Your Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian Hackers

This week on Hacker And The Fed your car may know all the details about your sex life, the Swiss fined an insurer 3 million dollars for horrible cyber security practices, the US Departments of State and Commerce were compromised because of a two-year-old Windows crash report, Iran and New Korea hacking crews have active campaigns against security researchers, and two victories over Russian hackers for the US government. Links from the episode: Insurer Fined $3M for Exposing Data of 650k Clients for Two Years https://www.bleepingcomputer.com/news/security/insurer-fined-3m-for-exposing-data-of-650k-clients-for-two-years/   If You’ve Got a New Car, It’s a Data Privacy Nightmare https://gizmodo.com/mozilla-new-cars-data-privacy-report-1850805416 https://arstechnica.com/cars/2023/09/connected-cars-are-a-privacy-nightmare-mozilla-foundation-says/   Microsoft Finally Explains Cause of Azure Breach: An Engineer’s Account Was Hacked https://arstechnica.com/security/2023/09/hack-of-a-microsoft-corporate-account-led-to-azure-breach-by-chinese-hackers/ https://twitter.com/0xdabbad00/status/1699596048392736812   Hacker Group Disguised as Marketing Company to Attack Enterprise Targets https://gbhackers.com/hacker-group-disguised-as-marketing/   Active North Korean Campaign Targeting Security Researchers https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/   Russian Infosec Boss Gets Nine Years for $100M Insider-Trading Caper Using Stolen Data https://www.theregister.com/AMP/2023/09/08/russian_insider_training_prison/   United States and United Kingdom Sanction Additional Members of the Russia-Based Trickbot Cybercrime Gang https://home.treasury.gov/news/press-releases/jy1714   Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Get your Hacker and the Fed merchandise at hackerandthefed.com Send HATF your questions at [email protected]

Om Podcasten

NAXO co-founder and former FBI Special Agent, Chris Tarbell, and ex-Anonymous/LulzSec blackhat hacker turned network penetration tester, Hector Monsegur (aka Sabu), once faced off as adversaries in cyberspace before becoming close friends and now podcast co-hosts. Whether you are a legal professional, cybersecurity practitioner, or forensic investigator, Chris and Hector will bring you their unique perspectives on the latest developments in cybersecurity. Each month, Chris and Hector will sit down to discuss: Recent cyber attacks and key takeaways Regulatory developments that impact how companies and individuals guard their data New attack vectors and capabilities, including breakdowns of how they can be protected against Techniques to keep you, your family, and your company safe from cyber attacks Subscribe to be the first to hear about new Hacker and the Fed episodes. Contact us at [email protected] if you have a topic you’d like Chris and Hector to discuss on the podcast. Find out more about NAXO: www.naxo.com Follow us on LinkedIn: https://www.linkedin.com/company/81891840 Follow Chris on LinkedIn: https://www.linkedin.com/in/chris-tarbell-20b129278/ Follow Hector on LinkedIn: https://www.linkedin.com/in/hxmonsegur/ ----------------- By accessing this podcast, you acknowledge that the Hacker and the Fed podcasts and any information, opinions or recommendations contained therein are for general informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. NAXO has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material and any reliance upon the information provided in the Hacker and the Fed podcast is done at your own risk. NAXO makes no warranty, guarantee or representation as to the accuracy, sufficiency, completeness, timeliness, suitability or validity of the information in this podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. Unless specifically stated otherwise, NAXO does not endorse, approve, recommend or certify any information, product, process, service or organization presented or mentioned in this podcast, and information from this podcast should not be referenced in any way to imply such approval or endorsement. The views expressed by guests are their own and their appearance on this podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by NAXO employees are those of the employees and do not necessarily reflect the views of NAXO. The third-party materials or content of any third-party site referenced in this podcast do not necessarily reflect the opinions, standards or policies of NAXO. NAXO assumes no responsibility or liability for the accuracy or completeness of the content contained in third-party materials or on third-party sites referenced in this podcast or the compliance with applicable laws of such materials and/or links referenced herein. Moreover, NAXO makes no warranty that this podcast, or the server that makes it available, is free of viruses, worms or other elements or codes that manifest contaminating or destructive properties. NAXO EXPRESSLY DISCLAIMS ANY AND ALL LIABILITY OR RESPONSIBILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR OTHER DAMAGES ARISING OUT OF ANY INDIVIDUAL'S USE OF, REFERENCE TO, RELIANCE ON, OR INABILITY TO USE, THIS PODCAST OR THE INFORMATION PRESENTED IN THIS PODCAST.