Guess who's back with a brand new ra..Podcast. Its Ed, Alex and Will!
In this episode we bring you cyber news topics; LAPSUS$ hacking T-Mobile, Google/Mandiant 0day reports and Russian hackers new money laundering challenges.
Topic of the week discusses breach notification, using Troy Hunt's recent fun with Avvo as an example.
Secrets from the SOC is one of our favourites - We ask each other what SOC tools we WISH we had, that don't exist today.

We would love to hear from you: info@hackableyou.com

It's been a while, sorry about that! 

Join us as always with some cyber news, our topic of the week and the exclusive segment, secrets from the SOC.

contact: info@hackableyou.com

WE STAND WITH UKRAINE.

In today's episode, we discuss the ongoing cyber threat from Russia amid the tensions and attack on Ukraine. 

The Topic of The Week looks at the concept of Zero Trust and why we need it.

In Secrets from the SOC we openly discuss what not taking tools we use and how they help us! 

We hope you enjoy.

This episode certainly took a  while to come together, we hope you enjoy it! 

Join us on the HackableYou Podcast as we discuss the cyber events of 2021, notable lessons we have learned, and what we think 2022 has in store for all of us.

A very big Happy New Year from The HackableYou Team! 

Log4Shell... need we say any more?


Merry Christmas from the HackableYou Team! 

info@hackableyou.com

Check out our episode this week where we discuss the UPS Cross-Site Scripting (XSS) Phishing attack, the Tela Connected Cars outage, and the GoDaddy data breach impacting 1.2 million customers.

We also discuss how you should tackle securing your API keys, secrets, and cloud service account credentials.

This is a overdue episode, but we are back with more content. 

To get started have a listen of  a recording from a few weeks ago and ramp up to the next episode! 

We missed you, we hope you missed us! 

This episode brings you some great conversation on the week's cyber news. We report on the cyberattack against Accenture, holding them for ransom. New Phishing tactics are seen using morse-code to bypass security controls and the infamous ALPHABAY is back baby. With a new look and new rules which raise an eyebrow....

The topic of the week looks into Attack Simulation and how you can use tools like Atomic RedTeam, CALDERA, and the Attack Range tool to test and verify your security control configuration against the modern attacks of today.

As we mentioned in the Podcast, what do you think the 5th stage of ransomware might be? Let us know on info@hackableyou.com and we will read some out next time round! 

Thanks for listening and supporting us so far! Share with a friend or colleague. 

Ed, Alex and Will.

HackableYou

Atomic Red Team: https://github.com/redcanaryco/atomic-red-team

MITRE Caldera: https://github.com/mitre/caldera

Attack Rage (Splunk): https://github.com/splunk/attack_range

Hello and welcome back, it's great to have you here. 

In this episode's Cyber News we cover Imperial Kitten/Tortoiseshell using fake Facebook profiles to masquerade as Aerobics instructors in order to exploit defence aerospace contractors, some positive news on the money saved via the No More Ransom movement and we also discuss how an infamous ransomware gang have been hit by ransomware themselves...

In the topic of the week, we delve into the world of USB attacks and go over the 4 types of USB attacks with examples and discuss USB attack defences. 

Lastly in Secrets from the SOC we go over what an Old School SOC would do and compare that to how a New School SOC operates. Which one are you working in?

As always we would love to hear from you, please get in touch: info@hackableyou.com

== TIMESTAMPS ==

Cyber News: 02:24

Topic of the Week: 14:34

SFTS: 22:48

In this episode we look into cyber news including; Kaseya supply chain ransomware attacks, Chinese hackers exploiting another 0day in a Solarwinds solution, and the critical Microsoft patch dubbed "PrintNightmare".

In our topic of the week, we dive into the realm of Password Attacks looking at both active and passive attacks as well as the defences.

As always in our exclusive segment Secrets from the SOC, we provide you with some practical insight into some great APIs you can hook into to help your SOC investigations. 

We would love to hear your feedback, please get in contact at info@hackableyou.com

Enjoy this episode!!

NOBELIUM Microsoft Compromise, Code Signing Attacks, File Hashing

You’re listening to the HackableYou Podcast.

In this episode we report on Microsoft’s ongoing research into the Nobelium hacking group's activities, a data beach impacting Mercedes-Benz and more Web scraped LinkedIn data up for sale.

The topic of the week touches on the subject of Code Signing, attacks, and countermeasures.

Lastly, in Secrets from the SOC we discuss the use of file hashing and how you can use it in your role as a security analyst.

Thanks for tuning in and we hope you enjoy!

Timestamps:

Cyber News: 2:50

Topic: 17:21

SFTS: 26:35

Alert Logic Cloud Migration Webinar - https://tinyurl.com/WebinarCloudMigration

In this episode of the HackableYou Podcast, we highlight top cyber news including JBS Foods' ransom payment, TrickBot coder's 10-year jail sentence, and the FBI purpose-built encrypted device network deliberately created to catch criminals leading to tonnes of seized drugs and arrests.

In Topic of The Week, we provide our top tips for a Capture The Flag exercise and how you can sharpen your approach to the mystery vulnerable boxes. 

Lastly, in Secrets from The SOC, we give you sound advice on what to expect and how to work with Law Enforcement. 

As always, we LOVE hearing from you, please get in touch and ask us questions or tell us stories at info@hackableyou.com

Washington Police Ransom, Living off the Land, Hacking Labs

Welcome back to another episode of the HackableYou Podcast. In this episode we mention the Washington Police Dept Babuk Ransomware attack, Passwordstate password manager breached and stolen passwords and the Emotet stolen emails that have been uploaded to HIBP.

Our topic of the week is one of Ed's favorites as we discuss "Living off the Land" and provide a great Red .vs Blue insight.

In our exclusive segment, Secrets from The SOC we show and tell our 1st and current hacking labs all stuff that you can do at home for FREE!

We hope you enjoy it!

=== TIMESTAMPS ===

Cyber News: 01:22

Topic of the Week: 14:33

SFTS: 27:06

Our 1st Birthday giveaway is now live! 

http://bit.ly/HBYgiveaway

In this episode, we tuck into cyber news relating to a DNS vulnerability hosted on a vast amount of IoT devices around the world, the results of a recent study on cybersecurity awareness, and the infamous Facebook breach exposing 533million users' data via web scraping. 

The Topic of the Week takes the Facebook Breach into more detail looking into Web Data Scraping at a deeper level. 

Lastly, in our exclusive segment #SFTS we tackle how to solve complex problems that come your way during a SOC investigation and we discuss a couple of models you could use! 

As always, thank you for listening! 

HackableYou Team

=== Timestamps ===

Cyber News: 01:30

Topic of the Week: 14:14

STFS: 25:31

HAPPY 1ST BIRTHDAY HACKABLEYOU! 

Join us as we celebrate our 1st Podcast since starting the podcast. In the cyber news, we discuss the Ubiquiti Whistle-blower, malicious crypto-mining docker containers, and another Apple iOS 0day vulnerability that is actively being exploited in the wild.

In Topic of the Week Alex leads us through the complex technology behind Deep Fake with a cyber threat focus.

Last, but not least in Secrets from the SOC we discuss the difference between detection and prevention systems and why there is a use-case for both. 

GIVEAWAY! Make sure you follow our socials and our website for details on the BIRTHDAY GIVEAWAY for your chance to win some amazing prizes including HackableYou swag. 

Time Stamps:

Cyber News: 06:44

Topic of the Week: 15:33

SFTS: 22:44

We would love to hear from you. Get in touch at info@hackableyou.com

Guess whos back? Back again...

HackableYou is back with another awesome episode full of cybersecurity news, a topic of the week, and our Secrets from the SOC.

We report on the Teen responsible for the Twitter hacks prison sentence, the MoD incident report leaks, and the new variant of Mirai Botnet targeting unpatched routers and IoT. 

Topic of the week dives into a more human element of all of us and talks about what COVID remote working means for your work routine and what you have learnt over the last year.

Last but not least, in #SFTS we give you our view on a Springtime SOC cleanup of your processes, feeds and strategy.

Please enjoy! 

---- TIMESTAMPS ----

Cyber News: 01:33

Topic of the Week: 17:08

SFTS: 28:04

We'd love to hear from you! Get in touch at info@hackableyou.com

In this episode of the HackableYou Podcast:

We look at the ex-CEO of SolarWinds blame for the hack on an intern with a weak password, the Malaysia Airlines 9 year-long data breach, and the new critical Microsoft Exchange vulnerability actively being exploited by Chinese hackers.

In Topicpic of The Week, we debate the idea that passwords are not here to stay and what the concept of Passwordless authentication means for the future.

Lastly in our exclusive segment, Secrets from the SOC we discuss the importance of daily and routine standups or huddles when working in high-performing security teams and operations centers. 

Timestamps:

Cyber News: 02:34

Topic of The Week: 13:52

SFTS: 22:54

CVE Details:

CVE-2021-26855 is a server-side request forgery (SSRF) vulnerability in Exchange that allowed the attacker to send arbitrary HTTP requests and authenticate as the Exchange server.

CVE-2021-26857 is an insecure deserialization vulnerability in the Unified Messaging service. Insecure deserialization is where untrusted user-controllable data is deserialized by a program. Exploiting this vulnerability gave HAFNIUM the ability to run code as SYSTEM on the Exchange server. This requires administrator permission or another vulnerability to exploit.

CVE-2021-26858 is a post-authentication arbitrary file write vulnerability in Exchange. If HAFNIUM could authenticate with the Exchange server then they could use this vulnerability to write a file to any path on the server. They could authenticate by exploiting the CVE-2021-26855 SSRF vulnerability or by compromising a legitimate admin’s credentials.

CVE-2021-27065 is a post-authentication arbitrary file write vulnerability in Exchange. If HAFNIUM could authenticate with the Exchange server then they could use this vulnerability to write a file to any path on the server. They could authenticate by exploiting the CVE-2021-26855 SSRF vulnerability or by compromising a legitimate admin’s credentials.