Vulnerable U

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/bf/e9/a1/bfe9a1fc-e467-982f-a309-217e0fddb968/mza_18199065396853575697.jpg/600x600bb.jpg

Vulnerable U

Matt Johansen

18 episodes

3 hours ago

Howdy friends. This week I discuss how ALPHV/Blackcat filed a SEC complaint against one of their ransomware victims, ALPHV/Blackcat’s use of Google Ads to target victims, LockBit’s leak of Boeing’s files, Google’s confirmation that they will disable uBlock in Chrome in 2024, the release of new CVSS 4.0 vulnerability severity rating standard, YouTube’s requirement on creators to disclose the use of generative AI, the latest Move-it breach affecting 1.3 million individuals, the cyber incident f...

Show more...

Health & Fitness,

All content for Vulnerable U is the property of Matt Johansen and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Howdy friends. This week I discuss how ALPHV/Blackcat filed a SEC complaint against one of their ransomware victims, ALPHV/Blackcat’s use of Google Ads to target victims, LockBit’s leak of Boeing’s files, Google’s confirmation that they will disable uBlock in Chrome in 2024, the release of new CVSS 4.0 vulnerability severity rating standard, YouTube’s requirement on creators to disclose the use of generative AI, the latest Move-it breach affecting 1.3 million individuals, the cyber incident f...

Show more...

Health & Fitness,

Episodes (18/18)

Vulnerable U

Hackers Turn Whistleblowers: Ransomware Gang Files SEC Complaint

Howdy friends. This week I discuss how ALPHV/Blackcat filed a SEC complaint against one of their ransomware victims, ALPHV/Blackcat’s use of Google Ads to target victims, LockBit’s leak of Boeing’s files, Google’s confirmation that they will disable uBlock in Chrome in 2024, the release of new CVSS 4.0 vulnerability severity rating standard, YouTube’s requirement on creators to disclose the use of generative AI, the latest Move-it breach affecting 1.3 million individuals, the cyber incident f...

2 years ago

11 minutes

Vulnerable U

Biden’s 8 Rules for AI Usage & What it Means For You

Howdy friends. This week I cover Biden’s AI executive order, the pledge that 40 countries took to not pay ransom to cybercriminals, Prolific Puma, Lazarus hacking group’s focus on infecting blockchain experts with malware, the pwning of the JFK taxi system by Russian hackers, and Boeing’s recent ‘cyber incident’. We’re sticking with just the news on this episode, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out m...

2 years ago

16 minutes

Vulnerable U

Okta hacked! 1Password and Cloudflare caught in the splash damage

Howdy friends. This week I go over the Okta security breach, SolarWinds and their Chief Information Security Officer charged by the SEC with Fraud, Cisco’s second recent 0-day, Browser-based attacks on Apple devices, Telegram’s continued leaks, and the 34 Spanish cyber criminals arrested for stealing 4 million people's data. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ C...

2 years ago

11 minutes

Vulnerable U

Is Your Co-Worker a North Korean Spy?

Howdy friends. This week I discuss the North Korean IT workers found to have been sending wages from their remote jobs back to North Korea to fund weapons programs, the massive Cisco device 0-day, the fall of the ACG hacking group, a complex malvertising campaign that was recently uncovered, and the discovery of government-backed hackers exploiting WinRAR vulnerability. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth conte...

2 years ago

8 minutes

Vulnerable U

October 10: 23andMe data breach hate crime, attack against iPhone encryption by dark-money network, the massive increase in police use of Google’s data, hacking scams on the elderly community, Cisco Emergency Responder vulnerability, the iOS 17 0-day, Qu

Howdy friends. This week I explain the 23andMe data breach, the new group responsible for attacking iPhone encryption backed by a political dark-money network, the uptick in police use of Google’s data, the increase in hacking scam on the elderly community, Cisco Emergency Responder static credential vulnerability, the iOS 17 0-day, Qualcomm's three 0-day patches reported by Google, Vulnerabilities in Supermicro BMCs, Critical TorchServe Flaws that Could Expose the AI Infrastructure of Major ...

2 years ago

9 minutes

Vulnerable U

October 2: WebP 0day, a youth hacking ring at the center of recent cybercrime sprees, the UNC3944 threat actor’s shift to ransomware attacks, University of Minnesota’s data breach, the $200 million crypto hack on Mixin, and the discovery of China-linked t

Howdy friends. This week I dive into the WebP 0day, the Youth hacking ring at the center of recent cybercrime spree, the financially motivated UNC3944 threat actor that has shifted its focus to ransomware attacks, University of Minnesota’s data breach, the $200 million crypto hack on Mixin, and the discovery of China-linked threat actors who have modified Cisco router firmware to compromise intellectual property and sensitive data. We’re sticking with just the news on this video, but you can...

2 years ago

9 minutes

Vulnerable U

September 22: The MGM and Caesars hacks, Github launches passkeys, the scam on Mark Cuban's crypto wallet, Microsoft AI researchers data leak, the Microsoft teams' phishing problem, Cisco’s Splunk acquisition, and the T-mobile data breach

Howdy friends. This week I will discuss the MGM Resorts and Caesars Entertainment hacks, Github’s launch of passkeys, Mark Cuban’s crypto wallet hack, the Microsoft AI researchers accidental data leak, the Microsoft teams phishing problem, Cisco’s acquisition of Splunk, and the latest T-mobile data breach We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out my free wee...

2 years ago

10 minutes

Vulnerable U

September 5: Flax Tycoon hacks, Brazilian phone spyware hack, MOVEit hack stats, the dismantling of QakBot infrastructure, a fake Signal app, and Saudi’s death penalty over a man’s tweets

Howdy friends. This week I am covering the China-backed Flax Tycoon hack on Taiwan, a Brazilian phone spyware that was hacked, the MOVEit hack statistics, the FBI and partners dismantling of Qakbot infrastructure in a massive international cyber takedown, a fake Signal app planted on the Google Play store, and the tragic death of a Saudi man by death penalty over his tweets. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth c...

2 years ago

10 minutes

Vulnerable U

August 28: UK surveillance changes, CloudNordic’s ransomware incident, a SIM-Swap Crypto Hack, Citrix Sharefile flaw exploit, Tesla’s data breach, and updates on the Lapsus$ and Discord stories from last week

Howdy friends. In this video I go over UK Surveillance requirement revisions, CloudNordic’s ransomware incident, a SIM-Swap Crypto Hack perpetrated on a crypto investor, the Citrix Sharefile flaw exploit, Tesla’s massive data breach of employee’s personal information, and updates on the Discord and Lapsus$ stories from last week We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/...

2 years ago

10 minutes

Vulnerable U

August 21: GitHub’s move to Two-Factor, Discord.io’s data breach, Kubernetes misconfiguration that exposes data from Fortune 500 companies, PSNI and UK voter breaches, and the $70 device that spoofs Apple products

Howdy friends. In this video, I cover GitHub’s plans to require two-factor authentication, Discord.io’s recent data breach and shutdown, the Kubernetes misconfiguration that exposes data of several Fortune 500 companies and possibly hundreds more, the PSNI and UK voter breaches and why they should be taken more seriously, and finally the $70 device that can spoof Apple products which was used at Def Con. We’re sticking with just the news on this video, but you can find more Vulnerable U pers...

2 years ago

11 minutes

Vulnerable U

August 14: Hackers rig casino card-shuffling machine, Rapid7 layoffs, Homeland Security’s report on the Lapsus$ breaches, EvilProxy's phishing campaign, and the cyberattack that caused CardioComm to take their system offline

Howdy friends. In this video, I go over how hackers have rigged casino card-shuffling machines, my take on the Rapid7 layoffs, Homeland Security’s report on the Lapsus$ breaches, EvilProxys phishing campaign, and the cyberattack that caused medical provider CardioComm to take their system offline. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out my free ...

2 years ago

8 minutes

Vulnerable U

August 8: Unlimited Airline Miles, Microsoft Called Out, and Russian Phishing in MS Teams

Howdy friends. In this video, the juiciest in infosec news including a vulnerability that led to unlimited airline miles, Microsoft gets called out, and Russian phishing in MS Teams. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out my free weekly newsletter Vulnerable U: https://www.mattjay.com/newsletter/

2 years ago

10 minutes

Vulnerable U

Vulnerable News: SEC vote requiring incident disclosures, an intentional back door, Google's 0-day year in review, malware in Call of Duty and Lazarus linked to two heists

Howdy friends. In this video, I walk through the SEC vote requiring companies to disclose cybersecurity incidents, an intentional backdoor discovered in radio comms, Google’s 0-day year in review, malware in Call of Duty, and Lazarus linked to two heists. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out my free weekly newsletter Vulnerable U: https://www.ma...

2 years ago

5 minutes

Vulnerable U

July 24, 2023 - Two Scams, Leaked Military Emails, the Death of Infosec Twitter, and Google Restricts Internet to Employees

Howdy friends. In this video, I walk through two internet scams found by non-industry experts, how a typo led to a massive US military data leak, the possible death of Infosec twitter, and Google’s pilot program restricting internet access to employees. We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/ Check out my free weekly newsletter Vulnerable U: https://www.matt...

2 years ago

51 minutes

Vulnerable U

Vulnerable News: July 17, 2023

This week we try something new, talk about China & Russia based threat actors for Microsoft, Clarence Thomas is on Venmo, and an AT&T scam by an employee. Links to articles and references here: China based threat actor activity Russia based threat actor activity, zero day attacks Clarence Thomas on Venmo AT&T scam by actual employee

2 years ago

22 minutes

Vulnerable U

The Power of Empathy in Infosec: 5 Key Steps to a Stronger Defense

In this engaging episode of VulnU, discover how empathy can enhance our defenses, improve security postures, and make us better individuals. Learn five key steps to leverage empathy effectively, including understanding threat actors, designing user-centric security, supporting victims, implementing human-centric training, and promoting collaboration. Plus, the latest in vulnerability news including lots of malware things and more on the MOVEit File Transfer. Find all relevant news links on ...

2 years ago

21 minutes

Vulnerable U

Cyber Security Breach Data - What Motivates the Hackers?

This week we have a short thought with a big impact. Plus, we cover some exciting news in the infosec world and show you gratitude for being part of this new and exciting journey with us. Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/ MY KEY LINKS 🌍 My website / blog - https://www.mattjay.com 🐦 Twitter - https://twitter.com/mattjay 🗞️ Vulnerable U Newsletter - https://vulnu.mattjay.com

2 years ago

13 minutes

Vulnerable U

Navigating Rejection: Learning, Growing, and Moving Forward

This week we turn obstacles into opportunities for self improvement, talk through riveting and (dare I say) comical news, and generally get comfortable in front of the mic and camera. Welcome to Vulnerable U!

2 years ago

21 minutes