Artwork

Content provided by Kelsea Morrison, Matt Radolec, and David Gibson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Kelsea Morrison, Matt Radolec, and David Gibson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

The Double-Helix Heist

18:19
 
Share
 

Manage episode 380253410 series 1411238
Content provided by Kelsea Morrison, Matt Radolec, and David Gibson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Kelsea Morrison, Matt Radolec, and David Gibson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Few breaches have drawn as much social media fervor as the recent 23andMe incident, in which the genomics company was victim to a massive credential stuffing attack that leveraged leaked and reused passwords to target accounts without MFA.

What differentiates this attack from others is that 23andMe itself was not breached, but an entire wave of its users was targeted individually. There are claims that these profiles — including genetic and geographic ancestry data — are available on hacking forums, but the legitimacy of those claims is still being investigated.

Join the State of Cybercrime team, Matt, David, and Dvir, to learn about the numerous tools hackers use for cred stuffing, examples of when these tactics have been used in organizational attacks, and what you can do to protect yourself.

OUR FAN-FAVORITE PANEL WILL ALSO DISCUSS:

  • The record-breaking HTTP/2 Rapid Reset zero-day
  • The HelloKitty ransomware group source code leak
  • New attacks from ALPHV (BlackCat)
  • An update on the trends in cyber warfare
  continue reading

191 episodes

Artwork

The Double-Helix Heist

State of Cybercrime

50 subscribers

published

iconShare
 
Manage episode 380253410 series 1411238
Content provided by Kelsea Morrison, Matt Radolec, and David Gibson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Kelsea Morrison, Matt Radolec, and David Gibson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Few breaches have drawn as much social media fervor as the recent 23andMe incident, in which the genomics company was victim to a massive credential stuffing attack that leveraged leaked and reused passwords to target accounts without MFA.

What differentiates this attack from others is that 23andMe itself was not breached, but an entire wave of its users was targeted individually. There are claims that these profiles — including genetic and geographic ancestry data — are available on hacking forums, but the legitimacy of those claims is still being investigated.

Join the State of Cybercrime team, Matt, David, and Dvir, to learn about the numerous tools hackers use for cred stuffing, examples of when these tactics have been used in organizational attacks, and what you can do to protect yourself.

OUR FAN-FAVORITE PANEL WILL ALSO DISCUSS:

  • The record-breaking HTTP/2 Rapid Reset zero-day
  • The HelloKitty ransomware group source code leak
  • New attacks from ALPHV (BlackCat)
  • An update on the trends in cyber warfare
  continue reading

191 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide