Vulnerable U
Welcome to Vulnerable U, a podcast where we explore the intersection of vulnerability and cyber security. Each episode, we explore how vulnerability can drive growth and foster community resilience within our industry. Get ready for thought-provoking conversations, real-life stories, and curated news that inspire you to embrace discomfort on the road to a more vulnerable you.
Episodes
Howdy friends. This week I discuss how ALPHV/Blackcat filed a SEC complaint against one of their ransomware victims, ALPHV/Blackcat’s use of Google Ads to target victims, LockBit’s leak of Boeing’s files, Google’s confirmation that they will disable uBlock in Chrome in 2024, the release of new CVSS 4.0 vulnerability severity rating standard, YouTube’s requirement on creators to disclose the use of generative AI, the latest Move-it ...
Howdy friends. This week I cover Biden’s AI executive order, the pledge that 40 countries took to not pay ransom to cybercriminals, Prolific Puma, Lazarus hacking group’s focus on infecting blockchain experts with malware, the pwning of the JFK taxi system by Russian hackers, and Boeing’s recent ‘cyber incident’.
We’re sticking with just the news on this episode, but you can find more Vulnerable U personal and professional...
Howdy friends. This week I go over the Okta security breach, SolarWinds and their Chief Information Security Officer charged by the SEC with Fraud, Cisco’s second recent 0-day, Browser-based attacks on Apple devices, Telegram’s continued leaks, and the 34 Spanish cyber criminals arrested for stealing 4 million people's data.
We’re sticking with just the news on this video, but you can find more Vulnerable U personal a...
Howdy friends. This week I discuss the North Korean IT workers found to have been sending wages from their remote jobs back to North Korea to fund weapons programs, the massive Cisco device 0-day, the fall of the ACG hacking group, a complex malvertising campaign that was recently uncovered, and the discovery of government-backed hackers exploiting WinRAR vulnerability.
We’re sticking with just the news on this video, but...
Howdy friends. This week I explain the 23andMe data breach, the new group responsible for attacking iPhone encryption backed by a political dark-money network, the uptick in police use of Google’s data, the increase in hacking scam on the elderly community, Cisco Emergency Responder static credential vulnerability, the iOS 17 0-day, Qualcomm's three 0-day patches reported by Google, Vulnerabilities in Supermicro BMCs, Critical...
Howdy friends. This week I dive into the WebP 0day, the Youth hacking ring at the center of recent cybercrime spree, the financially motivated UNC3944 threat actor that has shifted its focus to ransomware attacks, University of Minnesota’s data breach, the $200 million crypto hack on Mixin, and the discovery of China-linked threat actors who have modified Cisco router firmware to compromise intellectual property and sensitive data....
Howdy friends. This week I will discuss the MGM Resorts and Caesars Entertainment hacks, Github’s launch of passkeys, Mark Cuban’s crypto wallet hack, the Microsoft AI researchers accidental data leak, the Microsoft teams phishing problem, Cisco’s acquisition of Splunk, and the latest T-mobile data breach
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth co...
Howdy friends. This week I am covering the China-backed Flax Tycoon hack on Taiwan, a Brazilian phone spyware that was hacked, the MOVEit hack statistics, the FBI and partners dismantling of Qakbot infrastructure in a massive international cyber takedown, a fake Signal app planted on the Google Play store, and the tragic death of a Saudi man by death penalty over his tweets.
We’re sticking with just the news on this video,...
Howdy friends. In this video I go over UK Surveillance requirement revisions, CloudNordic’s ransomware incident, a SIM-Swap Crypto Hack perpetrated on a crypto investor, the Citrix Sharefile flaw exploit, Tesla’s massive data breach of employee’s personal information, and updates on the Discord and Lapsus$ stories from last week
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professi...
Howdy friends. In this video, I cover GitHub’s plans to require two-factor authentication, Discord.io’s recent data breach and shutdown, the Kubernetes misconfiguration that exposes data of several Fortune 500 companies and possibly hundreds more, the PSNI and UK voter breaches and why they should be taken more seriously, and finally the $70 device that can spoof Apple products which was used at Def Con.
We’re sticking with jus...
Howdy friends. In this video, I go over how hackers have rigged casino card-shuffling machines, my take on the Rapid7 layoffs, Homeland Security’s report on the Lapsus$ breaches, EvilProxys phishing campaign, and the cyberattack that caused medical provider CardioComm to take their system offline.
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog...
Howdy friends. In this video, the juiciest in infosec news including a vulnerability that led to unlimited airline miles, Microsoft gets called out, and Russian phishing in MS Teams.
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/
Check out my free weekly newsletter Vulnerable U: https://www.mattjay.com/ne...
Howdy friends. In this video, I walk through the SEC vote requiring companies to disclose cybersecurity incidents, an intentional backdoor discovered in radio comms, Google’s 0-day year in review, malware in Call of Duty, and Lazarus linked to two heists.
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/
Che...
Howdy friends. In this video, I walk through two internet scams found by non-industry experts, how a typo led to a massive US military data leak, the possible death of Infosec twitter, and Google’s pilot program restricting internet access to employees.
We’re sticking with just the news on this video, but you can find more Vulnerable U personal and professional growth content on my blog: https://www.mattjay.com/blog/
...
This week we try something new, talk about China & Russia based threat actors for Microsoft, Clarence Thomas is on Venmo, and an AT&T scam by an employee. Links to articles and references here:
China based threat actor activity
Russia based threat actor activity, zero day attacks
Clarence Thomas on Venmo
AT&T scam by actual employee
In this engaging episode of VulnU, discover how empathy can enhance our defenses, improve security postures, and make us better individuals. Learn five key steps to leverage empathy effectively, including understanding threat actors, designing user-centric security, supporting victims, implementing human-centric training, and promoting collaboration. Plus, the latest in vulnerability news including lots of malware things and more o...
This week we have a short thought with a big impact. Plus, we cover some exciting news in the infosec world and show you gratitude for being part of this new and exciting journey with us.
Verizon DBIR - https://www.verizon.com/business/resources/reports/dbir/
MY KEY LINKS
🌍 My website / blog - https://www.mattjay.com
🐦 Twitter - https://twitter.com/mattjay
🗞️ Vulnerable U Newsletter - https://vul...
This week we turn obstacles into opportunities for self improvement, talk through riveting and (dare I say) comical news, and generally get comfortable in front of the mic and camera. Welcome to Vulnerable U!
Popular Podcasts
If you eat, sleep, and breathe true crime, TRUE CRIME TONIGHT is serving up your nightly fix. Five nights a week, KT STUDIOS & iHEART RADIO invite listeners to pull up a seat for an unfiltered look at the biggest cases making headlines, celebrity scandals, and the trials everyone is watching. With a mix of expert analysis, hot takes, and listener call-ins, TRUE CRIME TONIGHT goes beyond the headlines to uncover the twists, turns, and unanswered questions that keep us all obsessed—because, at TRUE CRIME TONIGHT, there’s a seat for everyone. Whether breaking down crime scene forensics, scrutinizing serial killers, or debating the most binge-worthy true crime docs, True Crime Tonight is the fresh, fast-paced, and slightly addictive home for true crime lovers.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The latest news in 4 minutes updated every hour, every day.
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy And Charlamagne Tha God!
The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.