PEBCAK Podcast: Information Security News by Some All Around Good People

Programming note: Glenn was traveling during the recording of episode 9 so his audio quality is not as great as prior episodes.  Episode 10 should return to normal audio quality.
Welcome to this week's episode of the PEBCAK Podcast!  We’ve got three amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
PEBCAK - Acronym of “problem exists between chair and keyboard.”
 
A wolf in sheep's clothing: ransomware defense with virtual keyboards
https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/
https://www.bleepingcomputer.com/news/security/irelands-health-services-hit-with-20-million-ransomware-demand/
 
China's military intelligence group purchases 10-30 seats of foreign AV software
https://www.recordedfuture.com/china-pla-unit-purchasing-antivirus-exploitation/
https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/
 
AXA Insurance hit with ransomware attack after it states it will no longer pay ransoms for cybersecurity insurance policies
https://www.bleepingcomputer.com/news/security/insurer-axa-hit-by-ransomware-after-dropping-support-for-ransom-payments/
https://www.zdnet.com/article/axa-pledges-to-stop-reimbursing-ransom-payments-for-french-ransomware-victims/
 
Hosts discuss their careers outside of tech
https://www.fpri.org/
https://www.mouthhealthy.org/
https://www.medicalnewstoday.com/articles/287857
 
Dad Joke of the Week (DJOW)
 
Remember, the number of likes you get on social media just jumped up by 20% now that you've listened to the podcast.  If you know anyone else who would like 20% more likes on social media, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got three amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
PEBCAK - Acronym of “problem exists between chair and keyboard.”
 
Darkside ransomware devastates US East Coast gas supply.  A deeper dive into Ransomware as a Service (RaaS)
https://www.cnbc.com/2021/05/13/colonial-pipeline-paid-ransom-to-hackers-source-says.html
https://www.chrislouie.net/blog/2019/10/20/ransomware-as-a-service-a-race-to-the-bottom
https://krebsonsecurity.com/2021/05/darkside-ransomware-gang-quits-after-servers-bitcoin-stash-seized/
 
Peloton's troubles extend into the cyber world
https://news.yahoo.com/peloton-fixes-bug-reportedly-exposed-170541480.html
https://www.pentestpartners.com/security-blog/tour-de-peloton-exposed-user-data/
 
Fun Western Union Stories
https://www.westernunion.com/us/en/fraudawareness/fraud-report-fraud.html
https://www.bustathief.com/western-union-moneygram-popular-scammer-payment-options/
 
Proud dad moment for Glenn!
 
Dad Joke of the Week (DJOW)
 
Remember, your chances of getting a raise at work just improved by 20% now that you've listened to the podcast.  If you know anyone else who would like a 20% better chance of a raise, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
PEBCAK - Acronym of “problem exists between chair and keyboard.”
 
A new public/private partnership is tackling the problem of stopping the scourge of ransomware
https://www.wired.com/story/ransomware-task-force-proposal/
https://krebsonsecurity.com/2021/04/task-force-seeks-to-disrupt-ransomware-payments/
 
Facebook and Instagram threaten to start charging for their app unless users enable cross-app tracking
https://www.imore.com/facebook-and-instagram-threaten-charge-access-ios-145-unless-you-give-it-your-data
https://www.msn.com/en-us/money/other/zuckerberg-outlines-how-facebook-will-thrive-after-apple-privacy-change/ar-BB1g9vbh
 
Attackers are getting creative to trick e-mail security gateways into letting phishing e-mails through
https://www.scmagazine.com/home/security-news/phishing/scammers-imitate-windows-logo-with-html-tables-to-slip-through-email-gateways/
https://arstechnica.com/information-technology/2019/02/behold-the-facebook-phishing-scam-that-could-dupe-even-vigilant-users/
 
"The Next Big Thing" that totally flopped
https://www.wordstream.com/articles/google-failures-google-flops
https://guttulus.com/what-happened-to-microsoft-zune-10-marketing-lessons/
https://www.cnbc.com/2019/03/29/apple-cancels-airpower.html
 
Dad Joke of the Week (DJOW)
 
Remember, we can only grow if you let other people know about our podcast.  If you know anyone else who would enjoy listening to us, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
PEBCAK - Acronym of “problem exists between chair and keyboard.”
 
Stolen top secret apple specs appear on leak site for a day then disappear
https://www.macrumors.com/2021/04/26/revil-delists-stolen-apple-schematics-threat/
https://www.bleepingcomputer.com/news/security/revil-gang-tries-to-extort-apple-threatens-to-sell-stolen-blueprints/
https://appleinsider.com/articles/21/04/30/heres-when-and-where-apple-will-alert-you-to-an-airtag-used-for-stalking
Phone Wallet Keys (explicit language warning) - https://www.youtube.com/watch?v=e9N6_Tj9u2U
 
US news reports foreign spying operations, but rarely US espionage
https://darkwebjournal.com/shadow-brokers/
https://www.cybereason.com/blog/vault-7-leaks-long-term-threats
 
Apple releases iOS 14.5 full of privacy enhancements to block ad tracking
https://www.zdnet.com/article/ios-14-5-arrives-with-controversial-privacy-feature-face-id-improvements-and-new-voices-for-siri/
https://www.cnbc.com/2017/10/30/facebook-denies-listening-to-user-conversations-via-microphones.html
 
Cow tipping and animals most likely to kill you by state
https://www.ranker.com/list/most-dangerous-animal-by-state/rachel-souerbry
 
Dad Joke of the Week (DJOW)
 
Brian's Son Posts a New Personal Record (PR)!
 
