This week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology.

Links from the episode:

Airline Fake Contact Number on Google Maps

https://twitter.com/Shmuli/status/1680669938468499458

https://twitter.com/SwiftOnSecurity/status/1680926780599812098

JumpCloud discloses breach by state-backed APT hacking group

https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/

JumpClouds IOCs - https://jumpcloud.com/support/july-2023-iocs

Domains like army․ml, pentagon․ml, navy․ml and af․ml all have Mail Exchange records pointing to 'handle․catchemail․ml'

https://twitter.com/mikko/status/1680947795862200325

Watch out for this new malicious ransomware disguised as Windows updates

https://www.foxnews.com/tech/watch-out-new-malicious-ransomware-disguised-windows-updates

https://www.trendmicro.com/en_id/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html

Listener Questions

https://www.lsu.edu/mediacenter/news/2023/06/13-cyber-clinic.php

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees

Get your Hacker and the Fed merchandise at hackerandthefed.com