com/internetsecurity-how-to-the-importance-of-general-software-updates-and-patches.html WannaCrypt/WannaCry wiki-pedia entry https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
03:14
November 15, 2020
Shodan.io
This episode covers Shodan.io the search engine for the Internet of Things.  Please see the website https://danielmiessler.com/study/shodan/ for the Shodan tutorial mentioned in the show. Support the podcast by shopping on Amazon through the following link amzn.to/34lCFzX
03:35
October 18, 2020
The website haveibeenpwned.com
Today's episode covers the website https://haveibeenpwned.com  Troy hunt created haveibeenpwned.com with the simple idea that there should be  place for you to find out if your credentials have been stolen. visit haveibeenpwned.com to easily search breaches with your email address or browse  breaches
02:35
October 9, 2020
Whaling
Today's episode is about whaling. What is it and what can you do to thwart an attack. There is a great article on Rapid7's Blog on whaling. Find it here. https://www.rapid7.com/fundamentals/whaling-phishing-attacks/ . As mentioned at the end of the podcast, I wanted to try something a little different. For a chance to win a $10 Amazon Gift card, send an email to usbourguest@gmail.com with 'raffle' as the subject or visit anchor.fm/usbog and leave a voice message with your email by Sunday, October 9th at Midnight. Your email will be used to send the winner their prize and will not supplied to advertisers. Support the podcast by shopping on Amazon through the following link amzn.to/34lCFzX
02:56
September 30, 2020
Backups
Today's Episode covers Backups. What are backups, why you should use them and how to do them.  Find the PC mag article referenced in the podcast at https://www.pcmag.com/news/the-beginners-guide-to-pc-backup Find the Microsoft support article referenced in the podcast at https://support.microsoft.com/en-us/help/4027408/windows-10-backup-and-restore Support the podcast by shopping on Amazon through the following link amzn.to/34lCFzX
02:08
September 21, 2020
What is Ransomware?
Today's Episode covers Ransomware. What is it and how can you protect yourself from it.  Find the knowbe4 article we referenced in the show at https://www.knowbe4.com/ransomware . Find the Sophos article I referenced at the end of the episode at https://news.sophos.com/en-us/2020/09/17/maze-attackers-adopt-ragnar-locker-virtual-machine-technique/ Support the podcast by shopping on Amazon through the following link amzn.to/34lCFzX
03:12
September 13, 2020
Password Best Practices
We cover some password best practices in this flash briefing Support the podcast by shopping on Amazon through the following link amzn.to/34lCFzX
01:48
August 22, 2019
What is SMiShing?
Today's episode cover tips to keep you safe from a SMiShing attack. From the Norton Website. What is Smishing and how to protect yourself from an attack? https://us.norton.com/internetsecurity-emerging-threats-what-is-smishing.html
02:55
August 21, 2019
What is Spear Phishing ?
In this episode we explain what exactly is spear phishing. KnowBe4 website  https://www.knowbe4.com/spear-phishing/
03:13
August 20, 2019
Phishing
This episode is about Phishing and how to avoid being phished From the FTC website - How to Recognize and Avoid Phishing Scams https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
03:28
August 19, 2019
Virtual Private Networks or VPNs
In this Flash Briefing we cover Virtual Private Networks or VPN's PC Mag - The Best VPN services for 2019 https://www.pcmag.com/roundup/296955/the-best-vpn-services
02:56
August 16, 2019
Public Wi-Fi use warnings and suggestions
In this episode we cover warnings and suggestions when using public Wi-Fi Norton website - The Risks of public Wi-Fi https://us.norton.com/internetsecurity-privacy-risks-of-public-wi-fi.html
02:53
August 15, 2019
Utility Company Scam Calls
This Flash Briefing is about Utility Company Scam Calls. Federal Trade Commission website - Empower yourself against utility scams - by Lisa Lake https://www.consumer.ftc.gov/blog/2018/09/empower-yourself-against-utility-scams Federal Trade Commission Complaint Assistant https://www.ftccomplaintassistant.gov/#crnt&panel1-1
01:56
August 14, 2019
Social Security Administration RoboCall Scams
Tips to avoid being scammed by a SSA RoboCall Federal Trade Commission - Getting Calls from the SSA? https://www.consumer.ftc.gov/blog/2019/03/getting-calls-ssa
02:17
August 13, 2019
Credit Card RoboCalls
Tips to help avoid being scammed by a Credit Card RoboCall.  FCC robo-calls website https://www.fcc.gov/consumers/guides/stop-unwanted-robocalls-and-texts 
02:12
August 12, 2019
Hacking Humans and CyberWire Podcasts
 Today's tip is about the Hacking Humans podcast by Cyberwire with Dave Bitner and Joe Carrigan.   Hacking Humans podcast by Cyberwire with Dave Bitner and Joe Carrigan https://thecyberwire.com/podcasts/hacking-humans.html CyberWire https://thecyberwire.com/podcasts/daily-podcast.html
01:59
August 9, 2019
knowbe4's blog
knowbe4 blog web address as referred to in this episode https://blog.knowbe4.com/
01:44
August 8, 2019
VirusTotal Website
In this episode we explain how to use the VirusTotal website to help protect your computer from viruses.  Virus Total virustotal.com
01:23
August 7, 2019
2FA - 2 Factor Authentication
Two-Factor Authentication: What is it and why do I need it to stay safe online? https://blog.trendmicro.com/two-factor-authentication-what-is-it-and-why-do-i-need-it-to-stay-safe-online/  Google Authenticator Apple https://apps.apple.com/us/app/google-authenticator/id388497605 Microsoft Authenticator https://www.microsoft.com/en-us/account/authenticator Authy https://authy.com/
02:10
August 6, 2019
Password Managers
THE 4 BEST PASSWORD MANAGERS TO SECURE YOUR DIGITAL LIFE https://www.wired.com/story/best-password-managers/  1Password https://1password.com/ dashlane https://www.dashlane.com/ LastPass https://www.lastpass.com/hp Keep PassXC https://keepassxc.org/
01:53
August 2, 2019
Creating Passwords
In this Flash Briefing we cover tips for creating secure passwords from the experts at knowbe4.com Use the website  https://howsecureismypassword.net/  to check how strong your password is
02:35
August 1, 2019
Password Best Practices
We cover some password best practices in this flash briefing
01:48
July 31, 2019
Flash Drives
Never plug a USB flash drive into your computer that is not your own. Malicious Code could be saved on the flash drive and programmed to run keyloggers or backdoors when plugged in. Some of these devices appear to be USB flash drives but instead are microcontrollers designed to run files or control you computer without your permission. As a best practice, never plug in a USB flash drive to your device if you don't own it. 
01:04
July 30, 2019