Remember, your computer runs 20% faster now that you've listened to the podcast.  If you know anyone else who would like a faster computer, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
 
FBI Coins New Deepfake Attack Vector Name: Business Identity Compromise
https://www.ic3.gov/Media/News/2021/210310-2.pdf 
https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/business-email-compromise
 
Deeper dive into the Emotet botnet and web shells
https://us-cert.cisa.gov/ncas/alerts/aa20-280a
https://www.zdnet.com/article/emotet-worlds-most-dangerous-malware-botnet-disrupted-by-international-police-operation/
 
Tips on securing large bank transfers
https://krebsonsecurity.com/banking-on-a-live-cd/
https://www.nerdwallet.com/article/banking/cashiers-check-when-you-need-one-how-to-get-it
 
What does your slang tell you about where you grew up? 
https://www.nytimes.com/interactive/2014/upshot/dialect-quiz-map.html
 
Dad Joke of the Week (DJOW)
 
Remember, your coffee tastes 20% better now that you've listened to the podcast.  If you know anyone else who would like better tasting coffee, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
 
FBI obtains court order to remove web shells from infected Microsoft Exchange servers with ProxyLogon
https://www.bleepingcomputer.com/news/security/fbi-nuked-web-shells-from-hacked-exchange-servers-without-telling-owners/
https://www.zdnet.com/article/a-mysterious-grey-hat-is-patching-peoples-outdated-mikrotik-routers/
 
What keeps our hosts up at night and why did Brian's Social Credit Score just get lowered?
https://www.wired.com/story/petya-ransomware-news-roundup/
https://www.businessinsider.com/china-social-credit-system-punishments-and-rewards-explained-2018-4?op=1
https://tools.ietf.org/html/rfc8446
 
Study shows that majority of podcasts on Apple's iTunes have less than 10 episodes
http://appleinsider.com/articles/21/04/06/only-36-of-apple-podcasts-2m-titles-have-10-or-more-episodes
 
The hosts discuss their favorite tech interview questions
https://www.indeed.com/career-advice/interviewing/common-technical-interview-questions-and-answers
 
Dad Joke of the Week (DJOW)
 
Remember, the battery life on your device is now better that you've listened to the podcast.  If you know anyone else who would like better battery life, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/
 

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW)
 
Internal whistleblower discloses breach at network gear and IoT maker Ubiquiti much worse than previously reported.
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
https://www.zdnet.com/article/ubiquiti-tells-customers-to-change-passwords-after-security-breach/
 
A company called Xcinex wants to put a set-top box in your living room to count the number of people watching and charge per person.
https://www.independent.co.uk/life-style/gadgets-and-tech/pay-per-viewer-streaming-xcinex-venue-b1827537.html
https://deadline.com/2020/06/xcinex-venue-streaming-system-premium-vod-pay-per-view-1202951080/
 
One year into the global pandemic, how do the hosts stay grounded and stay healthy mentally?
https://www.calm.com/
https://nypost.com/2021/04/11/innovative-employers-offering-more-downtime-flexibility-wellness-perks/
https://health.usnews.com/wellness/food/articles/how-to-choose-a-diet
 
Glenn does an honest gadget review
https://www.nordictrack.com/treadmills/exp-10i
 
Dad Joke of the Week (DJOW)
 
Remember, your breath smells better now that you've listened to the podcast.  If you know anyone else who would like better smelling breath, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to this week's episode of the PEBCAK Podcast!  We’ve got an action-packed episode this week so sit back, relax, and keep being awesome!
 
No-auth remote code execution vulnerability disclosed in F5 BIG IP and BIG IQ platforms.
https://www.zdnet.com/article/f5-issues-big-ip-patches-to-tackle-unauthenticated-remote-code-execution-critical-flaws/
https://therecord.media/threat-actors-start-attacking-f5-devices-using-recent-vulnerability/
 
LastPass limits its free tier to desktop-only or mobile-only; sparks conversations about LastPass alternatives.
https://blog.lastpass.com/2021/02/changes-to-lastpass-free/
https://www.theverge.com/22285499/password-manager-lastpass-free-bitwarden-zoho
 
Ransomware crew regrets their actions, offers free decryption utility and refunds
https://www.bleepingcomputer.com/news/security/ransomware-admin-is-refunding-victims-their-ransom-payments/
 
Favorite Movie hacking scenes
Swordfish
Blackhat
 
Remember, you are 20% more attractive now that you've listened to the podcast.  If you know anyone else who would like to be 20% more attractive, please share this podcast with them!
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Welcome to the inaugural episode of the PEBCAK Podcast!  We’ve got some great stories this week so sit back, relax, and keep being awesome!
 
Top PC maker Acer is having a bad time after getting hit with ransomware and a $50 Million ransom demand.
https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/
 
Multi-Factor Authentication (MFA) is becoming trivial to bypass and will require a new way of thinking to secure accounts.
https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/
https://github.com/kgretzky/evilginx2
 
Potato chip maker Frito-Lay launches a Chrome plug-in that turns on your microphone and modifies browser settings
https://chrome.google.com/webstore/detail/crispy-subtitles-from-lay/kokpckgbhcmeobdddflajfcpmmfhkekn
 
US Bank Citigroup is banning Zoom and all internal meetings on Fridays, citing “Zoom Fatigue”
https://www.thestreet.com/investing/citigroup-ceo-bans-zoom-calls-on-friday
Study shows that employees are already over “Zoom happy hours”
https://slate.com/human-interest/2020/05/remote-work-coronavirus-exhausting-zoom-virtual-happy-hours-games.html
 
Find the hosts on LinkedIn:
Chris - https://www.linkedin.com/in/chlouie/
Brian - https://www.linkedin.com/in/briandeitch-sase/
Glenn - https://www.linkedin.com/in/glennmedina/

Thank you for finding us! This episode is a placeholder so you can subscribe and receive the latest in information security news every week!